diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e30c8d0..8c6e6695 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,6 +11,7 @@ All notable changes to this project will be documented in this file. - Add support for using custom certificates when accessing S3 with TLS ([#247]). - Use bitnami charts for testing S3 access with TLS ([#247]). - Set explicit resources on all containers ([#249]). +- Support pod overrides ([#256]) ### Changed @@ -32,6 +33,7 @@ All notable changes to this project will be documented in this file. [#247]: https://github.com/stackabletech/spark-k8s-operator/pull/247 [#252]: https://github.com/stackabletech/spark-k8s-operator/pull/252 [#249]: https://github.com/stackabletech/spark-k8s-operator/pull/249 +[#256]: https://github.com/stackabletech/spark-k8s-operator/pull/256 ## [23.4.0] - 2023-04-17 diff --git a/Cargo.lock b/Cargo.lock index b261174a..66ff718c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4,9 +4,9 @@ version = 3 [[package]] name = "addr2line" -version = "0.19.0" +version = "0.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a76fd60b23679b7d19bd066031410fb7e458ccc5e958eb5c325888ce4baedc97" +checksum = "f4fa78e18c64fce05e902adecd7a5eed15a5e0a3439f7b0e169f0252214865e3" dependencies = [ "gimli", ] @@ -110,13 +110,13 @@ checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8" [[package]] name = "async-trait" -version = "0.1.68" +version = "0.1.70" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9ccdd8f2a161be9bd5c023df56f1b2a0bd1d83872ae53b71a84a12c9bf6e842" +checksum = "79fa67157abdfd688a259b6648808757db9347af834624f27ec646da976aee5d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -138,9 +138,9 @@ dependencies = [ [[package]] name = "backtrace" -version = "0.3.67" +version = "0.3.68" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "233d376d6d185f2a3093e58f283f60f880315b6c60075b01f36b3b85154564ca" +checksum = "4319208da049c43661739c5fade2ba182f09d1dc2299b32298d3a31692b17e12" dependencies = [ "addr2line", "cc", @@ -267,9 +267,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.3.9" +version = "4.3.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bba77a07e4489fb41bd90e8d4201c3eb246b3c2c9ea2ba0bddd6c1d1df87db7d" +checksum = "384e169cc618c613d5e3ca6404dda77a8685a63e08660dcc64abaf7da7cb0c7a" dependencies = [ "clap_builder", "clap_derive", @@ -278,13 +278,12 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.3.9" +version = "4.3.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2c9b4a88bb4bc35d3d6f65a21b0f0bafe9c894fa00978de242c555ec28bea1c0" +checksum = "ef137bbe35aab78bdb468ccfba75a5f4d8321ae011d34063770780545176af2d" dependencies = [ "anstream", "anstyle", - "bitflags 1.3.2", "clap_lex", "once_cell", "strsim", @@ -299,7 +298,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -404,7 +403,7 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -426,7 +425,7 @@ checksum = "29a358ff9f12ec09c3e61fef9b5a9902623a695a46a917b07f269bff1445611a" dependencies = [ "darling_core 0.20.1", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -679,7 +678,7 @@ checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -768,18 +767,9 @@ checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" [[package]] name = "hermit-abi" -version = "0.2.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee512640fe35acbfb4bb779db6f0d80704c2cacfa2e39b601ef3e3f47d1ae4c7" -dependencies = [ - "libc", -] - -[[package]] -name = "hermit-abi" -version = "0.3.1" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fed44880c466736ef9a5c5b5facefb5ed0785676d0c02d612db14e54f0d84286" +checksum = "443144c8cdadd93ebf52ddb4056d257f5b52c04d3c804e657d19eb73fc33668b" [[package]] name = "http" @@ -948,34 +938,22 @@ version = "3.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8bb03732005da905c88227371639bf1ad885cc712789c011c31c5fb3ab3ccf02" -[[package]] -name = "io-lifetimes" -version = "1.0.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2" -dependencies = [ - "hermit-abi 0.3.1", - "libc", - "windows-sys", -] - [[package]] name = "is-terminal" -version = "0.4.7" +version = "0.4.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "adcf93614601c8129ddf72e2d5633df827ba6551541c6d8c59520a371475be1f" +checksum = "24fddda5af7e54bf7da53067d6e802dbcc381d0a8eef629df528e3ebf68755cb" dependencies = [ - "hermit-abi 0.3.1", - "io-lifetimes", + "hermit-abi", "rustix", "windows-sys", ] [[package]] name = "itoa" -version = "1.0.6" +version = "1.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "453ad9f582a441959e5f0d088b02ce04cfe8d51a8eaf077f12ac6d3e94164ca6" +checksum = "62b02a5381cc465bd3041d84623d0fa3b66738b52b8e2fc3bab8ad63ab032f4a" [[package]] name = "java-properties" @@ -1201,9 +1179,9 @@ dependencies = [ [[package]] name = "linux-raw-sys" -version = "0.3.8" +version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" +checksum = "09fc20d2ca12cb9f044c93e3bd6d32d523e6e2ec3db4f7b2939cd99026ecd3f0" [[package]] name = "lock_api" @@ -1227,7 +1205,7 @@ version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8263075bb86c5a1b1427b5ae862e8889656f126e9f77c484496e8b47cf5c5558" dependencies = [ - "regex-automata", + "regex-automata 0.1.10", ] [[package]] @@ -1244,9 +1222,9 @@ checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" [[package]] name = "miniz_oxide" -version = "0.6.2" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa" +checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7" dependencies = [ "adler", ] @@ -1283,19 +1261,19 @@ dependencies = [ [[package]] name = "num_cpus" -version = "1.15.0" +version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fac9e2da13b5eb447a6ce3d392f23a29d8694bff781bf03a16cd9ac8697593b" +checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" dependencies = [ - "hermit-abi 0.2.6", + "hermit-abi", "libc", ] [[package]] name = "object" -version = "0.30.4" +version = "0.31.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03b4680b86d9cfafba8fc491dc9b6df26b68cf40e9e6cd73909194759a63c385" +checksum = "8bda667d9f2b5051b8833f59f3bf748b28ef54f850f4fcb389a252aa383866d1" dependencies = [ "memchr", ] @@ -1329,7 +1307,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -1473,29 +1451,29 @@ checksum = "9b2a4787296e9989611394c33f193f676704af1686e70b8f8033ab5ba9a35a94" [[package]] name = "pin-project" -version = "1.1.0" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c95a7476719eab1e366eaf73d0260af3021184f18177925b07f54b30089ceead" +checksum = "030ad2bc4db10a8944cb0d837f158bdfec4d4a4873ab701a95046770d11f8842" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "1.1.0" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39407670928234ebc5e6e580247dd567ad73a3578460c5990f9503df207e8f07" +checksum = "ec2e072ecce94ec471b13398d5402c188e76ac03cf74dd1a975161b23a3f6d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] name = "pin-project-lite" -version = "0.2.9" +version = "0.2.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e0a7ae3ac2f1173085d398531c705756c94a4c56843785df85a60c1a0afac116" +checksum = "4c40d25201921e5ff0c862a505c6557ea88568a4e3ace775ab55e93f2f4f9d57" [[package]] name = "pin-utils" @@ -1610,13 +1588,14 @@ dependencies = [ [[package]] name = "regex" -version = "1.8.4" +version = "1.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0ab3ca65655bb1e41f2a8c8cd662eb4fb035e67c3f78da1d61dffe89d07300f" +checksum = "89089e897c013b3deb627116ae56a6955a72b8bed395c9526af31c9fe528b484" dependencies = [ "aho-corasick", "memchr", - "regex-syntax 0.7.2", + "regex-automata 0.3.0", + "regex-syntax 0.7.3", ] [[package]] @@ -1628,6 +1607,17 @@ dependencies = [ "regex-syntax 0.6.29", ] +[[package]] +name = "regex-automata" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa250384981ea14565685dea16a9ccc4d1c541a13f82b9c168572264d1df8c56" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax 0.7.3", +] + [[package]] name = "regex-syntax" version = "0.6.29" @@ -1636,9 +1626,9 @@ checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" [[package]] name = "regex-syntax" -version = "0.7.2" +version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "436b050e76ed2903236f032a59761c1eb99e1b0aead2c257922771dab1fc8c78" +checksum = "2ab07dc67230e4a4718e70fd5c20055a4334b121f1f9db8fe63ef39ce9b8c846" [[package]] name = "rstest" @@ -1683,13 +1673,12 @@ dependencies = [ [[package]] name = "rustix" -version = "0.37.20" +version = "0.38.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b96e891d04aa506a6d1f318d2771bcb1c7dfda84e126660ace067c9b474bb2c0" +checksum = "aabcb0461ebd01d6b79945797c27f8529082226cb630a9865a71870ff63532a4" dependencies = [ - "bitflags 1.3.2", + "bitflags 2.3.3", "errno", - "io-lifetimes", "libc", "linux-raw-sys", "windows-sys", @@ -1697,15 +1686,15 @@ dependencies = [ [[package]] name = "rustversion" -version = "1.0.12" +version = "1.0.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f3208ce4d8448b3f3e7d168a73f5e0c43a61e32930de3bceeccedb388b6bf06" +checksum = "dc31bd9b61a32c31f9650d18add92aa83a49ba979c143eefd27fe7177b05bd5f" [[package]] name = "ryu" -version = "1.0.13" +version = "1.0.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f91339c0467de62360649f8d3e185ca8de4224ff281f66000de5eb2a77a79041" +checksum = "fe232bdf6be8c8de797b22184ee71118d63780ea42ac85b61d1baa6d3b782ae9" [[package]] name = "schemars" @@ -1758,9 +1747,9 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.164" +version = "1.0.166" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e8c8cf938e98f769bc164923b06dce91cea1751522f46f8466461af04c9027d" +checksum = "d01b7404f9d441d3ad40e6a636a7782c377d2abdbe4fa2440e2edcc2f4f10db8" dependencies = [ "serde_derive", ] @@ -1777,13 +1766,13 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.164" +version = "1.0.166" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d9735b638ccc51c28bf6914d90a2e9725b377144fc612c49a611fddd1b631d68" +checksum = "5dd83d6dde2b6b2d466e14d9d1acce8816dedee94f735eac6395808b3483c6d6" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -1799,9 +1788,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.99" +version = "1.0.100" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46266871c240a00b8f503b877622fe33430b3c7d963bdc0f2adc511e54a1eae3" +checksum = "0f1e14e89be7aa4c4b78bdbdc9eb5bf8517829a600ae8eaa39a6e1d960b5185c" dependencies = [ "indexmap 2.0.0", "itoa", @@ -1910,8 +1899,8 @@ dependencies = [ [[package]] name = "stackable-operator" -version = "0.42.2" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=0.42.2#f2c3f10b9c48035751557d8065d658fa05b4de0d" +version = "0.43.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=0.43.0#5d2ca16a6136d3994bf89a6bd5aa3a2180711251" dependencies = [ "chrono", "clap", @@ -1944,13 +1933,13 @@ dependencies = [ [[package]] name = "stackable-operator-derive" -version = "0.42.2" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=0.42.2#f2c3f10b9c48035751557d8065d658fa05b4de0d" +version = "0.43.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=0.43.0#5d2ca16a6136d3994bf89a6bd5aa3a2180711251" dependencies = [ "darling 0.20.1", "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -1965,6 +1954,7 @@ dependencies = [ "snafu", "stackable-operator", "strum", + "tracing", ] [[package]] @@ -1975,7 +1965,9 @@ dependencies = [ "built", "clap", "futures", + "semver", "serde", + "serde_json", "serde_yaml 0.8.26", "snafu", "stackable-operator", @@ -2027,9 +2019,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.22" +version = "2.0.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2efbeae7acf4eabd6bcdcbd11c92f45231ddda7539edc7806bd1a04a03b24616" +checksum = "59fb7d6d8281a51045d62b8eb3a7d1ce347b76f312af50cd3dc0af39c87c1737" dependencies = [ "proc-macro2", "quote", @@ -2038,22 +2030,22 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.40" +version = "1.0.41" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "978c9a314bd8dc99be594bc3c175faaa9794be04a5a5e153caba6915336cebac" +checksum = "c16a64ba9387ef3fdae4f9c1a7f07a0997fce91985c0336f1ddc1822b3b37802" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.40" +version = "1.0.41" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" +checksum = "d14928354b01c4d6a4f0e549069adef399a284e7995c7ccca94e8a07a5346c59" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -2105,9 +2097,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.29.0" +version = "1.29.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "374442f06ee49c3a28a8fc9f01a2596fed7559c6b99b31279c3261778e77d84f" +checksum = "532826ff75199d5833b9d2c5fe410f29235e25704ee5f0ef599fb51c21f4a4da" dependencies = [ "autocfg", "backtrace", @@ -2139,7 +2131,7 @@ checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -2285,7 +2277,7 @@ checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", ] [[package]] @@ -2376,9 +2368,9 @@ checksum = "92888ba5573ff080736b3648696b70cafad7d250551175acbaa4e0385b3e1460" [[package]] name = "unicode-ident" -version = "1.0.9" +version = "1.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b15811caf2415fb889178633e7724bad2509101cde276048e013b9def5e51fa0" +checksum = "22049a19f4a68748a168c0fc439f9516686aa045927ff767eca0a85101fb6e73" [[package]] name = "unicode-normalization" @@ -2478,7 +2470,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", "wasm-bindgen-shared", ] @@ -2500,7 +2492,7 @@ checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.22", + "syn 2.0.23", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2619,9 +2611,9 @@ dependencies = [ [[package]] name = "xml-rs" -version = "0.8.14" +version = "0.8.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "52839dc911083a8ef63efa4d039d1f58b5e409f923e44c80828f206f66e5541c" +checksum = "5a56c84a8ccd4258aed21c92f70c0f6dea75356b6892ae27c24139da456f9336" [[package]] name = "yaml-rust" diff --git a/Cargo.toml b/Cargo.toml index 9915447f..a2b5b09c 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -3,3 +3,22 @@ members = [ "rust/crd", "rust/operator-binary" ] + +[workspace.dependencies] +stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag="0.43.0" } +semver = "1.0" +serde = "1.0" +serde_json = "1.0" +serde_yaml = "0.8" +snafu = "0.7" +strum = "0.24" +tracing = "0.1" +tracing-futures = "0.2" +clap = "4.1" +futures = "0.3" +tokio = "1.24" +anyhow = "1.0" + +#[patch."https://github.com/stackabletech/operator-rs.git"] +#stackable-operator = { git = "https://github.com/stackabletech//operator-rs.git", branch = "main"} +#stackable-operator = { path = "../operator-rs" } diff --git a/Tiltfile b/Tiltfile index 4d9cc0e8..d7518408 100644 --- a/Tiltfile +++ b/Tiltfile @@ -35,4 +35,4 @@ helm_crds, helm_non_crds = filter_yaml( api_version = "^apiextensions\\.k8s\\.io/.*$", kind = "^CustomResourceDefinition$", ) -k8s_yaml(helm_non_crds) +k8s_yaml(helm_non_crds) \ No newline at end of file diff --git a/deploy/helm/spark-k8s-operator/crds/crds.yaml b/deploy/helm/spark-k8s-operator/crds/crds.yaml index f773d0d2..89c86955 100644 --- a/deploy/helm/spark-k8s-operator/crds/crds.yaml +++ b/deploy/helm/spark-k8s-operator/crds/crds.yaml @@ -29,36 +29,6 @@ spec: type: string nullable: true type: array - cliOverrides: - additionalProperties: - type: string - default: {} - type: object - config: - default: {} - properties: - enableMonitoring: - nullable: true - type: boolean - logDir: - nullable: true - type: string - maxPortRetries: - format: uint - minimum: 0.0 - nullable: true - type: integer - secret: - nullable: true - type: string - type: object - configOverrides: - additionalProperties: - additionalProperties: - type: string - type: object - default: {} - type: object deps: nullable: true properties: @@ -641,720 +611,6245 @@ spec: nullable: true type: boolean type: object - resources: - default: - memory: - limit: null - runtimeLimits: {} - cpu: - min: null - max: null - storage: {} + podOverrides: + default: {} + description: See PodTemplateSpec (https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) for more details properties: - cpu: - default: - min: null - max: null + metadata: properties: - max: - description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." - nullable: true - type: string - min: - description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." - nullable: true + annotations: + additionalProperties: + type: string + type: object + creationTimestamp: + format: date-time type: string - type: object - memory: - properties: - limit: - description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." - nullable: true + deletionGracePeriodSeconds: + format: int64 + type: integer + deletionTimestamp: + format: date-time type: string - runtimeLimits: - type: object - type: object - storage: - type: object - type: object - volumeMounts: - items: - description: VolumeMount describes a mounting of a Volume within a container. - properties: - mountPath: - description: Path within the container at which the volume should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - nullable: true - type: array - type: object - env: - items: - description: EnvVar represents an environment variable present in a Container. - properties: - name: - description: Name of the environment variable. Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - optional: - description: Specify whether the ConfigMap or its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, optional for env vars' - type: string - divisor: - description: Specifies the output format of the exposed resources, defaults to "1" - type: string - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's namespace - properties: - key: - description: The key of the secret to select from. Must be a valid secret key. + finalizers: + items: type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: array + generateName: + type: string + generation: + format: int64 + type: integer + labels: + additionalProperties: type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - nullable: true - type: array - envOverrides: - additionalProperties: - type: string - default: {} - type: object - executor: - nullable: true - properties: - affinity: - default: - podAffinity: null - podAntiAffinity: null - nodeAffinity: null - nodeSelector: null - properties: - nodeAffinity: - description: Node affinity is a group of node affinity scheduling rules. - nullable: true - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: object + managedFields: items: - description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). properties: - preference: - description: A node selector term, associated with the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |+ - Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements by node's fields. - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |+ - Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array + apiVersion: + type: string + fieldsType: + type: string + fieldsV1: type: object - weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + manager: + type: string + operation: + type: string + subresource: + type: string + time: + format: date-time + type: string + type: object + type: array + name: + type: string + namespace: + type: string + ownerReferences: + items: + properties: + apiVersion: + type: string + blockOwnerDeletion: + type: boolean + controller: + type: boolean + kind: + type: string + name: + type: string + uid: + type: string + type: object + type: array + resourceVersion: + type: string + selfLink: + type: string + uid: + type: string + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + type: object + weight: + format: int32 + type: integer + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + type: object + type: array + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + type: object + weight: + format: int32 + type: integer + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + type: object + weight: + format: int32 + type: integer + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + type: object + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: array + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + type: object + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostUsers: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + type: object + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: array + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + os: + properties: + name: + type: string + type: object + overhead: + additionalProperties: + type: string + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + type: object + type: array + resourceClaims: + items: + properties: + name: + type: string + source: + properties: + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + type: object + type: object + type: array + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + schedulingGates: + items: + properties: + name: + type: string + type: object + type: array + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + type: object + type: array + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + type: string + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + creationTimestamp: + format: date-time + type: string + deletionGracePeriodSeconds: + format: int64 + type: integer + deletionTimestamp: + format: date-time + type: string + finalizers: + items: + type: string + type: array + generateName: + type: string + generation: + format: int64 + type: integer + labels: + additionalProperties: + type: string + type: object + managedFields: + items: + properties: + apiVersion: + type: string + fieldsType: + type: string + fieldsV1: + type: object + manager: + type: string + operation: + type: string + subresource: + type: string + time: + format: date-time + type: string + type: object + type: array + name: + type: string + namespace: + type: string + ownerReferences: + items: + properties: + apiVersion: + type: string + blockOwnerDeletion: + type: boolean + controller: + type: boolean + kind: + type: string + name: + type: string + uid: + type: string + type: object + type: array + resourceVersion: + type: string + selfLink: + type: string + uid: + type: string + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + type: object + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + type: object + hostPath: + properties: + path: + type: string + type: + type: string + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + type: object + type: object + type: array + type: object + type: object + resources: + default: + memory: + limit: null + runtimeLimits: {} + cpu: + min: null + max: null + storage: {} + properties: + cpu: + default: + min: null + max: null + properties: + max: + description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." + nullable: true + type: string + min: + description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." + nullable: true + type: string + type: object + memory: + properties: + limit: + description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." + nullable: true + type: string + runtimeLimits: + type: object + type: object + storage: + type: object + type: object + volumeMounts: + items: + description: VolumeMount describes a mounting of a Volume within a container. + properties: + mountPath: + description: Path within the container at which the volume should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + nullable: true + type: array + type: object + env: + items: + description: EnvVar represents an environment variable present in a Container. + properties: + name: + description: Name of the environment variable. Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the ConfigMap or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' + type: string + divisor: + description: Specifies the output format of the exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's namespace + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + nullable: true + type: array + executor: + nullable: true + properties: + affinity: + default: + podAffinity: null + podAntiAffinity: null + nodeAffinity: null + nodeSelector: null + properties: + nodeAffinity: + description: Node affinity is a group of node affinity scheduling rules. + nullable: true + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: |+ + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: |+ + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: |+ + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: |+ + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + nodeSelector: + nullable: true + type: object + podAffinity: + description: Pod affinity is a group of inter pod affinity scheduling rules. + nullable: true + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Pod anti affinity is a group of inter pod anti affinity scheduling rules. + nullable: true + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: - - preference - - weight + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + instances: + format: uint + minimum: 0.0 + nullable: true + type: integer + logging: + default: + enableVectorAgent: null + containers: {} + properties: + containers: + additionalProperties: + anyOf: + - required: + - custom + - {} + description: Fragment derived from `ContainerLogConfigChoice` + properties: + console: + nullable: true + properties: + level: + description: Log levels + enum: + - TRACE + - DEBUG + - INFO + - WARN + - ERROR + - FATAL + - NONE + nullable: true + type: string + type: object + custom: + description: Custom log configuration provided in a ConfigMap + properties: + configMap: + nullable: true + type: string + type: object + file: + nullable: true + properties: + level: + description: Log levels + enum: + - TRACE + - DEBUG + - INFO + - WARN + - ERROR + - FATAL + - NONE + nullable: true + type: string + type: object + loggers: + additionalProperties: + properties: + level: + description: Log levels + enum: + - TRACE + - DEBUG + - INFO + - WARN + - ERROR + - FATAL + - NONE + nullable: true + type: string + type: object + default: {} + type: object + type: object + type: object + enableVectorAgent: + nullable: true + type: boolean + type: object + nodeSelector: + additionalProperties: + type: string + nullable: true + type: object + podOverrides: + default: {} + description: See PodTemplateSpec (https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) for more details + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + creationTimestamp: + format: date-time + type: string + deletionGracePeriodSeconds: + format: int64 + type: integer + deletionTimestamp: + format: date-time + type: string + finalizers: + items: + type: string + type: array + generateName: + type: string + generation: + format: int64 + type: integer + labels: + additionalProperties: + type: string + type: object + managedFields: + items: + properties: + apiVersion: + type: string + fieldsType: + type: string + fieldsV1: + type: object + manager: + type: string + operation: + type: string + subresource: + type: string + time: + format: date-time + type: string + type: object + type: array + name: + type: string + namespace: + type: string + ownerReferences: + items: + properties: + apiVersion: + type: string + blockOwnerDeletion: + type: boolean + controller: + type: boolean + kind: + type: string + name: + type: string + uid: + type: string + type: object + type: array + resourceVersion: + type: string + selfLink: + type: string + uid: + type: string + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + type: object + weight: + format: int32 + type: integer + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + type: object + type: array + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + type: object + weight: + format: int32 + type: integer + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + type: object + weight: + format: int32 + type: integer + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + type: object + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: array + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + type: object + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostUsers: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + type: object + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string type: object type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + os: properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. + name: + type: string + type: object + overhead: + additionalProperties: + type: string + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + type: object + type: array + resourceClaims: + items: + properties: + name: + type: string + source: + properties: + resourceClaimName: + type: string + resourceClaimTemplateName: + type: string + type: object + type: object + type: array + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + schedulingGates: + items: + properties: + name: + type: string + type: object + type: array + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + supplementalGroups: items: - description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + type: object + type: array + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + type: object + cinder: properties: - matchExpressions: - description: A list of node selector requirements by node's labels. + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: The label key that the selector applies to. type: string - operator: - description: |+ - Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - + mode: + format: int32 + type: integer + path: type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator type: object type: array - matchFields: - description: A list of node selector requirements by node's fields. + name: + type: string + optional: + type: boolean + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: |+ - Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + mode: + format: int32 + type: integer + path: type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object type: object type: array type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - nodeSelector: - nullable: true - type: object - podAffinity: - description: Pod affinity is a group of inter pod affinity scheduling rules. - nullable: true - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. + emptyDir: properties: - labelSelector: - description: A label query over a set of resources, in this case pods. + medium: + type: string + sizeLimit: + type: string + type: object + ephemeral: + properties: + volumeClaimTemplate: properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. + metadata: + properties: + annotations: + additionalProperties: type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: object + creationTimestamp: + format: date-time + type: string + deletionGracePeriodSeconds: + format: int64 + type: integer + deletionTimestamp: + format: date-time + type: string + finalizers: + items: type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. + type: array + generateName: + type: string + generation: + format: int64 + type: integer + labels: + additionalProperties: type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: object + managedFields: + items: + properties: + apiVersion: + type: string + fieldsType: + type: string + fieldsV1: + type: object + manager: + type: string + operation: + type: string + subresource: + type: string + time: + format: date-time + type: string + type: object + type: array + name: + type: string + namespace: + type: string + ownerReferences: + items: + properties: + apiVersion: + type: string + blockOwnerDeletion: + type: boolean + controller: + type: boolean + kind: + type: string + name: + type: string + uid: + type: string + type: object + type: array + resourceVersion: + type: string + selfLink: + type: string + uid: + type: string + type: object + spec: + properties: + accessModes: + items: type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + type: array + dataSource: + properties: + apiGroup: type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + kind: + type: string + name: + type: string + type: object + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string type: object type: object - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: items: type: string type: array - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: type: string - required: - - topologyKey + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object type: object - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. + flocker: properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + type: object + hostPath: + properties: + path: + type: string + type: + type: string + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string type: object + targetPortal: + type: string type: object - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + type: object + projected: properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + defaultMode: + format: int32 + type: integer + sources: items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Pod anti affinity is a group of inter pod anti affinity scheduling rules. - nullable: true - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + configMap: properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + type: object + type: array + name: type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + optional: + type: boolean + type: object + downwardAPI: + properties: + items: items: - type: string + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + type: object type: array - required: - - key - - operator type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + secret: properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: items: - type: string + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + type: object type: array - required: - - key - - operator + name: + type: string + optional: + type: boolean type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + type: object + type: object type: array - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: type: string - required: - - topologyKey type: object - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. + rbd: properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string