12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872387338743875387638773878387938803881388238833884388538863887388838893890389138923893389438953896389738983899390039013902390339043905390639073908390939103911391239133914391539163917391839193920392139223923392439253926392739283929393039313932393339343935393639373938393939403941394239433944394539463947394839493950395139523953395439553956395739583959396039613962396339643965396639673968396939703971397239733974397539763977397839793980398139823983398439853986398739883989399039913992399339943995399639973998399940004001400240034004400540064007400840094010401140124013401440154016401740184019402040214022402340244025402640274028402940304031403240334034403540364037403840394040404140424043404440454046404740484049405040514052405340544055405640574058405940604061406240634064406540664067406840694070407140724073407440754076407740784079408040814082408340844085408640874088408940904091409240934094409540964097409840994100410141024103410441054106410741084109411041114112411341144115411641174118411941204121412241234124412541264127412841294130413141324133413441354136413741384139414041414142414341444145414641474148414941504151415241534154415541564157415841594160416141624163416441654166416741684169417041714172417341744175417641774178417941804181418241834184418541864187418841894190419141924193419441954196419741984199420042014202420342044205420642074208420942104211421242134214421542164217421842194220422142224223422442254226422742284229423042314232423342344235423642374238423942404241424242434244424542464247424842494250425142524253425442554256425742584259426042614262426342644265426642674268426942704271427242734274427542764277427842794280428142824283428442854286428742884289429042914292429342944295429642974298429943004301430243034304430543064307430843094310431143124313431443154316431743184319432043214322432343244325432643274328432943304331433243334334433543364337433843394340434143424343434443454346434743484349435043514352435343544355435643574358435943604361436243634364436543664367436843694370437143724373437443754376437743784379438043814382438343844385438643874388438943904391439243934394439543964397439843994400440144024403440444054406440744084409441044114412441344144415441644174418441944204421442244234424442544264427442844294430443144324433443444354436443744384439444044414442444344444445444644474448444944504451445244534454445544564457445844594460446144624463446444654466446744684469447044714472447344744475447644774478447944804481448244834484448544864487448844894490449144924493449444954496449744984499450045014502450345044505450645074508450945104511451245134514451545164517451845194520452145224523452445254526452745284529453045314532453345344535453645374538453945404541454245434544454545464547454845494550455145524553455445554556455745584559456045614562456345644565456645674568456945704571457245734574457545764577457845794580458145824583458445854586458745884589459045914592459345944595459645974598459946004601460246034604460546064607460846094610461146124613461446154616461746184619462046214622462346244625462646274628462946304631463246334634463546364637463846394640464146424643464446454646464746484649465046514652465346544655465646574658465946604661466246634664466546664667466846694670467146724673467446754676467746784679468046814682468346844685468646874688468946904691469246934694469546964697469846994700470147024703470447054706470747084709471047114712471347144715471647174718471947204721472247234724472547264727472847294730473147324733473447354736473747384739474047414742474347444745474647474748474947504751475247534754475547564757475847594760476147624763476447654766476747684769477047714772477347744775477647774778477947804781478247834784478547864787478847894790479147924793479447954796479747984799480048014802480348044805480648074808480948104811481248134814481548164817481848194820482148224823482448254826482748284829483048314832483348344835483648374838483948404841484248434844484548464847484848494850485148524853485448554856485748584859486048614862486348644865486648674868486948704871487248734874487548764877487848794880488148824883488448854886488748884889489048914892489348944895489648974898489949004901490249034904490549064907490849094910491149124913491449154916491749184919492049214922492349244925492649274928492949304931493249334934493549364937493849394940494149424943494449454946494749484949495049514952495349544955495649574958495949604961496249634964496549664967496849694970497149724973497449754976497749784979498049814982498349844985498649874988498949904991499249934994499549964997499849995000500150025003500450055006500750085009501050115012501350145015501650175018501950205021502250235024502550265027502850295030503150325033503450355036503750385039504050415042504350445045504650475048504950505051505250535054505550565057505850595060506150625063506450655