3435 lines
218 KiB
YAML
3435 lines
218 KiB
YAML
apiVersion: apiextensions.k8s.io/v1
|
||
kind: CustomResourceDefinition
|
||
metadata:
|
||
annotations:
|
||
controller-gen.kubebuilder.io/version: v0.14.0
|
||
helm.sh/resource-policy: keep
|
||
name: capiproviders.turtles-capi.cattle.io
|
||
spec:
|
||
group: turtles-capi.cattle.io
|
||
names:
|
||
kind: CAPIProvider
|
||
listKind: CAPIProviderList
|
||
plural: capiproviders
|
||
singular: capiprovider
|
||
scope: Namespaced
|
||
versions:
|
||
- additionalPrinterColumns:
|
||
- jsonPath: .spec.type
|
||
name: Type
|
||
type: string
|
||
- jsonPath: .status.name
|
||
name: ProviderName
|
||
type: string
|
||
- jsonPath: .status.installedVersion
|
||
name: InstalledVersion
|
||
type: string
|
||
- jsonPath: .status.phase
|
||
name: Phase
|
||
type: string
|
||
name: v1alpha1
|
||
schema:
|
||
openAPIV3Schema:
|
||
description: CAPIProvider is the Schema for the CAPI Providers API.
|
||
properties:
|
||
apiVersion:
|
||
description: |-
|
||
APIVersion defines the versioned schema of this representation of an object.
|
||
Servers should convert recognized schemas to the latest internal value, and
|
||
may reject unrecognized values.
|
||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||
type: string
|
||
kind:
|
||
description: |-
|
||
Kind is a string value representing the REST resource this object represents.
|
||
Servers may infer this from the endpoint the client submits requests to.
|
||
Cannot be updated.
|
||
In CamelCase.
|
||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||
type: string
|
||
metadata:
|
||
type: object
|
||
spec:
|
||
description: CAPIProviderSpec defines the desired state of CAPIProvider.
|
||
example:
|
||
credentials:
|
||
rancherCloudCredential: user-credential
|
||
name: aws
|
||
type: infrastructure
|
||
version: v2.3.0
|
||
properties:
|
||
additionalDeployments:
|
||
additionalProperties:
|
||
description: |-
|
||
AdditionalDeployments defines the properties that can be enabled on the controller
|
||
manager and deployment for the provider if the provider is managing additional deployments.
|
||
properties:
|
||
deployment:
|
||
description: Deployment defines the properties that can be enabled
|
||
on the deployment for the additional provider deployment.
|
||
properties:
|
||
affinity:
|
||
description: If specified, the pod's scheduling constraints
|
||
properties:
|
||
nodeAffinity:
|
||
description: Describes node affinity scheduling rules
|
||
for the pod.
|
||
properties:
|
||
preferredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
The scheduler will prefer to schedule pods to nodes that satisfy
|
||
the affinity expressions specified by this field, but it may choose
|
||
a node that violates one or more of the expressions. The node that is
|
||
most preferred is the one with the greatest sum of weights, i.e.
|
||
for each node that meets all of the scheduling requirements (resource
|
||
request, requiredDuringScheduling affinity expressions, etc.),
|
||
compute a sum by iterating through the elements of this field and adding
|
||
"weight" to the sum if the node matches the corresponding matchExpressions; the
|
||
node(s) with the highest sum are the most preferred.
|
||
items:
|
||
description: |-
|
||
An empty preferred scheduling term matches all objects with implicit weight 0
|
||
(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
|
||
properties:
|
||
preference:
|
||
description: A node selector term, associated
|
||
with the corresponding weight.
|
||
properties:
|
||
matchExpressions:
|
||
description: A list of node selector requirements
|
||
by node's labels.
|
||
items:
|
||
description: |-
|
||
A node selector requirement is a selector that contains values, a key, and an operator
|
||
that relates the key and values.
|
||
properties:
|
||
key:
|
||
description: The label key that
|
||
the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
Represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
An array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. If the operator is Gt or Lt, the values
|
||
array must have a single element, which will be interpreted as an integer.
|
||
This array is replaced during a strategic merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchFields:
|
||
description: A list of node selector requirements
|
||
by node's fields.
|
||
items:
|
||
description: |-
|
||
A node selector requirement is a selector that contains values, a key, and an operator
|
||
that relates the key and values.
|
||
properties:
|
||
key:
|
||
description: The label key that
|
||
the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
Represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
An array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. If the operator is Gt or Lt, the values
|
||
array must have a single element, which will be interpreted as an integer.
|
||
This array is replaced during a strategic merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
weight:
|
||
description: Weight associated with matching
|
||
the corresponding nodeSelectorTerm, in the
|
||
range 1-100.
|
||
format: int32
|
||
type: integer
|
||
required:
|
||
- preference
|
||
- weight
|
||
type: object
|
||
type: array
|
||
requiredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
If the affinity requirements specified by this field are not met at
|
||
scheduling time, the pod will not be scheduled onto the node.
|
||
If the affinity requirements specified by this field cease to be met
|
||
at some point during pod execution (e.g. due to an update), the system
|
||
may or may not try to eventually evict the pod from its node.
|
||
properties:
|
||
nodeSelectorTerms:
|
||
description: Required. A list of node selector
|
||
terms. The terms are ORed.
|
||
items:
|
||
description: |-
|
||
A null or empty node selector term matches no objects. The requirements of
|
||
them are ANDed.
|
||
The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
|
||
properties:
|
||
matchExpressions:
|
||
description: A list of node selector requirements
|
||
by node's labels.
|
||
items:
|
||
description: |-
|
||
A node selector requirement is a selector that contains values, a key, and an operator
|
||
that relates the key and values.
|
||
properties:
|
||
key:
|
||
description: The label key that
|
||
the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
Represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
An array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. If the operator is Gt or Lt, the values
|
||
array must have a single element, which will be interpreted as an integer.
|
||
This array is replaced during a strategic merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchFields:
|
||
description: A list of node selector requirements
|
||
by node's fields.
|
||
items:
|
||
description: |-
|
||
A node selector requirement is a selector that contains values, a key, and an operator
|
||
that relates the key and values.
|
||
properties:
|
||
key:
|
||
description: The label key that
|
||
the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
Represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
An array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. If the operator is Gt or Lt, the values
|
||
array must have a single element, which will be interpreted as an integer.
|
||
This array is replaced during a strategic merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
type: array
|
||
required:
|
||
- nodeSelectorTerms
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
type: object
|
||
podAffinity:
|
||
description: Describes pod affinity scheduling rules
|
||
(e.g. co-locate this pod in the same node, zone, etc.
|
||
as some other pod(s)).
|
||
properties:
|
||
preferredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
The scheduler will prefer to schedule pods to nodes that satisfy
|
||
the affinity expressions specified by this field, but it may choose
|
||
a node that violates one or more of the expressions. The node that is
|
||
most preferred is the one with the greatest sum of weights, i.e.
|
||
for each node that meets all of the scheduling requirements (resource
|
||
request, requiredDuringScheduling affinity expressions, etc.),
|
||
compute a sum by iterating through the elements of this field and adding
|
||
"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
|
||
node(s) with the highest sum are the most preferred.
|
||
items:
|
||
description: The weights of all of the matched
|
||
WeightedPodAffinityTerm fields are added per-node
|
||
to find the most preferred node(s)
|
||
properties:
|
||
podAffinityTerm:
|
||
description: Required. A pod affinity term,
|
||
associated with the corresponding weight.
|
||
properties:
|
||
labelSelector:
|
||
description: |-
|
||
A label query over a set of resources, in this case pods.
|
||
If it's null, this PodAffinityTerm matches with no Pods.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a
|
||
list of label selector requirements.
|
||
The requirements are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label
|
||
key that the selector applies
|
||
to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
matchLabelKeys:
|
||
description: |-
|
||
MatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
|
||
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
mismatchLabelKeys:
|
||
description: |-
|
||
MismatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
|
||
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
namespaceSelector:
|
||
description: |-
|
||
A label query over the set of namespaces that the term applies to.
|
||
The term is applied to the union of the namespaces selected by this field
|
||
and the ones listed in the namespaces field.
|
||
null selector and null or empty namespaces list means "this pod's namespace".
|
||
An empty selector ({}) matches all namespaces.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a
|
||
list of label selector requirements.
|
||
The requirements are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label
|
||
key that the selector applies
|
||
to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
namespaces:
|
||
description: |-
|
||
namespaces specifies a static list of namespace names that the term applies to.
|
||
The term is applied to the union of the namespaces listed in this field
|
||
and the ones selected by namespaceSelector.
|
||
null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||
items:
|
||
type: string
|
||
type: array
|
||
topologyKey:
|
||
description: |-
|
||
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
|
||
the labelSelector in the specified namespaces, where co-located is defined as running on a node
|
||
whose value of the label with key topologyKey matches that of any node on which any of the
|
||
selected pods is running.
|
||
Empty topologyKey is not allowed.
|
||
type: string
|
||
required:
|
||
- topologyKey
|
||
type: object
|
||
weight:
|
||
description: |-
|
||
weight associated with matching the corresponding podAffinityTerm,
|
||
in the range 1-100.
|
||
format: int32
|
||
type: integer
|
||
required:
|
||
- podAffinityTerm
|
||
- weight
|
||
type: object
|
||
type: array
|
||
requiredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
If the affinity requirements specified by this field are not met at
|
||
scheduling time, the pod will not be scheduled onto the node.
|
||
If the affinity requirements specified by this field cease to be met
|
||
at some point during pod execution (e.g. due to a pod label update), the
|
||
system may or may not try to eventually evict the pod from its node.
|
||
When there are multiple elements, the lists of nodes corresponding to each
|
||
podAffinityTerm are intersected, i.e. all terms must be satisfied.
|
||
items:
|
||
description: |-
|
||
Defines a set of pods (namely those matching the labelSelector
|
||
relative to the given namespace(s)) that this pod should be
|
||
co-located (affinity) or not co-located (anti-affinity) with,
|
||
where co-located is defined as running on a node whose value of
|
||
the label with key <topologyKey> matches that of any node on which
|
||
a pod of the set of pods is running
|
||
properties:
|
||
labelSelector:
|
||
description: |-
|
||
A label query over a set of resources, in this case pods.