type: object - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + secret: properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + defaultMode: + format: int32 + type: integer + items: items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + mode: + format: int32 + type: integer + path: type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator type: object type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string type: object - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey type: object type: array type: object type: object - instances: - format: uint - minimum: 0.0 - nullable: true - type: integer - logging: - default: - enableVectorAgent: null - containers: {} - properties: - containers: - additionalProperties: - anyOf: - - required: - - custom - - {} - description: Fragment derived from `ContainerLogConfigChoice` - properties: - console: - nullable: true - properties: - level: - description: Log levels - enum: - - TRACE - - DEBUG - - INFO - - WARN - - ERROR - - FATAL - - NONE - nullable: true - type: string - type: object - custom: - description: Custom log configuration provided in a ConfigMap - properties: - configMap: - nullable: true - type: string - type: object - file: - nullable: true - properties: - level: - description: Log levels - enum: - - TRACE - - DEBUG - - INFO - - WARN - - ERROR - - FATAL - - NONE - nullable: true - type: string - type: object - loggers: - additionalProperties: - properties: - level: - description: Log levels - enum: - - TRACE - - DEBUG - - INFO - - WARN - - ERROR - - FATAL - - NONE - nullable: true - type: string - type: object - default: {} - type: object - type: object - type: object - enableVectorAgent: - nullable: true - type: boolean - type: object - nodeSelector: - additionalProperties: - type: string - nullable: true - type: object resources: default: memory: @@ -1496,357 +6991,345 @@ spec: type: object default: {} type: object - type: object - type: object - enableVectorAgent: - nullable: true - type: boolean - type: object - resources: - default: - memory: - limit: null - runtimeLimits: {} - cpu: - min: null - max: null - storage: {} - properties: - cpu: - default: - min: null - max: null - properties: - max: - description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." - nullable: true + type: object + type: object + enableVectorAgent: + nullable: true + type: boolean + type: object + podOverrides: + default: {} + description: See PodTemplateSpec (https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) for more details + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + creationTimestamp: + format: date-time + type: string + deletionGracePeriodSeconds: + format: int64 + type: integer + deletionTimestamp: + format: date-time + type: string + finalizers: + items: + type: string + type: array + generateName: + type: string + generation: + format: int64 + type: integer + labels: + additionalProperties: + type: string + type: object + managedFields: + items: + properties: + apiVersion: + type: string + fieldsType: + type: string + fieldsV1: + type: object + manager: + type: string + operation: + type: string + subresource: + type: string + time: + format: date-time + type: string + type: object + type: array + name: + type: string + namespace: + type: string + ownerReferences: + items: + properties: + apiVersion: + type: string + blockOwnerDeletion: + type: boolean + controller: + type: boolean + kind: + type: string + name: + type: string + uid: + type: string + type: object + type: array + resourceVersion: type: string - min: - description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." - nullable: true + selfLink: type: string - type: object - memory: - properties: - limit: - description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." - nullable: true + uid: type: string - runtimeLimits: - type: object - type: object - storage: type: object - type: object - type: object - logFileDirectory: - nullable: true - oneOf: - - required: - - s3 - properties: - s3: - properties: - bucket: - description: Operators are expected to define fields for this type in order to work with S3 buckets. - oneOf: - - required: - - inline - - required: - - reference + spec: properties: - inline: - description: S3 bucket specification containing only the bucket name and an inlined or referenced connection specification. + activeDeadlineSeconds: + format: int64 + type: integer + affinity: properties: - bucketName: - nullable: true - type: string - connection: - description: Operators are expected to define fields for this type in order to work with S3 connections. - nullable: true - oneOf: - - required: - - inline - - required: - - reference + nodeAffinity: properties: - inline: - description: S3 connection definition as CRD. + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + type: object + weight: + format: int32 + type: integer + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: properties: - accessStyle: - description: Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the official documentation on - enum: - - Path - - VirtualHosted - nullable: true - type: string - credentials: - description: If the S3 uses authentication you have to specify you S3 credentials. In the most cases a SecretClass providing `accessKey` and `secretKey` is sufficient. - nullable: true - properties: - scope: - description: '[Scope](https://docs.stackable.tech/secret-operator/scope.html) of the [SecretClass](https://docs.stackable.tech/secret-operator/secretclass.html)' - nullable: true - properties: - node: - default: false - type: boolean - pod: - default: false - type: boolean - services: - default: [] - items: - type: string - type: array - type: object - secretClass: - description: '[SecretClass](https://docs.stackable.tech/secret-operator/secretclass.html) containing the LDAP bind credentials' - type: string - required: - - secretClass - type: object - host: - description: Hostname of the S3 server without any protocol or port - nullable: true - type: string - port: - description: Port the S3 server listens on. If not specified the products will determine the port to use. - format: uint16 - minimum: 0.0 - nullable: true - type: integer - tls: - description: If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. - nullable: true - properties: - verification: - description: The verification method used to verify the certificates of the server and/or the client - oneOf: - - required: - - none - - required: - - server - properties: - none: - description: Use TLS but don't verify certificates + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array type: object - server: - description: Use TLS and ca certificate to verify the server + type: array + matchFields: + items: properties: - caCert: - description: Ca cert to verify the server - oneOf: - - required: - - webPki - - required: - - secretClass + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + type: object + type: array + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: properties: - secretClass: - description: Name of the SecretClass which will provide the ca cert. Note that a SecretClass does not need to have a key but can also work with just a ca cert. So if you got provided with a ca cert but don't have access to the key you can still use this method. + key: type: string - webPki: - description: Use TLS and the ca certificates trusted by the common web browsers to verify the server. This can be useful when you e.g. use public AWS S3 or other public available services. - type: object + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array type: object - required: - - caCert - type: object - type: object - required: - - verification - type: object - type: object - reference: - type: string - type: object - type: object - reference: - type: string - type: object - prefix: - type: string - required: - - bucket - - prefix - type: object - type: object - mainApplicationFile: - nullable: true - type: string - mainClass: - nullable: true - type: string - mode: - nullable: true - type: string - podOverrides: - default: {} - description: See PodTemplateSpec (https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#podtemplatespec-v1-core) for more details - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - creationTimestamp: - format: date-time - type: string - deletionGracePeriodSeconds: - format: int64 - type: integer - deletionTimestamp: - format: date-time - type: string - finalizers: - items: - type: string - type: array - generateName: - type: string - generation: - format: int64 - type: integer - labels: - additionalProperties: - type: string - type: object - managedFields: - items: - properties: - apiVersion: - type: string - fieldsType: - type: string - fieldsV1: - type: object - manager: - type: string - operation: - type: string - subresource: - type: string - time: - format: date-time - type: string - type: object - type: array - name: - type: string - namespace: - type: string - ownerReferences: - items: - properties: - apiVersion: - type: string - blockOwnerDeletion: - type: boolean - controller: - type: boolean - kind: - type: string - name: - type: string - uid: - type: string - type: object - type: array - resourceVersion: - type: string - selfLink: - type: string - uid: - type: string - type: object - spec: - properties: - activeDeadlineSeconds: - format: int64 - type: integer - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + type: object + weight: + format: int32 + type: integer + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: properties: - matchExpressions: - items: - properties: - key: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: type: string - operator: + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: + type: object + type: object + namespaces: items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - type: object + type: string type: array + topologyKey: + type: string type: object - weight: - format: int32 - type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: + type: array + type: object + podAntiAffinity: properties: - nodeSelectorTerms: + preferredDuringSchedulingIgnoredDuringExecution: items: properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: type: string - values: - items: - type: string - type: array - type: object - type: array + type: array + topologyKey: + type: string + type: object + weight: + format: int32 + type: integer type: object type: array - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: + requiredDuringSchedulingIgnoredDuringExecution: + items: properties: labelSelector: properties: @@ -1892,304 +7375,696 @@ spec: items: type: string type: array - topologyKey: - type: string + topologyKey: + type: string + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + type: object + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array type: object - weight: + failureThreshold: format: int32 type: integer - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: + grpc: properties: - matchExpressions: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: items: properties: - key: + name: type: string - operator: + value: type: string - values: - items: - type: string - type: array type: object type: array - matchLabels: - additionalProperties: + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + claims: + items: + properties: + name: type: string - type: object + type: object + type: array + limits: + additionalProperties: + type: string type: object - namespaceSelector: + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: properties: - matchExpressions: + add: items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - type: object + type: string type: array - matchLabels: - additionalProperties: + drop: + items: type: string - type: object + type: array type: object - namespaces: - items: - type: string - type: array - topologyKey: + privileged: + type: boolean + procMount: type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: + startupProbe: properties: - podAffinityTerm: + exec: properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: + command: items: type: string type: array - topologyKey: + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: type: string type: object - weight: + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: format: int32 type: integer type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: array + dnsConfig: + properties: + nameservers: + items: + type: string type: array - requiredDuringSchedulingIgnoredDuringExecution: + options: items: properties: - labelSelector: - properties: - matchExpressions: - items: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: properties: key: type: string - operator: + name: type: string - values: - items: - type: string - type: array + optional: + type: boolean type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: properties: key: type: string - operator: + name: type: string - values: - items: - type: string - type: array + optional: + type: boolean type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - type: object - type: array - type: object - type: object - automountServiceAccountToken: - type: boolean - containers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: + type: object + type: object + type: array + envFrom: + items: properties: - configMapKeyRef: + configMapRef: properties: - key: - type: string name: type: string optional: type: boolean type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - type: object - secretKeyRef: + prefix: + type: string + secretRef: properties: - key: - type: string name: type: string optional: type: boolean type: object type: object - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: properties: - exec: + postStart: properties: - command: - items: - type: string - type: array + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object type: object - httpGet: + preStop: properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: + exec: + properties: + command: + items: type: string - type: object - type: array - path: - type: string - port: - format: int-or-string - type: string - scheme: - type: string - type: object - tcpSocket: - properties: - host: - type: string - port: - format: int-or-string - type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object type: object type: object - preStop: + livenessProbe: properties: exec: properties: @@ -2198,6 +8073,17 @@ spec: type: string type: array type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object httpGet: properties: host: @@ -2219,6 +8105,15 @@ spec: scheme: type: string type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer tcpSocket: properties: host: @@ -2227,487 +8122,175 @@ spec: format: int-or-string type: string type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - format: int-or-string - type: string - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - format: int-or-string - type: string - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - type: object - type: array - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - format: int-or-string - type: string - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - format: int-or-string - type: string - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - claims: - items: - properties: - name: - type: string - type: object - type: array - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string type: object - type: object - startupProbe: - properties: - exec: - properties: - command: - items: + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: properties: - port: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: format: int32 type: integer - service: - type: string type: object - httpGet: + resources: properties: - host: - type: string - httpHeaders: + claims: items: properties: name: type: string - value: - type: string type: object type: array - path: - type: string - port: - format: int-or-string - type: string - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - format: int-or-string - type: string - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - dnsPolicy: - type: string - enableServiceLinks: - type: boolean - ephemeralContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - type: object - type: object - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: + limits: + additionalProperties: type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: + type: object + requests: + additionalProperties: type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: + type: object + type: object + securityContext: properties: - exec: + allowPrivilegeEscalation: + type: boolean + capabilities: properties: - command: + add: + items: + type: string + type: array + drop: items: type: string type: array type: object - httpGet: + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: properties: - host: + level: + type: string + role: type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: + type: type: string - port: - format: int-or-string + user: type: string - scheme: + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: type: string type: object - tcpSocket: + windowsOptions: properties: - host: + gmsaCredentialSpec: type: string - port: - format: int-or-string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: type: string type: object type: object - preStop: + startupProbe: properties: exec: properties: @@ -2716,6 +8299,17 @@ spec: type: string type: array type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object httpGet: properties: host: @@ -2737,6 +8331,15 @@ spec: scheme: type: string type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer tcpSocket: properties: host: @@ -2745,454 +8348,247 @@ spec: format: int-or-string type: string type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 + terminationGracePeriodSeconds: + format: int64 type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - format: int-or-string - type: string - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - format: int-or-string - type: string - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - type: object - type: array - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: + timeoutSeconds: format: int32 type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - format: int-or-string - type: string - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - format: int-or-string - type: string type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - claims: + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: items: properties: + devicePath: + type: string name: type: string type: object type: array - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: + volumeMounts: + items: + properties: + mountPath: type: string - type: array - drop: - items: + mountPropagation: type: string - type: array - type: object - privileged: - type: boolean - procMount: + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostUsers: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object type: object - startupProbe: + type: array + initContainers: + items: properties: - exec: - properties: - command: - items: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: + value: + type: string + valueFrom: properties: - name: - type: string - value: - type: string + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + type: object type: object - type: array - path: - type: string - port: - format: int-or-string - type: string - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - format: int-or-string - type: string - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - targetContainerName: - type: string - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - type: object - type: array - workingDir: - type: string - type: object - type: array - hostAliases: - items: - properties: - hostnames: - items: - type: string - type: array - ip: - type: string - type: object - type: array - hostIPC: - type: boolean - hostNetwork: - type: boolean - hostPID: - type: boolean - hostUsers: - type: boolean - hostname: - type: string - imagePullSecrets: - items: - properties: - name: - type: string - type: object - type: array - initContainers: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: + type: object + type: array + envFrom: + items: properties: - configMapKeyRef: + configMapRef: properties: - key: - type: string name: type: string optional: type: boolean type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - type: string - resource: - type: string - type: object - secretKeyRef: + prefix: + type: string + secretRef: properties: - key: - type: string name: type: string optional: type: boolean type: object type: object - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + type: object + type: object + livenessProbe: properties: exec: properties: @@ -3201,6 +8597,17 @@ spec: type: string type: array type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object httpGet: properties: host: @@ -3222,6 +8629,15 @@ spec: scheme: type: string type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer tcpSocket: properties: host: @@ -3230,8 +8646,33 @@ spec: format: int-or-string type: string type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer type: object - preStop: + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + type: object + type: array + readinessProbe: properties: exec: properties: @@ -3240,6 +8681,17 @@ spec: type: string type: array type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object httpGet: properties: host: @@ -3261,6 +8713,15 @@ spec: scheme: type: string type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer tcpSocket: properties: host: @@ -3269,1182 +8730,1216 @@ spec: format: int-or-string type: string type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: format: int32 type: integer - service: - type: string type: object - httpGet: + resources: properties: - host: - type: string - httpHeaders: + claims: items: properties: name: type: string - value: - type: string type: object type: array - path: - type: string - port: - format: int-or-string - type: string - scheme: - type: string + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: + securityContext: properties: - host: - type: string - port: - format: int-or-string + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - type: string - type: object - type: array - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: + startupProbe: properties: - port: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + path: + type: string + port: + format: int-or-string + type: string + scheme: + type: string + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + format: int-or-string + type: string + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: format: int32 type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - format: int-or-string - type: string - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - format: int-or-string - type: string type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - claims: + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: items: properties: + devicePath: + type: string name: type: string type: object type: array - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: + volumeMounts: + items: + properties: + mountPath: type: string - type: array - drop: - items: + mountPropagation: type: string - type: array - type: object - privileged: - type: boolean - procMount: + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + type: object + type: array + workingDir: + type: string + type: object + type: array + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + os: + properties: + name: + type: string + type: object + overhead: + additionalProperties: + type: string + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object type: object - startupProbe: + type: array + resourceClaims: + items: properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - path: - type: string - port: - format: int-or-string - type: string - scheme: - type: string - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: + name: + type: string + source: properties: - host: + resourceClaimName: type: string - port: - format: int-or-string + resourceClaimTemplateName: type: string type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: + type: array + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + schedulingGates: + items: + properties: + name: + type: string + type: object + type: array + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: properties: - devicePath: + level: type: string - name: + role: + type: string + type: + type: string + user: type: string type: object - type: array - volumeMounts: - items: + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + windowsOptions: properties: - mountPath: - type: string - mountPropagation: + gmsaCredentialSpec: type: string - name: + gmsaCredentialSpecName: type: string - readOnly: + hostProcess: type: boolean - subPath: - type: string - subPathExpr: + runAsUserName: type: string type: object - type: array - workingDir: - type: string - type: object - type: array - nodeName: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - os: - properties: - name: + type: object + serviceAccount: type: string - type: object - overhead: - additionalProperties: - type: string - type: object - preemptionPolicy: - type: string - priority: - format: int32 - type: integer - priorityClassName: - type: string - readinessGates: - items: - properties: - conditionType: - type: string - type: object - type: array - resourceClaims: - items: - properties: - name: - type: string - source: - properties: - resourceClaimName: - type: string - resourceClaimTemplateName: - type: string - type: object - type: object - type: array - restartPolicy: - type: string - runtimeClassName: - type: string - schedulerName: - type: string - schedulingGates: - items: - properties: - name: - type: string - type: object - type: array - securityContext: - properties: - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: + serviceAccountName: type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: type: boolean - runAsUser: + subdomain: + type: string + terminationGracePeriodSeconds: format: int64 type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: + tolerations: items: properties: - name: + effect: + type: string + key: + type: string + operator: type: string + tolerationSeconds: + format: int64 + type: integer value: type: string type: object type: array - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - serviceAccount: - type: string - serviceAccountName: - type: string - setHostnameAsFQDN: - type: boolean - shareProcessNamespace: - type: boolean - subdomain: - type: string - terminationGracePeriodSeconds: - format: int64 - type: integer - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - topologySpreadConstraints: - items: - properties: - labelSelector: + topologySpreadConstraints: + items: properties: - matchExpressions: - items: - properties: - key: - type: string - operator: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string + type: object type: object - type: object - matchLabelKeys: - items: - type: string - type: array - maxSkew: - format: int32 - type: integer - minDomains: - format: int32 - type: integer - nodeAffinityPolicy: - type: string - nodeTaintsPolicy: - type: string - topologyKey: - type: string - whenUnsatisfiable: - type: string - type: object - type: array - volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: + matchLabelKeys: + items: + type: string + type: array + maxSkew: format: int32 type: integer - readOnly: - type: boolean - volumeID: - type: string - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: type: string - kind: + nodeTaintsPolicy: type: string - readOnly: - type: boolean - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: + topologyKey: type: string - shareName: + whenUnsatisfiable: type: string type: object - cephfs: + type: array + volumes: + items: properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: + awsElasticBlockStore: properties: - name: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: type: string type: object - user: - type: string - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: + azureDisk: properties: - name: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: type: string + readOnly: + type: boolean type: object - volumeID: - type: string - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: + azureFile: properties: - name: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: type: string type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string type: object - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: properties: - containerName: - type: string - divisor: + key: type: string - resource: + mode: + format: int32 + type: integer + path: type: string type: object - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - type: string - type: object - ephemeral: - properties: - volumeClaimTemplate: + type: array + name: + type: string + optional: + type: boolean + type: object + csi: properties: - metadata: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: properties: - annotations: - additionalProperties: - type: string - type: object - creationTimestamp: - format: date-time - type: string - deletionGracePeriodSeconds: - format: int64 - type: integer - deletionTimestamp: - format: date-time - type: string - finalizers: - items: - type: string - type: array - generateName: + name: type: string - generation: - format: int64 - type: integer - labels: - additionalProperties: - type: string - type: object - managedFields: - items: + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: properties: apiVersion: type: string - fieldsType: - type: string - fieldsV1: - type: object - manager: - type: string - operation: - type: string - subresource: - type: string - time: - format: date-time + fieldPath: type: string type: object - type: array - name: - type: string - namespace: - type: string - ownerReferences: - items: + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: properties: - apiVersion: - type: string - blockOwnerDeletion: - type: boolean - controller: - type: boolean - kind: + containerName: type: string - name: + divisor: type: string - uid: + resource: type: string type: object - type: array - resourceVersion: - type: string - selfLink: - type: string - uid: - type: string - type: object - spec: + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + type: string + type: object + ephemeral: + properties: + volumeClaimTemplate: properties: - accessModes: - items: - type: string - type: array - dataSource: + metadata: properties: - apiGroup: + annotations: + additionalProperties: + type: string + type: object + creationTimestamp: + format: date-time + type: string + deletionGracePeriodSeconds: + format: int64 + type: integer + deletionTimestamp: + format: date-time type: string - kind: + finalizers: + items: + type: string + type: array + generateName: type: string + generation: + format: int64 + type: integer + labels: + additionalProperties: + type: string + type: object + managedFields: + items: + properties: + apiVersion: + type: string + fieldsType: + type: string + fieldsV1: + type: object + manager: + type: string + operation: + type: string + subresource: + type: string + time: + format: date-time + type: string + type: object + type: array name: type: string - type: object - dataSourceRef: - properties: - apiGroup: + namespace: type: string - kind: + ownerReferences: + items: + properties: + apiVersion: + type: string + blockOwnerDeletion: + type: boolean + controller: + type: boolean + kind: + type: string + name: + type: string + uid: + type: string + type: object + type: array + resourceVersion: type: string - name: + selfLink: type: string - namespace: + uid: type: string type: object - resources: + spec: properties: - claims: + accessModes: items: - properties: - name: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + type: object + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + type: object + resources: + properties: + claims: + items: + properties: + name: + type: string + type: object + type: array + limits: + additionalProperties: type: string - type: object - type: array - limits: - additionalProperties: - type: string - type: object - requests: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: + type: object + requests: + additionalProperties: type: string - operator: + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + type: object + type: array + matchLabels: + additionalProperties: type: string - values: - items: - type: string - type: array - type: object - type: array - matchLabels: - additionalProperties: - type: string + type: object type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: type: string type: object type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string type: object - readOnly: - type: boolean - secretRef: + gcePersistentDisk: properties: - name: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: type: string + readOnly: + type: boolean type: object - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - type: object - hostPath: - properties: - path: - type: string - type: - type: string - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: + gitRepo: properties: - name: + directory: + type: string + repository: + type: string + revision: type: string type: object - targetPortal: - type: string - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + type: object + hostPath: + properties: + path: + type: string + type: + type: string + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: properties: - items: - items: - properties: - fieldRef: + configMap: + properties: + items: + items: properties: - apiVersion: + key: type: string - fieldPath: + mode: + format: int32 + type: integer + path: type: string type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: + type: array + name: + type: string + optional: + type: boolean + type: object + downwardAPI: + properties: + items: + items: properties: - containerName: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + type: object + mode: + format: int32 + type: integer + path: type: string - divisor: + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + type: object + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: type: string - resource: + mode: + format: int32 + type: integer + path: type: string type: object - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string + type: array + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + type: object type: object - type: object - type: array - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: properties: - name: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: type: string type: object - user: - type: string - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: + vsphereVolume: properties: - name: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: type: string type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: + type: array + type: object + type: object + resources: + default: + memory: + limit: null + runtimeLimits: {} + cpu: + min: null + max: null + storage: {} + properties: + cpu: + default: + min: null + max: null + properties: + max: + description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." + nullable: true + type: string + min: + description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." + nullable: true + type: string + type: object + memory: + properties: + limit: + description: "Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.