066506750685069507050715072507350745075507650775078507950805081508250835084508550865087508850895090509150925093509450955096509750985099510051015102510351045105510651075108510951105111511251135114511551165117511851195120512151225123512451255126512751285129513051315132513351345135513651375138513951405141514251435144514551465147514851495150515151525153515451555156515751585159516051615162516351645165516651675168516951705171517251735174517551765177517851795180518151825183518451855186518751885189519051915192519351945195519651975198519952005201520252035204520552065207520852095210521152125213521452155216521752185219522052215222522352245225522652275228522952305231523252335234523552365237523852395240524152425243524452455246524752485249525052515252525352545255525652575258525952605261526252635264526552665267526852695270527152725273527452755276527752785279528052815282528352845285528652875288528952905291529252935294529552965297529852995300530153025303530453055306530753085309531053115312531353145315531653175318531953205321532253235324532553265327532853295330533153325333533453355336533753385339534053415342534353445345534653475348534953505351535253535354535553565357535853595360536153625363536453655366536753685369537053715372537353745375537653775378537953805381538253835384538553865387538853895390539153925393539453955396539753985399540054015402540354045405540654075408540954105411541254135414541554165417541854195420542154225423542454255426542754285429543054315432543354345435543654375438543954405441544254435444544554465447544854495450545154525453545454555456545754585459546054615462546354645465546654675468546954705471547254735474547554765477547854795480548154825483548454855486548754885489549054915492549354945495549654975498549955005501550255035504550555065507550855095510551155125513551455155516551755185519552055215522552355245525552655275528552955305531553255335534553555365537553855395540554155425543554455455546554755485549555055515552555355545555555655575558555955605561556255635564556555665567556855695570557155725573557455755576557755785579558055815582558355845585558655875588558955905591559255935594559555965597559855995600560156025603560456055606560756085609561056115612561356145615561656175618561956205621562256235624562556265627562856295630563156325633563456355636563756385639564056415642564356445645564656475648564956505651565256535654565556565657565856595660566156625663566456655666566756685669567056715672567356745675567656775678567956805681568256835684568556865687568856895690569156925693569456955696569756985699570057015702570357045705570657075708570957105711571257135714571557165717571857195720572157225723572457255726572757285729573057315732573357345735573657375738573957405741574257435744574557465747574857495750575157525753575457555756575757585759576057615762576357645765576657675768576957705771577257735774577557765777577857795780578157825783578457855786578757885789579057915792579357945795579657975798579958005801580258035804580558065807580858095810581158125813581458155816581758185819582058215822582358245825582658275828582958305831583258335834583558365837583858395840584158425843584458455846584758485849585058515852585358545855585658575858585958605861586258635864586558665867586858695870587158725873587458755876587758785879588058815882588358845885588658875888588958905891589258935894589558965897589858995900590159025903590459055906590759085909591059115912591359145915591659175918591959205921592259235924592559265927592859295930593159325933593459355936593759385939594059415942594359445945594659475948594959505951595259535954595559565957595859595960596159625963596459655966596759685969597059715972597359745975597659775978597959805981598259835984598559865987598859895990599159925993599459955996599759985999600060016002600360046005600660076008600960106011601260136014601560166017601860196020602160226023602460256026602760286029603060316032603360346035603660376038603960406041604260436044604560466047604860496050605160526053605460556056605760586059606060616062606360646065606660676068606960706071607260736074607560766077607860796080608160826083608460856086608760886089609060916092609360946095609660976098609961006101610261036104610561066107610861096110611161126113611461156116611761186119612061216122612361246125612661276128612961306131613261336134613561366137613861396140614161426143614461456146614761486149615061516152615361546155615661576158615961606161616261636164616561666167616861696170617161726173617461756176617761786179618061816182618361846185618661876188618961906191619261936194619561966197619861996200620162026203620462056206620762086209621062116212621362146215621662176218621962206221622262236224622562266227622862296230623162326233623462356236623762386239624062416242624362446245624662476248624962506251625262536254625562566257625862596260626162626263626462656266626762686269627062716272