|
||
If it's null, this PodAffinityTerm matches with no Pods.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list
|
||
of label selector requirements. The
|
||
requirements are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key
|
||
that the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
matchLabelKeys:
|
||
description: |-
|
||
MatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
|
||
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
mismatchLabelKeys:
|
||
description: |-
|
||
MismatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
|
||
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
namespaceSelector:
|
||
description: |-
|
||
A label query over the set of namespaces that the term applies to.
|
||
The term is applied to the union of the namespaces selected by this field
|
||
and the ones listed in the namespaces field.
|
||
null selector and null or empty namespaces list means "this pod's namespace".
|
||
An empty selector ({}) matches all namespaces.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list
|
||
of label selector requirements. The
|
||
requirements are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key
|
||
that the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
namespaces:
|
||
description: |-
|
||
namespaces specifies a static list of namespace names that the term applies to.
|
||
The term is applied to the union of the namespaces listed in this field
|
||
and the ones selected by namespaceSelector.
|
||
null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||
items:
|
||
type: string
|
||
type: array
|
||
topologyKey:
|
||
description: |-
|
||
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
|
||
the labelSelector in the specified namespaces, where co-located is defined as running on a node
|
||
whose value of the label with key topologyKey matches that of any node on which any of the
|
||
selected pods is running.
|
||
Empty topologyKey is not allowed.
|
||
type: string
|
||
required:
|
||
- topologyKey
|
||
type: object
|
||
type: array
|
||
type: object
|
||
podAntiAffinity:
|
||
description: Describes pod anti-affinity scheduling
|
||
rules (e.g. avoid putting this pod in the same node,
|
||
zone, etc. as some other pod(s)).
|
||
properties:
|
||
preferredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
The scheduler will prefer to schedule pods to nodes that satisfy
|
||
the anti-affinity expressions specified by this field, but it may choose
|
||
a node that violates one or more of the expressions. The node that is
|
||
most preferred is the one with the greatest sum of weights, i.e.
|
||
for each node that meets all of the scheduling requirements (resource
|
||
request, requiredDuringScheduling anti-affinity expressions, etc.),
|
||
compute a sum by iterating through the elements of this field and adding
|
||
"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
|
||
node(s) with the highest sum are the most preferred.
|
||
items:
|
||
description: The weights of all of the matched
|
||
WeightedPodAffinityTerm fields are added per-node
|
||
to find the most preferred node(s)
|
||
properties:
|
||
podAffinityTerm:
|
||
description: Required. A pod affinity term,
|
||
associated with the corresponding weight.
|
||
properties:
|
||
labelSelector:
|
||
description: |-
|
||
A label query over a set of resources, in this case pods.
|
||
If it's null, this PodAffinityTerm matches with no Pods.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a
|
||
list of label selector requirements.
|
||
The requirements are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label
|
||
key that the selector applies
|
||
to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
matchLabelKeys:
|
||
description: |-
|
||
MatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
|
||
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
mismatchLabelKeys:
|
||
description: |-
|
||
MismatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
|
||
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
namespaceSelector:
|
||
description: |-
|
||
A label query over the set of namespaces that the term applies to.
|
||
The term is applied to the union of the namespaces selected by this field
|
||
and the ones listed in the namespaces field.
|
||
null selector and null or empty namespaces list means "this pod's namespace".
|
||
An empty selector ({}) matches all namespaces.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a
|
||
list of label selector requirements.
|
||
The requirements are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label
|
||
key that the selector applies
|
||
to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
namespaces:
|
||
description: |-
|
||
namespaces specifies a static list of namespace names that the term applies to.
|
||
The term is applied to the union of the namespaces listed in this field
|
||
and the ones selected by namespaceSelector.
|
||
null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||
items:
|
||
type: string
|
||
type: array
|
||
topologyKey:
|
||
description: |-
|
||
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
|
||
the labelSelector in the specified namespaces, where co-located is defined as running on a node
|
||
whose value of the label with key topologyKey matches that of any node on which any of the
|
||
selected pods is running.
|
||
Empty topologyKey is not allowed.
|
||
type: string
|
||
required:
|
||
- topologyKey
|
||
type: object
|
||
weight:
|
||
description: |-
|
||
weight associated with matching the corresponding podAffinityTerm,
|
||
in the range 1-100.
|
||
format: int32
|
||
type: integer
|
||
required:
|
||
- podAffinityTerm
|
||
- weight
|
||
type: object
|
||
type: array
|
||
requiredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
If the anti-affinity requirements specified by this field are not met at
|
||
scheduling time, the pod will not be scheduled onto the node.
|
||
If the anti-affinity requirements specified by this field cease to be met
|
||
at some point during pod execution (e.g. due to a pod label update), the
|
||
system may or may not try to eventually evict the pod from its node.
|
||
When there are multiple elements, the lists of nodes corresponding to each
|
||
podAffinityTerm are intersected, i.e. all terms must be satisfied.
|
||
items:
|
||
description: |-
|
||
Defines a set of pods (namely those matching the labelSelector
|
||
relative to the given namespace(s)) that this pod should be
|
||
co-located (affinity) or not co-located (anti-affinity) with,
|
||
where co-located is defined as running on a node whose value of
|
||
the label with key <topologyKey> matches that of any node on which
|
||
a pod of the set of pods is running
|
||
properties:
|
||
labelSelector:
|
||
description: |-
|
||
A label query over a set of resources, in this case pods.
|
||
If it's null, this PodAffinityTerm matches with no Pods.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list
|
||
of label selector requirements. The
|
||
requirements are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key
|
||
that the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
matchLabelKeys:
|
||
description: |-
|
||
MatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
|
||
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
mismatchLabelKeys:
|
||
description: |-
|
||
MismatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
|
||
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
namespaceSelector:
|
||
description: |-
|
||
A label query over the set of namespaces that the term applies to.
|
||
The term is applied to the union of the namespaces selected by this field
|
||
and the ones listed in the namespaces field.
|
||
null selector and null or empty namespaces list means "this pod's namespace".
|
||
An empty selector ({}) matches all namespaces.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list
|
||
of label selector requirements. The
|
||
requirements are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key
|
||
that the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
namespaces:
|
||
description: |-
|
||
namespaces specifies a static list of namespace names that the term applies to.
|
||
The term is applied to the union of the namespaces listed in this field
|
||
and the ones selected by namespaceSelector.
|
||
null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||
items:
|
||
type: string
|
||
type: array
|
||
topologyKey:
|
||
description: |-
|
||
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
|
||
the labelSelector in the specified namespaces, where co-located is defined as running on a node
|
||
whose value of the label with key topologyKey matches that of any node on which any of the
|
||
selected pods is running.
|
||
Empty topologyKey is not allowed.
|
||
type: string
|
||
required:
|
||
- topologyKey
|
||
type: object
|
||
type: array
|
||
type: object
|
||
type: object
|
||
containers:
|
||
description: List of containers specified in the Deployment
|
||
items:
|
||
description: |-
|
||
ContainerSpec defines the properties available to override for each
|
||
container in a provider deployment such as Image and Args to the container’s
|
||
entrypoint.
|
||
properties:
|
||
args:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
Args represents extra provider specific flags that are not encoded as fields in this API.
|
||
Explicit controller manager properties defined in the `Provider.ManagerSpec`
|
||
will have higher precedence than those defined in `ContainerSpec.Args`.
|
||
For example, `ManagerSpec.SyncPeriod` will be used instead of the
|
||
container arg `--sync-period` if both are defined.
|
||
The same holds for `ManagerSpec.FeatureGates` and `--feature-gates`.
|
||
type: object
|
||
command:
|
||
description: Command allows override container's entrypoint
|
||
array.
|
||
items:
|
||
type: string
|
||
type: array
|
||
env:
|
||
description: List of environment variables to set
|
||
in the container.
|
||
items:
|
||
description: EnvVar represents an environment variable
|
||
present in a Container.
|
||
properties:
|
||
name:
|
||
description: Name of the environment variable.
|
||
Must be a C_IDENTIFIER.
|
||
type: string
|
||
value:
|
||
description: |-
|
||
Variable references $(VAR_NAME) are expanded
|
||
using the previously defined environment variables in the container and
|
||
any service environment variables. If a variable cannot be resolved,
|
||
the reference in the input string will be unchanged. Double $$ are reduced
|
||
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
|
||
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
|
||
Escaped references will never be expanded, regardless of whether the variable
|
||
exists or not.
|
||
Defaults to "".
|
||
type: string
|
||
valueFrom:
|
||
description: Source for the environment variable's
|
||
value. Cannot be used if value is not empty.
|
||
properties:
|
||
configMapKeyRef:
|
||
description: Selects a key of a ConfigMap.
|
||
properties:
|
||
key:
|
||
description: The key to select.
|
||
type: string
|
||
name:
|
||
description: |-
|
||
Name of the referent.
|
||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||
type: string
|
||
optional:
|
||
description: Specify whether the ConfigMap
|
||
or its key must be defined
|
||
type: boolean
|
||
required:
|
||
- key
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
fieldRef:
|
||
description: |-
|
||
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
|
||
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
|
||
properties:
|
||
apiVersion:
|
||
description: Version of the schema the
|
||
FieldPath is written in terms of,
|
||
defaults to "v1".
|
||
type: string
|
||
fieldPath:
|
||
description: Path of the field to select
|
||
in the specified API version.
|
||
type: string
|
||
required:
|
||
- fieldPath
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
resourceFieldRef:
|
||
description: |-
|
||
Selects a resource of the container: only resources limits and requests
|
||
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
|
||
properties:
|
||
containerName:
|
||
description: 'Container name: required
|
||
for volumes, optional for env vars'
|
||
type: string
|
||
divisor:
|
||
anyOf:
|
||
- type: integer
|
||
- type: string
|
||
description: Specifies the output format
|
||
of the exposed resources, defaults
|
||
to "1"
|
||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||
x-kubernetes-int-or-string: true
|
||
resource:
|
||
description: 'Required: resource to
|
||
select'
|
||
type: string
|
||
required:
|
||
- resource
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
secretKeyRef:
|
||
description: Selects a key of a secret in
|
||
the pod's namespace
|
||
properties:
|
||
key:
|
||
description: The key of the secret to
|
||
select from. Must be a valid secret
|
||
key.
|
||
type: string
|
||
name:
|
||
description: |-
|
||
Name of the referent.
|
||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||
type: string
|
||
optional:
|
||
description: Specify whether the Secret
|
||
or its key must be defined
|
||
type: boolean
|
||
required:
|
||
- key
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
type: object
|
||
required:
|
||
- name
|
||
type: object
|
||
type: array
|
||
imageUrl:
|
||
description: Container Image URL
|
||
type: string
|
||
name:
|
||
description: Name of the container. Cannot be updated.