\n\nThe serialization format is:\n\n``` ::= \n\n\t(Note that may be empty, from the \"\" case in .)\n\n ::= 0 | 1 | ... | 9 ::= | ::= | . | . | . ::= \"+\" | \"-\" ::= | ::= | | ::= Ki | Mi | Gi | Ti | Pi | Ei\n\n\t(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)\n\n ::= m | \"\" | k | M | G | T | P | E\n\n\t(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)\n\n ::= \"e\" | \"E\" ```\n\nNo matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.\n\nWhen a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.\n\nBefore serializing, Quantity will be put in \"canonical form\". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:\n\n- No precision is lost - No fractional digits will be emitted - The exponent (or suffix) is as large as possible.\n\nThe sign will be omitted unless the number is negative.\n\nExamples:\n\n- 1.5 will be serialized as \"1500m\" - 1.5Gi will be serialized as \"1536Mi\"\n\nNote that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.\n\nNon-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)\n\nThis format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation." + nullable: true + type: string + runtimeLimits: + type: object + type: object + storage: + type: object + type: object + type: object + logFileDirectory: + nullable: true + oneOf: + - required: + - s3 + properties: + s3: + properties: + bucket: + description: Operators are expected to define fields for this type in order to work with S3 buckets. + oneOf: + - required: + - inline + - required: + - reference + properties: + inline: + description: S3 bucket specification containing only the bucket name and an inlined or referenced connection specification. + properties: + bucketName: + nullable: true + type: string + connection: + description: Operators are expected to define fields for this type in order to work with S3 connections. + nullable: true + oneOf: + - required: + - inline + - required: + - reference + properties: + inline: + description: S3 connection definition as CRD. properties: - key: + accessStyle: + description: Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the official documentation on + enum: + - Path + - VirtualHosted + nullable: true type: string - mode: - format: int32 - type: integer - path: + credentials: + description: If the S3 uses authentication you have to specify you S3 credentials. In the most cases a SecretClass providing `accessKey` and `secretKey` is sufficient. + nullable: true + properties: + scope: + description: '[Scope](https://docs.stackable.tech/secret-operator/scope.html) of the [SecretClass](https://docs.stackable.tech/secret-operator/secretclass.html)' + nullable: true + properties: + node: + default: false + type: boolean + pod: + default: false + type: boolean + services: + default: [] + items: + type: string + type: array + type: object + secretClass: + description: '[SecretClass](https://docs.stackable.tech/secret-operator/secretclass.html) containing the LDAP bind credentials' + type: string + required: + - secretClass + type: object + host: + description: Hostname of the S3 server without any protocol or port + nullable: true type: string + port: + description: Port the S3 server listens on. If not specified the products will determine the port to use. + format: uint16 + minimum: 0.0 + nullable: true + type: integer + tls: + description: If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. + nullable: true + properties: + verification: + description: The verification method used to verify the certificates of the server and/or the client + oneOf: + - required: + - none + - required: + - server + properties: + none: + description: Use TLS but don't verify certificates + type: object + server: + description: Use TLS and ca certificate to verify the server + properties: + caCert: + description: Ca cert to verify the server + oneOf: + - required: + - webPki + - required: + - secretClass + properties: + secretClass: + description: Name of the SecretClass which will provide the ca cert. Note that a SecretClass does not need to have a key but can also work with just a ca cert. So if you got provided with a ca cert but don't have access to the key you can still use this method. + type: string + webPki: + description: Use TLS and the ca certificates trusted by the common web browsers to verify the server. This can be useful when you e.g. use public AWS S3 or other public available services. + type: object + type: object + required: + - caCert + type: object + type: object + required: + - verification + type: object type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - type: object - type: object - type: array + reference: + type: string + type: object + type: object + reference: + type: string + type: object + prefix: + type: string + required: + - bucket + - prefix type: object type: object + mainApplicationFile: + nullable: true + type: string + mainClass: + nullable: true + type: string + mode: + nullable: true + type: string s3connection: description: Operators are expected to define fields for this type in order to work with S3 connections. nullable: true diff --git a/rust/crd/Cargo.toml b/rust/crd/Cargo.toml index 1821fa6b..ce5dffbc 100644 --- a/rust/crd/Cargo.toml +++ b/rust/crd/Cargo.toml @@ -9,14 +9,14 @@ version = "0.0.0-dev" publish = false [dependencies] -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag="0.42.2" } - -semver = "1.0" -serde = "1.0" -serde_json = "1.0" -serde_yaml = "0.8" -snafu = "0.7" -strum = { version = "0.24", features = ["derive"] } +stackable-operator = { workspace = true } +semver = { workspace = true } +serde = { workspace = true } +serde_json = { workspace = true } +serde_yaml = { workspace = true } +snafu = { workspace = true } +strum = { workspace = true, features = ["derive"] } +tracing = { workspace = true } [dev-dependencies] rstest = "0.17.0" diff --git a/rust/crd/src/history.rs b/rust/crd/src/history.rs index 20579b60..2b872c47 100644 --- a/rust/crd/src/history.rs +++ b/rust/crd/src/history.rs @@ -3,7 +3,8 @@ use crate::{affinity::history_affinity, constants::*}; use std::collections::{BTreeMap, HashMap}; use serde::{Deserialize, Serialize}; -use snafu::{ResultExt, Snafu}; +use snafu::{OptionExt, ResultExt, Snafu}; +use stackable_operator::role_utils::RoleGroup; use stackable_operator::{ commons::{ affinity::StackableAffinity, @@ -45,6 +46,8 @@ pub enum Error { }, #[snafu(display("fragment validation failure"))] FragmentValidationFailure { source: ValidationError }, + #[snafu(display("the role group {role_group} is not defined"))] + CannotRetrieveRoleGroup { role_group: String }, } #[derive(Clone, CustomResource, Debug, Deserialize, JsonSchema, Serialize)] @@ -118,6 +121,26 @@ impl CurrentlySupportedListenerClasses { } impl SparkHistoryServer { + /// Returns a reference to the role. Raises an error if the role is not defined. + pub fn role(&self) -> &Role { + &self.spec.nodes + } + + /// Returns a reference to the role group. Raises an error if the role or role group are not defined. + pub fn rolegroup( + &self, + rolegroup_ref: &RoleGroupRef, + ) -> Result, Error> { + self.spec + .nodes + .role_groups + .get(&rolegroup_ref.role_group) + .with_context(|| CannotRetrieveRoleGroupSnafu { + role_group: rolegroup_ref.role_group.to_owned(), + }) + .cloned() + } + pub fn merged_config( &self, rolegroup_ref: &RoleGroupRef, diff --git a/rust/crd/src/lib.rs b/rust/crd/src/lib.rs index 6f20a577..06cb40d5 100644 --- a/rust/crd/src/lib.rs +++ b/rust/crd/src/lib.rs @@ -35,14 +35,17 @@ use stackable_operator::{ merge::{Atomic, Merge}, }, k8s_openapi::{ - api::core::v1::{EmptyDirVolumeSource, EnvVar, LocalObjectReference, Volume, VolumeMount}, + api::core::v1::{ + EmptyDirVolumeSource, EnvVar, LocalObjectReference, PodTemplateSpec, Volume, + VolumeMount, + }, apimachinery::pkg::api::resource::Quantity, }, kube::{CustomResource, ResourceExt}, labels::ObjectLabels, memory::{BinaryMultiple, MemoryQuantity}, product_logging::{self, spec::Logging}, - role_utils::CommonConfiguration, + role_utils::pod_overrides_schema, schemars::{self, JsonSchema}, }; use strum::{Display, EnumIter, EnumString}; @@ -64,8 +67,6 @@ pub enum Error { source: stackable_operator::error::Error, unit: String, }, - #[snafu(display("failed to convert to quantity"))] - FailedQuantityConversion, #[snafu(display("failed to parse value"))] FailedParseToFloatConversion, #[snafu(display("fragment validation failure"))] @@ -123,6 +124,9 @@ pub struct SparkConfig { pub resources: Resources, #[fragment_attrs(serde(default))] pub logging: Logging, + #[fragment_attrs(serde(default))] + #[fragment_attrs(schemars(schema_with = "pod_overrides_schema"))] + pub pod_overrides: PodTemplateSpec, } impl SparkConfig { @@ -141,6 +145,7 @@ impl SparkConfig { storage: SparkStorageConfigFragment {}, }, logging: product_logging::spec::default_logging(), + pod_overrides: PodTemplateSpec::default(), } } } @@ -187,8 +192,6 @@ pub struct SparkApplicationSpec { pub driver: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub executor: Option, - #[serde(flatten)] - pub config: Option>, #[serde(default, skip_serializing_if = "Option::is_none")] pub stopped: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -228,14 +231,6 @@ pub struct JobDependencies { } impl SparkApplication { - pub fn enable_monitoring(&self) -> Option { - let spec: &SparkApplicationSpec = &self.spec; - spec.config - .as_ref() - .map(|common_configuration| &common_configuration.config) - .and_then(|common_config| common_config.enable_monitoring) - } - pub fn submit_job_config_map_name(&self) -> String { format!("{app_name}-submit-job", app_name = self.name_any()) } @@ -560,83 +555,26 @@ impl SparkApplication { // then added to the vector once complete. let mut submit_conf: BTreeMap = BTreeMap::new(); - let driver_config = self.driver_config()?; - let executor_config = self.executor_config()?; - - // resource limits, either declared or taken from defaults - if let Resources { - cpu: CpuLimits { max: Some(max), .. }, - .. - } = &driver_config.resources - { - submit_conf.insert( - "spark.kubernetes.driver.limit.cores".to_string(), - max.0.clone(), - ); - let cores = - cores_from_quantity(max.0.clone()).map_err(|_| Error::FailedQuantityConversion)?; - // will have default value from resources to apply if nothing set specifically - submit_conf.insert("spark.driver.cores".to_string(), cores); - } - if let Resources { - cpu: CpuLimits { min: Some(min), .. }, - .. - } = &driver_config.resources - { - submit_conf.insert( - "spark.kubernetes.driver.request.cores".to_string(), - min.0.clone(), - ); - } - if let Resources { - memory: MemoryLimits { - limit: Some(limit), .. - }, - .. - } = &driver_config.resources - { - let memory = self - .subtract_spark_memory_overhead(limit) - .map_err(|_| Error::FailedQuantityConversion)?; - submit_conf.insert("spark.driver.memory".to_string(), memory); - } + // Disable this. We subtract this factor out of the resource requests ourselves + // when computing the Spark memory properties below. We do this to because otherwise + // Spark computes and applies different container memory limits than the ones the + // user has provided. + // It can be overwritten by the user with the "sparkConf" property. + submit_conf.insert( + "spark.kubernetes.memoryOverheadFactor".to_string(), + "0.0".to_string(), + ); - if let Resources { - cpu: CpuLimits { max: Some(max), .. }, - .. - } = &executor_config.resources - { - submit_conf.insert( - "spark.kubernetes.executor.limit.cores".to_string(), - max.0.clone(), - ); - let cores = - cores_from_quantity(max.0.clone()).map_err(|_| Error::FailedQuantityConversion)?; - // will have default value from resources to apply if nothing set specifically - submit_conf.insert("spark.executor.cores".to_string(), cores); - } - if let Resources { - cpu: CpuLimits { min: Some(min), .. }, - .. - } = &executor_config.resources - { - submit_conf.insert( - "spark.kubernetes.executor.request.cores".to_string(), - min.0.clone(), - ); - } - if let Resources { - memory: MemoryLimits { - limit: Some(limit), .. - }, - .. - } = &executor_config.resources - { - let memory = self - .subtract_spark_memory_overhead(limit) - .map_err(|_| Error::FailedQuantityConversion)?; - submit_conf.insert("spark.executor.memory".to_string(), memory); - } + resources_to_driver_props( + self.spec.main_class.is_some(), + &self.driver_config()?, + &mut submit_conf, + )?; + resources_to_executor_props( + self.spec.main_class.is_some(), + &self.executor_config()?, + &mut submit_conf, + )?; if let Some(executors) = &self.spec.executor { if let Some(instances) = executors.instances { @@ -679,41 +617,6 @@ impl SparkApplication { Ok(submit_cmd) } - /// A memory overhead will be applied using a factor of 0.1 (JVM jobs) or 0.4 (non-JVM jobs), - /// being not less than 384MB. The resource limit should keep this transparent by reducing the - /// declared memory limit accordingly. - fn subtract_spark_memory_overhead(&self, limit: &Quantity) -> Result { - // determine job-type using class name: scala/java will declare an application and main class; - // R and python will just declare the application name/file (for python this could be .zip/.py/.egg). - // Spark itself just checks the application name - See e.g. - // https://github.com/apache/spark/blob/01c7a46f24fb4bb4287a184a3d69e0e5c904bc50/core/src/main/scala/org/apache/spark/deploy/SparkSubmit.scala#L1092 - let non_jvm_factor = if self.spec.main_class.is_some() { - 1.0 / (1.0 + JVM_OVERHEAD_FACTOR) - } else { - 1.0 / (1.0 + NON_JVM_OVERHEAD_FACTOR) - }; - - let original_memory = MemoryQuantity::try_from(limit) - .context(FailedToConvertJavaHeapSnafu { - unit: BinaryMultiple::Mebi.to_java_memory_unit(), - })? - .scale_to(BinaryMultiple::Mebi) - .floor() - .value as u32; - - let reduced_memory = - (MemoryQuantity::try_from(limit).context(FailedToConvertJavaHeapSnafu { - unit: BinaryMultiple::Mebi.to_java_memory_unit(), - })? * non_jvm_factor) - .scale_to(BinaryMultiple::Mebi) - .floor() - .value as u32; - - let deduction = max(MIN_MEMORY_OVERHEAD, original_memory - reduced_memory); - - Ok(format!("{}m", original_memory - deduction)) - } - pub fn env( &self, s3conn: &Option, @@ -793,6 +696,157 @@ fn cores_from_quantity(q: String) -> Result { Ok((cores as u32).to_string()) } +/// A memory overhead will be applied using a factor of 0.1 (JVM jobs) or 0.4 (non-JVM jobs), +/// being not less than MIN_MEMORY_OVERHEAD. This implies that `limit` must be greater than +/// `MIN_MEMORY_OVERHEAD` +/// The resource limit should keep this transparent by reducing the +/// declared memory limit accordingly. +fn subtract_spark_memory_overhead(for_java: bool, limit: &Quantity) -> Result { + // determine job-type using class name: scala/java will declare an application and main class; + // R and python will just declare the application name/file (for python this could be .zip/.py/.egg). + // Spark itself just checks the application name - See e.g. + // https://github.com/apache/spark/blob/01c7a46f24fb4bb4287a184a3d69e0e5c904bc50/core/src/main/scala/org/apache/spark/deploy/SparkSubmit.scala#L1092 + let non_jvm_factor = if for_java { + //self.spec.main_class.is_some() { + 1.0 / (1.0 + JVM_OVERHEAD_FACTOR) + } else { + 1.0 / (1.0 + NON_JVM_OVERHEAD_FACTOR) + }; + + let original_memory = MemoryQuantity::try_from(limit) + .context(FailedToConvertJavaHeapSnafu { + unit: BinaryMultiple::Mebi.to_java_memory_unit(), + })? + .scale_to(BinaryMultiple::Mebi) + .floor() + .value as u32; + + if MIN_MEMORY_OVERHEAD > original_memory { + tracing::warn!