627362746275627662776278627962806281628262836284628562866287628862896290629162926293629462956296629762986299630063016302630363046305630663076308630963106311631263136314631563166317631863196320632163226323632463256326632763286329633063316332633363346335633663376338633963406341634263436344634563466347634863496350635163526353635463556356635763586359636063616362636363646365636663676368636963706371637263736374637563766377637863796380638163826383638463856386638763886389639063916392639363946395639663976398639964006401640264036404640564066407640864096410641164126413641464156416641764186419642064216422642364246425642664276428642964306431643264336434643564366437643864396440644164426443644464456446644764486449645064516452645364546455645664576458645964606461646264636464646564666467646864696470647164726473647464756476647764786479648064816482648364846485648664876488648964906491649264936494649564966497649864996500650165026503650465056506650765086509651065116512651365146515651665176518651965206521652265236524652565266527652865296530653165326533653465356536653765386539654065416542654365446545654665476548654965506551655265536554655565566557655865596560656165626563656465656566656765686569657065716572657365746575657665776578657965806581658265836584658565866587658865896590659165926593659465956596659765986599660066016602660366046605660666076608660966106611661266136614661566166617661866196620662166226623662466256626662766286629663066316632663366346635663666376638663966406641664266436644664566466647664866496650665166526653665466556656665766586659666066616662666366646665666666676668666966706671667266736674667566766677667866796680668166826683668466856686668766886689669066916692669366946695669666976698669967006701670267036704670567066707670867096710671167126713671467156716671767186719672067216722672367246725672667276728672967306731673267336734673567366737673867396740674167426743674467456746674767486749675067516752675367546755675667576758675967606761676267636764676567666767676867696770677167726773677467756776677767786779678067816782678367846785678667876788678967906791679267936794679567966797679867996800680168026803680468056806680768086809681068116812681368146815681668176818681968206821682268236824682568266827682868296830683168326833683468356836683768386839684068416842684368446845684668476848684968506851685268536854685568566857685868596860686168626863686468656866686768686869687068716872687368746875687668776878687968806881688268836884688568866887688868896890689168926893689468956896689768986899690069016902690369046905690669076908690969106911691269136914691569166917691869196920692169226923692469256926692769286929693069316932693369346935693669376938693969406941694269436944694569466947694869496950695169526953695469556956695769586959696069616962696369646965696669676968696969706971697269736974697569766977697869796980698169826983698469856986698769886989699069916992699369946995699669976998699970007001700270037004700570067007700870097010701170127013701470157016701770187019702070217022702370247025702670277028702970307031703270337034703570367037703870397040704170427043704470457046704770487049705070517052705370547055705670577058705970607061706270637064706570667067706870697070707170727073707470757076707770787079708070817082708370847085708670877088708970907091709270937094709570967097709870997100710171027103710471057106710771087109711071117112711371147115711671177118711971207121712271237124712571267127712871297130713171327133713471357136713771387139714071417142714371447145714671477148714971507151715271537154715571567157715871597160716171627163716471657166716771687169717071717172717371747175717671777178717971807181718271837184718571867187718871897190719171927193719471957196719771987199720072017202720372047205720672077208720972107211721272137214721572167217721872197220722172227223722472257226722772287229723072317232723372347235723672377238723972407241724272437244724572467247724872497250725172527253725472557256725772587259726072617262726372647265726672677268726972707271727272737274727572767277727872797280728172827283728472857286728772887289729072917292729372947295729672977298729973007301730273037304730573067307730873097310731173127313731473157316731773187319732073217322732373247325732673277328732973307331733273337334733573367337733873397340734173427343734473457346734773487349735073517352735373547355735673577358735973607361736273637364736573667367736873697370737173727373737473757376737773787379738073817382738373847385738673877388738973907391739273937394739573967397739873997400740174027403740474057406740774087409741074117412741374147415741674177418741974207421742274237424742574267427742874297430743174327433743474357436743774387439744074417442744374447445744674477448744974507451745274537454745574567457745874597460746174627463746474657466746774687469747074717472747374747475747674777478747974