|
||
type: string
|
||
resources:
|
||
description: Compute resources required by this container.
|
||
properties:
|
||
claims:
|
||
description: |-
|
||
Claims lists the names of resources, defined in spec.resourceClaims,
|
||
that are used by this container.
|
||
|
||
|
||
This is an alpha field and requires enabling the
|
||
DynamicResourceAllocation feature gate.
|
||
|
||
|
||
This field is immutable. It can only be set for containers.
|
||
items:
|
||
description: ResourceClaim references one entry
|
||
in PodSpec.ResourceClaims.
|
||
properties:
|
||
name:
|
||
description: |-
|
||
Name must match the name of one entry in pod.spec.resourceClaims of
|
||
the Pod where this field is used. It makes that resource available
|
||
inside a container.
|
||
type: string
|
||
required:
|
||
- name
|
||
type: object
|
||
type: array
|
||
x-kubernetes-list-map-keys:
|
||
- name
|
||
x-kubernetes-list-type: map
|
||
limits:
|
||
additionalProperties:
|
||
anyOf:
|
||
- type: integer
|
||
- type: string
|
||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||
x-kubernetes-int-or-string: true
|
||
description: |-
|
||
Limits describes the maximum amount of compute resources allowed.
|
||
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||
type: object
|
||
requests:
|
||
additionalProperties:
|
||
anyOf:
|
||
- type: integer
|
||
- type: string
|
||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||
x-kubernetes-int-or-string: true
|
||
description: |-
|
||
Requests describes the minimum amount of compute resources required.
|
||
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
|
||
otherwise to an implementation-defined value. Requests cannot exceed Limits.
|
||
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||
type: object
|
||
type: object
|
||
required:
|
||
- name
|
||
type: object
|
||
type: array
|
||
imagePullSecrets:
|
||
description: List of image pull secrets specified in the
|
||
Deployment
|
||
items:
|
||
description: |-
|
||
LocalObjectReference contains enough information to let you locate the
|
||
referenced object inside the same namespace.
|
||
properties:
|
||
name:
|
||
description: |-
|
||
Name of the referent.
|
||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||
type: string
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
type: array
|
||
nodeSelector:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
NodeSelector is a selector which must be true for the pod to fit on a node.
|
||
Selector which must match a node's labels for the pod to be scheduled on that node.
|
||
More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
|
||
type: object
|
||
replicas:
|
||
description: Number of desired pods. This is a pointer to
|
||
distinguish between explicit zero and not specified. Defaults
|
||
to 1.
|
||
minimum: 0
|
||
type: integer
|
||
serviceAccountName:
|
||
description: If specified, the pod's service account
|
||
type: string
|
||
tolerations:
|
||
description: If specified, the pod's tolerations.
|
||
items:
|
||
description: |-
|
||
The pod this Toleration is attached to tolerates any taint that matches
|
||
the triple <key,value,effect> using the matching operator <operator>.
|
||
properties:
|
||
effect:
|
||
description: |-
|
||
Effect indicates the taint effect to match. Empty means match all taint effects.
|
||
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
|
||
type: string
|
||
key:
|
||
description: |-
|
||
Key is the taint key that the toleration applies to. Empty means match all taint keys.
|
||
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
Operator represents a key's relationship to the value.
|
||
Valid operators are Exists and Equal. Defaults to Equal.
|
||
Exists is equivalent to wildcard for value, so that a pod can
|
||
tolerate all taints of a particular category.
|
||
type: string
|
||
tolerationSeconds:
|
||
description: |-
|
||
TolerationSeconds represents the period of time the toleration (which must be
|
||
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
|
||
it is not set, which means tolerate the taint forever (do not evict). Zero and
|
||
negative values will be treated as 0 (evict immediately) by the system.
|
||
format: int64
|
||
type: integer
|
||
value:
|
||
description: |-
|
||
Value is the taint value the toleration matches to.
|
||
If the operator is Exists, the value should be empty, otherwise just a regular string.
|
||
type: string
|
||
type: object
|
||
type: array
|
||
type: object
|
||
manager:
|
||
description: Manager defines the properties that can be enabled
|
||
on the controller manager for the additional provider deployment.
|
||
properties:
|
||
cacheNamespace:
|
||
description: |-
|
||
CacheNamespace if specified restricts the manager's cache to watch objects in
|
||
the desired namespace Defaults to all namespaces
|
||
|
||
|
||
Note: If a namespace is specified, controllers can still Watch for a
|
||
cluster-scoped resource (e.g Node). For namespaced resources the cache
|
||
will only hold objects from the desired namespace.
|
||
type: string
|
||
controller:
|
||
description: |-
|
||
Controller contains global configuration options for controllers
|
||
registered within this manager.
|
||
properties:
|
||
cacheSyncTimeout:
|
||
description: |-
|
||
CacheSyncTimeout refers to the time limit set to wait for syncing caches.
|
||
Defaults to 2 minutes if not set.
|
||
format: int64
|
||
type: integer
|
||
groupKindConcurrency:
|
||
additionalProperties:
|
||
type: integer
|
||
description: |-
|
||
GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation
|
||
allowed for that controller.
|
||
|
||
|
||
When a controller is registered within this manager using the builder utilities,
|
||
users have to specify the type the controller reconciles in the For(...) call.
|
||
If the object's kind passed matches one of the keys in this map, the concurrency
|
||
for that controller is set to the number specified.
|
||
|
||
|
||
The key is expected to be consistent in form with GroupKind.String(),
|
||
e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`.
|
||
type: object
|
||
recoverPanic:
|
||
description: RecoverPanic indicates if panics should
|
||
be recovered.
|
||
type: boolean
|
||
type: object
|
||
featureGates:
|
||
additionalProperties:
|
||
type: boolean
|
||
description: |-
|
||
FeatureGates define provider specific feature flags that will be passed
|
||
in as container args to the provider's controller manager.
|
||
Controller Manager flag is --feature-gates.
|
||
type: object
|
||
gracefulShutDown:
|
||
description: |-
|
||
GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop.
|
||
To disable graceful shutdown, set to time.Duration(0)
|
||
To use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1)
|
||
The graceful shutdown is skipped for safety reasons in case the leader election lease is lost.
|
||
type: string
|
||
health:
|
||
description: Health contains the controller health configuration
|
||
properties:
|
||
healthProbeBindAddress:
|
||
description: |-
|
||
HealthProbeBindAddress is the TCP address that the controller should bind to
|
||
for serving health probes
|
||
It can be set to "0" or "" to disable serving the health probe.
|
||
type: string
|
||
livenessEndpointName:
|
||
description: LivenessEndpointName, defaults to "healthz"
|
||
type: string
|
||
readinessEndpointName:
|
||
description: ReadinessEndpointName, defaults to "readyz"
|
||
type: string
|
||
type: object
|
||
leaderElection:
|
||
description: |-
|
||
LeaderElection is the LeaderElection config to be used when configuring
|
||
the manager.Manager leader election
|
||
properties:
|
||
leaderElect:
|
||
description: |-
|
||
leaderElect enables a leader election client to gain leadership
|
||
before executing the main loop. Enable this when running replicated
|
||
components for high availability.
|
||
type: boolean
|
||
leaseDuration:
|
||
description: |-
|
||
leaseDuration is the duration that non-leader candidates will wait
|
||
after observing a leadership renewal until attempting to acquire
|
||
leadership of a led but unrenewed leader slot. This is effectively the
|
||
maximum duration that a leader can be stopped before it is replaced
|
||
by another candidate. This is only applicable if leader election is
|
||
enabled.
|
||
type: string
|
||
renewDeadline:
|
||
description: |-
|
||
renewDeadline is the interval between attempts by the acting master to
|
||
renew a leadership slot before it stops leading. This must be less
|
||
than or equal to the lease duration. This is only applicable if leader
|
||
election is enabled.
|
||
type: string
|
||
resourceLock:
|
||
description: |-
|
||
resourceLock indicates the resource object type that will be used to lock
|
||
during leader election cycles.
|
||
type: string
|
||
resourceName:
|
||
description: |-
|
||
resourceName indicates the name of resource object that will be used to lock
|
||
during leader election cycles.
|
||
type: string
|
||
resourceNamespace:
|
||
description: |-
|
||
resourceName indicates the namespace of resource object that will be used to lock
|
||
during leader election cycles.
|
||
type: string
|
||
retryPeriod:
|
||
description: |-
|
||
retryPeriod is the duration the clients should wait between attempting
|
||
acquisition and renewal of a leadership. This is only applicable if
|
||
leader election is enabled.
|
||
type: string
|
||
required:
|
||
- leaderElect
|
||
- leaseDuration
|
||
- renewDeadline
|
||
- resourceLock
|
||
- resourceName
|
||
- resourceNamespace
|
||
- retryPeriod
|
||
type: object
|
||
maxConcurrentReconciles:
|
||
description: |-
|
||
MaxConcurrentReconciles is the maximum number of concurrent Reconciles
|
||
which can be run.
|
||
minimum: 1
|
||
type: integer
|
||
metrics:
|
||
description: Metrics contains thw controller metrics configuration
|
||
properties:
|
||
bindAddress:
|
||
description: |-
|
||
BindAddress is the TCP address that the controller should bind to
|
||
for serving prometheus metrics.
|
||
It can be set to "0" to disable the metrics serving.
|
||
type: string
|
||
type: object
|
||
profilerAddress:
|
||
description: |-
|
||
ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060).
|
||
Default empty, meaning the profiler is disabled.
|
||
Controller Manager flag is --profiler-address.
|
||
type: string
|
||
syncPeriod:
|
||
description: |-
|
||
SyncPeriod determines the minimum frequency at which watched resources are
|
||
reconciled. A lower period will correct entropy more quickly, but reduce
|
||
responsiveness to change if there are many watched resources. Change this
|
||
value only if you know what you are doing. Defaults to 10 hours if unset.
|
||
there will a 10 percent jitter between the SyncPeriod of all controllers
|
||
so that all controllers will not send list requests simultaneously.
|
||
type: string
|
||
verbosity:
|
||
default: 1
|
||
description: |-
|
||
Verbosity set the logs verbosity. Defaults to 1.
|
||
Controller Manager flag is --verbosity.