("Skip memory overhead since not enough memory ({original_memory}m). At least {MIN_MEMORY_OVERHEAD}m required"); + return Ok(format!("{original_memory}m")); + } + + let reduced_memory = + (MemoryQuantity::try_from(limit).context(FailedToConvertJavaHeapSnafu { + unit: BinaryMultiple::Mebi.to_java_memory_unit(), + })? * non_jvm_factor) + .scale_to(BinaryMultiple::Mebi) + .floor() + .value as u32; + + let deduction = max(MIN_MEMORY_OVERHEAD, original_memory - reduced_memory); + + tracing::debug!("subtract_spark_memory_overhead: original_memory ({original_memory}) - deduction ({deduction})"); + Ok(format!("{}m", original_memory - deduction)) +} + +/// Translate resource limits to Spark config properties. +/// Spark will use these and *ignore* the resource limits in pod templates entirely. +fn resources_to_driver_props( + for_java: bool, + driver_config: &DriverConfig, + props: &mut BTreeMap, +) -> Result<(), Error> { + if let Resources { + cpu: CpuLimits { max: Some(max), .. }, + .. + } = &driver_config.resources + { + let cores = cores_from_quantity(max.0.clone())?; + // will have default value from resources to apply if nothing set specifically + props.insert("spark.driver.cores".to_string(), cores.clone()); + props.insert( + "spark.kubernetes.driver.request.cores".to_string(), + cores.clone(), + ); + props.insert("spark.kubernetes.driver.limit.cores".to_string(), cores); + } + + if let Resources { + memory: MemoryLimits { + limit: Some(limit), .. + }, + .. + } = &driver_config.resources + { + let memory = subtract_spark_memory_overhead(for_java, limit)?; + props.insert("spark.driver.memory".to_string(), memory); + + let limit_mb = format!( + "{}m", + MemoryQuantity::try_from(limit) + .context(FailedToConvertJavaHeapSnafu { + unit: BinaryMultiple::Mebi.to_java_memory_unit(), + })? + .scale_to(BinaryMultiple::Mebi) + .floor() + .value as u32 + ); + props.insert( + "spark.kubernetes.driver.request.memory".to_string(), + limit_mb.clone(), + ); + props.insert("spark.kubernetes.driver.limit.memory".to_string(), limit_mb); + } + + Ok(()) +} + +/// Translate resource limits to Spark config properties. +/// Spark will use these and *ignore* the resource limits in pod templates entirely. +fn resources_to_executor_props( + for_java: bool, + executor_config: &ExecutorConfig, + props: &mut BTreeMap, +) -> Result<(), Error> { + if let Resources { + cpu: CpuLimits { max: Some(max), .. }, + .. + } = &executor_config.resources + { + let cores = cores_from_quantity(max.0.clone())?; + // will have default value from resources to apply if nothing set specifically + props.insert("spark.executor.cores".to_string(), cores.clone()); + props.insert( + "spark.kubernetes.executor.request.cores".to_string(), + cores.clone(), + ); + props.insert("spark.kubernetes.executors.limit.cores".to_string(), cores); + } + + if let Resources { + memory: MemoryLimits { + limit: Some(limit), .. + }, + .. + } = &executor_config.resources + { + let memory = subtract_spark_memory_overhead(for_java, limit)?; + props.insert("spark.executor.memory".to_string(), memory); + + let limit_mb = format!( + "{}m", + MemoryQuantity::try_from(limit) + .context(FailedToConvertJavaHeapSnafu { + unit: BinaryMultiple::Mebi.to_java_memory_unit(), + })? + .scale_to(BinaryMultiple::Mebi) + .floor() + .value as u32 + ); + props.insert( + "spark.kubernetes.executor.request.memory".to_string(), + limit_mb.clone(), + ); + props.insert( + "spark.kubernetes.executor.limit.memory".to_string(), + limit_mb, + ); + } + + Ok(()) +} + #[derive(Clone, Debug, Default, Deserialize, JsonSchema, PartialEq, Serialize)] #[serde(rename_all = "camelCase")] pub struct VolumeMounts { @@ -830,7 +884,6 @@ pub struct CommonConfig { pub secret: Option, pub log_dir: Option, pub max_port_retries: Option, - pub enable_monitoring: Option, } #[derive( @@ -899,6 +952,9 @@ pub struct DriverConfig { pub volume_mounts: Option, #[fragment_attrs(serde(default))] pub affinity: StackableAffinity, + #[fragment_attrs(serde(default))] + #[fragment_attrs(schemars(schema_with = "pod_overrides_schema"))] + pub pod_overrides: PodTemplateSpec, } impl DriverConfig { @@ -918,6 +974,7 @@ impl DriverConfig { logging: product_logging::spec::default_logging(), volume_mounts: Some(VolumeMounts::default()), affinity: StackableAffinityFragment::default(), + pod_overrides: PodTemplateSpec::default(), } } } @@ -949,6 +1006,9 @@ pub struct ExecutorConfig { pub node_selector: Option, #[fragment_attrs(serde(default))] pub affinity: StackableAffinity, + #[fragment_attrs(serde(default))] + #[fragment_attrs(schemars(schema_with = "pod_overrides_schema"))] + pub pod_overrides: PodTemplateSpec, } impl ExecutorConfig { @@ -970,22 +1030,32 @@ impl ExecutorConfig { volume_mounts: Some(VolumeMounts::default()), node_selector: Default::default(), affinity: Default::default(), + pod_overrides: PodTemplateSpec::default(), } } } #[cfg(test)] mod tests { - use crate::LocalObjectReference; - use crate::Quantity; - use crate::SparkApplication; - use crate::{cores_from_quantity, ImagePullPolicy}; + use crate::{ + cores_from_quantity, resources_to_executor_props, ExecutorConfig, ImagePullPolicy, + }; + use crate::{resources_to_driver_props, SparkApplication}; + use crate::{DriverConfig, LocalObjectReference}; + use crate::{Quantity, SparkStorageConfig}; use rstest::rstest; use stackable_operator::builder::ObjectMetaBuilder; + use stackable_operator::commons::affinity::StackableAffinity; use stackable_operator::commons::authentication::tls::{Tls, TlsVerification}; + use stackable_operator::commons::resources::{ + CpuLimits, MemoryLimits, NoRuntimeLimits, Resources, + }; use stackable_operator::commons::s3::{ S3AccessStyle, S3BucketSpec, S3ConnectionDef, S3ConnectionSpec, }; + use stackable_operator::k8s_openapi::api::core::v1::PodTemplateSpec; + use stackable_operator::product_logging::spec::Logging; + use std::collections::BTreeMap; use std::str::FromStr; #[test] @@ -1361,4 +1431,112 @@ spec: let cores = cores_from_quantity(q.0.clone()).unwrap(); assert_eq!(output, cores); } + + #[test] + fn test_resource_to_driver_props() { + let driver_config = DriverConfig { + resources: Resources { + memory: MemoryLimits { + limit: Some(Quantity("128Mi".to_string())), + runtime_limits: NoRuntimeLimits {}, + }, + cpu: CpuLimits { + min: Some(Quantity("250m".to_string())), + max: Some(Quantity("1".to_string())), + }, + storage: SparkStorageConfig {}, + }, + logging: Logging { + enable_vector_agent: false, + containers: BTreeMap::new(), + }, + volume_mounts: None, + affinity: StackableAffinity::default(), + pod_overrides: PodTemplateSpec::default(), + }; + + let mut props = BTreeMap::new(); + + resources_to_driver_props(true, &driver_config, &mut props).expect("blubb"); + + let expected: BTreeMap = vec![ + ("spark.driver.cores".to_string(), "1".to_string()), + ("spark.driver.memory".to_string(), "128m".to_string()), + ( + "spark.kubernetes.driver.limit.cores".to_string(), + "1".to_string(), + ), + ( + "spark.kubernetes.driver.limit.memory".to_string(), + "128m".to_string(), + ), + ( + "spark.kubernetes.driver.request.cores".to_string(), + "1".to_string(), + ), + ( + "spark.kubernetes.driver.request.memory".to_string(), + "128m".to_string(), + ), + ] + .into_iter() + .collect(); + + assert_eq!(expected, props); + } + + #[test] + fn test_resource_to_executor_props() { + let executor_config = ExecutorConfig { + instances: Some(1), + resources: Resources { + memory: MemoryLimits { + limit: Some(Quantity("512Mi".to_string())), + runtime_limits: NoRuntimeLimits {}, + }, + cpu: CpuLimits { + min: Some(Quantity("250m".to_string())), + max: Some(Quantity("2".to_string())), + }, + storage: SparkStorageConfig {}, + }, + logging: Logging { + enable_vector_agent: false, + containers: BTreeMap::new(), + }, + volume_mounts: None, + node_selector: None, + affinity: StackableAffinity::default(), + pod_overrides: PodTemplateSpec::default(), + }; + + let mut props = BTreeMap::new(); + + resources_to_executor_props(true, &executor_config, &mut props).expect("blubb"); + + let expected: BTreeMap = vec![ + ("spark.executor.cores".to_string(), "2".to_string()), + ("spark.executor.memory".to_string(), "128m".to_string()), // 128 and not 512 because memory overhead is subtracted + ( + "spark.kubernetes.executor.limit.memory".to_string(), + "512m".to_string(), + ), + ( + "spark.kubernetes.executor.request.cores".to_string(), + "2".to_string(), + ), + ( + "spark.kubernetes.executor.request.memory".to_string(), + "512m".to_string(), + ), + ( + "spark.kubernetes.executors.limit.cores".to_string(), + "2".to_string(), + ), + ] + .into_iter() + .collect(); + + assert_eq!(expected, props); + } } diff --git a/rust/operator-binary/Cargo.toml b/rust/operator-binary/Cargo.toml index e3a970ef..25b3418f 100644 --- a/rust/operator-binary/Cargo.toml +++ b/rust/operator-binary/Cargo.toml @@ -9,20 +9,22 @@ version = "0.0.0-dev" publish = false [dependencies] -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag="0.42.2" } stackable-spark-k8s-crd = { path = "../crd" } -anyhow = "1.0" -clap = "4.1" -futures = "0.3" -serde = "1.0" -serde_yaml = "0.8" -snafu = "0.7" -strum = { version = "0.24.1", features = ["derive"] } -tokio = { version = "1.24", features = ["macros", "rt-multi-thread"] } -tracing = "0.1" -tracing-futures = { version = "0.2", features = ["futures-03"] } +stackable-operator = { workspace = true } +anyhow = { workspace = true } +semver = { workspace = true } +serde = { workspace = true } +serde_json = { workspace = true } +serde_yaml = { workspace = true } +snafu = { workspace = true } +strum = { workspace = true, features = ["derive"] } +tracing = { workspace = true } +tracing-futures = { workspace = true, features = ["futures-03"] } +clap = { workspace = true } +futures = { workspace = true } +tokio = { workspace = true, features = ["macros", "rt-multi-thread"] } [build-dependencies] built = { version = "0.6", features = ["chrono", "git2"] } -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag="0.42.2" } +stackable-operator = { workspace = true } stackable-spark-k8s-crd = { path = "../crd" } diff --git a/rust/operator-binary/src/history_controller.rs b/rust/operator-binary/src/history_controller.rs index 1913ed49..f7444c41 100644 --- a/rust/operator-binary/src/history_controller.rs +++ b/rust/operator-binary/src/history_controller.rs @@ -30,6 +30,7 @@ use stackable_operator::{ }; use stackable_spark_k8s_crd::{ constants::*, + history, history::{HistoryConfig, SparkHistoryServer, SparkHistoryServerContainer}, s3logdir::S3LogDir, tlscerts, @@ -39,6 +40,7 @@ use std::{collections::BTreeMap, sync::Arc}; use snafu::{OptionExt, ResultExt, Snafu}; use stackable_operator::builder::resources::ResourceRequirementsBuilder; +use stackable_operator::k8s_openapi::DeepMerge; use stackable_operator::logging::controller::ReconcilerError; use strum::{EnumDiscriminants, IntoStaticStr}; @@ -119,6 +121,8 @@ pub enum Error { source: product_logging::Error, cm_name: String, }, + #[snafu(display("cannot retrieve role group"))] + CannotRetrieveRoleGroup { source: history::Error }, } type Result = std::result::Result; @@ -388,6 +392,14 @@ fn build_stateful_set( )); } + let mut pod_template = pb.build_template(); + pod_template.merge_from(shs.role().config.pod_overrides.clone()); + let role_group = shs + .rolegroup(rolegroupref) + .with_context(|_| CannotRetrieveRoleGroupSnafu)?; + + pod_template.merge_from(role_group.config.pod_overrides); + Ok(StatefulSet { metadata: ObjectMetaBuilder::new() .name_and_namespace(shs) @@ -401,7 +413,7 @@ fn build_stateful_set( )) .build(), spec: Some(StatefulSetSpec { - template: pb.build_template(), + template: pod_template, replicas: shs.replicas(rolegroupref), selector: LabelSelector { match_labels: Some(role_group_selector_labels( diff --git a/rust/operator-binary/src/spark_k8s_controller.rs b/rust/operator-binary/src/spark_k8s_controller.rs index 7aa4fd0c..85473c48 100644 --- a/rust/operator-binary/src/spark_k8s_controller.rs +++ b/rust/operator-binary/src/spark_k8s_controller.rs @@ -8,6 +8,7 @@ use stackable_spark_k8s_crd::{ use crate::product_logging::{self, resolve_vector_aggregator_address}; use snafu::{OptionExt, ResultExt, Snafu}; use stackable_operator::builder::resources::ResourceRequirementsBuilder; +use stackable_operator::k8s_openapi::DeepMerge; use stackable_operator::{ builder::{ConfigMapBuilder, ContainerBuilder, ObjectMetaBuilder, PodBuilder, VolumeBuilder}, commons::{ @@ -21,7 +22,7 @@ use stackable_operator::{ api::{ batch::v1::{Job, JobSpec}, core::v1::{ - ConfigMap, Container, EnvVar, Pod, PodSecurityContext, PodSpec, PodTemplateSpec, + ConfigMap, Container, EnvVar, PodSecurityContext, PodSpec, PodTemplateSpec, ServiceAccount, Volume, VolumeMount, }, rbac::v1::{ClusterRole, RoleBinding, RoleRef, Subject}, @@ -127,6 +128,7 @@ pub struct PodTemplateConfig { pub logging: Logging, pub volume_mounts: Vec, pub affinity: StackableAffinity, + pub pod_overrides: PodTemplateSpec, } pub async fn reconcile(spark_application: Arc, ctx: Arc) -> Result { @@ -214,6 +216,7 @@ pub async fn reconcile(spark_application: Arc, ctx: Arc) &s3logdir, ), affinity: driver_config.affinity, + pod_overrides: driver_config.pod_overrides.clone(), }; let driver_pod_template_config_map = pod_template_config_map( &spark_application, @@ -245,6 +248,7 @@ pub async fn reconcile(spark_application: Arc, ctx: Arc) &s3logdir, ), affinity: executor_config.affinity, + pod_overrides: executor_config.pod_overrides.clone(), }; let executor_pod_template_config_map = pod_template_config_map( &spark_application, @@ -416,7 +420,6 @@ fn init_containers( ) .build() }); - tracing::info!("Args [{:#?}]", args); Ok(vec![job_container, requirements_container, tls_container] .into_iter() @@ -432,7 +435,7 @@ fn pod_template( env: &[EnvVar], s3conn: &Option, s3logdir: &Option, -) -> Result { +) -> Result { let container_name = SparkContainer::Spark.to_string(); let mut cb = ContainerBuilder::new(&container_name).context(IllegalContainerNameSnafu)?; cb.add_volume_mounts(config.volume_mounts.clone()) @@ -512,7 +515,9 @@ fn pod_template( )); } - pb.build().context(PodTemplateConfigMapSnafu) + let mut pod_template = pb.build_template(); + pod_template.merge_from(config.pod_overrides.clone()); + Ok(pod_template) } fn pod_template_config_map( @@ -733,7 +738,7 @@ fn spark_job( )); } - let pod = PodTemplateSpec { + let mut pod = PodTemplateSpec { metadata: Some( ObjectMetaBuilder::new() .name("spark-submit") @@ -753,6 +758,8 @@ fn spark_job( }), }; + pod.merge_from(job_config.pod_overrides); + let job = Job { metadata: ObjectMetaBuilder::new() .name_and_namespace(spark_application) diff --git a/tests/templates/kuttl/resources/00-assert.yaml b/tests/templates/kuttl/pod_overrides/00-assert.yaml similarity index 100% rename from tests/templates/kuttl/resources/00-assert.yaml rename to tests/templates/kuttl/pod_overrides/00-assert.yaml diff --git a/tests/templates/kuttl/pod_overrides/00-secrets.yaml.j2 b/tests/templates/kuttl/pod_overrides/00-secrets.yaml.j2 new file mode 100644 index 00000000..aa436deb --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/00-secrets.yaml.j2 @@ -0,0 +1,75 @@ +--- +apiVersion: secrets.stackable.tech/v1alpha1 +kind: SecretClass +metadata: + name: s3-credentials-class +spec: + backend: + k8sSearch: + searchNamespace: + pod: {} +--- +apiVersion: v1 +kind: Secret +metadata: + name: s3-credentials + labels: + secrets.stackable.tech/class: s3-credentials-class +stringData: + accessKey: spark + secretKey: sparkspark +--- +apiVersion: secrets.stackable.tech/v1alpha1 +kind: SecretClass +metadata: + name: history-credentials-class +spec: + backend: + k8sSearch: + searchNamespace: + pod: {} +--- +apiVersion: v1 +kind: Secret +metadata: + name: history-credentials + labels: + secrets.stackable.tech/class: history-credentials-class +stringData: + accessKey: spark + secretKey: sparkspark +--- +apiVersion: v1 +kind: Secret +metadata: + name: centralized-minio-users +type: Opaque +stringData: + username1: | + username=spark + password=sparkspark + disabled=false + policies=readwrite,consoleAdmin,diagnostics + setPolicies=false +--- +apiVersion: secrets.stackable.tech/v1alpha1 +kind: SecretClass +metadata: + name: minio-tls-eventlog +spec: + backend: + k8sSearch: + searchNamespace: + pod: {} +--- +apiVersion: v1 +kind: Secret +metadata: + name: minio-tls-eventlog + labels: + secrets.stackable.tech/class: minio-tls-eventlog +# Have a look at the folder certs on how to create this: ensure the common name matches the minio instance! +data: + ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQyVENDQXNHZ0F3SUJBZ0lVZEhBWE16UHJaTGx1TURPNlhrT1ozQUdJaGlzd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2V6RUxNQWtHQTFVRUJoTUNSRVV4R3pBWkJnTlZCQWdNRWxOamFHeGxjM2RwWnkxSWIyeHpkR1ZwYmpFTwpNQXdHQTFVRUJ3d0ZWMlZrWld3eEtEQW1CZ05WQkFvTUgxTjBZV05yWVdKc1pTQlRhV2R1YVc1bklFRjFkR2h2CmNtbDBlU0JKYm1NeEZUQVRCZ05WQkFNTURITjBZV05yWVdKc1pTNWtaVEFnRncweU16QTJNVGt4TlRJek16UmEKR0E4eU1USXpNRFV5TmpFMU1qTXpORm93ZXpFTE1Ba0dBMVVFQmhNQ1JFVXhHekFaQmdOVkJBZ01FbE5qYUd4bApjM2RwWnkxSWIyeHpkR1ZwYmpFT01Bd0dBMVVFQnd3RlYyVmtaV3d4S0RBbUJnTlZCQW9NSDFOMFlXTnJZV0pzClpTQlRhV2R1YVc1bklFRjFkR2h2Y21sMGVTQkpibU14RlRBVEJnTlZCQU1NREhOMFlXTnJZV0pzWlM1a1pUQ0MKQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFOR0Jqang2K1lCSm1jOUJaeE5QdnlnRwo2b3VGWFNlajBFWVFISlRyQStZWW5VeGV4eEwyYUU2R2hHTEJWTEYzYkFpUXErbUV0WDlZZGdaRFhBTy9aS1N6Cjl5dXBXY2dkR1B0Uk9qQ0RYdE1SY1pWNFhBRVNsODBRZkVhL041U2ZjTHJBM0JNNWp3YzlrcGR5TXgzOWJkbEEKRExvMlN2d0czTmdOeUpWZkRaS2N5MExFZThnaHFOVFcwSHhKN3FMdHFhb0cycVl2SUVUaDUyd3RzOTUyYlZWMgo3aW9kOUhZWUx2dzFVdzQ1bXM4bXViYldVTHNRMXNORmxRTDAvOU1SakdMREM2RHc5NW9wMzA4MkxXU0NHZ0JMCis4eCtCVTVoUFRGeDN6VFZDVFI1WCtvS0Y4SjlOREZmcjVLK1lUZE5QMG5PRUdOcXcrdDBQcWYyR3N4MWFnOEMKQXdFQUFhTlRNRkV3SFFZRFZSME9CQllFRkFNMFNKaTB3WWpIcWwzVDYwVk0xb251VWhCTk1COEdBMVVkSXdRWQpNQmFBRkFNMFNKaTB3WWpIcWwzVDYwVk0xb251VWhCTk1BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0RRWUpLb1pJCmh2Y05BUUVMQlFBRGdnRUJBRXVsdzVqeUlpQmFNNHVzSlFaYUNoV1BPZlFqbzBoRGNFL2REWnZNSjVhMEF4WEkKWHFOd284c3B1WlAzSkY4cks3SlpmYmdKcjJzV2FYUFZCR3hENk56WTBpTWhCMTFQNVZOZ3JpczFFeDJCTmZCdQpGSitvUHdjNnBGWjVsbTl3SVpKRk9USXk1djRyOG1tVCtscnFSYzZERG1LWlpCWVB0NVE1a1pXQm54TmlLTGVHCnVaYXhONFVCRnBLdlpqOHdRMi81amxGWXh6R3Z3NjRPVTIvN3N0NGJuU2NWbEhYa0cvWHJsYVg4NmJoREFUcDYKeEtsQWxhMkJEeVhJRWs1R2Rma2lmTG1VRTZZSGozUUJBd0prMkFYQTNMaElGY2NxRkNwclFLblpJcHNuSjRzMwprNXZSWDVibWkyUGhLc2Y3bmR5M0tMaHVUYlBQcnE2UGtuZkpzd3c9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQyakNDQXNLZ0F3SUJBZ0lVRlI3RHEvdlhUSUpXcEE2MEppL0paUTFKRzlVd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2V6RUxNQWtHQTFVRUJoTUNSRVV4R3pBWkJnTlZCQWdNRWxOamFHeGxjM2RwWnkxSWIyeHpkR1ZwYmpFTwpNQXdHQTFVRUJ3d0ZWMlZrWld3eEtEQW1CZ05WQkFvTUgxTjBZV05yWVdKc1pTQlRhV2R1YVc1bklFRjFkR2h2CmNtbDBlU0JKYm1NeEZUQVRCZ05WQkFNTURITjBZV05yWVdKc1pTNWtaVEFnRncweU16QTJNVGt4TlRJek16UmEKR0E4eU1USXpNRFV5TmpFMU1qTXpORm93WnpFTE1Ba0dBMVVFQmhNQ1JFVXhHekFaQmdOVkJBZ01FbE5qYUd4bApjM2RwWnkxSWIyeHpkR1ZwYmpFT01Bd0dBMVVFQnd3RlYyVmtaV3d4RWpBUUJnTlZCQW9NQ1ZOMFlXTnJZV0pzClpURVhNQlVHQTFVRUF3d09aWFpsYm5Sc2IyY3RiV2x1YVc4d2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUIKRHdBd2dnRUtBb0lCQVFESFN6NEJ5UzRORjM0emhleXBDMllsTCt5VEtEbC9WQVBEaHF1dE5TZTh2MkdzdXJZdgpDVDdjZmw2MzFETHc5eHc4NlVDRzVKMVc3a25uZGNlMExEcGhwWmNiUVUzcVNMcisxRG1HdHc5MWdKclFoREg5CjhiZXgxbkN1NExVSllWdldCVGg2TUNhdFVkYmdvb09DNGExdHJmeDJ5VHhDZEZ5cVlHUm1SeU9oNVFxZEF1VlIKWjV0bG9FU1BJRFVJVnhVQk1iZ1BlbUt6L0hhK2xkcDhkVzZTS1ZqWml1TnZxaTI5UkU0bUNyLzR4TXlMZWwwVgp1TllNcHFPcVprWEczbVpqVWhsRWpSSThJMSs1OU13WVBYZVowS1hKK2J6cmw4SWZVNU15NkZHRkkvalovVXBxCnIxcitOYU9zWmY4MXMvK0dyUi95UkJ2bkNaWlBOS0tpVWFpUkFnTUJBQUdqYURCbU1DUUdBMVVkRVFRZE1CdUMKRG1WMlpXNTBiRzluTFcxcGJtbHZnZ2xzYjJOaGJHaHZjM1F3SFFZRFZSME9CQllFRk55aTMrb0ZRNHpKaWdCdQo2VjJEejVWNnB6Z09NQjhHQTFVZEl3UVlNQmFBRkFNMFNKaTB3WWpIcWwzVDYwVk0xb251VWhCTk1BMEdDU3FHClNJYjNEUUVCQ3dVQUE0SUJBUURIeEhJNzZoZUt1cndBRUZQelVoNjdiT2ViM0UxeGtyb0RnR29ZZzIyOWJCVXgKS0JPZWJvUUhuK0JjTEtCeUFXcEphWnBIajAzTldOS0IxcTM4YUx6UXpqbkhlMDZCWU9IQ1kwRFJsREZ1YlhnMgpUQXQyb25vN1ZWNStVTnNGSU5ONnFuWFlDSnV3L2N2WnJVZ3p2MXI5dDJyWnhHVllaVWppeEJRMjRrK0hsdnlGClN6WnBjU3Y1ZlRPMGd6ZUJTaEZkR09FME1HU0x5RGZoT1ZoZGRhanRyN0E1NEVITFFkME5BcXNKQjB3blo4eEgKZWZ4VGhZTktxZEJkaitZd0xGMFk0TWtDaGYva2t4dEhLT012Q2lBS0F3YkEwZ25hT0RDeEd2VEZiSFFFOW5zMgpCQUZqblZKNGh3aTQzeDkxOTFjQnVqOGdZQkdpaUh1NCtGRlNXMXNSCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRREhTejRCeVM0TkYzNHoKaGV5cEMyWWxMK3lUS0RsL1ZBUERocXV0TlNlOHYyR3N1cll2Q1Q3Y2ZsNjMxREx3OXh3ODZVQ0c1SjFXN2tubgpkY2UwTERwaHBaY2JRVTNxU0xyKzFEbUd0dzkxZ0pyUWhESDk4YmV4MW5DdTRMVUpZVnZXQlRoNk1DYXRVZGJnCm9vT0M0YTF0cmZ4MnlUeENkRnlxWUdSbVJ5T2g1UXFkQXVWUlo1dGxvRVNQSURVSVZ4VUJNYmdQZW1Lei9IYSsKbGRwOGRXNlNLVmpaaXVOdnFpMjlSRTRtQ3IvNHhNeUxlbDBWdU5ZTXBxT3Faa1hHM21aalVobEVqUkk4STErNQo5TXdZUFhlWjBLWEorYnpybDhJZlU1TXk2RkdGSS9qWi9VcHFyMXIrTmFPc1pmODFzLytHclIveVJCdm5DWlpQCk5LS2lVYWlSQWdNQkFBRUNnZ0VBQVNTUUFHYit2dXZaSVJyaDc1bjVjZW9GZ0haSEJxRTA1SkdVa1ZHa1JzRisKOGhSdnhDTW9uMjl3MC90cE41OG1JLzRITFFMWmVXQzBUeW5LYlhEQnZMSzhOQ2QrcHJMWU1pc0Z3YTFSN3crLwp5NFZ2aXpRUU5HcU5NcjZHZ1QxVC8wMGdQTmlpOXlSWWora1VxWnJwVVg5QmV1Mm1YUi94VWxlTFNkZ2JkdU9nCmpidGJEcTZTNE9GTTVsUEdId09CZXRHVVhVbHd1NENrTTZCQngrYnZPK2UrOXIwZ3BhdFp3QUl4U2djcFR0TkcKVnJqdjdaVmtGK0JwMElZaEUwRCtIc25uemw5cUlZN2hTWEZpQWd2WlJ3bXBndnByMGh2UVl4ZHRqZkpkc0tRYQpRcWo5MnBNYmZJMlZNNjJHbFhFbEcxQXpxZmJDTGsrZHJtc2tXdnpyUVFLQmdRRDhkTm1HQndLL2dpMk9vM1AyCmNQTlZIaDh6M3A3Z2VwM3lmbEZFZ0RkUGhBWk5TUHRkN0NNeU9PUmh0ZDRYdGJWampGRlR2VzB6aVR5ancvL0QKOUgvdWNES1AycjNmcjZJbHNmQ2hBWVd3SlI4eVlGU1V0VUp6TjV3Zmdnb2phUHdUWDZzVE5oMkFNOGtlU3RiegpjSFNRQVd3SjVUUEVoODRKTTNJazlhcXBVUUtCZ1FES0YxMG9tWE5WOEM4S0lZbjI5S0JXWVNNcWZnelcyNyt6CjRVVWVIWGxyZ0JSblVxNHE3UklneDg4alZqSDJrTDZwbFlQMVJ6ZjVBemZOUjNkQnFCYkdHRkRRNEdZcDdNSUwKbmpzZmJkWnN6cHZmNGNBemVXR2RlZ3NOeEpkcDFrNEdhL2ppa0psNTg4MDBSUUd3NVdmdTdvQTlVY29KbFhERwpReTBmbjhjN1FRS0JnUUROQkgvYVRqczNGeHEwS1oxMDEwbGxLRzhpaW5udnh1UWFGK2NiZ0J4cTRNYlZZSjF5Ckt1QnlXcTF0aEdwMlNzU2hzVVFpZzBUNWcwdlJtc3hNY0hTc1NFVm5lYmFVdjJjb3daYXV5ak90VnBnOUt1bkYKVW1aQ2R6aThoYmlDQlRJZzhhSldtYTNmZlM2cEFSSUs1SnBra0NNUzdpWGFSb2RXQllkKzZGck40UUtCZ0NKdQpoS0xNTWtoc0diZWlLejEyUkhNekxhaXB2VXBHT28xTlRsZHBNaXpNcjYxQyt3VzVTcU5uSjdXZmsvZXNoYStqCkY4Nk1pYzdWYTRhQUxLTjFIaHcyUEY2NlBPM2J0dHYvNDViaFFlMWI3bGJnd2J5RGE4eEc1T2M5bllhY3lzSngKVndCVEhyTVdoTm5vLy9iQnYwbUlQVFUxWURUdHp6OFladkhDYVZHQkFvR0FPcGVpaXV1MG1xRXBQR1dXZ0Z5RQplb2FrQ1E5a21MLzM3aTlBaGh4dXI3Q1pvS01kU1B2SHJ2S1Q1UVB4d1UvQ1YweUpBNlpTOWszVzN5bUJlcHNRCjlkMlh1azVDYlp0cVBIWDdoYmxwUExiK1BzTlg0L2JReEJLdTBRR3EzMkJsQU9yMnlFNHBpWFE3YzZRMHQ2MnEKOFlZd1ZaWG1obWdDSTgxMXlkWG9oM1k9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K \ No newline at end of file diff --git a/tests/templates/kuttl/resources/00-serviceaccount.yaml.j2 b/tests/templates/kuttl/pod_overrides/00-serviceaccount.yaml.j2 similarity index 100% rename from tests/templates/kuttl/resources/00-serviceaccount.yaml.j2 rename to tests/templates/kuttl/pod_overrides/00-serviceaccount.yaml.j2 diff --git a/tests/templates/kuttl/pod_overrides/03-assert.yaml b/tests/templates/kuttl/pod_overrides/03-assert.yaml new file mode 100644 index 00000000..5681860e --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/03-assert.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestAssert +timeout: 900 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: test-minio +status: + readyReplicas: 1 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: eventlog-minio +status: + readyReplicas: 1 diff --git a/tests/templates/kuttl/pod_overrides/03-setup-minio.yaml b/tests/templates/kuttl/pod_overrides/03-setup-minio.yaml new file mode 100644 index 00000000..fdf30d69 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/03-setup-minio.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - script: >- + helm install eventlog-minio + --namespace $NAMESPACE + --version 12.6.4 + -f helm-bitnami-eventlog-minio-values.yaml + --repo https://charts.bitnami.com/bitnami minio + timeout: 240 + - script: >- + helm install test-minio + --namespace $NAMESPACE + --version 12.6.4 + -f helm-bitnami-minio-values.yaml + --repo https://charts.bitnami.com/bitnami minio + timeout: 240 diff --git a/tests/templates/kuttl/pod_overrides/04-prepare-bucket.yaml.j2 b/tests/templates/kuttl/pod_overrides/04-prepare-bucket.yaml.j2 new file mode 100644 index 00000000..14374091 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/04-prepare-bucket.yaml.j2 @@ -0,0 +1,10 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + # give minio enough time to start + - command: sleep 5 + - script: | + POD=$(kubectl -n $NAMESPACE get pod -l app.kubernetes.io/instance=test-minio -o name | head -n 1 | sed -e 's#pod/##') + kubectl cp -n $NAMESPACE spark-examples_{{ test_scenario['values']['spark'].split('-stackable')[0] }}.jar $POD:/tmp + kubectl -n $NAMESPACE exec $POD -- mc cp /tmp/spark-examples_{{ test_scenario['values']['spark'].split('-stackable')[0] }}.jar local/my-bucket diff --git a/tests/templates/kuttl/pod_overrides/05-s3-connection.yaml.j2 b/tests/templates/kuttl/pod_overrides/05-s3-connection.yaml.j2 new file mode 100644 index 00000000..f95d155b --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/05-s3-connection.yaml.j2 @@ -0,0 +1,36 @@ +--- +apiVersion: s3.stackable.tech/v1alpha1 +kind: S3Connection +metadata: + name: spark-data-s3-connection +spec: + host: test-minio + port: 9000 + accessStyle: Path + credentials: + secretClass: s3-credentials-class +--- +apiVersion: s3.stackable.tech/v1alpha1 +kind: S3Connection +metadata: + name: spark-history-s3-connection +spec: + host: eventlog-minio + port: 9000 + accessStyle: Path + credentials: + secretClass: history-credentials-class + tls: + verification: + server: + caCert: + secretClass: minio-tls-eventlog +--- +apiVersion: s3.stackable.tech/v1alpha1 +kind: S3Bucket +metadata: + name: spark-history-s3-bucket +spec: + bucketName: spark-logs + connection: + reference: spark-history-s3-connection diff --git a/tests/templates/kuttl/pod_overrides/06-assert.yaml b/tests/templates/kuttl/pod_overrides/06-assert.yaml new file mode 100644 index 00000000..54559bb3 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/06-assert.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestAssert +timeout: 300 +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: spark-history-node-default +spec: + template: + spec: + containers: + - name: spark-history + resources: + limits: + cpu: 1500m + memory: 1Gi + requests: + cpu: 500m + memory: 512Mi +status: + readyReplicas: 1 diff --git a/tests/templates/kuttl/pod_overrides/06-deploy-history-server.yaml.j2 b/tests/templates/kuttl/pod_overrides/06-deploy-history-server.yaml.j2 new file mode 100644 index 00000000..cc3d7170 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/06-deploy-history-server.yaml.j2 @@ -0,0 +1,53 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: spark-history-log-config +data: + log4j2.properties: |- + appenders = CONSOLE + + appender.CONSOLE.type = Console + appender.CONSOLE.name = CONSOLE + appender.CONSOLE.target = SYSTEM_ERR + appender.CONSOLE.layout.type = PatternLayout + appender.CONSOLE.layout.pattern = %d{ISO8601} %p [%t] %c - %m%n + appender.CONSOLE.filter.threshold.type = ThresholdFilter + appender.CONSOLE.filter.threshold.level = DEBUG + + rootLogger.level=DEBUG + rootLogger.appenderRefs = CONSOLE + rootLogger.appenderRef.CONSOLE.ref = CONSOLE +--- +apiVersion: spark.stackable.tech/v1alpha1 +kind: SparkHistoryServer +metadata: + name: spark-history +spec: + image: + productVersion: "{{ test_scenario['values']['spark'].split('-stackable')[0] }}" + stackableVersion: "{{ test_scenario['values']['spark'].split('-stackable')[1] }}" + logFileDirectory: + s3: + prefix: eventlogs/ + bucket: + reference: spark-history-s3-bucket + # For possible properties see: https://spark.apache.org/docs/latest/monitoring.html#spark-history-server-configuration-options + #sparkConf: + nodes: + roleGroups: + default: + replicas: 1 + config: + cleaner: true + podOverrides: + spec: + containers: + - name: spark-history + resources: + requests: + cpu: 500m + memory: 512Mi + limits: + cpu: 1500m + memory: 1024Mi \ No newline at end of file diff --git a/tests/templates/kuttl/pod_overrides/10-assert.yaml b/tests/templates/kuttl/pod_overrides/10-assert.yaml new file mode 100644 index 00000000..d9397361 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/10-assert.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestAssert +timeout: 300 +--- +apiVersion: spark.stackable.tech/v1alpha1 +kind: SparkApplication +metadata: + name: spark-pi-s3-1 +status: + phase: Succeeded +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: spark-pi-s3-1 +spec: + template: + spec: + containers: + - name: spark-submit + resources: + limits: + cpu: 1500m + memory: 1Gi + requests: + cpu: 500m + memory: 512Mi diff --git a/tests/templates/kuttl/pod_overrides/10-deploy-spark-app.yaml.j2 b/tests/templates/kuttl/pod_overrides/10-deploy-spark-app.yaml.j2 new file mode 100644 index 00000000..48d9fdd8 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/10-deploy-spark-app.yaml.j2 @@ -0,0 +1,56 @@ +--- +apiVersion: spark.stackable.tech/v1alpha1 +kind: SparkApplication +metadata: + name: spark-pi-s3-1 +spec: + version: "1.0" + sparkImage: "docker.stackable.tech/stackable/spark-k8s:{{ test_scenario['values']['spark'].split('-stackable')[0] }}-stackable{{ test_scenario['values']['spark'].split('-stackable')[1] }}" + sparkImagePullPolicy: IfNotPresent + mode: cluster + mainClass: org.apache.spark.examples.SparkPi + mainApplicationFile: "s3a://my-bucket/spark-examples_{{ test_scenario['values']['spark'].split('-stackable')[0] }}.jar" + s3connection: + reference: spark-data-s3-connection + logFileDirectory: + s3: + prefix: eventlogs/ + bucket: + reference: spark-history-s3-bucket + job: + podOverrides: + spec: + containers: + - name: spark-submit + resources: + requests: + cpu: 500m + memory: 512Mi + limits: + cpu: 1500m + memory: 1024Mi + driver: + podOverrides: + spec: + containers: + - name: spark + resources: + requests: + cpu: 500m + memory: 512Mi + limits: + cpu: 1500m + memory: 1024Mi + executor: + instances: 1 + podOverrides: + spec: + containers: + - name: spark + resources: + requests: + cpu: 500m + memory: 512Mi + limits: + cpu: 1500m + memory: 1024Mi \ No newline at end of file diff --git a/tests/templates/kuttl/pod_overrides/20-assert.yaml b/tests/templates/kuttl/pod_overrides/20-assert.yaml new file mode 100644 index 00000000..661f45eb --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/20-assert.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestAssert +metadata: + name: history-api-check +timeout: 180 +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: history-api-check +status: + succeeded: 1 diff --git a/tests/templates/kuttl/pod_overrides/20-test-logs.yaml b/tests/templates/kuttl/pod_overrides/20-test-logs.yaml new file mode 100644 index 00000000..95c32ac9 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/20-test-logs.yaml @@ -0,0 +1,27 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: history-api-check +spec: + template: + spec: + restartPolicy: OnFailure + activeDeadlineSeconds: 100 + containers: + - name: history-api-check + image: docker.stackable.tech/stackable/testing-tools:0.2.0-stackable0.0.0-dev + command: + [ + "bash", + "-x", + "-c", + "test 1 == $(curl http://spark-history-node-default:18080/api/v1/applications | jq length)", + ] + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 200m + memory: 128Mi diff --git a/tests/templates/kuttl/pod_overrides/certs/ca.crt b/tests/templates/kuttl/pod_overrides/certs/ca.crt new file mode 100644 index 00000000..beb286d0 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/certs/ca.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2TCCAsGgAwIBAgIUdHAXMzPrZLluMDO6XkOZ3AGIhiswDQYJKoZIhvcNAQEL +BQAwezELMAkGA1UEBhMCREUxGzAZBgNVBAgMElNjaGxlc3dpZy1Ib2xzdGVpbjEO +MAwGA1UEBwwFV2VkZWwxKDAmBgNVBAoMH1N0YWNrYWJsZSBTaWduaW5nIEF1dGhv +cml0eSBJbmMxFTATBgNVBAMMDHN0YWNrYWJsZS5kZTAgFw0yMzA2MTkxNTIzMzRa +GA8yMTIzMDUyNjE1MjMzNFowezELMAkGA1UEBhMCREUxGzAZBgNVBAgMElNjaGxl +c3dpZy1Ib2xzdGVpbjEOMAwGA1UEBwwFV2VkZWwxKDAmBgNVBAoMH1N0YWNrYWJs +ZSBTaWduaW5nIEF1dGhvcml0eSBJbmMxFTATBgNVBAMMDHN0YWNrYWJsZS5kZTCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANGBjjx6+YBJmc9BZxNPvygG +6ouFXSej0EYQHJTrA+YYnUxexxL2aE6GhGLBVLF3bAiQq+mEtX9YdgZDXAO/ZKSz +9yupWcgdGPtROjCDXtMRcZV4XAESl80QfEa/N5SfcLrA3BM5jwc9kpdyMx39bdlA +DLo2SvwG3NgNyJVfDZKcy0LEe8ghqNTW0HxJ7qLtqaoG2qYvIETh52wts952bVV2 +7iod9HYYLvw1Uw45ms8mubbWULsQ1sNFlQL0/9MRjGLDC6Dw95op3082LWSCGgBL ++8x+BU5hPTFx3zTVCTR5X+oKF8J9NDFfr5K+YTdNP0nOEGNqw+t0Pqf2Gsx1ag8C +AwEAAaNTMFEwHQYDVR0OBBYEFAM0SJi0wYjHql3T60VM1onuUhBNMB8GA1UdIwQY +MBaAFAM0SJi0wYjHql3T60VM1onuUhBNMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAEulw5jyIiBaM4usJQZaChWPOfQjo0hDcE/dDZvMJ5a0AxXI +XqNwo8spuZP3JF8rK7JZfbgJr2sWaXPVBGxD6NzY0iMhB11P5VNgris1Ex2BNfBu +FJ+oPwc6pFZ5lm9wIZJFOTIy5v4r8mmT+lrqRc6DDmKZZBYPt5Q5kZWBnxNiKLeG +uZaxN4UBFpKvZj8wQ2/5jlFYxzGvw64OU2/7st4bnScVlHXkG/XrlaX86bhDATp6 +xKlAla2BDyXIEk5GdfkifLmUE6YHj3QBAwJk2AXA3LhIFccqFCprQKnZIpsnJ4s3 +k5vRX5bmi2PhKsf7ndy3KLhuTbPPrq6PknfJsww= +-----END CERTIFICATE----- diff --git a/tests/templates/kuttl/pod_overrides/certs/client.crt.pem b/tests/templates/kuttl/pod_overrides/certs/client.crt.pem new file mode 100644 index 00000000..19ba9f4f --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/certs/client.crt.