807481748274837484748574867487748874897490749174927493749474957496749774987499750075017502750375047505750675077508750975107511751275137514751575167517751875197520752175227523752475257526752775287529753075317532753375347535753675377538753975407541754275437544754575467547754875497550755175527553755475557556755775587559756075617562756375647565756675677568756975707571757275737574757575767577757875797580758175827583758475857586758775887589759075917592759375947595759675977598759976007601760276037604760576067607760876097610761176127613761476157616761776187619762076217622762376247625762676277628762976307631763276337634763576367637763876397640764176427643764476457646764776487649765076517652765376547655765676577658765976607661766276637664766576667667766876697670767176727673767476757676767776787679768076817682768376847685768676877688768976907691769276937694769576967697769876997700770177027703770477057706770777087709771077117712771377147715771677177718771977207721772277237724772577267727772877297730773177327733773477357736773777387739774077417742774377447745774677477748774977507751775277537754775577567757775877597760776177627763776477657766776777687769777077717772777377747775777677777778777977807781778277837784778577867787778877897790779177927793779477957796779777987799780078017802780378047805780678077808780978107811781278137814781578167817781878197820782178227823782478257826782778287829783078317832783378347835783678377838783978407841784278437844784578467847784878497850785178527853785478557856785778587859786078617862786378647865786678677868786978707871787278737874787578767877787878797880788178827883788478857886788778887889789078917892789378947895789678977898789979007901790279037904790579067907790879097910791179127913791479157916791779187919792079217922792379247925792679277928792979307931793279337934793579367937793879397940794179427943794479457946794779487949795079517952795379547955795679577958795979607961796279637964796579667967796879697970797179727973797479757976797779787979798079817982798379847985798679877988798979907991799279937994799579967997799879998000800180028003800480058006800780088009801080118012801380148015801680178018801980208021802280238024802580268027802880298030803180328033803480358036803780388039804080418042804380448045804680478048804980508051805280538054805580568057805880598060806180628063806480658066806780688069807080718072807380748075807680778078807980808081808280838084808580868087808880898090809180928093809480958096809780988099810081018102810381048105810681078108810981108111811281138114811581168117811881198120812181228123812481258126812781288129813081318132813381348135813681378138813981408141814281438144814581468147814881498150815181528153815481558156815781588159816081618162816381648165816681678168816981708171817281738174817581768177817881798180818181828183818481858186818781888189819081918192819381948195819681978198819982008201820282038204820582068207820882098210821182128213821482158216821782188219822082218222822382248225822682278228822982308231823282338234823582368237823882398240824182428243824482458246824782488249825082518252825382548255825682578258825982608261826282638264826582668267826882698270827182728273827482758276827782788279828082818282828382848285828682878288828982908291829282938294829582968297829882998300830183028303830483058306830783088309831083118312831383148315831683178318831983208321832283238324832583268327832883298330833183328333833483358336833783388339834083418342834383448345834683478348834983508351835283538354835583568357835883598360836183628363836483658366836783688369837083718372837383748375837683778378837983808381838283838384838583868387838883898390839183928393839483958396839783988399840084018402840384048405840684078408840984108411841284138414841584168417841884198420842184228423842484258426842784288429843084318432843384348435843684378438843984408441844284438444844584468447844884498450845184528453845484558456845784588459846084618462846384648465846684678468846984708471847284738474847584768477847884798480848184828483848484858486848784888489849084918492849384948495849684978498849985008501850285038504850585068507850885098510851185128513851485158516851785188519852085218522852385248525852685278528852985308531853285338534853585368537853885398540854185428543854485458546854785488549855085518552855385548555855685578558855985608561856285638564856585668567856885698570857185728573857485758576857785788579858085818582858385848585858685878588858985908591859285938594859585968597859885998600860186028603860486058606860786088609861086118612861386148615861686178618861986208621862286238624862586268627862886298630863186328633863486358636863786388639864086418642864386448645864686478648864986508651865286538654865586568657865886598660866186628663866486658666866786688669867086718672867386748675867686778678867986808681868286838684868586868687