|
||
minimum: 0
|
||
type: integer
|
||
webhook:
|
||
description: Webhook contains the controllers webhook configuration
|
||
properties:
|
||
certDir:
|
||
description: |-
|
||
CertDir is the directory that contains the server key and certificate.
|
||
if not set, webhook server would look up the server key and certificate in
|
||
{TempDir}/k8s-webhook-server/serving-certs. The server key and certificate
|
||
must be named tls.key and tls.crt, respectively.
|
||
type: string
|
||
host:
|
||
description: |-
|
||
Host is the hostname that the webhook server binds to.
|
||
It is used to set webhook.Server.Host.
|
||
type: string
|
||
port:
|
||
description: |-
|
||
Port is the port that the webhook server serves at.
|
||
It is used to set webhook.Server.Port.
|
||
type: integer
|
||
type: object
|
||
type: object
|
||
type: object
|
||
description: |-
|
||
AdditionalDeployments is a map of additional deployments that the provider
|
||
should manage. The key is the name of the deployment and the value is the
|
||
DeploymentSpec.
|
||
type: object
|
||
additionalManifests:
|
||
description: |-
|
||
AdditionalManifests is reference to configmap that contains additional manifests that will be applied
|
||
together with the provider components. The key for storing these manifests has to be `manifests`.
|
||
The manifests are applied only once when a certain release is installed/upgraded. If namespace is not specified, the
|
||
namespace of the provider will be used. There is no validation of the yaml content inside the configmap.
|
||
properties:
|
||
name:
|
||
description: Name defines the name of the configmap.
|
||
type: string
|
||
namespace:
|
||
description: Namespace defines the namespace of the configmap.
|
||
type: string
|
||
required:
|
||
- name
|
||
type: object
|
||
configSecret:
|
||
description: |-
|
||
ConfigSecret is the object with name and namespace of the Secret providing
|
||
the configuration variables for the current provider instance, like e.g. credentials.
|
||
Such configurations will be used when creating or upgrading provider components.
|
||
The contents of the secret will be treated as immutable. If changes need
|
||
to be made, a new object can be created and the name should be updated.
|
||
The contents should be in the form of key:value. This secret must be in
|
||
the same namespace as the provider.
|
||
properties:
|
||
name:
|
||
description: Name defines the name of the secret.
|
||
type: string
|
||
namespace:
|
||
description: Namespace defines the namespace of the secret.
|
||
type: string
|
||
required:
|
||
- name
|
||
type: object
|
||
credentials:
|
||
description: Credentials is the structure holding the credentials
|
||
to use for the provider. Only one credential type could be set at
|
||
a time.
|
||
example:
|
||
rancherCloudCredential: user-credential
|
||
maxProperties: 1
|
||
minProperties: 1
|
||
properties:
|
||
rancherCloudCredential:
|
||
description: RancherCloudCredential is the Rancher Cloud Credential
|
||
name
|
||
type: string
|
||
rancherCloudCredentialNamespaceName:
|
||
description: RancherCloudCredentialNamespaceName is the Rancher
|
||
Cloud Credential namespace:name reference
|
||
type: string
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
x-kubernetes-validations:
|
||
- message: rancherCloudCredentialNamespaceName should be in the namespace:name
|
||
format.
|
||
rule: '!has(self.rancherCloudCredentialNamespaceName) || self.rancherCloudCredentialNamespaceName.matches(''^.+:.+$'')'
|
||
deployment:
|
||
description: Deployment defines the properties that can be enabled
|
||
on the deployment for the provider.
|
||
properties:
|
||
affinity:
|
||
description: If specified, the pod's scheduling constraints
|
||
properties:
|
||
nodeAffinity:
|
||
description: Describes node affinity scheduling rules for
|
||
the pod.
|
||
properties:
|
||
preferredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
The scheduler will prefer to schedule pods to nodes that satisfy
|
||
the affinity expressions specified by this field, but it may choose
|
||
a node that violates one or more of the expressions. The node that is
|
||
most preferred is the one with the greatest sum of weights, i.e.
|
||
for each node that meets all of the scheduling requirements (resource
|
||
request, requiredDuringScheduling affinity expressions, etc.),
|
||
compute a sum by iterating through the elements of this field and adding
|
||
"weight" to the sum if the node matches the corresponding matchExpressions; the
|
||
node(s) with the highest sum are the most preferred.
|
||
items:
|
||
description: |-
|
||
An empty preferred scheduling term matches all objects with implicit weight 0
|
||
(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
|
||
properties:
|
||
preference:
|
||
description: A node selector term, associated with
|
||
the corresponding weight.
|
||
properties:
|
||
matchExpressions:
|
||
description: A list of node selector requirements
|
||
by node's labels.
|
||
items:
|
||
description: |-
|
||
A node selector requirement is a selector that contains values, a key, and an operator
|
||
that relates the key and values.
|
||
properties:
|
||
key:
|
||
description: The label key that the selector
|
||
applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
Represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
An array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. If the operator is Gt or Lt, the values
|
||
array must have a single element, which will be interpreted as an integer.
|
||
This array is replaced during a strategic merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchFields:
|
||
description: A list of node selector requirements
|
||
by node's fields.
|
||
items:
|
||
description: |-
|
||
A node selector requirement is a selector that contains values, a key, and an operator
|
||
that relates the key and values.
|
||
properties:
|
||
key:
|
||
description: The label key that the selector
|
||
applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
Represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
An array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. If the operator is Gt or Lt, the values
|
||
array must have a single element, which will be interpreted as an integer.
|
||
This array is replaced during a strategic merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
weight:
|
||
description: Weight associated with matching the
|
||
corresponding nodeSelectorTerm, in the range 1-100.
|
||
format: int32
|
||
type: integer
|
||
required:
|
||
- preference
|
||
- weight
|
||
type: object
|
||
type: array
|
||
requiredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
If the affinity requirements specified by this field are not met at
|
||
scheduling time, the pod will not be scheduled onto the node.
|
||
If the affinity requirements specified by this field cease to be met
|
||
at some point during pod execution (e.g. due to an update), the system
|
||
may or may not try to eventually evict the pod from its node.
|
||
properties:
|
||
nodeSelectorTerms:
|
||
description: Required. A list of node selector terms.
|
||
The terms are ORed.
|
||
items:
|
||
description: |-
|
||
A null or empty node selector term matches no objects. The requirements of
|
||
them are ANDed.
|
||
The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
|
||
properties:
|
||
matchExpressions:
|
||
description: A list of node selector requirements
|
||
by node's labels.
|
||
items:
|
||
description: |-
|
||
A node selector requirement is a selector that contains values, a key, and an operator
|
||
that relates the key and values.
|
||
properties:
|
||
key:
|
||
description: The label key that the selector
|
||
applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
Represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
An array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. If the operator is Gt or Lt, the values
|
||
array must have a single element, which will be interpreted as an integer.
|
||
This array is replaced during a strategic merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchFields:
|
||
description: A list of node selector requirements
|
||
by node's fields.
|
||
items:
|
||
description: |-
|
||
A node selector requirement is a selector that contains values, a key, and an operator
|
||
that relates the key and values.
|
||
properties:
|
||
key:
|
||
description: The label key that the selector
|
||
applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
Represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
An array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. If the operator is Gt or Lt, the values
|
||
array must have a single element, which will be interpreted as an integer.
|
||
This array is replaced during a strategic merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
type: array
|
||
required:
|
||
- nodeSelectorTerms
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
type: object
|
||
podAffinity:
|
||
description: Describes pod affinity scheduling rules (e.g.
|
||
co-locate this pod in the same node, zone, etc. as some
|
||
other pod(s)).
|
||
properties:
|
||
preferredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
The scheduler will prefer to schedule pods to nodes that satisfy
|
||
the affinity expressions specified by this field, but it may choose
|
||
a node that violates one or more of the expressions. The node that is
|
||
most preferred is the one with the greatest sum of weights, i.e.
|
||
for each node that meets all of the scheduling requirements (resource
|
||
request, requiredDuringScheduling affinity expressions, etc.),
|
||
compute a sum by iterating through the elements of this field and adding
|
||
"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
|
||
node(s) with the highest sum are the most preferred.
|
||
items:
|
||
description: The weights of all of the matched WeightedPodAffinityTerm
|
||
fields are added per-node to find the most preferred
|
||
node(s)
|
||
properties:
|
||
podAffinityTerm:
|
||
description: Required. A pod affinity term, associated
|
||
with the corresponding weight.
|
||
properties:
|
||
labelSelector:
|
||
description: |-
|
||
A label query over a set of resources, in this case pods.
|
||
If it's null, this PodAffinityTerm matches with no Pods.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list
|
||
of label selector requirements. The requirements
|
||
are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key
|
||
that the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
matchLabelKeys:
|
||
description: |-
|
||
MatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
|
||
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
mismatchLabelKeys:
|
||
description: |-
|
||
MismatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
|
||
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
namespaceSelector:
|
||
description: |-
|
||
A label query over the set of namespaces that the term applies to.
|
||
The term is applied to the union of the namespaces selected by this field
|
||
and the ones listed in the namespaces field.
|
||
null selector and null or empty namespaces list means "this pod's namespace".
|
||
An empty selector ({}) matches all namespaces.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list
|
||
of label selector requirements. The requirements
|
||
are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key
|
||
that the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
namespaces:
|
||
description: |-
|
||
namespaces specifies a static list of namespace names that the term applies to.
|
||
The term is applied to the union of the namespaces listed in this field
|
||
and the ones selected by namespaceSelector.
|
||
null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||
items:
|
||
type: string
|
||
type: array
|
||
topologyKey:
|
||
description: |-
|
||
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
|
||
the labelSelector in the specified namespaces, where co-located is defined as running on a node
|
||
whose value of the label with key topologyKey matches that of any node on which any of the
|
||
selected pods is running.
|
||
Empty topologyKey is not allowed.
|
||
type: string
|
||
required:
|
||
- topologyKey
|
||
type: object
|
||
weight:
|
||
description: |-
|
||
weight associated with matching the corresponding podAffinityTerm,
|
||
in the range 1-100.
|
||
format: int32
|
||
type: integer
|
||
required:
|
||
- podAffinityTerm
|
||
- weight
|
||
type: object
|
||
type: array
|
||
requiredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
If the affinity requirements specified by this field are not met at
|
||
scheduling time, the pod will not be scheduled onto the node.
|
||
If the affinity requirements specified by this field cease to be met
|
||
at some point during pod execution (e.g. due to a pod label update), the
|
||
system may or may not try to eventually evict the pod from its node.
