From 2ea5e8b1a698a860e5b048255d33cb412c78ba7f Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Mon, 8 Jul 2024 20:16:23 +0200 Subject: [PATCH] Update Kamaji v1.0.0 (#202) Signed-off-by: Andrei Kvapil --- .../system/kamaji/charts/kamaji/Chart.yaml | 4 +- .../system/kamaji/charts/kamaji/README.md | 6 +- .../kamaji/charts/kamaji/crds/datastore.yaml | 49 +- .../kamaji/crds/tenantcontrolplane.yaml | 1144 ++++++++++++----- .../charts/kamaji/templates/controller.yaml | 3 + .../charts/kamaji/templates/datastore.yaml | 5 + .../validatingwebhookconfiguration.yaml | 21 + .../system/kamaji/charts/kamaji/values.yaml | 12 +- packages/system/kamaji/values.yaml | 5 - 9 files changed, 887 insertions(+), 362 deletions(-) diff --git a/packages/system/kamaji/charts/kamaji/Chart.yaml b/packages/system/kamaji/charts/kamaji/Chart.yaml index d4980db4..854242ba 100644 --- a/packages/system/kamaji/charts/kamaji/Chart.yaml +++ b/packages/system/kamaji/charts/kamaji/Chart.yaml @@ -3,7 +3,7 @@ annotations: catalog.cattle.io/display-name: Kamaji catalog.cattle.io/release-name: kamaji apiVersion: v2 -appVersion: v0.5.0 +appVersion: v1.0.0 description: Kamaji is the Hosted Control Plane Manager for Kubernetes. home: https://github.com/clastix/kamaji icon: https://github.com/clastix/kamaji/raw/master/assets/logo-colored.png @@ -21,4 +21,4 @@ name: kamaji sources: - https://github.com/clastix/kamaji type: application -version: 0.15.2 +version: 1.0.0 diff --git a/packages/system/kamaji/charts/kamaji/README.md b/packages/system/kamaji/charts/kamaji/README.md index 6222e435..89a7d078 100644 --- a/packages/system/kamaji/charts/kamaji/README.md +++ b/packages/system/kamaji/charts/kamaji/README.md @@ -1,6 +1,6 @@ # kamaji -![Version: 0.15.2](https://img.shields.io/badge/Version-0.15.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.5.0](https://img.shields.io/badge/AppVersion-v0.5.0-informational?style=flat-square) +![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.0.0](https://img.shields.io/badge/AppVersion-v1.0.0-informational?style=flat-square) Kamaji is the Hosted Control Plane Manager for Kubernetes. @@ -77,7 +77,7 @@ Here the values you can override: | datastore.driver | string | `"etcd"` | (string) The Kamaji Datastore driver, supported: etcd, MySQL, PostgreSQL (defaults=etcd). | | datastore.enabled | bool | `true` | (bool) Enable the Kamaji Datastore creation (default=true) | | datastore.endpoints | list | `[]` | (array) List of endpoints of the selected Datastore. When letting the Chart install the etcd datastore, this field is populated automatically. | -| datastore.nameOverride | string | `nil` | The Datastore name override, if empty and enabled=true defaults to `default`, if enabled=false, this is the name of the Datastore to connect to. | +| datastore.nameOverride | string | `nil` | The Datastore name override, if empty and enabled=true defaults to `default`, if enabled=false, this is the name of the Datastore to connect to. | | datastore.tlsConfig.certificateAuthority.certificate.keyPath | string | `nil` | Key of the Secret which contains the content of the certificate. | | datastore.tlsConfig.certificateAuthority.certificate.name | string | `nil` | Name of the Secret containing the CA required to establish the mandatory SSL/TLS connection to the datastore. | | datastore.tlsConfig.certificateAuthority.certificate.namespace | string | `nil` | Namespace of the Secret containing the CA required to establish the mandatory SSL/TLS connection to the datastore. | @@ -90,6 +90,7 @@ Here the values you can override: | datastore.tlsConfig.clientCertificate.privateKey.keyPath | string | `nil` | Key of the Secret which contains the content of the private key. | | datastore.tlsConfig.clientCertificate.privateKey.name | string | `nil` | Name of the Secret containing the client certificate private key required to establish the mandatory SSL/TLS connection to the datastore. | | datastore.tlsConfig.clientCertificate.privateKey.namespace | string | `nil` | Namespace of the Secret containing the client certificate private key required to establish the mandatory SSL/TLS connection to the datastore. | +| datastore.tlsConfig.enabled | bool | `true` | | | etcd.compactionInterval | int | `0` | ETCD Compaction interval (e.g. "5m0s"). (default: "0" (disabled)) | | etcd.deploy | bool | `true` | Install an etcd with enabled multi-tenancy along with Kamaji | | etcd.image | object | `{"pullPolicy":"IfNotPresent","repository":"quay.io/coreos/etcd","tag":"v3.5.6"}` | Install specific etcd image | @@ -133,6 +134,7 @@ Here the values you can override: | serviceAccount.create | bool | `true` | | | serviceAccount.name | string | `"kamaji-controller-manager"` | | | serviceMonitor.enabled | bool | `false` | Toggle the ServiceMonitor true if you have Prometheus Operator installed and configured | +| telemetry | object | `{"disabled":false}` | Disable the analytics traces collection | | temporaryDirectoryPath | string | `"/tmp/kamaji"` | Directory which will be used to work with temporary files. (default "/tmp/kamaji") | | tolerations | list | `[]` | Kubernetes node taints that the Kamaji controller pods would tolerate | diff --git a/packages/system/kamaji/charts/kamaji/crds/datastore.yaml b/packages/system/kamaji/charts/kamaji/crds/datastore.yaml index 0077a06e..97405495 100644 --- a/packages/system/kamaji/charts/kamaji/crds/datastore.yaml +++ b/packages/system/kamaji/charts/kamaji/crds/datastore.yaml @@ -71,10 +71,12 @@ spec: minLength: 1 type: string name: - description: name is unique within a namespace to reference a secret resource. + description: name is unique within a namespace to reference + a secret resource. type: string namespace: - description: namespace defines the space within which the secret name must be unique. + description: namespace defines the space within which + the secret name must be unique. type: string required: - keyPath @@ -98,10 +100,12 @@ spec: minLength: 1 type: string name: - description: name is unique within a namespace to reference a secret resource. + description: name is unique within a namespace to reference + a secret resource. type: string namespace: - description: namespace defines the space within which the secret name must be unique. + description: namespace defines the space within which + the secret name must be unique. type: string required: - keyPath @@ -118,6 +122,7 @@ spec: - etcd - MySQL - PostgreSQL + - NATS type: string endpoints: description: |- @@ -128,7 +133,9 @@ spec: minItems: 1 type: array tlsConfig: - description: Defines the TLS/SSL configuration required to connect to the data store in a secure way. + description: |- + Defines the TLS/SSL configuration required to connect to the data store in a secure way. + This value is optional. properties: certificateAuthority: description: |- @@ -152,10 +159,12 @@ spec: minLength: 1 type: string name: - description: name is unique within a namespace to reference a secret resource. + description: name is unique within a namespace to + reference a secret resource. type: string namespace: - description: namespace defines the space within which the secret name must be unique. + description: namespace defines the space within which + the secret name must be unique. type: string required: - keyPath @@ -179,10 +188,12 @@ spec: minLength: 1 type: string name: - description: name is unique within a namespace to reference a secret resource. + description: name is unique within a namespace to + reference a secret resource. type: string namespace: - description: namespace defines the space within which the secret name must be unique. + description: namespace defines the space within which + the secret name must be unique. type: string required: - keyPath @@ -193,7 +204,8 @@ spec: - certificate type: object clientCertificate: - description: Specifies the SSL/TLS key and private key pair used to connect to the data store. + description: Specifies the SSL/TLS key and private key pair used + to connect to the data store. properties: certificate: properties: @@ -212,10 +224,12 @@ spec: minLength: 1 type: string name: - description: name is unique within a namespace to reference a secret resource. + description: name is unique within a namespace to + reference a secret resource. type: string namespace: - description: namespace defines the space within which the secret name must be unique. + description: namespace defines the space within which + the secret name must be unique. type: string required: - keyPath @@ -239,10 +253,12 @@ spec: minLength: 1 type: string name: - description: name is unique within a namespace to reference a secret resource. + description: name is unique within a namespace to + reference a secret resource. type: string namespace: - description: namespace defines the space within which the secret name must be unique. + description: namespace defines the space within which + the secret name must be unique. type: string required: - keyPath @@ -255,18 +271,17 @@ spec: type: object required: - certificateAuthority - - clientCertificate type: object required: - driver - endpoints - - tlsConfig type: object status: description: DataStoreStatus defines the observed state of DataStore. properties: usedBy: - description: List of the Tenant Control Planes, namespaced named, using this data store. + description: List of the Tenant Control Planes, namespaced named, + using this data store. items: type: string type: array diff --git a/packages/system/kamaji/charts/kamaji/crds/tenantcontrolplane.yaml b/packages/system/kamaji/charts/kamaji/crds/tenantcontrolplane.yaml index 2af86342..b94dd328 100644 --- a/packages/system/kamaji/charts/kamaji/crds/tenantcontrolplane.yaml +++ b/packages/system/kamaji/charts/kamaji/crds/tenantcontrolplane.yaml @@ -55,7 +55,8 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: TenantControlPlane is the Schema for the tenantcontrolplanes API. + description: TenantControlPlane is the Schema for the tenantcontrolplanes + API. properties: apiVersion: description: |- @@ -97,7 +98,8 @@ spec: type: string type: object konnectivity: - description: Enables the Konnectivity addon in the Tenant Cluster, required if the worker nodes are in a different network. + description: Enables the Konnectivity addon in the Tenant Cluster, + required if the worker nodes are in a different network. properties: agent: default: @@ -115,8 +117,53 @@ spec: type: array image: default: registry.k8s.io/kas-network-proxy/proxy-agent - description: AgentImage defines the container image for Konnectivity's agent. + description: AgentImage defines the container image for + Konnectivity's agent. type: string + tolerations: + default: + - key: CriticalAddonsOnly + operator: Exists + description: |- + Tolerations for the deployed agent. + Can be customized to start the konnectivity-agent even if the nodes are not ready or tainted. + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array version: default: v0.0.32 description: Version for Konnectivity agent. @@ -139,14 +186,17 @@ spec: type: array image: default: registry.k8s.io/kas-network-proxy/proxy-server - description: Container image used by the Konnectivity server. + description: Container image used by the Konnectivity + server. type: string port: - description: The port