868886898690869186928693869486958696869786988699870087018702870387048705870687078708870987108711871287138714871587168717871887198720872187228723872487258726872787288729873087318732873387348735873687378738873987408741874287438744874587468747874887498750875187528753875487558756875787588759876087618762876387648765876687678768876987708771877287738774877587768777877887798780878187828783878487858786878787888789879087918792879387948795879687978798879988008801880288038804880588068807880888098810881188128813881488158816881788188819882088218822882388248825882688278828882988308831883288338834883588368837883888398840884188428843884488458846884788488849885088518852885388548855885688578858885988608861886288638864886588668867886888698870887188728873887488758876887788788879888088818882888388848885888688878888888988908891889288938894889588968897889888998900890189028903890489058906890789088909891089118912891389148915891689178918891989208921892289238924892589268927892889298930893189328933893489358936893789388939894089418942894389448945894689478948894989508951895289538954895589568957895889598960896189628963896489658966896789688969897089718972897389748975897689778978897989808981898289838984898589868987898889898990899189928993899489958996899789988999900090019002900390049005900690079008900990109011901290139014901590169017901890199020902190229023902490259026902790289029903090319032903390349035903690379038903990409041904290439044904590469047904890499050905190529053905490559056905790589059906090619062906390649065906690679068906990709071907290739074907590769077907890799080908190829083908490859086908790889089909090919092909390949095909690979098909991009101910291039104910591069107910891099110911191129113911491159116911791189119912091219122912391249125912691279128912991309131913291339134913591369137913891399140914191429143914491459146914791489149915091519152915391549155915691579158915991609161916291639164916591669167916891699170917191729173917491759176917791789179918091819182918391849185918691879188918991909191919291939194919591969197919891999200920192029203920492059206920792089209921092119212921392149215921692179218921992209221922292239224922592269227922892299230923192329233923492359236923792389239924092419242924392449245924692479248924992509251925292539254925592569257925892599260926192629263926492659266926792689269927092719272927392749275927692779278927992809281928292839284928592869287928892899290929192929293929492959296929792989299930093019302930393049305930693079308930993109311931293139314931593169317931893199320932193229323932493259326932793289329933093319332933393349335933693379338933993409341934293439344934593469347934893499350935193529353935493559356935793589359936093619362936393649365936693679368936993709371937293739374937593769377937893799380938193829383938493859386938793889389939093919392939393949395939693979398939994009401940294039404940594069407940894099410941194129413941494159416941794189419942094219422942394249425942694279428942994309431943294339434943594369437943894399440944194429443944494459446944794489449945094519452945394549455945694579458945994609461946294639464946594669467946894699470947194729473947494759476947794789479948094819482948394849485948694879488948994909491949294939494949594969497949894999500950195029503950495059506950795089509951095119512951395149515951695179518951995209521952295239524952595269527952895299530953195329533953495359536953795389539954095419542954395449545954695479548954995509551955295539554955595569557955895599560956195629563956495659566956795689569957095719572957395749575957695779578957995809581958295839584958595869587958895899590959195929593959495959596959795989599960096019602960396049605960696079608960996109611961296139614961596169617961896199620962196229623962496259626962796289629963096319632963396349635963696379638963996409641964296439644964596469647964896499650965196529653965496559656965796589659966096619662966396649665966696679668966996709671967296739674967596769677967896799680968196829683968496859686968796889689969096919692969396949695969696979698969997009701970297039704970597069707970897099710971197129713971497159716971797189719972097219722972397249725972697279728972997309731973297339734973597369737973897399740974197429743974497459746974797489749975097519752975397549755975697579758975997609761976297639764976597669767976897699770977197729773977497759776977797789779978097819782978397849785978697879788978997909791979297939794979597969797979897999800980198029803980498059806980798089809981098119812981398149815981698179818981998209821982298239824982598269827982898299830983198329833983498359836983798389839984098419842984398449845984698479848984998509851985298539854985598569857985898599860986198629863986498659866986798689869987098719872987398749875987698779878987998809881988298839884988598869887988898899890989198929893989