|
||
When there are multiple elements, the lists of nodes corresponding to each
|
||
podAffinityTerm are intersected, i.e. all terms must be satisfied.
|
||
items:
|
||
description: |-
|
||
Defines a set of pods (namely those matching the labelSelector
|
||
relative to the given namespace(s)) that this pod should be
|
||
co-located (affinity) or not co-located (anti-affinity) with,
|
||
where co-located is defined as running on a node whose value of
|
||
the label with key <topologyKey> matches that of any node on which
|
||
a pod of the set of pods is running
|
||
properties:
|
||
labelSelector:
|
||
description: |-
|
||
A label query over a set of resources, in this case pods.
|
||
If it's null, this PodAffinityTerm matches with no Pods.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list of label
|
||
selector requirements. The requirements are
|
||
ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key that
|
||
the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
matchLabelKeys:
|
||
description: |-
|
||
MatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
|
||
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
mismatchLabelKeys:
|
||
description: |-
|
||
MismatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
|
||
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
namespaceSelector:
|
||
description: |-
|
||
A label query over the set of namespaces that the term applies to.
|
||
The term is applied to the union of the namespaces selected by this field
|
||
and the ones listed in the namespaces field.
|
||
null selector and null or empty namespaces list means "this pod's namespace".
|
||
An empty selector ({}) matches all namespaces.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list of label
|
||
selector requirements. The requirements are
|
||
ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key that
|
||
the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
namespaces:
|
||
description: |-
|
||
namespaces specifies a static list of namespace names that the term applies to.
|
||
The term is applied to the union of the namespaces listed in this field
|
||
and the ones selected by namespaceSelector.
|
||
null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||
items:
|
||
type: string
|
||
type: array
|
||
topologyKey:
|
||
description: |-
|
||
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
|
||
the labelSelector in the specified namespaces, where co-located is defined as running on a node
|
||
whose value of the label with key topologyKey matches that of any node on which any of the
|
||
selected pods is running.
|
||
Empty topologyKey is not allowed.
|
||
type: string
|
||
required:
|
||
- topologyKey
|
||
type: object
|
||
type: array
|
||
type: object
|
||
podAntiAffinity:
|
||
description: Describes pod anti-affinity scheduling rules
|
||
(e.g. avoid putting this pod in the same node, zone, etc.
|
||
as some other pod(s)).
|
||
properties:
|
||
preferredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
The scheduler will prefer to schedule pods to nodes that satisfy
|
||
the anti-affinity expressions specified by this field, but it may choose
|
||
a node that violates one or more of the expressions. The node that is
|
||
most preferred is the one with the greatest sum of weights, i.e.
|
||
for each node that meets all of the scheduling requirements (resource
|
||
request, requiredDuringScheduling anti-affinity expressions, etc.),
|
||
compute a sum by iterating through the elements of this field and adding
|
||
"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
|
||
node(s) with the highest sum are the most preferred.
|
||
items:
|
||
description: The weights of all of the matched WeightedPodAffinityTerm
|
||
fields are added per-node to find the most preferred
|
||
node(s)
|
||
properties:
|
||
podAffinityTerm:
|
||
description: Required. A pod affinity term, associated
|
||
with the corresponding weight.
|
||
properties:
|
||
labelSelector:
|
||
description: |-
|
||
A label query over a set of resources, in this case pods.
|
||
If it's null, this PodAffinityTerm matches with no Pods.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list
|
||
of label selector requirements. The requirements
|
||
are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key
|
||
that the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
matchLabelKeys:
|
||
description: |-
|
||
MatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
|
||
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
mismatchLabelKeys:
|
||
description: |-
|
||
MismatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
|
||
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
namespaceSelector:
|
||
description: |-
|
||
A label query over the set of namespaces that the term applies to.
|
||
The term is applied to the union of the namespaces selected by this field
|
||
and the ones listed in the namespaces field.
|
||
null selector and null or empty namespaces list means "this pod's namespace".
|
||
An empty selector ({}) matches all namespaces.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list
|
||
of label selector requirements. The requirements
|
||
are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key
|
||
that the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
namespaces:
|
||
description: |-
|
||
namespaces specifies a static list of namespace names that the term applies to.
|
||
The term is applied to the union of the namespaces listed in this field
|
||
and the ones selected by namespaceSelector.
|
||
null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||
items:
|
||
type: string
|
||
type: array
|
||
topologyKey:
|
||
description: |-
|
||
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
|
||
the labelSelector in the specified namespaces, where co-located is defined as running on a node
|
||
whose value of the label with key topologyKey matches that of any node on which any of the
|
||
selected pods is running.
|
||
Empty topologyKey is not allowed.
|
||
type: string
|
||
required:
|
||
- topologyKey
|
||
type: object
|
||
weight:
|
||
description: |-
|
||
weight associated with matching the corresponding podAffinityTerm,
|
||
in the range 1-100.
|
||
format: int32
|
||
type: integer
|
||
required:
|
||
- podAffinityTerm
|
||
- weight
|
||
type: object
|
||
type: array
|
||
requiredDuringSchedulingIgnoredDuringExecution:
|
||
description: |-
|
||
If the anti-affinity requirements specified by this field are not met at
|
||
scheduling time, the pod will not be scheduled onto the node.
|
||
If the anti-affinity requirements specified by this field cease to be met
|
||
at some point during pod execution (e.g. due to a pod label update), the
|
||
system may or may not try to eventually evict the pod from its node.
|
||
When there are multiple elements, the lists of nodes corresponding to each
|
||
podAffinityTerm are intersected, i.e. all terms must be satisfied.
|
||
items:
|
||
description: |-
|
||
Defines a set of pods (namely those matching the labelSelector
|
||
relative to the given namespace(s)) that this pod should be
|
||
co-located (affinity) or not co-located (anti-affinity) with,
|
||
where co-located is defined as running on a node whose value of
|
||
the label with key <topologyKey> matches that of any node on which
|
||
a pod of the set of pods is running
|
||
properties:
|
||
labelSelector:
|
||
description: |-
|
||
A label query over a set of resources, in this case pods.
|
||
If it's null, this PodAffinityTerm matches with no Pods.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list of label
|
||
selector requirements. The requirements are
|
||
ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key that
|
||
the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
matchLabelKeys:
|
||
description: |-
|
||
MatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
|
||
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
mismatchLabelKeys:
|
||
description: |-
|
||
MismatchLabelKeys is a set of pod label keys to select which pods will
|
||
be taken into consideration. The keys are used to lookup values from the
|
||
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
|
||
to select the group of existing pods which pods will be taken into consideration
|
||
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
|
||
pod labels will be ignored. The default value is empty.
|
||
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
|
||
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
|
||
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
|
||
items:
|
||
type: string
|
||
type: array
|
||
x-kubernetes-list-type: atomic
|
||
namespaceSelector:
|
||
description: |-
|
||
A label query over the set of namespaces that the term applies to.
|
||
The term is applied to the union of the namespaces selected by this field
|
||
and the ones listed in the namespaces field.
|
||
null selector and null or empty namespaces list means "this pod's namespace".
|
||
An empty selector ({}) matches all namespaces.
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list of label
|
||
selector requirements. The requirements are
|
||
ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key that
|
||
the selector applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
namespaces:
|
||
description: |-
|
||
namespaces specifies a static list of namespace names that the term applies to.
|
||
The term is applied to the union of the namespaces listed in this field
|
||
and the ones selected by namespaceSelector.
|
||
null or empty namespaces list and null namespaceSelector means "this pod's namespace".
|
||
items:
|
||
type: string
|
||
type: array
|
||
topologyKey:
|
||
description: |-
|
||
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
|
||
the labelSelector in the specified namespaces, where co-located is defined as running on a node
|
||
whose value of the label with key topologyKey matches that of any node on which any of the
|
||
selected pods is running.
|
||
Empty topologyKey is not allowed.
|
||
type: string
|
||
required:
|
||
- topologyKey
|
||
type: object
|
||
type: array
|
||
type: object
|
||
type: object
|
||
containers:
|
||
description: List of containers specified in the Deployment
|
||
items:
|
||
description: |-
|
||
ContainerSpec defines the properties available to override for each
|
||
container in a provider deployment such as Image and Args to the container’s
|
||
entrypoint.
|
||
properties:
|
||
args:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
Args represents extra provider specific flags that are not encoded as fields in this API.
|
||
Explicit controller manager properties defined in the `Provider.ManagerSpec`
|
||
will have higher precedence than those defined in `ContainerSpec.Args`.
|
||
For example, `ManagerSpec.SyncPeriod` will be used instead of the
|
||
container arg `--sync-period` if both are defined.
|
||
The same holds for `ManagerSpec.FeatureGates` and `--feature-gates`.
|
||
type: object
|
||
command:
|
||
description: Command allows override container's entrypoint
|
||
array.
|
||
items:
|
||
type: string
|
||
type: array
|
||
env:
|
||
description: List of environment variables to set in the
|
||
container.
|
||
items:
|
||
description: EnvVar represents an environment variable
|
||
present in a Container.
|
||
properties:
|
||
name:
|
||
description: Name of the environment variable. Must
|
||
be a C_IDENTIFIER.
|
||
type: string
|
||
value:
|
||
description: |-
|
||
Variable references $(VAR_NAME) are expanded
|
||
using the previously defined environment variables in the container and
|
||
any service environment variables. If a variable cannot be resolved,
|
||
the reference in the input string will be unchanged. Double $$ are reduced
|
||
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
|
||
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
|
||
Escaped references will never be expanded, regardless of whether the variable
|
||
exists or not.
|
||
Defaults to "".
|
||
type: string
|
||
valueFrom:
|
||
description: Source for the environment variable's
|
||
value. Cannot be used if value is not empty.
|
||
properties:
|
||
configMapKeyRef:
|
||
description: Selects a key of a ConfigMap.
|
||
properties:
|
||
key:
|
||
description: The key to select.
|
||
type: string
|
||
name:
|
||
description: |-
|
||
Name of the referent.
|
||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||
type: string
|
||
optional:
|
||
description: Specify whether the ConfigMap
|
||
or its key must be defined
|
||
type: boolean
|
||
required:
|
||
- key
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
fieldRef:
|
||
description: |-
|
||
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
|
||
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
|
||
properties:
|
||
apiVersion:
|
||
description: Version of the schema the FieldPath
|
||
is written in terms of, defaults to "v1".