which Konnectivity server is listening to. + description: The port which Konnectivity server is listening + to. format: int32 type: integer resources: - description: Resources define the amount of CPU and memory to allocate to the Konnectivity server. + description: Resources define the amount of CPU and memory + to allocate to the Konnectivity server. properties: claims: description: |- @@ -160,7 +210,8 @@ spec: This field is immutable. It can only be set for containers. items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. properties: name: description: |- @@ -202,7 +253,8 @@ spec: type: object version: default: v0.0.32 - description: Container image version of the Konnectivity server. + description: Container image version of the Konnectivity + server. type: string required: - port @@ -231,12 +283,15 @@ spec: such as the number of Pod replicas, the Service resource, or the Ingress. properties: deployment: - description: Defining the options for the deployed Tenant Control Plane as Deployment resource. + description: Defining the options for the deployed Tenant Control + Plane as Deployment resource. properties: additionalContainers: - description: AdditionalContainers allows adding additional containers to the Control Plane deployment. + description: AdditionalContainers allows adding additional + containers to the Control Plane deployment. items: - description: A single application container that you want to run within a pod. + description: A single application container that you want + to run within a pod. properties: args: description: |- @@ -271,10 +326,12 @@ spec: List of environment variables to set in the container. Cannot be updated. items: - description: EnvVar represents an environment variable present in a Container. + description: EnvVar represents an environment variable + present in a Container. properties: name: - description: Name of the environment variable. Must be a C_IDENTIFIER. + description: Name of the environment variable. + Must be a C_IDENTIFIER. type: string value: description: |- @@ -289,7 +346,8 @@ spec: Defaults to "". type: string valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. + description: Source for the environment variable's + value. Cannot be used if value is not empty. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -304,7 +362,8 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: Specify whether the ConfigMap or its key must be defined + description: Specify whether the ConfigMap + or its key must be defined type: boolean required: - key @@ -316,10 +375,13 @@ spec: spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: - description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". type: string fieldPath: - description: Path of the field to select in the specified API version. + description: Path of the field to select + in the specified API version. type: string required: - fieldPath @@ -331,13 +393,16 @@ spec: (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: - description: 'Container name: required for volumes, optional for env vars' + description: 'Container name: required + for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format of the exposed resources, defaults to "1" + description: Specifies the output format + of the exposed resources, defaults to + "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: @@ -348,10 +413,13 @@ spec: type: object x-kubernetes-map-type: atomic secretKeyRef: - description: Selects a key of a secret in the pod's namespace + description: Selects a key of a secret in + the pod's namespace properties: key: - description: The key of the secret to select from. Must be a valid secret key. + description: The key of the secret to + select from. Must be a valid secret + key. type: string name: description: |- @@ -360,7 +428,8 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: Specify whether the Secret or its key must be defined + description: Specify whether the Secret + or its key must be defined type: boolean required: - key @@ -383,7 +452,8 @@ spec: Values defined by an Env with a duplicate key will take precedence. Cannot be updated. items: - description: EnvFromSource represents the source of a set of ConfigMaps + description: EnvFromSource represents the source of + a set of ConfigMaps properties: configMapRef: description: The ConfigMap to select from @@ -395,12 +465,14 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: Specify whether the ConfigMap must be defined + description: Specify whether the ConfigMap + must be defined type: boolean type: object x-kubernetes-map-type: atomic prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. type: string secretRef: description: The Secret to select from @@ -412,7 +484,8 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: Specify whether the Secret must be defined + description: Specify whether the Secret must + be defined type: boolean type: object x-kubernetes-map-type: atomic @@ -462,7 +535,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies the http request + to perform. properties: host: description: |- @@ -470,9 +544,11 @@ spec: "Host" in httpHeaders instead. type: string httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. + description: Custom headers to set in the + request. HTTP allows repeated headers. items: - description: HTTPHeader describes a custom header to be used in HTTP probes + description: HTTPHeader describes a custom + header to be used in HTTP probes properties: name: description: |- @@ -489,7 +565,8 @@ spec: type: array x-kubernetes-list-type: atomic path: - description: Path to access on the HTTP server. + description: Path to access on the HTTP + server. type: string port: anyOf: @@ -509,10 +586,12 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the container should sleep before being terminated. + description: Sleep represents the duration that + the container should sleep before being terminated. properties: seconds: - description: Seconds is the number of seconds to sleep. + description: Seconds is the number of seconds + to sleep. format: int64 type: integer required: @@ -525,7 +604,8 @@ spec: lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' + description: 'Optional: Host name to connect + to, defaults to the pod IP.' type: string port: anyOf: @@ -568,7 +648,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies the http request + to perform. properties: host: description: |- @@ -576,9 +657,11 @@ spec: "Host" in httpHeaders instead. type: string httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. + description: Custom headers to set in the + request. HTTP allows repeated headers. items: - description: HTTPHeader describes a custom header to be used in HTTP probes + description: HTTPHeader describes a custom + header to be used in HTTP probes properties: name: description: |- @@ -595,7 +678,8 @@ spec: type: array x-kubernetes-list-type: atomic path: - description: Path to access on the HTTP server. + description: Path to access on the HTTP + server. type: string port: anyOf: @@ -615,10 +699,12 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the container should sleep before being terminated. + description: Sleep represents the duration that + the container should sleep before being terminated. properties: seconds: - description: Seconds is the number of seconds to sleep. + description: Seconds is the number of seconds + to sleep. format: int64 type: integer required: @@ -631,7 +717,8 @@ spec: lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' + description: 'Optional: Host name to connect + to, defaults to the pod IP.' type: string port: anyOf: @@ -676,10 +763,12 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies an action involving + a GRPC port. properties: port: - description: Port number of the gRPC service. Number must be in the range 1 to 65535. + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. format: int32 type: integer service: @@ -694,7 +783,8 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies the http request + to perform. properties: host: description: |- @@ -702,9 +792,11 @@ spec: "Host" in httpHeaders instead. type: string httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. + description: Custom headers to set in the request. + HTTP allows repeated headers. items: - description: HTTPHeader describes a custom header to be used in HTTP probes + description: HTTPHeader describes a custom + header to be used in HTTP probes properties: name: description: |- @@ -759,10 +851,12 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP port. + description: TCPSocket specifies an action involving + a TCP port. properties: host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' + description: 'Optional: Host name to connect + to, defaults to the pod IP.' type: string port: anyOf: @@ -814,7 +908,8 @@ spec: For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. items: - description: ContainerPort represents a network port in a single container. + description: ContainerPort represents a network port + in a single container. properties: containerPort: description: |- @@ -823,7 +918,8 @@ spec: format: int32 type: integer hostIP: - description: What host IP to bind the external port to. + description: What host IP to bind the external + port to. type: string hostPort: description: |- @@ -882,10 +978,12 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies an action involving + a GRPC port. properties: port: - description: Port number of the gRPC service. Number must be in the range 1 to 65535. + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. format: int32 type: integer service: @@ -900,7 +998,8 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies the http request + to perform. properties: host: description: |- @@ -908,9 +1007,11 @@ spec: "Host" in httpHeaders instead. type: string httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. + description: Custom headers to set in the request. + HTTP allows repeated headers. items: - description: HTTPHeader describes a custom header to be used in HTTP probes + description: HTTPHeader describes a custom + header to be used in HTTP probes properties: name: description: |- @@ -965,10 +1066,12 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP port. + description: TCPSocket specifies an action involving + a TCP port. properties: host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' + description: 'Optional: Host name to connect + to, defaults to the pod IP.' type: string port: anyOf: @@ -1007,7 +1110,8 @@ spec: resizePolicy: description: Resources resize policy for the container. items: - description: ContainerResizePolicy represents resource resize policy for the container. + description: ContainerResizePolicy represents resource + resize policy for the container. properties: resourceName: description: |- @@ -1043,7 +1147,8 @@ spec: This field is immutable. It can only be set for containers. items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. properties: name: description: |- @@ -1150,14 +1255,16 @@ spec: add: description: Added capabilities items: - description: Capability represent POSIX capabilities type + description: Capability represent POSIX capabilities + type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: - description: Capability represent POSIX capabilities type + description: Capability represent POSIX capabilities + type type: string type: array x-kubernetes-list-type: atomic @@ -1219,16 +1326,20 @@ spec: Note that this field cannot be set when spec.os.name is windows. properties: level: - description: Level is SELinux level label that applies to the container. + description: Level is SELinux level label that + applies to the container. type: string role: - description: Role is a SELinux role label that applies to the container. + description: Role is a SELinux role label that + applies to the container. type: string type: - description: Type is a SELinux type label that applies to the container. + description: Type is a SELinux type label that + applies to the container. type: string user: - description: User is a SELinux user label that applies to the container. + description: User is a SELinux user label that + applies to the container. type: string type: object seccompProfile: @@ -1272,7 +1383,8 @@ spec: GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the GMSA credential spec to use. + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. type: string hostProcess: description: |- @@ -1322,10 +1434,12 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies an action involving + a GRPC port. properties: port: - description: Port number of the gRPC service. Number must be in the range 1 to 65535. + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. format: int32 type: integer service: @@ -1340,7 +1454,8 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies the http request + to perform. properties: host: description: |- @@ -1348,9 +1463,11 @@ spec: "Host" in httpHeaders instead. type: string httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. + description: Custom headers to set in the request. + HTTP allows repeated headers. items: - description: HTTPHeader describes a custom header to be used in HTTP probes + description: HTTPHeader describes a custom + header to be used in HTTP probes properties: name: description: |- @@ -1405,10 +1522,12 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP port. + description: TCPSocket specifies an action involving + a TCP port. properties: host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' + description: 'Optional: Host name to connect + to, defaults to the pod IP.' type: string port: anyOf: @@ -1486,15 +1605,20 @@ spec: Default is false. type: boolean volumeDevices: - description: volumeDevices is the list of block devices to be used by the container. + description: volumeDevices is the list of block devices + to be used by the container. items: - description: volumeDevice describes a mapping of a raw block device within a container. + description: volumeDevice describes a mapping of a + raw block device within a container. properties: devicePath: - description: devicePath is the path inside of the container that the device will be mapped to. + description: devicePath is the path inside of + the container that the device will be mapped + to. type: string name: - description: name must match the name of a persistentVolumeClaim in the pod + description: name must match the name of a persistentVolumeClaim + in the pod type: string required: - devicePath @@ -1509,7 +1633,8 @@ spec: Pod volumes to mount into the container's filesystem. Cannot be updated. items: - description: VolumeMount describes a mounting of a Volume within a container. + description: VolumeMount describes a mounting of a + Volume within a container. properties: mountPath: description: |- @@ -1588,9 +1713,11 @@ spec: type: object type: array additionalInitContainers: - description: AdditionalInitContainers allows adding additional init containers to the Control Plane deployment. + description: AdditionalInitContainers allows adding additional + init containers to the Control Plane deployment. items: - description: A single application container that you want to run within a pod. + description: A single application container that you want + to run within a pod. properties: args: description: |- @@ -1625,10 +1752,12 @@ spec: List of environment variables to set in the container. Cannot be updated. items: - description: EnvVar represents an environment variable present in a Container. + description: EnvVar represents an environment variable + present in a Container. properties: name: - description: Name of the environment variable. Must be a C_IDENTIFIER. + description: Name of the environment variable. + Must be a C_IDENTIFIER. type: string value: description: |- @@ -1643,7 +1772,8 @@ spec: Defaults to "". type: string valueFrom: - description: Source for the environment variable's value. Cannot be used if value is not empty. + description: Source for the environment variable's + value. Cannot be used if value is not empty. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -1658,7 +1788,8 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: Specify whether the ConfigMap or its key must be defined + description: Specify whether the ConfigMap + or its key must be defined type: boolean required: - key @@ -1670,10 +1801,13 @@ spec: spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: - description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". type: string fieldPath: - description: Path of the field to select in the specified API version. + description: Path of the field to select + in the specified API version. type: string required: - fieldPath @@ -1685,13 +1819,16 @@ spec: (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: - description: 'Container name: required for volumes, optional for env vars' + description: 'Container name: required + for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format of the exposed resources, defaults to "1" + description: Specifies the output format + of the exposed resources, defaults to + "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: @@ -1702,10 +1839,13 @@ spec: type: object x-kubernetes-map-type: atomic secretKeyRef: - description: Selects a key of a secret in the pod's namespace + description: Selects a key of a secret in + the pod's namespace properties: key: - description: The key of the secret to select from. Must be a valid secret key. + description: The key of the secret to + select from. Must be a valid secret + key. type: string name: description: |- @@ -1714,7 +1854,8 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: Specify whether the Secret or its key must be defined + description: Specify whether the Secret + or its key must be defined type: boolean required: - key @@ -1737,7 +1878,8 @@ spec: Values defined by an Env with a duplicate key will take precedence. Cannot be updated. items: - description: EnvFromSource represents the source of a set of ConfigMaps + description: EnvFromSource represents the source of + a set of ConfigMaps properties: configMapRef: description: The ConfigMap to select from @@ -1749,12 +1891,14 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: Specify whether the ConfigMap must be defined + description: Specify whether the ConfigMap + must be defined type: boolean type: object x-kubernetes-map-type: atomic prefix: - description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. type: string secretRef: description: The Secret to select from @@ -1766,7 +1910,8 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: Specify whether the Secret must be defined + description: Specify whether the Secret must + be defined type: boolean type: object x-kubernetes-map-type: atomic @@ -1816,7 +1961,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies the http request + to perform. properties: host: description: |- @@ -1824,9 +1970,11 @@ spec: "Host" in httpHeaders instead. type: string httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. + description: Custom headers to set in the + request. HTTP allows repeated headers. items: - description: HTTPHeader describes a custom header to be used in HTTP probes + description: HTTPHeader describes a custom + header to be used in HTTP probes properties: name: description: |- @@ -1843,7 +1991,8 @@ spec: type: array x-kubernetes-list-type: atomic path: - description: Path to access on the HTTP server. + description: Path to access on the HTTP + server. type: string port: anyOf: @@ -1863,10 +2012,12 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the container should sleep before being terminated. + description: Sleep represents the duration that + the container should sleep before being terminated. properties: seconds: - description: Seconds is the number of seconds to sleep. + description: Seconds is the number of seconds + to sleep. format: int64 type: integer required: @@ -1879,7 +2030,8 @@ spec: lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' + description: 'Optional: Host name to connect + to, defaults to the pod IP.' type: string port: anyOf: @@ -1922,7 +2074,8 @@ spec: x-kubernetes-list-type: atomic type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies the http request + to perform. properties: host: description: |- @@ -1930,9 +2083,11 @@ spec: "Host" in httpHeaders instead. type: string httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. + description: Custom headers to set in the + request. HTTP allows repeated headers. items: - description: HTTPHeader describes a custom header to be used in HTTP probes + description: HTTPHeader describes a custom + header to be used in HTTP probes properties: name: description: |- @@ -1949,7 +2104,8 @@ spec: type: array x-kubernetes-list-type: atomic path: - description: Path to access on the HTTP server. + description: Path to access on the HTTP + server. type: string port: anyOf: @@ -1969,10 +2125,12 @@ spec: - port type: object sleep: - description: Sleep represents the duration that the container should sleep before being terminated. + description: Sleep represents the duration that + the container should sleep before being terminated. properties: seconds: - description: Seconds is the number of seconds to sleep. + description: Seconds is the number of seconds + to sleep. format: int64 type: integer required: @@ -1985,7 +2143,8 @@ spec: lifecycle hooks will fail in runtime when tcp handler is specified. properties: host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' + description: 'Optional: Host name to connect + to, defaults to the pod IP.' type: string port: anyOf: @@ -2030,10 +2189,12 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies an action involving + a GRPC port. properties: port: - description: Port number of the gRPC service. Number must be in the range 1 to 65535. + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. format: int32 type: integer service: @@ -2048,7 +2209,8 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies the http request + to perform. properties: host: description: |- @@ -2056,9 +2218,11 @@ spec: "Host" in httpHeaders instead. type: string httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. + description: Custom headers to set in the request. + HTTP allows repeated headers. items: - description: HTTPHeader describes a custom header to be used in HTTP probes + description: HTTPHeader describes a custom + header to be used in HTTP probes properties: name: description: |- @@ -2113,10 +2277,12 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP port. + description: TCPSocket specifies an action involving + a TCP port. properties: host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' + description: 'Optional: Host name to connect + to, defaults to the pod IP.' type: string port: anyOf: @@ -2168,7 +2334,8 @@ spec: For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated. items: - description: ContainerPort represents a network port in a single container. + description: ContainerPort represents a network port + in a single container. properties: containerPort: description: |- @@ -2177,7 +2344,8 @@ spec: format: int32 type: integer hostIP: - description: What host IP to bind the external port to. + description: What host IP to bind the external + port to. type: string hostPort: description: |- @@ -2236,10 +2404,12 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies an action involving + a GRPC port. properties: port: - description: Port number of the gRPC service. Number must be in the range 1 to 65535. + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. format: int32 type: integer service: @@ -2254,7 +2424,8 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies the http request + to perform. properties: host: description: |- @@ -2262,9 +2433,11 @@ spec: "Host" in httpHeaders instead. type: string httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. + description: Custom headers to set in the request. + HTTP allows repeated headers. items: - description: HTTPHeader describes a custom header to be used in HTTP probes + description: HTTPHeader describes a custom + header to be used in HTTP probes properties: name: description: |- @@ -2319,10 +2492,12 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP port. + description: TCPSocket specifies an action involving + a TCP port. properties: host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' + description: 'Optional: Host name to connect + to, defaults to the pod IP.' type: string port: anyOf: @@ -2361,7 +2536,8 @@ spec: resizePolicy: description: Resources resize policy for the container. items: - description: ContainerResizePolicy represents resource resize policy for the container. + description: ContainerResizePolicy represents resource + resize policy for the container. properties: resourceName: description: |- @@ -2397,7 +2573,8 @@ spec: This field is immutable. It can only be set for containers. items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. properties: name: description: |- @@ -2504,14 +2681,16 @@ spec: add: description: Added capabilities items: - description: Capability represent POSIX capabilities type + description: Capability represent POSIX capabilities + type type: string type: array x-kubernetes-list-type: atomic drop: description: Removed capabilities items: - description: Capability represent POSIX capabilities type + description: Capability represent POSIX capabilities + type type: string type: array x-kubernetes-list-type: atomic @@ -2573,16 +2752,20 @@ spec: Note that this field cannot be set when spec.os.name is windows. properties: level: - description: Level is SELinux level label that applies to the container. + description: Level is SELinux level label that + applies to the container. type: string role: - description: Role is a SELinux role label that applies to the container. + description: Role is a SELinux role label that + applies to the container. type: string type: - description: Type is a SELinux type label that applies to the container. + description: Type is a SELinux type label that + applies to the container. type: string user: - description: User is a SELinux user label that applies to the container. + description: User is a SELinux user label that + applies to the container. type: string type: object seccompProfile: @@ -2626,7 +2809,8 @@ spec: GMSA credential spec named by the GMSACredentialSpecName field. type: string gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the GMSA credential spec to use. + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. type: string hostProcess: description: |- @@ -2676,10 +2860,12 @@ spec: format: int32 type: integer grpc: - description: GRPC specifies an action involving a GRPC port. + description: GRPC specifies an action involving + a GRPC port. properties: port: - description: Port number of the gRPC service. Number must be in the range 1 to 65535. + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. format: int32 type: integer service: @@ -2694,7 +2880,8 @@ spec: - port type: object httpGet: - description: HTTPGet specifies the http request to perform. + description: HTTPGet specifies the http request + to perform. properties: host: description: |- @@ -2702,9 +2889,11 @@ spec: "Host" in httpHeaders instead. type: string httpHeaders: - description: Custom headers to set in the request. HTTP allows repeated headers. + description: Custom headers to set in the request. + HTTP allows repeated headers. items: - description: HTTPHeader describes a custom header to be used in HTTP probes + description: HTTPHeader describes a custom + header to be used in HTTP probes properties: name: description: |- @@ -2759,10 +2948,12 @@ spec: format: int32 type: integer tcpSocket: - description: TCPSocket specifies an action involving a TCP port. + description: TCPSocket specifies an action involving + a TCP port. properties: host: - description: 'Optional: Host name to connect to, defaults to the pod IP.' + description: 'Optional: Host name to connect + to, defaults to the pod IP.' type: string port: anyOf: @@ -2840,15 +3031,20 @@ spec: Default is false. type: boolean volumeDevices: - description: volumeDevices is the list of block devices to be used by the container. + description: volumeDevices is the list of block devices + to be used by the container. items: - description: volumeDevice describes a mapping of a raw block device within a container. + description: volumeDevice describes a mapping of a + raw block device within a container. properties: devicePath: - description: devicePath is the path inside of the container that the device will be mapped to. + description: devicePath is the path inside of + the container that the device will be mapped + to. type: string name: - description: name must match the name of a persistentVolumeClaim in the pod + description: name must match the name of a persistentVolumeClaim + in the pod type: string required: - devicePath @@ -2863,7 +3059,8 @@ spec: Pod volumes to mount into the container's filesystem. Cannot be updated. items: - description: VolumeMount describes a mounting of a Volume within a container. + description: VolumeMount describes a mounting of a + Volume within a container. properties: mountPath: description: |- @@ -2942,7 +3139,9 @@ spec: type: object type: array additionalMetadata: - description: AdditionalMetadata defines which additional metadata, such as labels and annotations, must be attached to the created resource. + description: AdditionalMetadata defines which additional metadata, + such as labels and annotations, must be attached to the + created resource. properties: annotations: additionalProperties: @@ -2960,7 +3159,8 @@ spec: properties: apiServer: items: - description: VolumeMount describes a mounting of a Volume within a container. + description: VolumeMount describes a mounting of a Volume + within a container. properties: mountPath: description: |- @@ -3026,7 +3226,8 @@ spec: type: array controllerManager: items: - description: VolumeMount describes a mounting of a Volume within a container. + description: VolumeMount describes a mounting of a Volume + within a container. properties: mountPath: description: |- @@ -3092,7 +3293,8 @@ spec: type: array scheduler: items: - description: VolumeMount describes a mounting of a Volume within a container. + description: VolumeMount describes a mounting of a Volume + within a container. properties: mountPath: description: |- @@ -3158,9 +3360,11 @@ spec: type: array type: object additionalVolumes: - description: AdditionalVolumes allows to add additional volumes to the Control Plane deployment. + description: AdditionalVolumes allows to add additional volumes + to the Control Plane deployment. items: - description: Volume represents a named volume in a pod that may be accessed by any container in the pod. + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. properties: awsElasticBlockStore: description: |- @@ -3198,16 +3402,20 @@ spec: - volumeID type: object azureDisk: - description: azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. + description: azureDisk represents an Azure Data Disk + mount on the host and bind mount to the pod. properties: cachingMode: - description: 'cachingMode is the Host Caching mode: None, Read Only, Read Write.' + description: 'cachingMode is the Host Caching mode: + None, Read Only, Read Write.' type: string diskName: - description: diskName is the Name of the data disk in the blob storage + description: diskName is the Name of the data disk + in the blob storage type: string diskURI: - description: diskURI is the URI of data disk in the blob storage + description: diskURI is the URI of data disk in + the blob storage type: string fsType: description: |- @@ -3216,7 +3424,11 @@ spec: Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string kind: - description: 'kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared' + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure + managed data disk (only in managed availability + set). defaults to shared' type: string readOnly: description: |- @@ -3228,7 +3440,8 @@ spec: - diskURI type: object azureFile: - description: azureFile represents an Azure File Service mount on the host and bind mount to the pod. + description: azureFile represents an Azure File Service + mount on the host and bind mount to the pod. properties: readOnly: description: |- @@ -3236,7 +3449,8 @@ spec: the ReadOnly setting in VolumeMounts. type: boolean secretName: - description: secretName is the name of secret that contains Azure Storage Account Name and Key + description: secretName is the name of secret that + contains Azure Storage Account Name and Key type: string shareName: description: shareName is the azure share Name @@ -3246,7 +3460,8 @@ spec: - shareName type: object cephfs: - description: cephFS represents a Ceph FS mount on the host that shares a pod's lifetime + description: cephFS represents a Ceph FS mount on the + host that shares a pod's lifetime properties: monitors: description: |- @@ -3257,7 +3472,9 @@ spec: type: array x-kubernetes-list-type: atomic path: - description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /' + description: 'path is Optional: Used as the mounted + root, rather than the full Ceph tree, default + is /' type: string readOnly: description: |- @@ -3331,7 +3548,8 @@ spec: - volumeID type: object configMap: - description: configMap represents a configMap that should populate this volume + description: configMap represents a configMap that should + populate this volume properties: defaultMode: description: |- @@ -3354,7 +3572,8 @@ spec: the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. items: - description: Maps a string key to