498959896989798989899990099019902990399049905990699079908990999109911991299139914991599169917991899199920992199229923992499259926992799289929993099319932993399349935993699379938993999409941994299439944994599469947994899499950995199529953995499559956995799589959996099619962996399649965996699679968996999709971997299739974997599769977997899799980998199829983998499859986998799889989999099919992999399949995999699979998999910000100011000210003100041000510006100071000810009100101001110012100131001410015100161001710018100191002010021100221002310024100251002610027100281002910030100311003210033100341003510036100371003810039100401004110042100431004410045100461004710048100491005010051100521005310054100551005610057100581005910060100611006210063100641006510066100671006810069100701007110072100731007410075100761007710078100791008010081100821008310084100851008610087100881008910090100911009210093100941009510096100971009810099101001010110102101031010410105101061010710108101091011010111101121011310114101151011610117101181011910120101211012210123101241012510126101271012810129101301013110132101331013410135101361013710138101391014010141101421014310144101451014610147101481014910150101511015210153101541015510156101571015810159101601016110162101631016410165101661016710168101691017010171101721017310174101751017610177101781017910180101811018210183101841018510186101871018810189101901019110192101931019410195101961019710198101991020010201102021020310204102051020610207102081020910210102111021210213102141021510216102171021810219102201022110222102231022410225102261022710228102291023010231102321023310234102351023610237102381023910240102411024210243102441024510246102471024810249102501025110252102531025410255102561025710258102591026010261102621026310264102651026610267102681026910270102711027210273102741027510276102771027810279102801028110282102831028410285102861028710288102891029010291102921029310294102951029610297102981029910300103011030210303103041030510306103071030810309103101031110312103131031410315103161031710318103191032010321103221032310324103251032610327103281032910330103311033210333103341033510336103371033810339103401034110342103431034410345103461034710348103491035010351103521035310354103551035610357103581035910360103611036210363103641036510366103671036810369103701037110372103731037410375103761037710378103791038010381103821038310384103851038610387103881038910390103911039210393103941039510396103971039810399104001040110402104031040410405104061040710408104091041010411104121041310414104151041610417104181041910420104211042210423104241042510426104271042810429104301043110432104331043410435104361043710438104391044010441104421044310444104451044610447104481044910450104511045210453104541045510456104571045810459104601046110462104631046410465104661046710468104691047010471104721047310474104751047610477104781047910480104811048210483104841048510486104871048810489104901049110492104931049410495104961049710498104991050010501105021050310504105051050610507105081050910510105111051210513105141051510516105171051810519105201052110522105231052410525105261052710528105291053010531105321053310534105351053610537105381053910540105411054210543105441054510546105471054810549105501055110552105531055410555105561055710558105591056010561105621056310564105651056610567105681056910570105711057210573105741057510576105771057810579105801058110582105831058410585105861058710588105891059010591105921059310594105951059610597105981059910600106011060210603106041060510606106071060810609106101061110612106131061410615106161061710618106191062010621106221062310624106251062610627106281062910630106311063210633106341063510636106371063810639106401064110642106431064410645106461064710648106491065010651106521065310654106551065610657106581065910660106611066210663106641066510666106671066810669106701067110672106731067410675106761067710678106791068010681106821068310684106851068610687106881068910690106911069210693106941069510696106971069810699107001070110702107031070410705107061070710708107091071010711107121071310714107151071610717107181071910720107211072210723107241072510726107271072810729107301073110732107331073410735107361073710738107391074010741107421074310744107451074610747107481074910750107511075210753107541075510756107571075810759107601076110762107631076410765107661076710768107691077010771107721077310774107751077610777107781077910780107811078210783107841078510786107871078810789107901079110792107931079410795107961079710798107991080010801108021080310804108051080610807108081080910810108111081210813108141081510816108171081810819108201082110822108231082410825108261082710828108291083010831108321083310834108351083610837108381083910840108411084210843108441084510846108471084810849108501085110852108531085410855108561085710858108591086010861108621086310864108651086610867108681086910870108711087210873108741087510876108771087810879108801088