|
||
type: string
|
||
fieldPath:
|
||
description: Path of the field to select in
|
||
the specified API version.
|
||
type: string
|
||
required:
|
||
- fieldPath
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
resourceFieldRef:
|
||
description: |-
|
||
Selects a resource of the container: only resources limits and requests
|
||
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
|
||
properties:
|
||
containerName:
|
||
description: 'Container name: required for
|
||
volumes, optional for env vars'
|
||
type: string
|
||
divisor:
|
||
anyOf:
|
||
- type: integer
|
||
- type: string
|
||
description: Specifies the output format of
|
||
the exposed resources, defaults to "1"
|
||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||
x-kubernetes-int-or-string: true
|
||
resource:
|
||
description: 'Required: resource to select'
|
||
type: string
|
||
required:
|
||
- resource
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
secretKeyRef:
|
||
description: Selects a key of a secret in the
|
||
pod's namespace
|
||
properties:
|
||
key:
|
||
description: The key of the secret to select
|
||
from. Must be a valid secret key.
|
||
type: string
|
||
name:
|
||
description: |-
|
||
Name of the referent.
|
||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||
type: string
|
||
optional:
|
||
description: Specify whether the Secret or
|
||
its key must be defined
|
||
type: boolean
|
||
required:
|
||
- key
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
type: object
|
||
required:
|
||
- name
|
||
type: object
|
||
type: array
|
||
imageUrl:
|
||
description: Container Image URL
|
||
type: string
|
||
name:
|
||
description: Name of the container. Cannot be updated.
|
||
type: string
|
||
resources:
|
||
description: Compute resources required by this container.
|
||
properties:
|
||
claims:
|
||
description: |-
|
||
Claims lists the names of resources, defined in spec.resourceClaims,
|
||
that are used by this container.
|
||
|
||
|
||
This is an alpha field and requires enabling the
|
||
DynamicResourceAllocation feature gate.
|
||
|
||
|
||
This field is immutable. It can only be set for containers.
|
||
items:
|
||
description: ResourceClaim references one entry in
|
||
PodSpec.ResourceClaims.
|
||
properties:
|
||
name:
|
||
description: |-
|
||
Name must match the name of one entry in pod.spec.resourceClaims of
|
||
the Pod where this field is used. It makes that resource available
|
||
inside a container.
|
||
type: string
|
||
required:
|
||
- name
|
||
type: object
|
||
type: array
|
||
x-kubernetes-list-map-keys:
|
||
- name
|
||
x-kubernetes-list-type: map
|
||
limits:
|
||
additionalProperties:
|
||
anyOf:
|
||
- type: integer
|
||
- type: string
|
||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||
x-kubernetes-int-or-string: true
|
||
description: |-
|
||
Limits describes the maximum amount of compute resources allowed.
|
||
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||
type: object
|
||
requests:
|
||
additionalProperties:
|
||
anyOf:
|
||
- type: integer
|
||
- type: string
|
||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||
x-kubernetes-int-or-string: true
|
||
description: |-
|
||
Requests describes the minimum amount of compute resources required.
|
||
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
|
||
otherwise to an implementation-defined value. Requests cannot exceed Limits.
|
||
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
|
||
type: object
|
||
type: object
|
||
required:
|
||
- name
|
||
type: object
|
||
type: array
|
||
imagePullSecrets:
|
||
description: List of image pull secrets specified in the Deployment
|
||
items:
|
||
description: |-
|
||
LocalObjectReference contains enough information to let you locate the
|
||
referenced object inside the same namespace.
|
||
properties:
|
||
name:
|
||
description: |-
|
||
Name of the referent.
|
||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||
type: string
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
type: array
|
||
nodeSelector:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
NodeSelector is a selector which must be true for the pod to fit on a node.
|
||
Selector which must match a node's labels for the pod to be scheduled on that node.
|
||
More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
|
||
type: object
|
||
replicas:
|
||
description: Number of desired pods. This is a pointer to distinguish
|
||
between explicit zero and not specified. Defaults to 1.
|
||
minimum: 0
|
||
type: integer
|
||
serviceAccountName:
|
||
description: If specified, the pod's service account
|
||
type: string
|
||
tolerations:
|
||
description: If specified, the pod's tolerations.
|
||
items:
|
||
description: |-
|
||
The pod this Toleration is attached to tolerates any taint that matches
|
||
the triple <key,value,effect> using the matching operator <operator>.
|
||
properties:
|
||
effect:
|
||
description: |-
|
||
Effect indicates the taint effect to match. Empty means match all taint effects.
|
||
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
|
||
type: string
|
||
key:
|
||
description: |-
|
||
Key is the taint key that the toleration applies to. Empty means match all taint keys.
|
||
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
Operator represents a key's relationship to the value.
|
||
Valid operators are Exists and Equal. Defaults to Equal.
|
||
Exists is equivalent to wildcard for value, so that a pod can
|
||
tolerate all taints of a particular category.
|
||
type: string
|
||
tolerationSeconds:
|
||
description: |-
|
||
TolerationSeconds represents the period of time the toleration (which must be
|
||
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
|
||
it is not set, which means tolerate the taint forever (do not evict). Zero and
|
||
negative values will be treated as 0 (evict immediately) by the system.
|
||
format: int64
|
||
type: integer
|
||
value:
|
||
description: |-
|
||
Value is the taint value the toleration matches to.
|
||
If the operator is Exists, the value should be empty, otherwise just a regular string.
|
||
type: string
|
||
type: object
|
||
type: array
|
||
type: object
|
||
features:
|
||
description: Features is a collection of features to enable.
|
||
example:
|
||
clusterResourceSet: true
|
||
clusterTopology: true
|
||
machinePool: true
|
||
properties:
|
||
clusterResourceSet:
|
||
description: ClusterResourceSet if set to true will enable the
|
||
cluster resource set feature.
|
||
type: boolean
|
||
clusterTopology:
|
||
description: ClusterTopology if set to true will enable the clusterclass
|
||
feature.
|
||
type: boolean
|
||
machinePool:
|
||
description: MachinePool if set to true will enable the machine
|
||
pool feature.
|
||
type: boolean
|
||
type: object
|
||
fetchConfig:
|
||
description: |-
|
||
FetchConfig determines how the operator will fetch the components and metadata for the provider.
|
||
If nil, the operator will try to fetch components according to default
|
||
embedded fetch configuration for the given kind and `ObjectMeta.Name`.
|
||
For example, the infrastructure name `aws` will fetch artifacts from
|
||
https://github.com/kubernetes-sigs/cluster-api-provider-aws/releases.
|
||
properties:
|
||
selector:
|
||
description: |-
|
||
Selector to be used for fetching provider’s components and metadata from
|
||
ConfigMaps stored inside the cluster. Each ConfigMap is expected to contain
|
||
components and metadata for a specific version only.
|
||
Note: the name of the ConfigMap should be set to the version or to override this
|
||
add a label like the following: provider.cluster.x-k8s.io/version=v1.4.3
|
||
properties:
|
||
matchExpressions:
|
||
description: matchExpressions is a list of label selector
|
||
requirements. The requirements are ANDed.
|
||
items:
|
||
description: |-
|
||
A label selector requirement is a selector that contains values, a key, and an operator that
|
||
relates the key and values.
|
||
properties:
|
||
key:
|
||
description: key is the label key that the selector
|
||
applies to.
|
||
type: string
|
||
operator:
|
||
description: |-
|
||
operator represents a key's relationship to a set of values.
|
||
Valid operators are In, NotIn, Exists and DoesNotExist.
|
||
type: string
|
||
values:
|
||
description: |-
|
||
values is an array of string values. If the operator is In or NotIn,
|
||
the values array must be non-empty. If the operator is Exists or DoesNotExist,
|
||
the values array must be empty. This array is replaced during a strategic
|
||
merge patch.
|
||
items:
|
||
type: string
|
||
type: array
|
||
required:
|
||
- key
|
||
- operator
|
||
type: object
|
||
type: array
|
||
matchLabels:
|
||
additionalProperties:
|
||
type: string
|
||
description: |-
|
||
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
|
||
map is equivalent to an element of matchExpressions, whose key field is "key", the
|
||
operator is "In", and the values array contains only "value". The requirements are ANDed.
|
||
type: object
|
||
type: object
|
||
x-kubernetes-map-type: atomic
|
||
url:
|
||
description: |-
|
||
URL to be used for fetching the provider’s components and metadata from a remote Github repository.
|
||
For example, https://github.com/{owner}/{repository}/releases
|
||
You must set `providerSpec.Version` field for operator to pick up
|
||
desired version of the release from GitHub.
|
||
type: string
|
||
type: object
|
||
manager:
|
||
description: Manager defines the properties that can be enabled on
|
||
the controller manager for the provider.
|
||
properties:
|
||
cacheNamespace:
|
||
description: |-
|
||
CacheNamespace if specified restricts the manager's cache to watch objects in
|
||
the desired namespace Defaults to all namespaces
|
||
|
||
|
||
Note: If a namespace is specified, controllers can still Watch for a
|
||
cluster-scoped resource (e.g Node). For namespaced resources the cache
|
||
will only hold objects from the desired namespace.
|
||
type: string
|
||
controller:
|
||
description: |-
|
||
Controller contains global configuration options for controllers
|
||
registered within this manager.
|
||
properties:
|
||
cacheSyncTimeout:
|
||
description: |-
|
||
CacheSyncTimeout refers to the time limit set to wait for syncing caches.
|
||
Defaults to 2 minutes if not set.
|
||
format: int64
|
||
type: integer
|
||
groupKindConcurrency:
|
||
additionalProperties:
|
||
type: integer
|
||
description: |-
|
||
GroupKindConcurrency is a map from a Kind to the number of concurrent reconciliation
|
||
allowed for that controller.
|
||
|
||
|
||
When a controller is registered within this manager using the builder utilities,
|
||
users have to specify the type the controller reconciles in the For(...) call.
|
||
If the object's kind passed matches one of the keys in this map, the concurrency
|
||
for that controller is set to the number specified.
|
||
|
||
|
||
The key is expected to be consistent in form with GroupKind.String(),
|
||
e.g. ReplicaSet in apps group (regardless of version) would be `ReplicaSet.apps`.
|
||
type: object
|
||
recoverPanic:
|
||
description: RecoverPanic indicates if panics should be recovered.