a path within a volume. + description: Maps a string key to a path within + a volume. properties: key: description: key is the key to project. @@ -3389,12 +3608,15 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: optional specify whether the ConfigMap or its keys must be defined + description: optional specify whether the ConfigMap + or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic csi: - description: csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). properties: driver: description: |- @@ -3439,7 +3661,8 @@ spec: - driver type: object downwardAPI: - description: downwardAPI represents downward API about the pod that should populate this volume + description: downwardAPI represents downward API about + the pod that should populate this volume properties: defaultMode: description: |- @@ -3454,18 +3677,26 @@ spec: format: int32 type: integer items: - description: Items is a list of downward API volume file + description: Items is a list of downward API volume + file items: - description: DownwardAPIVolumeFile represents information to create the file containing the pod field + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field properties: fieldRef: - description: 'Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.' + description: 'Required: Selects a field of + the pod: only annotations, labels, name, + namespace and uid are supported.' properties: apiVersion: - description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". type: string fieldPath: - description: Path of the field to select in the specified API version. + description: Path of the field to select + in the specified API version. type: string required: - fieldPath @@ -3482,7 +3713,11 @@ spec: format: int32 type: integer path: - description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..''' + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' type: string resourceFieldRef: description: |- @@ -3490,13 +3725,16 @@ spec: (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. properties: containerName: - description: 'Container name: required for volumes, optional for env vars' + description: 'Container name: required + for volumes, optional for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format of the exposed resources, defaults to "1" + description: Specifies the output format + of the exposed resources, defaults to + "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: @@ -3635,10 +3873,12 @@ spec: For any other third-party types, APIGroup is required. type: string kind: - description: Kind is the type of resource being referenced + description: Kind is the type of resource + being referenced type: string name: - description: Name is the name of resource being referenced + description: Name is the name of resource + being referenced type: string required: - kind @@ -3678,10 +3918,12 @@ spec: For any other third-party types, APIGroup is required. type: string kind: - description: Kind is the type of resource being referenced + description: Kind is the type of resource + being referenced type: string name: - description: Name is the name of resource being referenced + description: Name is the name of resource + being referenced type: string namespace: description: |- @@ -3727,17 +3969,22 @@ spec: type: object type: object selector: - description: selector is a label query over volumes to consider for binding. + description: selector is a label query over + volumes to consider for binding. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label + key that the selector applies + to. type: string operator: description: |- @@ -3796,7 +4043,8 @@ spec: Value of Filesystem is implied when not included in claim spec. type: string volumeName: - description: volumeName is the binding reference to the PersistentVolume backing this claim. + description: volumeName is the binding reference + to the PersistentVolume backing this claim. type: string type: object required: @@ -3804,7 +4052,9 @@ spec: type: object type: object fc: - description: fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine and then + exposed to the pod. properties: fsType: description: |- @@ -3823,7 +4073,8 @@ spec: the ReadOnly setting in VolumeMounts. type: boolean targetWWNs: - description: 'targetWWNs is Optional: FC target worldwide names (WWNs)' + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' items: type: string type: array @@ -3843,7 +4094,8 @@ spec: provisioned/attached using an exec based plugin. properties: driver: - description: driver is the name of the driver to use for this volume. + description: driver is the name of the driver to + use for this volume. type: string fsType: description: |- @@ -3854,7 +4106,8 @@ spec: options: additionalProperties: type: string - description: 'options is Optional: this field holds extra command options if any.' + description: 'options is Optional: this field holds + extra command options if any.' type: object readOnly: description: |- @@ -3881,7 +4134,9 @@ spec: - driver type: object flocker: - description: flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running + description: flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running properties: datasetName: description: |- @@ -3889,7 +4144,8 @@ spec: should be considered as deprecated type: string datasetUUID: - description: datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset + description: datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset type: string type: object gcePersistentDisk: @@ -3947,7 +4203,8 @@ spec: description: repository is the URL type: string revision: - description: revision is the commit hash for the specified revision. + description: revision is the commit hash for the + specified revision. type: string required: - repository @@ -4010,10 +4267,12 @@ spec: More info: https://examples.k8s.io/volumes/iscsi/README.md properties: chapAuthDiscovery: - description: chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication + description: chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication type: boolean chapAuthSession: - description: chapAuthSession defines whether support iSCSI Session CHAP authentication + description: chapAuthSession defines whether support + iSCSI Session CHAP authentication type: boolean fsType: description: |- @@ -4055,7 +4314,8 @@ spec: Defaults to false. type: boolean secretRef: - description: secretRef is the CHAP Secret for iSCSI target and initiator authentication + description: secretRef is the CHAP Secret for iSCSI + target and initiator authentication properties: name: description: |- @@ -4126,7 +4386,9 @@ spec: - claimName type: object photonPersistentDisk: - description: photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine properties: fsType: description: |- @@ -4135,13 +4397,15 @@ spec: Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string pdID: - description: pdID is the ID that identifies Photon Controller persistent disk + description: pdID is the ID that identifies Photon + Controller persistent disk type: string required: - pdID type: object portworxVolume: - description: portworxVolume represents a portworx volume attached and mounted on kubelets host machine + description: portworxVolume represents a portworx volume + attached and mounted on kubelets host machine properties: fsType: description: |- @@ -4155,13 +4419,15 @@ spec: the ReadOnly setting in VolumeMounts. type: boolean volumeID: - description: volumeID uniquely identifies a Portworx volume + description: volumeID uniquely identifies a Portworx + volume type: string required: - volumeID type: object projected: - description: projected items for all in one resources secrets, configmaps, and downward API + description: projected items for all in one resources + secrets, configmaps, and downward API properties: defaultMode: description: |- @@ -4176,7 +4442,8 @@ spec: sources: description: sources is the list of volume projections items: - description: Projection that may be projected along with other supported volume types + description: Projection that may be projected + along with other supported volume types properties: clusterTrustBundle: description: |- @@ -4205,14 +4472,18 @@ spec: everything". properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a + list of label selector requirements. + The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label + key that the selector applies + to. type: string operator: description: |- @@ -4259,7 +4530,8 @@ spec: ClusterTrustBundles. type: boolean path: - description: Relative path from the volume root to write the bundle. + description: Relative path from the volume + root to write the bundle. type: string signerName: description: |- @@ -4271,7 +4543,8 @@ spec: - path type: object configMap: - description: configMap information about the configMap data to project + description: configMap information about the + configMap data to project properties: items: description: |- @@ -4283,7 +4556,8 @@ spec: the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. items: - description: Maps a string key to a path within a volume. + description: Maps a string key to a + path within a volume. properties: key: description: key is the key to project. @@ -4318,26 +4592,38 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: optional specify whether the ConfigMap or its keys must be defined + description: optional specify whether + the ConfigMap or its keys must be defined type: boolean type: object x-kubernetes-map-type: atomic downwardAPI: - description: downwardAPI information about the downwardAPI data to project + description: downwardAPI information about + the downwardAPI data to project properties: items: - description: Items is a list of DownwardAPIVolume file + description: Items is a list of DownwardAPIVolume + file items: - description: DownwardAPIVolumeFile represents information to create the file containing the pod field + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field properties: fieldRef: - description: 'Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.' + description: 'Required: Selects + a field of the pod: only annotations, + labels, name, namespace and uid + are supported.' properties: apiVersion: - description: Version of the schema the FieldPath is written in terms of, defaults to "v1". + description: Version of the + schema the FieldPath is written + in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select in the specified API version. + description: Path of the field + to select in the specified + API version. type: string required: - fieldPath @@ -4354,7 +4640,13 @@ spec: format: int32 type: integer path: - description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ''..'' path. Must be utf-8 encoded. The first item of the relative path must not start with ''..''' + description: 'Required: Path is the + relative path name of the file + to be created. Must not be absolute + or contain the ''..'' path. Must + be utf-8 encoded. The first item + of the relative path must not + start with ''..''' type: string resourceFieldRef: description: |- @@ -4362,17 +4654,22 @@ spec: (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. properties: containerName: - description: 'Container name: required for volumes, optional for env