110882108831088410885108861088710888108891089010891108921089310894108951089610897108981089910900109011090210903109041090510906109071090810909109101091110912109131091410915109161091710918109191092010921109221092310924109251092610927109281092910930109311093210933109341093510936109371093810939109401094110942109431094410945109461094710948109491095010951109521095310954109551095610957109581095910960109611096210963109641096510966109671096810969109701097110972109731097410975109761097710978109791098010981109821098310984109851098610987109881098910990109911099210993109941099510996109971099810999110001100111002110031100411005110061100711008110091101011011110121101311014110151101611017110181101911020110211102211023110241102511026110271102811029110301103111032110331103411035110361103711038110391104011041110421104311044110451104611047110481104911050110511105211053110541105511056110571105811059110601106111062110631106411065110661106711068110691107011071110721107311074110751107611077110781107911080110811108211083110841108511086110871108811089110901109111092110931109411095110961109711098110991110011101111021110311104111051110611107111081110911110111111111211113111141111511116111171111811119111201112111122111231112411125111261112711128111291113011131111321113311134111351113611137111381113911140111411114211143111441114511146111471114811149111501115111152111531115411155111561115711158111591116011161111621116311164111651116611167111681116911170111711117211173111741117511176111771117811179111801118111182111831118411185111861118711188111891119011191111921119311194111951119611197111981119911200112011120211203112041120511206112071120811209112101121111212112131121411215112161121711218112191122011221112221122311224112251122611227112281122911230112311123211233112341123511236112371123811239112401124111242112431124411245112461124711248112491125011251112521125311254112551125611257112581125911260112611126211263112641126511266112671126811269112701127111272112731127411275112761127711278112791128011281112821128311284112851128611287112881128911290112911129211293112941129511296112971129811299113001130111302113031130411305113061130711308113091131011311113121131311314113151131611317113181131911320113211132211323113241132511326113271132811329113301133111332113331133411335113361133711338113391134011341113421134311344113451134611347113481134911350113511135211353113541135511356113571135811359113601136111362113631136411365113661136711368113691137011371113721137311374113751137611377113781137911380113811138211383113841138511386113871138811389113901139111392113931139411395113961139711398113991140011401114021140311404114051140611407114081140911410114111141211413114141141511416114171141811419114201142111422114231142411425114261142711428114291143011431114321143311434114351143611437114381143911440114411144211443114441144511446114471144811449114501145111452114531145411455114561145711458114591146011461114621146311464114651146611467114681146911470114711147211473114741147511476114771147811479114801148111482114831148411485114861148711488114891149011491114921149311494114951149611497114981149911500115011150211503115041150511506115071150811509115101151111512115131151411515115161151711518115191152011521115221152311524115251152611527115281152911530115311153211533115341153511536115371153811539115401154111542115431154411545115461154711548115491155011551115521155311554115551155611557115581155911560115611156211563115641156511566115671156811569115701157111572115731157411575115761157711578115791158011581115821158311584115851158611587115881158911590115911159211593115941159511596115971159811599116001160111602116031160411605116061160711608116091161011611116121161311614116151161611617116181161911620116211162211623116241162511626116271162811629116301163111632116331163411635116361163711638116391164011641116421164311644116451164611647116481164911650116511165211653116541165511656116571165811659116601166111662116631166411665116661166711668116691167011671116721167311674116751167611677116781167911680116811168211683116841168511686116871168811689116901169111692116931169411695116961169711698116991170011701117021170311704117051170611707117081170911710117111171211713117141171511716117171171811719117201172111722117231172411725117261172711728117291173011731117321173311734117351173611737117381173911740117411174211743117441174511746117471174811749117501175111752117531175411755117561175711758117591176011761117621176311764117651176611767117681176911770117711177211773117741177511776117771177811779117801178111782117831178411785117861178711788117891179011791117921179311794117951179611797117981179911800118011180211803118041180511806118071180811809118101181111812118131181411815118161181711818118191182011821118221182311824118251182611827118281182911830118311183211833118341183511836118371183811839118401184111842118431184411845118461184