|
||
type: boolean
|
||
type: object
|
||
featureGates:
|
||
additionalProperties:
|
||
type: boolean
|
||
description: |-
|
||
FeatureGates define provider specific feature flags that will be passed
|
||
in as container args to the provider's controller manager.
|
||
Controller Manager flag is --feature-gates.
|
||
type: object
|
||
gracefulShutDown:
|
||
description: |-
|
||
GracefulShutdownTimeout is the duration given to runnable to stop before the manager actually returns on stop.
|
||
To disable graceful shutdown, set to time.Duration(0)
|
||
To use graceful shutdown without timeout, set to a negative duration, e.G. time.Duration(-1)
|
||
The graceful shutdown is skipped for safety reasons in case the leader election lease is lost.
|
||
type: string
|
||
health:
|
||
description: Health contains the controller health configuration
|
||
properties:
|
||
healthProbeBindAddress:
|
||
description: |-
|
||
HealthProbeBindAddress is the TCP address that the controller should bind to
|
||
for serving health probes
|
||
It can be set to "0" or "" to disable serving the health probe.
|
||
type: string
|
||
livenessEndpointName:
|
||
description: LivenessEndpointName, defaults to "healthz"
|
||
type: string
|
||
readinessEndpointName:
|
||
description: ReadinessEndpointName, defaults to "readyz"
|
||
type: string
|
||
type: object
|
||
leaderElection:
|
||
description: |-
|
||
LeaderElection is the LeaderElection config to be used when configuring
|
||
the manager.Manager leader election
|
||
properties:
|
||
leaderElect:
|
||
description: |-
|
||
leaderElect enables a leader election client to gain leadership
|
||
before executing the main loop. Enable this when running replicated
|
||
components for high availability.
|
||
type: boolean
|
||
leaseDuration:
|
||
description: |-
|
||
leaseDuration is the duration that non-leader candidates will wait
|
||
after observing a leadership renewal until attempting to acquire
|
||
leadership of a led but unrenewed leader slot. This is effectively the
|
||
maximum duration that a leader can be stopped before it is replaced
|
||
by another candidate. This is only applicable if leader election is
|
||
enabled.
|
||
type: string
|
||
renewDeadline:
|
||
description: |-
|
||
renewDeadline is the interval between attempts by the acting master to
|
||
renew a leadership slot before it stops leading. This must be less
|
||
than or equal to the lease duration. This is only applicable if leader
|
||
election is enabled.
|
||
type: string
|
||
resourceLock:
|
||
description: |-
|
||
resourceLock indicates the resource object type that will be used to lock
|
||
during leader election cycles.
|
||
type: string
|
||
resourceName:
|
||
description: |-
|
||
resourceName indicates the name of resource object that will be used to lock
|
||
during leader election cycles.
|
||
type: string
|
||
resourceNamespace:
|
||
description: |-
|
||
resourceName indicates the namespace of resource object that will be used to lock
|
||
during leader election cycles.
|
||
type: string
|
||
retryPeriod:
|
||
description: |-
|
||
retryPeriod is the duration the clients should wait between attempting
|
||
acquisition and renewal of a leadership. This is only applicable if
|
||
leader election is enabled.
|
||
type: string
|
||
required:
|
||
- leaderElect
|
||
- leaseDuration
|
||
- renewDeadline
|
||
- resourceLock
|
||
- resourceName
|
||
- resourceNamespace
|
||
- retryPeriod
|
||
type: object
|
||
maxConcurrentReconciles:
|
||
description: |-
|
||
MaxConcurrentReconciles is the maximum number of concurrent Reconciles
|
||
which can be run.
|
||
minimum: 1
|
||
type: integer
|
||
metrics:
|
||
description: Metrics contains thw controller metrics configuration
|
||
properties:
|
||
bindAddress:
|
||
description: |-
|
||
BindAddress is the TCP address that the controller should bind to
|
||
for serving prometheus metrics.
|
||
It can be set to "0" to disable the metrics serving.
|
||
type: string
|
||
type: object
|
||
profilerAddress:
|
||
description: |-
|
||
ProfilerAddress defines the bind address to expose the pprof profiler (e.g. localhost:6060).
|
||
Default empty, meaning the profiler is disabled.
|
||
Controller Manager flag is --profiler-address.
|
||
type: string
|
||
syncPeriod:
|
||
description: |-
|
||
SyncPeriod determines the minimum frequency at which watched resources are
|
||
reconciled. A lower period will correct entropy more quickly, but reduce
|
||
responsiveness to change if there are many watched resources. Change this
|
||
value only if you know what you are doing. Defaults to 10 hours if unset.
|
||
there will a 10 percent jitter between the SyncPeriod of all controllers
|
||
so that all controllers will not send list requests simultaneously.
|
||
type: string
|
||
verbosity:
|
||
default: 1
|
||
description: |-
|
||
Verbosity set the logs verbosity. Defaults to 1.
|
||
Controller Manager flag is --verbosity.
|
||
minimum: 0
|
||
type: integer
|
||
webhook:
|
||
description: Webhook contains the controllers webhook configuration
|
||
properties:
|
||
certDir:
|
||
description: |-
|
||
CertDir is the directory that contains the server key and certificate.
|
||
if not set, webhook server would look up the server key and certificate in
|
||
{TempDir}/k8s-webhook-server/serving-certs. The server key and certificate
|
||
must be named tls.key and tls.crt, respectively.
|
||
type: string
|
||
host:
|
||
description: |-
|
||
Host is the hostname that the webhook server binds to.
|
||
It is used to set webhook.Server.Host.
|
||
type: string
|
||
port:
|
||
description: |-
|
||
Port is the port that the webhook server serves at.
|
||
It is used to set webhook.Server.Port.
|
||
type: integer
|
||
type: object
|
||
type: object
|
||
manifestPatches:
|
||
description: |-
|
||
ManifestPatches are applied to rendered provider manifests to customize the
|
||
provider manifests. Patches are applied in the order they are specified.
|
||
The `kind` field must match the target object, and
|
||
if `apiVersion` is specified it will only be applied to matching objects.
|
||
This should be an inline yaml blob-string https://datatracker.ietf.org/doc/html/rfc7396
|
||
items:
|
||
type: string
|
||
type: array
|
||
name:
|
||
description: Name is the name of the provider to enable
|
||
example: aws
|
||
type: string
|
||
type:
|
||
description: Type is the type of the provider to enable
|
||
example: InfrastructureProvider
|
||
type: string
|
||
variables:
|
||
additionalProperties:
|
||
type: string
|
||
description: Variables is a map of environment variables to add to
|
||
the content of the ConfigSecret
|
||
example:
|
||
CLUSTER_TOPOLOGY: "true"
|
||
EXP_CLUSTER_RESOURCE_SET: "true"
|
||
EXP_MACHINE_POOL: "true"
|
||
type: object
|
||
version:
|
||
description: Version indicates the provider version.
|
||
type: string
|
||
required:
|
||
- type
|
||
type: object
|
||
x-kubernetes-validations:
|
||
- message: 'CAPI Provider version should be in the semver format prefixed
|
||
with ''v''. Example: v1.9.3'
|
||
rule: '!has(self.version) || self.version.matches(r"""^v([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9A-Za-z-]+(?:\.[0-9A-Za-z-]+)*))?(?:\+[0-9A-Za-z-]+)?$""")'
|
||
- message: Config secret namespace is always equal to the resource namespace
|
||
and should not be set.
|
||
rule: '!has(self.configSecret) || !has(self.configSecret.__namespace__)'
|
||
- message: One of fetchConfig url or selector should be set.
|
||
rule: '!has(self.fetchConfig) || [has(self.fetchConfig.url), has(self.fetchConfig.selector)].exists_one(e,
|
||
e)'
|
||
status:
|
||
default: {}
|
||
description: CAPIProviderStatus defines the observed state of CAPIProvider.
|
||
properties:
|
||
conditions:
|
||
description: Conditions define the current service state of the provider.
|
||
items:
|
||
description: Condition defines an observation of a Cluster API resource
|
||
operational state.
|
||
properties:
|
||
lastTransitionTime:
|
||
description: |-
|
||
Last time the condition transitioned from one status to another.
|
||
This should be when the underlying condition changed. If that is not known, then using the time when
|
||
the API field changed is acceptable.
|
||
format: date-time
|
||
type: string
|
||
message:
|
||
description: |-
|
||
A human readable message indicating details about the transition.
|
||
This field may be empty.
|
||
type: string
|
||
reason:
|
||
description: |-
|
||
The reason for the condition's last transition in CamelCase.
|
||
The specific API may choose whether or not this field is considered a guaranteed API.
|
||
This field may not be empty.
|
||
type: string
|
||
severity:
|
||
description: |-
|
||
Severity provides an explicit classification of Reason code, so the users or machines can immediately
|
||
understand the current situation and act accordingly.
|
||
The Severity field MUST be set only when Status=False.
|
||
type: string
|
||
status:
|
||
description: Status of the condition, one of True, False, Unknown.
|
||
type: string
|
||
type:
|
||
description: |-
|
||
Type of condition in CamelCase or in foo.example.com/CamelCase.
|
||
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions
|
||
can be useful (see .node.status.conditions), the ability to deconflict is important.
|
||
type: string
|
||
required:
|
||
- lastTransitionTime
|
||
- status
|
||
- type
|
||
type: object
|
||
type: array
|
||
contract:
|
||
description: |-
|
||
Contract will contain the core provider contract that the provider is
|
||
abiding by, like e.g. v1alpha4.
|
||
type: string
|
||
installedVersion:
|
||
description: InstalledVersion is the version of the provider that
|
||
is installed.
|
||
type: string
|
||
name:
|
||
description: Name reflects actual provider name, which will be visible
|
||
to users in 'kubectl get capiproviders -A -o wide'
|
||
type: string
|
||
observedGeneration:
|
||
description: ObservedGeneration is the latest generation observed
|
||
by the controller.
|
||
format: int64
|
||
type: integer
|
||
phase:
|
||
default: Pending
|
||
description: Indicates the provider status
|
||
type: string
|
||
variables:
|
||
additionalProperties:
|
||
type: string
|
||
default:
|
||
CLUSTER_TOPOLOGY: "true"
|
||
EXP_CLUSTER_RESOURCE_SET: "true"
|
||
EXP_MACHINE_POOL: "true"
|
||
description: Variables is a map of environment variables added to
|
||
the content of the ConfigSecret
|
||
type: object
|
||
type: object
|
||
type: object
|
||
x-kubernetes-validations:
|
||
- message: CAPI Provider type should always be set.