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2jCCAsKgAwIBAgIUFR7Dq/vXTIJWpA60Ji/JZQ1JG9UwDQYJKoZIhvcNAQEL +BQAwezELMAkGA1UEBhMCREUxGzAZBgNVBAgMElNjaGxlc3dpZy1Ib2xzdGVpbjEO +MAwGA1UEBwwFV2VkZWwxKDAmBgNVBAoMH1N0YWNrYWJsZSBTaWduaW5nIEF1dGhv +cml0eSBJbmMxFTATBgNVBAMMDHN0YWNrYWJsZS5kZTAgFw0yMzA2MTkxNTIzMzRa +GA8yMTIzMDUyNjE1MjMzNFowZzELMAkGA1UEBhMCREUxGzAZBgNVBAgMElNjaGxl +c3dpZy1Ib2xzdGVpbjEOMAwGA1UEBwwFV2VkZWwxEjAQBgNVBAoMCVN0YWNrYWJs +ZTEXMBUGA1UEAwwOZXZlbnRsb2ctbWluaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDHSz4ByS4NF34zheypC2YlL+yTKDl/VAPDhqutNSe8v2GsurYv +CT7cfl631DLw9xw86UCG5J1W7knndce0LDphpZcbQU3qSLr+1DmGtw91gJrQhDH9 +8bex1nCu4LUJYVvWBTh6MCatUdbgooOC4a1trfx2yTxCdFyqYGRmRyOh5QqdAuVR +Z5tloESPIDUIVxUBMbgPemKz/Ha+ldp8dW6SKVjZiuNvqi29RE4mCr/4xMyLel0V +uNYMpqOqZkXG3mZjUhlEjRI8I1+59MwYPXeZ0KXJ+bzrl8IfU5My6FGFI/jZ/Upq +r1r+NaOsZf81s/+GrR/yRBvnCZZPNKKiUaiRAgMBAAGjaDBmMCQGA1UdEQQdMBuC +DmV2ZW50bG9nLW1pbmlvgglsb2NhbGhvc3QwHQYDVR0OBBYEFNyi3+oFQ4zJigBu +6V2Dz5V6pzgOMB8GA1UdIwQYMBaAFAM0SJi0wYjHql3T60VM1onuUhBNMA0GCSqG +SIb3DQEBCwUAA4IBAQDHxHI76heKurwAEFPzUh67bOeb3E1xkroDgGoYg229bBUx +KBOeboQHn+BcLKByAWpJaZpHj03NWNKB1q38aLzQzjnHe06BYOHCY0DRlDFubXg2 +TAt2ono7VV5+UNsFINN6qnXYCJuw/cvZrUgzv1r9t2rZxGVYZUjixBQ24k+HlvyF +SzZpcSv5fTO0gzeBShFdGOE0MGSLyDfhOVhddajtr7A54EHLQd0NAqsJB0wnZ8xH +efxThYNKqdBdj+YwLF0Y4MkChf/kkxtHKOMvCiAKAwbA0gnaODCxGvTFbHQE9ns2 +BAFjnVJ4hwi43x9191cBuj8gYBGiiHu4+FFSW1sR +-----END CERTIFICATE----- diff --git a/tests/templates/kuttl/pod_overrides/certs/client.csr.pem b/tests/templates/kuttl/pod_overrides/certs/client.csr.pem new file mode 100644 index 00000000..b0480aff --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/certs/client.csr.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC4zCCAcsCAQAwZzELMAkGA1UEBhMCREUxGzAZBgNVBAgMElNjaGxlc3dpZy1I +b2xzdGVpbjEOMAwGA1UEBwwFV2VkZWwxEjAQBgNVBAoMCVN0YWNrYWJsZTEXMBUG +A1UEAwwOZXZlbnRsb2ctbWluaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQDHSz4ByS4NF34zheypC2YlL+yTKDl/VAPDhqutNSe8v2GsurYvCT7cfl63 +1DLw9xw86UCG5J1W7knndce0LDphpZcbQU3qSLr+1DmGtw91gJrQhDH98bex1nCu +4LUJYVvWBTh6MCatUdbgooOC4a1trfx2yTxCdFyqYGRmRyOh5QqdAuVRZ5tloESP +IDUIVxUBMbgPemKz/Ha+ldp8dW6SKVjZiuNvqi29RE4mCr/4xMyLel0VuNYMpqOq +ZkXG3mZjUhlEjRI8I1+59MwYPXeZ0KXJ+bzrl8IfU5My6FGFI/jZ/Upqr1r+NaOs +Zf81s/+GrR/yRBvnCZZPNKKiUaiRAgMBAAGgNzA1BgkqhkiG9w0BCQ4xKDAmMCQG +A1UdEQQdMBuCDmV2ZW50bG9nLW1pbmlvgglsb2NhbGhvc3QwDQYJKoZIhvcNAQEL +BQADggEBAGVoyPbKlZXfmRgaI/mEsaefwLbshyP/W6Q5+n3rEvahAw3d3EzjqfC1 +Xs+qoKdU4toB3SdJ8CfKzrE0irONLgE5MsPOzQd0EIQpBaL9yRX8226QGMyaki+0 +OPlkjHulE+71fCSDPXWZZTUjUroryWagoHESkXpT8PjuP+mWbGnzl9qN2QnVcWJB +eLKhLChpZrGhDrdpaUQMKXhfu60rfAsvj7H/kjE5ZUfBl/yFDrd+W9gG7OBBCvtG +2dIGiKOlScxtOw0l/M32FzqwlQovo5q/lsj7XYm2cJx1xEsiJMELEOU16IGx9/4v +b2DIhlmdiuU0+B6KnGvRZR4Dqx7kH5E= +-----END CERTIFICATE REQUEST----- diff --git a/tests/templates/kuttl/pod_overrides/certs/client.key.pem b/tests/templates/kuttl/pod_overrides/certs/client.key.pem new file mode 100644 index 00000000..79bbded3 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/certs/client.key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDHSz4ByS4NF34z +heypC2YlL+yTKDl/VAPDhqutNSe8v2GsurYvCT7cfl631DLw9xw86UCG5J1W7knn +dce0LDphpZcbQU3qSLr+1DmGtw91gJrQhDH98bex1nCu4LUJYVvWBTh6MCatUdbg +ooOC4a1trfx2yTxCdFyqYGRmRyOh5QqdAuVRZ5tloESPIDUIVxUBMbgPemKz/Ha+ +ldp8dW6SKVjZiuNvqi29RE4mCr/4xMyLel0VuNYMpqOqZkXG3mZjUhlEjRI8I1+5 +9MwYPXeZ0KXJ+bzrl8IfU5My6FGFI/jZ/Upqr1r+NaOsZf81s/+GrR/yRBvnCZZP +NKKiUaiRAgMBAAECggEAASSQAGb+vuvZIRrh75n5ceoFgHZHBqE05JGUkVGkRsF+ +8hRvxCMon29w0/tpN58mI/4HLQLZeWC0TynKbXDBvLK8NCd+prLYMisFwa1R7w+/ +y4VvizQQNGqNMr6GgT1T/00gPNii9yRYj+kUqZrpUX9Beu2mXR/xUleLSdgbduOg +jbtbDq6S4OFM5lPGHwOBetGUXUlwu4CkM6BBx+bvO+e+9r0gpatZwAIxSgcpTtNG +Vrjv7ZVkF+Bp0IYhE0D+Hsnnzl9qIY7hSXFiAgvZRwmpgvpr0hvQYxdtjfJdsKQa +Qqj92pMbfI2VM62GlXElG1AzqfbCLk+drmskWvzrQQKBgQD8dNmGBwK/gi2Oo3P2 +cPNVHh8z3p7gep3yflFEgDdPhAZNSPtd7CMyOORhtd4XtbVjjFFTvW0ziTyjw//D +9H/ucDKP2r3fr6IlsfChAYWwJR8yYFSUtUJzN5wfggojaPwTX6sTNh2AM8keStbz +cHSQAWwJ5TPEh84JM3Ik9aqpUQKBgQDKF10omXNV8C8KIYn29KBWYSMqfgzW27+z +4UUeHXlrgBRnUq4q7RIgx88jVjH2kL6plYP1Rzf5AzfNR3dBqBbGGFDQ4GYp7MIL +njsfbdZszpvf4cAzeWGdegsNxJdp1k4Ga/jikJl58800RQGw5Wfu7oA9UcoJlXDG +Qy0fn8c7QQKBgQDNBH/aTjs3Fxq0KZ1010llKG8iinnvxuQaF+cbgBxq4MbVYJ1y +KuByWq1thGp2SsShsUQig0T5g0vRmsxMcHSsSEVnebaUv2cowZauyjOtVpg9KunF +UmZCdzi8hbiCBTIg8aJWma3ffS6pARIK5JpkkCMS7iXaRodWBYd+6FrN4QKBgCJu +hKLMMkhsGbeiKz12RHMzLaipvUpGOo1NTldpMizMr61C+wW5SqNnJ7Wfk/esha+j +F86Mic7Va4aALKN1Hhw2PF66PO3bttv/45bhQe1b7lbgwbyDa8xG5Oc9nYacysJx +VwBTHrMWhNno//bBv0mIPTU1YDTtzz8YZvHCaVGBAoGAOpeiiuu0mqEpPGWWgFyE +eoakCQ9kmL/37i9Ahhxur7CZoKMdSPvHrvKT5QPxwU/CV0yJA6ZS9k3W3ymBepsQ +9d2Xuk5CbZtqPHX7hblpPLb+PsNX4/bQxBKu0QGq32BlAOr2yE4piXQ7c6Q0t62q +8YYwVZXmhmgCI811ydXoh3Y= +-----END PRIVATE KEY----- diff --git a/tests/templates/kuttl/pod_overrides/certs/generate.sh b/tests/templates/kuttl/pod_overrides/certs/generate.sh new file mode 100755 index 00000000..4c3d0757 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/certs/generate.sh @@ -0,0 +1,48 @@ +#!/bin/bash + +echo "Creating client cert" +FQDN="eventlog-minio" + +echo "Creating Root Certificate Authority" +openssl genrsa \ + -out root-ca.key.pem \ + 2048 + +echo "Self-signing the Root Certificate Authority" +openssl req \ + -x509 \ + -new \ + -nodes \ + -key root-ca.key.pem \ + -days 36500 \ + -out root-ca.crt.pem \ + -subj "/C=DE/ST=Schleswig-Holstein/L=Wedel/O=Stackable Signing Authority Inc/CN=stackable.de" + +openssl genrsa \ + -out client.key.pem \ + 2048 + +echo "Creating the CSR" +openssl req -new \ + -key client.key.pem \ + -out client.csr.pem \ + -subj "/C=DE/ST=Schleswig-Holstein/L=Wedel/O=Stackable/CN=${FQDN}" \ + -addext "subjectAltName = DNS:${FQDN}, DNS:localhost" + +echo "Signing the client cert with the root ca" +openssl x509 \ + -req -in client.csr.pem \ + -CA root-ca.crt.pem \ + -CAkey root-ca.key.pem \ + -CAcreateserial \ + -out client.crt.pem \ + -days 36500 \ + -copy_extensions copy + +echo "Copying the files to match the api of the secret-operator" +cp root-ca.crt.pem ca.crt +cp client.key.pem tls.key +cp client.crt.pem tls.crt + +echo "To create a k8s secret run" +echo "kubectl create secret generic foo --from-file=ca.crt --from-file=tls.crt --from-file=tls.key" diff --git a/tests/templates/kuttl/pod_overrides/certs/root-ca.crt.pem b/tests/templates/kuttl/pod_overrides/certs/root-ca.crt.pem new file mode 100644 index 00000000..beb286d0 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/certs/root-ca.crt.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2TCCAsGgAwIBAgIUdHAXMzPrZLluMDO6XkOZ3AGIhiswDQYJKoZIhvcNAQEL +BQAwezELMAkGA1UEBhMCREUxGzAZBgNVBAgMElNjaGxlc3dpZy1Ib2xzdGVpbjEO +MAwGA1UEBwwFV2VkZWwxKDAmBgNVBAoMH1N0YWNrYWJsZSBTaWduaW5nIEF1dGhv +cml0eSBJbmMxFTATBgNVBAMMDHN0YWNrYWJsZS5kZTAgFw0yMzA2MTkxNTIzMzRa +GA8yMTIzMDUyNjE1MjMzNFowezELMAkGA1UEBhMCREUxGzAZBgNVBAgMElNjaGxl +c3dpZy1Ib2xzdGVpbjEOMAwGA1UEBwwFV2VkZWwxKDAmBgNVBAoMH1N0YWNrYWJs +ZSBTaWduaW5nIEF1dGhvcml0eSBJbmMxFTATBgNVBAMMDHN0YWNrYWJsZS5kZTCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANGBjjx6+YBJmc9BZxNPvygG +6ouFXSej0EYQHJTrA+YYnUxexxL2aE6GhGLBVLF3bAiQq+mEtX9YdgZDXAO/ZKSz +9yupWcgdGPtROjCDXtMRcZV4XAESl80QfEa/N5SfcLrA3BM5jwc9kpdyMx39bdlA +DLo2SvwG3NgNyJVfDZKcy0LEe8ghqNTW0HxJ7qLtqaoG2qYvIETh52wts952bVV2 +7iod9HYYLvw1Uw45ms8mubbWULsQ1sNFlQL0/9MRjGLDC6Dw95op3082LWSCGgBL ++8x+BU5hPTFx3zTVCTR5X+oKF8J9NDFfr5K+YTdNP0nOEGNqw+t0Pqf2Gsx1ag8C +AwEAAaNTMFEwHQYDVR0OBBYEFAM0SJi0wYjHql3T60VM1onuUhBNMB8GA1UdIwQY +MBaAFAM0SJi0wYjHql3T60VM1onuUhBNMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAEulw5jyIiBaM4usJQZaChWPOfQjo0hDcE/dDZvMJ5a0AxXI +XqNwo8spuZP3JF8rK7JZfbgJr2sWaXPVBGxD6NzY0iMhB11P5VNgris1Ex2BNfBu +FJ+oPwc6pFZ5lm9wIZJFOTIy5v4r8mmT+lrqRc6DDmKZZBYPt5Q5kZWBnxNiKLeG +uZaxN4UBFpKvZj8wQ2/5jlFYxzGvw64OU2/7st4bnScVlHXkG/XrlaX86bhDATp6 +xKlAla2BDyXIEk5GdfkifLmUE6YHj3QBAwJk2AXA3LhIFccqFCprQKnZIpsnJ4s3 +k5vRX5bmi2PhKsf7ndy3KLhuTbPPrq6PknfJsww= +-----END CERTIFICATE----- diff --git a/tests/templates/kuttl/pod_overrides/certs/root-ca.crt.srl b/tests/templates/kuttl/pod_overrides/certs/root-ca.crt.srl new file mode 100644 index 00000000..be4d1f7c --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/certs/root-ca.crt.srl @@ -0,0 +1 @@ +576A0FFE70A083083D71BD244D0AAF58D16797F9 diff --git a/tests/templates/kuttl/pod_overrides/certs/root-ca.key.pem b/tests/templates/kuttl/pod_overrides/certs/root-ca.key.pem new file mode 100644 index 00000000..74720570 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/certs/root-ca.key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDRgY48evmASZnP +QWcTT78oBuqLhV0no9BGEByU6wPmGJ1MXscS9mhOhoRiwVSxd2wIkKvphLV/WHYG +Q1wDv2Sks/crqVnIHRj7UTowg17TEXGVeFwBEpfNEHxGvzeUn3C6wNwTOY8HPZKX +cjMd/W3ZQAy6Nkr8BtzYDciVXw2SnMtCxHvIIajU1tB8Se6i7amqBtqmLyBE4eds +LbPedm1Vdu4qHfR2GC78NVMOOZrPJrm21lC7ENbDRZUC9P/TEYxiwwug8PeaKd9P +Ni1kghoAS/vMfgVOYT0xcd801Qk0eV/qChfCfTQxX6+SvmE3TT9JzhBjasPrdD6n +9hrMdWoPAgMBAAECggEACFgVbvw43AP9FRTrmDMjZQ04IdwVvzfrhMwseek4S7Ls +ROKQzC+113bNEVUrhzE/Q2y7pBPN2hIPCqXRJYcQaOzlVGmsx+cSG8764dFsS+dp +yNm1KbJwtaaemdS7encKhC2dNkN4b6yN85aFSar9HoYfW6VA7EkRBPvbjXNuih8T +wnDgtTwQSuMyL8v5VMRlyH/aFIJnEZ/IH1LXASh9GUFM+XyqZ1yyXMzMxix2a6Mc +4hyIiEBB29HeXhzTw5TWofHT2Ci0hGKlUN2VwNTrGyW7sHQQqLAj8igmup4rdEW7 +OgIEKccSDw2lzHHaDQoMpvSPXcFxMnUoQYg7Z9uXdQKBgQDiyIroc4a4knBT7yCj +av/zAMJZrMPYPc4y0LSnUjIsOnxgCz7tW8ZOKebe0FsEodwBxeAXTeaR8jcipODb +vamP9n1Sj0jNnbeaaQomcReQoIaY3idxryIv0QMY5DNK8LM9U0+aIeg/17pGMfsF +7vE7y8jCMr1zCOexe9a/wSY/uwKBgQDsfzJzQ6j+Yy0FmY1rP/9hBDjCY7zCmzB/ ++mZVPYK4n0u9wh/qxZpvFYG1e4VgHBvNcof0RRaTuqwfGeEFjsBZhTAmbWM/Ng0d +VwEOrKsxRvkbHp3eTMx3tpGBZ7TYU5Q61vId7F+M+upLFEOLg9mqXx8mcAWCU3vb +c+aCWSrHvQKBgGLKY6CROt3KhP47TCeEJA0yhndUCFh5zApc2mWNK+gSbj3UiEwT +z5YbMMRdVVj2PYXUMiNUvx1Su2vvETkILQZWpQ9C9b8EdofgPBi06UQKebe8BsjC +Nw1Haqb8Oc/qfNo5IZMONEMjcbTEbwqNpS6cPk9ClT64YV3yiYEs3cGjAoGBAMC0 +3M0jgt7WvWbkumF8IoJRSFbNopAImLqPtTccChqaYsNbHVrWbYK6yZix7/pirRz5 +iGK4sS7rWzl0gvFeYsoPRy7oz4hAaOtRa+EjPdPHe1Bn4Ee12J5ru6DwemITqKNR +ZrSPWUStaKCJAIj8hS7Yl69gdHy/vhsSE/B+6+cZAoGARDw7dSjY2dZy55ARXSLN +fXqasrLpzWHccyL6myVuBJKpD5IMdDxIqqj6KXVAeoxqWKi2N2/o08pjs2Yv30oN +3vWV7TigagpUXbOqVWAXS4VkG1KIe0hgE+S8zgVtIh+hC0K2I6nwKzoINB4EB/Ui +0DTlakDUUe/O8jabMdrJhAI= +-----END PRIVATE KEY----- diff --git a/tests/templates/kuttl/pod_overrides/certs/tls.crt b/tests/templates/kuttl/pod_overrides/certs/tls.crt new file mode 100644 index 00000000..19ba9f4f --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/certs/tls.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2jCCAsKgAwIBAgIUFR7Dq/vXTIJWpA60Ji/JZQ1JG9UwDQYJKoZIhvcNAQEL +BQAwezELMAkGA1UEBhMCREUxGzAZBgNVBAgMElNjaGxlc3dpZy1Ib2xzdGVpbjEO +MAwGA1UEBwwFV2VkZWwxKDAmBgNVBAoMH1N0YWNrYWJsZSBTaWduaW5nIEF1dGhv +cml0eSBJbmMxFTATBgNVBAMMDHN0YWNrYWJsZS5kZTAgFw0yMzA2MTkxNTIzMzRa +GA8yMTIzMDUyNjE1MjMzNFowZzELMAkGA1UEBhMCREUxGzAZBgNVBAgMElNjaGxl +c3dpZy1Ib2xzdGVpbjEOMAwGA1UEBwwFV2VkZWwxEjAQBgNVBAoMCVN0YWNrYWJs +ZTEXMBUGA1UEAwwOZXZlbnRsb2ctbWluaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDHSz4ByS4NF34zheypC2YlL+yTKDl/VAPDhqutNSe8v2GsurYv +CT7cfl631DLw9xw86UCG5J1W7knndce0LDphpZcbQU3qSLr+1DmGtw91gJrQhDH9 +8bex1nCu4LUJYVvWBTh6MCatUdbgooOC4a1trfx2yTxCdFyqYGRmRyOh5QqdAuVR +Z5tloESPIDUIVxUBMbgPemKz/Ha+ldp8dW6SKVjZiuNvqi29RE4mCr/4xMyLel0V +uNYMpqOqZkXG3mZjUhlEjRI8I1+59MwYPXeZ0KXJ+bzrl8IfU5My6FGFI/jZ/Upq +r1r+NaOsZf81s/+GrR/yRBvnCZZPNKKiUaiRAgMBAAGjaDBmMCQGA1UdEQQdMBuC +DmV2ZW50bG9nLW1pbmlvgglsb2NhbGhvc3QwHQYDVR0OBBYEFNyi3+oFQ4zJigBu +6V2Dz5V6pzgOMB8GA1UdIwQYMBaAFAM0SJi0wYjHql3T60VM1onuUhBNMA0GCSqG +SIb3DQEBCwUAA4IBAQDHxHI76heKurwAEFPzUh67bOeb3E1xkroDgGoYg229bBUx +KBOeboQHn+BcLKByAWpJaZpHj03NWNKB1q38aLzQzjnHe06BYOHCY0DRlDFubXg2 +TAt2ono7VV5+UNsFINN6qnXYCJuw/cvZrUgzv1r9t2rZxGVYZUjixBQ24k+HlvyF +SzZpcSv5fTO0gzeBShFdGOE0MGSLyDfhOVhddajtr7A54EHLQd0NAqsJB0wnZ8xH +efxThYNKqdBdj+YwLF0Y4MkChf/kkxtHKOMvCiAKAwbA0gnaODCxGvTFbHQE9ns2 +BAFjnVJ4hwi43x9191cBuj8gYBGiiHu4+FFSW1sR +-----END CERTIFICATE----- diff --git a/tests/templates/kuttl/pod_overrides/certs/tls.key b/tests/templates/kuttl/pod_overrides/certs/tls.key new file mode 100644 index 00000000..79bbded3 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/certs/tls.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDHSz4ByS4NF34z +heypC2YlL+yTKDl/VAPDhqutNSe8v2GsurYvCT7cfl631DLw9xw86UCG5J1W7knn +dce0LDphpZcbQU3qSLr+1DmGtw91gJrQhDH98bex1nCu4LUJYVvWBTh6MCatUdbg +ooOC4a1trfx2yTxCdFyqYGRmRyOh5QqdAuVRZ5tloESPIDUIVxUBMbgPemKz/Ha+ +ldp8dW6SKVjZiuNvqi29RE4mCr/4xMyLel0VuNYMpqOqZkXG3mZjUhlEjRI8I1+5 +9MwYPXeZ0KXJ+bzrl8IfU5My6FGFI/jZ/Upqr1r+NaOsZf81s/+GrR/yRBvnCZZP +NKKiUaiRAgMBAAECggEAASSQAGb+vuvZIRrh75n5ceoFgHZHBqE05JGUkVGkRsF+ +8hRvxCMon29w0/tpN58mI/4HLQLZeWC0TynKbXDBvLK8NCd+prLYMisFwa1R7w+/ +y4VvizQQNGqNMr6GgT1T/00gPNii9yRYj+kUqZrpUX9Beu2mXR/xUleLSdgbduOg +jbtbDq6S4OFM5lPGHwOBetGUXUlwu4CkM6BBx+bvO+e+9r0gpatZwAIxSgcpTtNG +Vrjv7ZVkF+Bp0IYhE0D+Hsnnzl9qIY7hSXFiAgvZRwmpgvpr0hvQYxdtjfJdsKQa +Qqj92pMbfI2VM62GlXElG1AzqfbCLk+drmskWvzrQQKBgQD8dNmGBwK/gi2Oo3P2 +cPNVHh8z3p7gep3yflFEgDdPhAZNSPtd7CMyOORhtd4XtbVjjFFTvW0ziTyjw//D +9H/ucDKP2r3fr6IlsfChAYWwJR8yYFSUtUJzN5wfggojaPwTX6sTNh2AM8keStbz +cHSQAWwJ5TPEh84JM3Ik9aqpUQKBgQDKF10omXNV8C8KIYn29KBWYSMqfgzW27+z +4UUeHXlrgBRnUq4q7RIgx88jVjH2kL6plYP1Rzf5AzfNR3dBqBbGGFDQ4GYp7MIL +njsfbdZszpvf4cAzeWGdegsNxJdp1k4Ga/jikJl58800RQGw5Wfu7oA9UcoJlXDG +Qy0fn8c7QQKBgQDNBH/aTjs3Fxq0KZ1010llKG8iinnvxuQaF+cbgBxq4MbVYJ1y +KuByWq1thGp2SsShsUQig0T5g0vRmsxMcHSsSEVnebaUv2cowZauyjOtVpg9KunF +UmZCdzi8hbiCBTIg8aJWma3ffS6pARIK5JpkkCMS7iXaRodWBYd+6FrN4QKBgCJu +hKLMMkhsGbeiKz12RHMzLaipvUpGOo1NTldpMizMr61C+wW5SqNnJ7Wfk/esha+j +F86Mic7Va4aALKN1Hhw2PF66PO3bttv/45bhQe1b7lbgwbyDa8xG5Oc9nYacysJx +VwBTHrMWhNno//bBv0mIPTU1YDTtzz8YZvHCaVGBAoGAOpeiiuu0mqEpPGWWgFyE +eoakCQ9kmL/37i9Ahhxur7CZoKMdSPvHrvKT5QPxwU/CV0yJA6ZS9k3W3ymBepsQ +9d2Xuk5CbZtqPHX7hblpPLb+PsNX4/bQxBKu0QGq32BlAOr2yE4piXQ7c6Q0t62q +8YYwVZXmhmgCI811ydXoh3Y= +-----END PRIVATE KEY----- diff --git a/tests/templates/kuttl/pod_overrides/helm-bitnami-eventlog-minio-values.yaml.j2 b/tests/templates/kuttl/pod_overrides/helm-bitnami-eventlog-minio-values.yaml.j2 new file mode 100644 index 00000000..2868e157 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/helm-bitnami-eventlog-minio-values.yaml.j2 @@ -0,0 +1,53 @@ +--- +mode: standalone +disableWebUI: false +extraEnvVars: + - name: BITNAMI_DEBUG + value: "true" + - name: MINIO_LOG_LEVEL + value: DEBUG + +provisioning: + enabled: true + buckets: + - name: spark-logs/eventlogs + usersExistingSecrets: + - centralized-minio-users + resources: + requests: + memory: 1Gi + cpu: "512m" + limits: + memory: "1Gi" + cpu: "1" + podSecurityContext: + enabled: false + containerSecurityContext: + enabled: false + +volumePermissions: + enabled: false + +podSecurityContext: + enabled: false + +containerSecurityContext: + enabled: false + +persistence: + enabled: false + +resources: + requests: + memory: 1Gi + cpu: "512m" + limits: + memory: "1Gi" + cpu: "1" + +service: + type: NodePort + +tls: + enabled: true + existingSecret: minio-tls-eventlog diff --git a/tests/templates/kuttl/pod_overrides/helm-bitnami-minio-values.yaml b/tests/templates/kuttl/pod_overrides/helm-bitnami-minio-values.yaml new file mode 100644 index 00000000..fcc3b193 --- /dev/null +++ b/tests/templates/kuttl/pod_overrides/helm-bitnami-minio-values.yaml @@ -0,0 +1,49 @@ +--- +mode: standalone +disableWebUI: false +extraEnvVars: + - name: BITNAMI_DEBUG + value: "true" + - name: MINIO_LOG_LEVEL + value: DEBUG + +provisioning: + enabled: true + buckets: + - name: my-bucket + usersExistingSecrets: + - centralized-minio-users + resources: + requests: + memory: 1Gi + cpu: "512m" + limits: + memory: "1Gi" + cpu: "1" + podSecurityContext: + enabled: false + containerSecurityContext: + enabled: false + +volumePermissions: + enabled: false + +podSecurityContext: + enabled: false + +containerSecurityContext: + enabled: false + +persistence: + enabled: false + +resources: + requests: + memory: 1Gi + cpu: "512m" + limits: + memory: "1Gi" + cpu: "1" + +service: + type: NodePort diff --git a/tests/templates/kuttl/pod_overrides/spark-examples_3.3.0.jar b/tests/templates/kuttl/pod_overrides/spark-examples_3.3.0.jar new file mode 100644 index 00000000..c5c34c3a Binary files /dev/null and b/tests/templates/kuttl/pod_overrides/spark-examples_3.3.0.jar differ diff --git a/tests/templates/kuttl/pod_overrides/spark-examples_3.4.0.jar b/tests/templates/kuttl/pod_overrides/spark-examples_3.4.0.jar new file mode 100644 index 00000000..da6bb311 Binary files /dev/null and b/tests/templates/kuttl/pod_overrides/spark-examples_3.4.0.jar differ diff --git a/tests/templates/kuttl/resources/10-assert.yaml.j2 b/tests/templates/kuttl/resources/10-assert.yaml.j2 index d9285738..2471489b 100644 --- a/tests/templates/kuttl/resources/10-assert.yaml.j2 +++ b/tests/templates/kuttl/resources/10-assert.yaml.j2 @@ -34,11 +34,12 @@ spec: {% endif %} - name: spark resources: + # these resources are set via Spark submit properties like "spark.driver.cores" limits: cpu: "1" memory: 1Gi requests: - cpu: 200m + cpu: "1" memory: 1Gi --- apiVersion: v1 @@ -52,9 +53,10 @@ spec: {% endif %} - name: spark resources: + # these resources are set via Spark submit properties like "spark.executor.cores" limits: cpu: "1" memory: 1Gi requests: - cpu: 250m + cpu: "1" memory: 1Gi diff --git a/tests/test-definition.yaml b/tests/test-definition.yaml index a8f2ce72..95f8b8de 100644 --- a/tests/test-definition.yaml +++ b/tests/test-definition.yaml @@ -30,6 +30,10 @@ tests: - spark - s3-use-tls - openshift + - name: pod_overrides + dimensions: + - spark + - openshift - name: spark-history-server dimensions: - spark