vars' + description: 'Container name: + required for volumes, optional + for env vars' type: string divisor: anyOf: - type: integer - type: string - description: Specifies the output format of the exposed resources, defaults to "1" + description: Specifies the output + format of the exposed resources, + defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: 'Required: resource to select' + description: 'Required: resource + to select' type: string required: - resource @@ -4385,7 +4682,8 @@ spec: x-kubernetes-list-type: atomic type: object secret: - description: secret information about the secret data to project + description: secret information about the + secret data to project properties: items: description: |- @@ -4397,7 +4695,8 @@ spec: the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. items: - description: Maps a string key to a path within a volume. + description: Maps a string key to a + path within a volume. properties: key: description: key is the key to project. @@ -4432,12 +4731,14 @@ spec: TODO: Add other useful fields. apiVersion, kind, uid? type: string optional: - description: optional field specify whether the Secret or its key must be defined + description: optional field specify whether + the Secret or its key must be defined type: boolean type: object x-kubernetes-map-type: atomic serviceAccountToken: - description: serviceAccountToken is information about the serviceAccountToken data to project + description: serviceAccountToken is information + about the serviceAccountToken data to project properties: audience: description: |- @@ -4469,7 +4770,8 @@ spec: x-kubernetes-list-type: atomic type: object quobyte: - description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime + description: quobyte represents a Quobyte mount on the + host that shares a pod's lifetime properties: group: description: |- @@ -4498,7 +4800,8 @@ spec: Defaults to serivceaccount user type: string volume: - description: volume is a string that references an already created Quobyte volume by name. + description: volume is a string that references + an already created Quobyte volume by name. type: string required: - registry @@ -4574,7 +4877,8 @@ spec: - monitors type: object scaleIO: - description: scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. properties: fsType: description: |- @@ -4584,10 +4888,12 @@ spec: Default is "xfs". type: string gateway: - description: gateway is the host address of the ScaleIO API Gateway. + description: gateway is the host address of the + ScaleIO API Gateway. type: string protectionDomain: - description: protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. + description: protectionDomain is the name of the + ScaleIO Protection Domain for the configured storage. type: string readOnly: description: |- @@ -4608,7 +4914,8 @@ spec: type: object x-kubernetes-map-type: atomic sslEnabled: - description: sslEnabled Flag enable/disable SSL communication with Gateway, default false + description: sslEnabled Flag enable/disable SSL + communication with Gateway, default false type: boolean storageMode: description: |- @@ -4616,10 +4923,12 @@ spec: Default is ThinProvisioned. type: string storagePool: - description: storagePool is the ScaleIO Storage Pool associated with the protection domain. + description: storagePool is the ScaleIO Storage + Pool associated with the protection domain. type: string system: - description: system is the name of the storage system as configured in ScaleIO. + description: system is the name of the storage system + as configured in ScaleIO. type: string volumeName: description: |- @@ -4657,7 +4966,8 @@ spec: the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. items: - description: Maps a string key to a path within a volume. + description: Maps a string key to a path within + a volume. properties: key: description: key is the key to project. @@ -4686,7 +4996,8 @@ spec: type: array x-kubernetes-list-type: atomic optional: - description: optional field specify whether the Secret or its keys must be defined + description: optional field specify whether the + Secret or its keys must be defined type: boolean secretName: description: |- @@ -4695,7 +5006,8 @@ spec: type: string type: object storageos: - description: storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. + description: storageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. properties: fsType: description: |- @@ -4737,7 +5049,8 @@ spec: type: string type: object vsphereVolume: - description: vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine + description: vsphereVolume represents a vSphere volume + attached and mounted on kubelets host machine properties: fsType: description: |- @@ -4746,13 +5059,17 @@ spec: Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string storagePolicyID: - description: storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. + description: storagePolicyID is the storage Policy + Based Management (SPBM) profile ID associated + with the StoragePolicyName. type: string storagePolicyName: - description: storagePolicyName is the storage Policy Based Management (SPBM) profile name. + description: storagePolicyName is the storage Policy + Based Management (SPBM) profile name. type: string volumePath: - description: volumePath is the path that identifies vSphere volume vmdk + description: volumePath is the path that identifies + vSphere volume vmdk type: string required: - volumePath @@ -4767,7 +5084,8 @@ spec: More info: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/ properties: nodeAffinity: - description: Describes node affinity scheduling rules for the pod. + description: Describes node affinity scheduling rules + for the pod. properties: preferredDuringSchedulingIgnoredDuringExecution: description: |- @@ -4786,17 +5104,20 @@ spec: (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). properties: preference: - description: A node selector term, associated with the corresponding weight. + description: A node selector term, associated + with the corresponding weight. properties: matchExpressions: - description: A list of node selector requirements by node's labels. + description: A list of node selector requirements + by node's labels. items: description: |- A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: The label key that the selector applies to. + description: The label key that the + selector applies to. type: string operator: description: |- @@ -4821,14 +5142,16 @@ spec: type: array x-kubernetes-list-type: atomic matchFields: - description: A list of node selector requirements by node's fields. + description: A list of node selector requirements + by node's fields. items: description: |- A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: The label key that the selector applies to. + description: The label key that the + selector applies to. type: string operator: description: |- @@ -4855,7 +5178,9 @@ spec: type: object x-kubernetes-map-type: atomic weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. format: int32 type: integer required: @@ -4873,7 +5198,8 @@ spec: may or may not try to eventually evict the pod from its node. properties: nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. + description: Required. A list of node selector + terms. The terms are ORed. items: description: |- A null or empty node selector term matches no objects. The requirements of @@ -4881,14 +5207,16 @@ spec: The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. properties: matchExpressions: - description: A list of node selector requirements by node's labels. + description: A list of node selector requirements + by node's labels. items: description: |- A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: The label key that the selector applies to. + description: The label key that the + selector applies to. type: string operator: description: |- @@ -4913,14 +5241,16 @@ spec: type: array x-kubernetes-list-type: atomic matchFields: - description: A list of node selector requirements by node's fields. + description: A list of node selector requirements + by node's fields. items: description: |- A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: The label key that the selector applies to. + description: The label key that the + selector applies to. type: string operator: description: |- @@ -4954,7 +5284,9 @@ spec: x-kubernetes-map-type: atomic type: object podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: description: |- @@ -4968,10 +5300,13 @@ spec: "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) properties: podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. + description: Required. A pod affinity term, + associated with the corresponding weight. properties: labelSelector: description: |- @@ -4979,14 +5314,18 @@ spec: If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label + key that the selector applies + to. type: string operator: description: |- @@ -5058,14 +5397,18 @@ spec: An empty selector ({}) matches all namespaces. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label + key that the selector applies + to. type: string operator: description: |- @@ -5155,14 +5498,17 @@ spec: If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label key + that the selector applies to. type: string operator: description: |- @@ -5234,14 +5580,17 @@ spec: An empty selector ({}) matches all namespaces. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label key + that the selector applies to. type: string operator: description: |- @@ -5299,7 +5648,9 @@ spec: x-kubernetes-list-type: atomic type: object podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: description: |- @@ -5313,10 +5664,13 @@ spec: "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) properties: podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. + description: Required. A pod affinity term, + associated with the corresponding weight. properties: labelSelector: description: |- @@ -5324,14 +5678,18 @@ spec: If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label + key that the selector applies + to. type: string operator: description: |- @@ -5403,14 +5761,18 @@ spec: An empty selector ({}) matches all namespaces. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label + key that the selector applies + to. type: string operator: description: |- @@ -5500,14 +5862,17 @@ spec: If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label key + that the selector applies to. type: string operator: description: |- @@ -5579,14 +5944,17 @@ spec: An empty selector ({}) matches all namespaces. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label key + that the selector applies to. type: string operator: description: |- @@ -5660,7 +6028,8 @@ spec: type: string type: array kine: - description: Available only if Kamaji is running using Kine as backing storage. + description: Available only if Kamaji is running using + Kine as backing storage. items: type: string type: array @@ -5677,6 +6046,20 @@ spec: Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ type: object + podAdditionalMetadata: + description: AdditionalMetadata defines which additional metadata, + such as labels and annotations, must be attached to the + created resource. + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object registrySettings: default: apiServerImage: kube-apiserver @@ -5715,7 +6098,8 @@ spec: (kube-apiserver, controller-manager, and scheduler). properties: apiServer: - description: ResourceRequirements describes the compute resource requirements. + description: ResourceRequirements describes the compute + resource requirements. properties: claims: description: |- @@ -5729,7 +6113,8 @@ spec: This field is immutable. It can only be set for containers. items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. properties: name: description: |- @@ -5770,7 +6155,8 @@ spec: type: object type: object controllerManager: - description: ResourceRequirements describes the compute resource requirements. + description: ResourceRequirements describes the compute + resource requirements. properties: claims: description: |- @@ -5784,7 +6170,8 @@ spec: This field is immutable. It can only be set for containers. items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. properties: name: description: |- @@ -5841,7 +6228,8 @@ spec: This field is immutable. It can only be set for containers. items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. properties: name: description: |- @@ -5882,7 +6270,8 @@ spec: type: object type: object scheduler: - description: ResourceRequirements describes the compute resource requirements. + description: ResourceRequirements describes the compute + resource requirements. properties: claims: description: |- @@ -5896,7 +6285,8 @@ spec: This field is immutable. It can only be set for containers. items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. properties: name: description: |- @@ -5945,6 +6335,11 @@ spec: empty definition that uses the default runtime handler. More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class type: string + serviceAccountName: + default: default + description: ServiceAccountName allows to specify the service + account to be mounted to the pods of the Control plane deployment + type: string strategy: default: rollingUpdate: @@ -5998,7 +6393,8 @@ spec: x-kubernetes-int-or-string: true type: object type: - description: Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. + description: Type of deployment. Can be "Recreate" or + "RollingUpdate". Default is RollingUpdate. type: string type: object tolerations: @@ -6049,7 +6445,8 @@ spec: In case of nil underlying LabelSelector, the Kamaji one for the given Tenant Control Plane will be used. All topologySpreadConstraints are ANDed. items: - description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. properties: labelSelector: description: |- @@ -6058,14 +6455,16 @@ spec: in their corresponding topology domain. properties: matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. items: description: |- A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: - description: key is the label key that the selector applies to. + description: key is the label key that the + selector applies to. type: string operator: description: |- @@ -6225,10 +6624,13 @@ spec: type: array type: object ingress: - description: Defining the options for an Optional Ingress which will expose API Server of the Tenant Control Plane + description: Defining the options for an Optional Ingress which + will expose API Server of the Tenant Control Plane properties: additionalMetadata: - description: AdditionalMetadata defines which additional metadata, such as labels and annotations, must be attached to the created resource. + description: AdditionalMetadata defines which additional metadata, + such as labels and annotations, must be attached to the + created resource. properties: annotations: additionalProperties: @@ -6248,10 +6650,13 @@ spec: type: string type: object service: - description: Defining the options for the Tenant Control Plane Service resource. + description: Defining the options for the Tenant Control Plane + Service resource. properties: additionalMetadata: - description: AdditionalMetadata defines which additional metadata, such as labels and annotations, must be attached to the created resource. + description: AdditionalMetadata defines which additional metadata, + such as labels and annotations, must be attached to the + created resource. properties: annotations: additionalProperties: @@ -6263,7 +6668,8 @@ spec: type: object type: object serviceType: - description: ServiceType allows specifying how to expose the Tenant Control Plane. + description: ServiceType allows specifying how to expose the + Tenant Control Plane. enum: - ClusterIP - NodePort @@ -6445,7 +6851,8 @@ spec: - enabled type: object konnectivity: - description: KonnectivityStatus defines the status of Konnectivity as Addon. + description: KonnectivityStatus defines the status of Konnectivity + as Addon. properties: agent: properties: @@ -6490,7 +6897,8 @@ spec: enabled: type: boolean kubeconfig: - description: KubeconfigStatus contains information about the generated kubeconfig. + description: KubeconfigStatus contains information about the + generated kubeconfig. properties: checksum: type: string @@ -6512,12 +6920,24 @@ spec: type: string type: object service: - description: KubernetesServiceStatus defines the status for the Tenant Control Plane Service in the management cluster. + description: KubernetesServiceStatus defines the status for + the Tenant Control Plane Service in the management cluster. properties: conditions: description: Current service state items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the + field path .status.conditions. For example,\n\n\n\ttype + FooStatus struct{\n\t // Represents the observations + of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t + \ Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -6551,7 +6971,8 @@ spec: pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: - description: status of the condition, one of True, False, Unknown. + description: status of the condition, one of True, + False, Unknown. enum: - "True" - "False" @@ -6631,7 +7052,9 @@ spec: pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string port: - description: Port is the port number of the service port of which status is recorded here + description: Port is the port number of + the service port of which status is + recorded here format: int32 type: integer protocol: @@ -6654,7 +7077,8 @@ spec: description: The name of the Service for the given cluster. type: string namespace: - description: The namespace which the Service for the given cluster is deployed. + description: The namespace which the Service for the given + cluster is deployed. type: string port: description: The port where the service is running @@ -6719,10 +7143,12 @@ spec: type: string type: object etcd: - description: ETCDCertificatesStatus defines the observed state of ETCD Certificate for API server. + description: ETCDCertificatesStatus defines the observed state + of ETCD Certificate for API server. properties: apiServer: - description: APIServerCertificatesStatus defines the observed state of ETCD Certificate for API server. + description: APIServerCertificatesStatus defines the observed + state of ETCD Certificate for API server. properties: checksum: type: string @@ -6733,7 +7159,8 @@ spec: type: string type: object ca: - description: ETCDCertificateStatus defines the observed state of ETCD Certificate for API server. + description: ETCDCertificateStatus defines the observed state + of ETCD Certificate for API server. properties: checksum: type: string @@ -6779,13 +7206,16 @@ spec: type: object type: object controlPlaneEndpoint: - description: ControlPlaneEndpoint contains the status of the kubernetes control plane + description: ControlPlaneEndpoint contains the status of the kubernetes + control plane type: string kubeadmPhase: - description: KubeadmPhase contains the status of the kubeadm phases action + description: KubeadmPhase contains the status of the kubeadm phases + action properties: bootstrapToken: - description: KubeadmPhaseStatus contains the status of a kubeadm phase action. + description: KubeadmPhaseStatus contains the status of a kubeadm + phase action. properties: checksum: type: string @@ -6797,7 +7227,8 @@ spec: - bootstrapToken type: object kubeadmconfig: - description: KubeadmConfig contains the status of the configuration required by kubeadm + description: KubeadmConfig contains the status of the configuration + required by kubeadm properties: checksum: description: Checksum of the kubeadm configuration to detect changes @@ -6809,10 +7240,12 @@ spec: type: string type: object kubeconfig: - description: KubeConfig contains information about the kubenconfigs that control plane pieces need + description: KubeConfig contains information about the kubenconfigs + that control plane pieces need properties: admin: - description: KubeconfigStatus contains information about the generated kubeconfig. + description: KubeconfigStatus contains information about the generated + kubeconfig. properties: checksum: type: string @@ -6823,7 +7256,8 @@ spec: type: string type: object controllerManager: - description: KubeconfigStatus contains information about the generated kubeconfig. + description: KubeconfigStatus contains information about the generated + kubeconfig. properties: checksum: type: string @@ -6834,7 +7268,8 @@ spec: type: string type: object scheduler: - description: KubeconfigStatus contains information about the generated kubeconfig. + description: KubeconfigStatus contains information about the generated + kubeconfig. properties: checksum: type: string @@ -6846,13 +7281,16 @@ spec: type: object type: object kubernetesResources: - description: Kubernetes contains information about the reconciliation of the required Kubernetes resources deployed in the admin cluster + description: Kubernetes contains information about the reconciliation + of the required Kubernetes resources deployed in the admin cluster properties: deployment: - description: KubernetesDeploymentStatus defines the status for the Tenant Control Plane Deployment in the management cluster. + description: KubernetesDeploymentStatus defines the status for + the Tenant Control Plane Deployment in the management cluster. properties: availableReplicas: - description: Total number of available pods (ready for at least minReadySeconds) targeted by this deployment. + description: Total number of available pods (ready for at + least minReadySeconds) targeted by this deployment. format: int32 type: integer collisionCount: @@ -6863,12 +7301,15 @@ spec: format: int32 type: integer conditions: - description: Represents the latest available observations of a deployment's current state. + description: Represents the latest available observations + of a deployment's current state. items: - description: DeploymentCondition describes the state of a deployment at a certain point. + description: DeploymentCondition describes the state of + a deployment at a certain point. properties: lastTransitionTime: - description: Last time the condition transitioned from one status to another. + description: Last time the condition transitioned from + one status to another. format: date-time type: string lastUpdateTime: @@ -6876,13 +7317,15 @@ spec: format: date-time type: string message: - description: A human readable message