|
||
rule: has(self.spec.type)
|
||
served: true
|
||
storage: true
|
||
subresources:
|
||
status: {}
|
||
---
|
||
apiVersion: apiextensions.k8s.io/v1
|
||
kind: CustomResourceDefinition
|
||
metadata:
|
||
annotations:
|
||
controller-gen.kubebuilder.io/version: v0.14.0
|
||
helm.sh/resource-policy: keep
|
||
name: clusterctlconfigs.turtles-capi.cattle.io
|
||
spec:
|
||
group: turtles-capi.cattle.io
|
||
names:
|
||
kind: ClusterctlConfig
|
||
listKind: ClusterctlConfigList
|
||
plural: clusterctlconfigs
|
||
singular: clusterctlconfig
|
||
scope: Namespaced
|
||
versions:
|
||
- name: v1alpha1
|
||
schema:
|
||
openAPIV3Schema:
|
||
description: ClusterctlConfig is the Schema for the CAPI Clusterctl config
|
||
API.
|
||
properties:
|
||
apiVersion:
|
||
description: |-
|
||
APIVersion defines the versioned schema of this representation of an object.
|
||
Servers should convert recognized schemas to the latest internal value, and
|
||
may reject unrecognized values.
|
||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||
type: string
|
||
kind:
|
||
description: |-
|
||
Kind is a string value representing the REST resource this object represents.
|
||
Servers may infer this from the endpoint the client submits requests to.
|
||
Cannot be updated.
|
||
In CamelCase.
|
||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||
type: string
|
||
metadata:
|
||
type: object
|
||
spec:
|
||
description: ClusterctlConfigSpec defines the user overrides for images
|
||
and known providers with sources
|
||
properties:
|
||
images:
|
||
description: Images is a list of image overrided for specified providers
|
||
items:
|
||
description: Image allows to define transformations to apply to
|
||
the image contained in the YAML manifests.
|
||
properties:
|
||
name:
|
||
description: Name of the provider image override
|
||
example: all
|
||
type: string
|
||
repository:
|
||
description: Repository sets the container registry override
|
||
to pull images from.
|
||
example: my-registry/my-org
|
||
type: string
|
||
tag:
|
||
description: Tag allows to specify a tag for the images.
|
||
type: string
|
||
required:
|
||
- name
|
||
type: object
|
||
type: array
|
||
providers:
|
||
description: Provider overrides
|
||
items:
|
||
description: Provider allows to define providers with known URLs
|
||
to pull the components.
|
||
properties:
|
||
name:
|
||
description: Name of the provider
|
||
type: string
|
||
type:
|
||
description: Type is the type of the provider
|
||
example: InfrastructureProvider
|
||
type: string
|
||
url:
|
||
description: URL of the provider components. Will be used unless
|
||
and override is specified
|
||
type: string
|
||
required:
|
||
- name
|
||
- type
|
||
- url
|
||
type: object
|
||
type: array
|
||
type: object
|
||
type: object
|
||
x-kubernetes-validations:
|
||
- message: Clusterctl Config should be named clusterctl-config.
|
||
rule: self.metadata.name == 'clusterctl-config'
|
||
served: true
|
||
storage: true
|
||
subresources:
|
||
status: {}
|
||
---
|
||
apiVersion: v1
|
||
kind: ServiceAccount
|
||
metadata:
|
||
labels:
|
||
app.kubernetes.io/component: rbac
|
||
app.kubernetes.io/created-by: rancher-turtles
|
||
app.kubernetes.io/instance: controller-manager-sa
|
||
app.kubernetes.io/managed-by: kustomize
|
||
app.kubernetes.io/name: serviceaccount
|
||
app.kubernetes.io/part-of: rancher-turtles
|
||
name: rancher-turtles-manager
|
||
namespace: '{{ .Values.rancherTurtles.namespace }}'
|
||
---
|
||
apiVersion: rbac.authorization.k8s.io/v1
|
||
kind: Role
|
||
metadata:
|
||
labels:
|
||
app.kubernetes.io/component: rbac
|
||
app.kubernetes.io/created-by: rancher-turtles
|
||
app.kubernetes.io/instance: leader-election-role
|
||
app.kubernetes.io/managed-by: kustomize
|
||
app.kubernetes.io/name: role
|
||
app.kubernetes.io/part-of: rancher-turtles
|
||
name: rancher-turtles-leader-election-role
|
||
namespace: '{{ .Values.rancherTurtles.namespace }}'
|
||
rules:
|
||
- apiGroups:
|
||
- ""
|
||
resources:
|
||
- configmaps
|
||
verbs:
|
||
- get
|
||
- list
|
||
- watch
|
||
- create
|
||
- update
|
||
- patch
|
||
- delete
|
||
- apiGroups:
|
||
- coordination.k8s.io
|
||
resources:
|
||
- leases
|
||
verbs:
|
||
- get
|
||
- list
|
||
- watch
|
||
- create
|
||
- update
|
||
- patch
|
||
- delete
|
||
- apiGroups:
|
||
- ""
|
||
resources:
|
||
- events
|
||
verbs:
|
||
- create
|
||
- patch
|
||
---
|
||
aggregationRule:
|
||
clusterRoleSelectors:
|
||
- matchLabels:
|
||
rancher-turtles/aggregate-to-manager: "true"
|
||
apiVersion: rbac.authorization.k8s.io/v1
|
||
kind: ClusterRole
|
||
metadata:
|
||
name: rancher-turtles-aggregated-manager-role
|
||
rules: []
|
||
---
|
||
apiVersion: rbac.authorization.k8s.io/v1
|
||
kind: ClusterRole
|
||
metadata:
|
||
labels:
|
||
rancher-turtles/aggregate-to-manager: "true"
|
||
name: rancher-turtles-manager-role
|
||
rules:
|
||
- apiGroups:
|
||
- ""
|
||
resources:
|
||
- configmaps
|
||
- events
|
||
- secrets
|
||
verbs:
|
||
- create
|
||
- delete
|
||
- get
|
||
- list
|
||
- patch
|
||
- update
|
||
- watch
|
||
- apiGroups:
|
||
- ""
|
||
resources:
|
||
- namespaces
|
||
verbs:
|
||
- create
|
||
- delete
|
||
- get
|
||
- list
|
||
- patch
|
||
- update
|
||
- watch
|
||
- apiGroups:
|
||
- cluster.x-k8s.io
|
||
resources:
|
||
- clusters
|
||
- clusters/status
|
||
verbs:
|
||
- create
|
||
- get
|
||
- list
|
||
- patch
|
||
- update
|
||
- watch
|
||
- apiGroups:
|
||
- coordination.k8s.io
|
||
resources:
|
||
- leases
|
||
verbs:
|
||
- create
|
||
- get
|
||
- update
|
||
- apiGroups:
|
||
- infrastructure.cluster.x-k8s.io
|
||
resources:
|
||
- '*'
|
||
verbs:
|
||
- create
|
||
- delete
|
||
- get
|
||
- list
|
||
- patch
|
||
- update
|
||
- watch
|
||
- apiGroups:
|
||
- management.cattle.io
|
||
resources:
|
||
- clusterregistrationtokens
|
||
- clusterregistrationtokens/status
|
||
verbs:
|
||
- get
|
||
- list
|
||
- watch
|
||
- create
|
||
- apiGroups:
|
||
- management.cattle.io
|
||
resources:
|
||
- clusters
|
||
- clusters/status
|
||
verbs:
|
||
- create
|
||
- delete
|
||
- deletecollection
|
||
- get
|
||
- list
|
||
- patch
|
||
- update
|
||
- watch
|
||
- apiGroups:
|
||
- provisioning.cattle.io
|
||
resources:
|
||
- clusters
|
||
- clusters/status
|
||
verbs:
|
||
- create
|
||
- delete
|
||
- get
|
||
- list
|
||
- patch
|
||
- update
|
||
- watch
|
||
- apiGroups:
|
||
- turtles-capi.cattle.io
|
||
resources:
|
||
- capiproviders
|
||
- capiproviders/status
|
||
- clusterctlconfigs
|
||
- clusterctlconfigs/status
|
||
verbs:
|
||
- get
|
||
- list
|
||
- watch
|
||
- patch
|
||
- update
|
||
- apiGroups:
|
||
- operator.cluster.x-k8s.io
|
||
resources:
|
||
- '*'
|
||
verbs:
|
||
- create
|
||
- get
|
||
- list
|
||
- watch
|
||
- patch
|
||
- update
|
||
- create
|
||
---
|
||
apiVersion: rbac.authorization.k8s.io/v1
|
||
kind: RoleBinding
|
||
metadata:
|
||
labels:
|
||
app.kubernetes.io/component: rbac
|
||
app.kubernetes.io/created-by: rancher-turtles
|
||
app.kubernetes.io/instance: leader-election-rolebinding
|
||
app.kubernetes.io/managed-by: kustomize
|
||
app.kubernetes.io/name: rolebinding
|
||
app.kubernetes.io/part-of: rancher-turtles
|
||
name: rancher-turtles-leader-election-rolebinding
|
||
namespace: '{{ .Values.rancherTurtles.namespace }}'
|
||
roleRef:
|
||
apiGroup: rbac.authorization.k8s.io
|
||
kind: Role
|
||
name: rancher-turtles-leader-election-role
|
||
subjects:
|
||
- kind: ServiceAccount
|
||
name: rancher-turtles-manager
|
||
namespace: '{{ .Values.rancherTurtles.namespace }}'
|
||
---
|
||
apiVersion: rbac.authorization.k8s.io/v1
|
||
kind: ClusterRoleBinding
|
||
metadata:
|
||
labels:
|
||
app.kubernetes.io/component: rbac
|
||
app.kubernetes.io/created-by: rancher-turtles
|
||
app.kubernetes.io/instance: manager-rolebinding
|
||
app.kubernetes.io/managed-by: kustomize
|
||
app.kubernetes.io/name: clusterrolebinding
|
||
app.kubernetes.io/part-of: rancher-turtles
|
||
name: rancher-turtles-manager-rolebinding
|
||
roleRef:
|
||
apiGroup: rbac.authorization.k8s.io
|
||
kind: ClusterRole
|
||
name: rancher-turtles-aggregated-manager-role
|
||
subjects:
|
||
- kind: ServiceAccount
|
||
name: rancher-turtles-manager
|
||
namespace: '{{ .Values.rancherTurtles.namespace }}'
|