indicating details about the transition. + description: A human readable message indicating details + about the transition. type: string reason: description: The reason for the condition's last transition. type: string status: - description: Status of the condition, one of True, False, Unknown. + description: Status of the condition, one of True, False, + Unknown. type: string type: description: Type of deployment condition. @@ -6903,22 +7346,26 @@ spec: description: The name of the Deployment for the given cluster. type: string namespace: - description: The namespace which the Deployment for the given cluster is deployed. + description: The namespace which the Deployment for the given + cluster is deployed. type: string observedGeneration: description: The generation observed by the deployment controller. format: int64 type: integer readyReplicas: - description: readyReplicas is the number of pods targeted by this Deployment with a Ready Condition. + description: readyReplicas is the number of pods targeted + by this Deployment with a Ready Condition. format: int32 type: integer replicas: - description: Total number of non-terminated pods targeted by this deployment (their labels match the selector). + description: Total number of non-terminated pods targeted + by this deployment (their labels match the selector). format: int32 type: integer selector: - description: Selector is the label selector used to group the Tenant Control Plane Pods used by the scale subresource. + description: Selector is the label selector used to group + the Tenant Control Plane Pods used by the scale subresource. type: string unavailableReplicas: description: |- @@ -6928,7 +7375,8 @@ spec: format: int32 type: integer updatedReplicas: - description: Total number of non-terminated pods targeted by this deployment that have the desired template spec. + description: Total number of non-terminated pods targeted + by this deployment that have the desired template spec. format: int32 type: integer required: @@ -6937,26 +7385,34 @@ spec: - selector type: object ingress: - description: KubernetesIngressStatus defines the status for the Tenant Control Plane Ingress in the management cluster. + description: KubernetesIngressStatus defines the status for the + Tenant Control Plane Ingress in the management cluster. properties: loadBalancer: - description: loadBalancer contains the current status of the load-balancer. + description: loadBalancer contains the current status of the + load-balancer. properties: ingress: - description: ingress is a list containing ingress points for the load-balancer. + description: ingress is a list containing ingress points + for the load-balancer. items: - description: IngressLoadBalancerIngress represents the status of a load-balancer ingress point. + description: IngressLoadBalancerIngress represents the + status of a load-balancer ingress point. properties: hostname: - description: hostname is set for load-balancer ingress points that are DNS based. + description: hostname is set for load-balancer ingress + points that are DNS based. type: string ip: - description: ip is set for load-balancer ingress points that are IP based. + description: ip is set for load-balancer ingress + points that are IP based. type: string ports: - description: ports provides information about the ports exposed by this LoadBalancer. + description: ports provides information about the + ports exposed by this LoadBalancer. items: - description: IngressPortStatus represents the error condition of a service port + description: IngressPortStatus represents the + error condition of a service port properties: error: description: |- @@ -6972,7 +7428,8 @@ spec: pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string port: - description: port is the port number of the ingress port. + description: port is the port number of the + ingress port. format: int32 type: integer protocol: @@ -6995,19 +7452,32 @@ spec: description: The name of the Ingress for the given cluster. type: string namespace: - description: The namespace which the Ingress for the given cluster is deployed. + description: The namespace which the Ingress for the given + cluster is deployed. type: string required: - name - namespace type: object service: - description: KubernetesServiceStatus defines the status for the Tenant Control Plane Service in the management cluster. + description: KubernetesServiceStatus defines the status for the + Tenant Control Plane Service in the management cluster. properties: conditions: description: Current service state items: - description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" + description: "Condition contains details for one aspect + of the current state of this API Resource.\n---\nThis + struct is intended for direct use as an array at the field + path .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t + \ // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t + \ // +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: description: |- @@ -7041,7 +7511,8 @@ spec: pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: - description: status of the condition, one of True, False, Unknown. + description: status of the condition, one of True, False, + Unknown. enum: - "True" - "False" @@ -7121,7 +7592,9 @@ spec: pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string port: - description: Port is the port number of the service port of which status is recorded here + description: Port is the port number of the + service port of which status is recorded + here format: int32 type: integer protocol: @@ -7144,7 +7617,8 @@ spec: description: The name of the Service for the given cluster. type: string namespace: - description: The namespace which the Service for the given cluster is deployed. + description: The namespace which the Service for the given + cluster is deployed. type: string port: description: The port where the service is running @@ -7156,11 +7630,13 @@ spec: - port type: object version: - description: KubernetesVersion contains the information regarding the running Kubernetes version, and its upgrade status. + description: KubernetesVersion contains the information regarding + the running Kubernetes version, and its upgrade status. properties: status: default: Provisioning - description: Status returns the current status of the Kubernetes version, such as its provisioning state, or completed upgrade. + description: Status returns the current status of the Kubernetes + version, such as its provisioning state, or completed upgrade. enum: - Provisioning - CertificateAuthorityRotating @@ -7170,12 +7646,14 @@ spec: - NotReady type: string version: - description: Version is the running Kubernetes version of the Tenant Control Plane. + description: Version is the running Kubernetes version of + the Tenant Control Plane. type: string type: object type: object storage: - description: Storage Status contains information about Kubernetes storage system + description: Storage Status contains information about Kubernetes + storage system properties: certificate: properties: diff --git a/packages/system/kamaji/charts/kamaji/templates/controller.yaml b/packages/system/kamaji/charts/kamaji/templates/controller.yaml index 82ddd5cb..e1a73e67 100644 --- a/packages/system/kamaji/charts/kamaji/templates/controller.yaml +++ b/packages/system/kamaji/charts/kamaji/templates/controller.yaml @@ -34,6 +34,9 @@ spec: - --metrics-bind-address={{ .Values.metricsBindAddress }} - --tmp-directory={{ .Values.temporaryDirectoryPath }} - --datastore={{ include "datastore.fullname" . }} + {{- if .Values.telemetry.disabled }} + - --disable-telemetry + {{- end }} {{- if .Values.loggingDevel.enable }} - --zap-devel {{- end }} diff --git a/packages/system/kamaji/charts/kamaji/templates/datastore.yaml b/packages/system/kamaji/charts/kamaji/templates/datastore.yaml index b54ef99a..08631b98 100644 --- a/packages/system/kamaji/charts/kamaji/templates/datastore.yaml +++ b/packages/system/kamaji/charts/kamaji/templates/datastore.yaml @@ -20,9 +20,14 @@ spec: secretReference: {{- .Values.datastore.basicAuth.passwordSecret | toYaml | nindent 8 }} {{- end }} +{{- if .Values.datastore.tlsConfig.enabled }} tlsConfig: certificateAuthority: {{- include "datastore.certificateAuthority" . | indent 6 }} + + {{- if .Values.datastore.tlsConfig.clientCertificate }} clientCertificate: {{- include "datastore.clientCertificate" . | indent 6 }} + {{- end }} +{{- end}} {{- end}} diff --git a/packages/system/kamaji/charts/kamaji/templates/validatingwebhookconfiguration.yaml b/packages/system/kamaji/charts/kamaji/templates/validatingwebhookconfiguration.yaml index d981e974..a347443f 100644 --- a/packages/system/kamaji/charts/kamaji/templates/validatingwebhookconfiguration.yaml +++ b/packages/system/kamaji/charts/kamaji/templates/validatingwebhookconfiguration.yaml @@ -8,6 +8,27 @@ metadata: {{- include "kamaji.labels" $data | nindent 4 }} name: kamaji-validating-webhook-configuration webhooks: + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: {{ include "kamaji.webhookServiceName" . }} + namespace: {{ .Release.Namespace }} + path: /telemetry + failurePolicy: Ignore + name: telemetry.kamaji.clastix.io + rules: + - apiGroups: + - kamaji.clastix.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - tenantcontrolplanes + sideEffects: None - admissionReviewVersions: - v1 clientConfig: diff --git a/packages/system/kamaji/charts/kamaji/values.yaml b/packages/system/kamaji/charts/kamaji/values.yaml index 814f2aa9..03d4f635 100644 --- a/packages/system/kamaji/charts/kamaji/values.yaml +++ b/packages/system/kamaji/charts/kamaji/values.yaml @@ -60,7 +60,7 @@ etcd: # -- The custom annotations to add to the PVC customAnnotations: {} # volumeType: local - + # -- (array) Kubernetes affinity rules to apply to Kamaji etcd pods tolerations: [] @@ -162,7 +162,7 @@ loggingDevel: datastore: # -- (bool) Enable the Kamaji Datastore creation (default=true) enabled: true - # -- (string) The Datastore name override, if empty and enabled=true defaults to `default`, if enabled=false, this is the name of the Datastore to connect to. + # -- (string) The Datastore name override, if empty and enabled=true defaults to `default`, if enabled=false, this is the name of the Datastore to connect to. nameOverride: # -- (string) The Kamaji Datastore driver, supported: etcd, MySQL, PostgreSQL (defaults=etcd). driver: etcd @@ -184,6 +184,7 @@ datastore: # -- The Secret key where the data is stored. keyPath: tlsConfig: + enabled: true certificateAuthority: certificate: # -- Name of the Secret containing the CA required to establish the mandatory SSL/TLS connection to the datastore. @@ -218,4 +219,9 @@ datastore: cfssl: image: repository: cfssl/cfssl - tag: latest \ No newline at end of file + tag: latest + +# -- Disable the analytics traces collection +telemetry: + disabled: false + \ No newline at end of file diff --git a/packages/system/kamaji/values.yaml b/packages/system/kamaji/values.yaml index de677502..2ef13714 100644 --- a/packages/system/kamaji/values.yaml +++ b/packages/system/kamaji/values.yaml @@ -1,8 +1,3 @@ kamaji: etcd: deploy: false - - # Fix https://github.com/clastix/kamaji/pull/467 - image: - repository: ghcr.io/kvaps/test - tag: kamaji-v0.6.0-fix