711848118491185011851118521185311854118551185611857118581185911860118611186211863118641186511866118671186811869118701187111872118731187411875118761187711878118791188011881118821188311884118851188611887118881188911890118911189211893118941189511896118971189811899119001190111902119031190411905119061190711908119091191011911119121191311914119151191611917119181191911920119211192211923119241192511926119271192811929119301193111932119331193411935119361193711938119391194011941119421194311944119451194611947119481194911950119511195211953119541195511956119571195811959119601196111962119631196411965119661196711968119691197011971119721197311974119751197611977119781197911980119811198211983119841198511986119871198811989119901199111992119931199411995119961199711998119991200012001120021200312004120051200612007120081200912010120111201212013120141201512016120171201812019120201202112022120231202412025120261202712028120291203012031120321203312034120351203612037120381203912040120411204212043120441204512046120471204812049120501205112052120531205412055120561205712058120591206012061120621206312064120651206612067120681206912070120711207212073120741207512076120771207812079120801208112082120831208412085120861208712088120891209012091120921209312094120951209612097120981209912100121011210212103121041210512106121071210812109121101211112112121131211412115121161211712118121191212012121121221212312124121251212612127121281212912130121311213212133121341213512136121371213812139121401214112142121431214412145121461214712148121491215012151121521215312154121551215612157121581215912160121611216212163121641216512166121671216812169121701217112172121731217412175121761217712178121791218012181121821218312184121851218612187121881218912190121911219212193121941219512196121971219812199122001220112202122031220412205122061220712208122091221012211122121221312214122151221612217122181221912220122211222212223122241222512226122271222812229122301223112232122331223412235122361223712238122391224012241122421224312244122451224612247122481224912250122511225212253122541225512256122571225812259122601226112262122631226412265122661226712268122691227012271122721227312274122751227612277122781227912280122811228212283122841228512286122871228812289122901229112292122931229412295122961229712298122991230012301123021230312304123051230612307123081230912310123111231212313123141231512316123171231812319123201232112322123231232412325123261232712328123291233012331123321233312334123351233612337123381233912340123411234212343123441234512346123471234812349123501235112352123531235412355123561235712358123591236012361123621236312364123651236612367123681236912370123711237212373123741237512376123771237812379123801238112382123831238412385123861238712388123891239012391123921239312394123951239612397123981239912400124011240212403124041240512406124071240812409124101241112412124131241412415124161241712418124191242012421124221242312424124251242612427124281242912430124311243212433124341243512436124371243812439124401244112442124431244412445124461244712448124491245012451124521245312454124551245612457124581245912460124611246212463124641246512466124671246812469124701247112472124731247412475124761247712478124791248012481124821248312484124851248612487124881248912490124911249212493124941249512496124971249812499125001250112502125031250412505125061250712508125091251012511125121251312514125151251612517125181251912520125211252212523125241252512526125271252812529125301253112532125331253412535125361253712538125391254012541125421254312544125451254612547125481254912550125511255212553125541255512556125571255812559125601256112562125631256412565125661256712568125691257012571125721257312574125751257612577125781257912580125811258212583125841258512586125871258812589125901259112592125931259412595125961259712598125991260012601126021260312604126051260612607126081260912610126111261212613126141261512616126171261812619126201262112622126231262412625126261262712628126291263012631126321263312634126351263612637126381263912640126411264212643126441264512646126471264812649126501265112652126531265412655126561265712658126591266012661126621266312664126651266612667126681266912670126711267212673126741267512676126771267812679126801268112682126831268412685126861268712688126891269012691126921269312694126951269612697126981269912700127011270212703127041270512706127071270812709127101271112712127131271412715127161271712718127191272012721127221272312724127251272612727127281272912730127311273212733127341273512736127371273812739127401274112742127431274412745127461274712748127491275012751127521275312754127551275612757127581275912760127611276212763127641276512766127671276812769127701277112772127731277412775127761277712778127791278012781127821278312784127851278612787127881278912790127911279212793127941279512796127971279812799128001280112802128031280412805128061280712808128091281012811128121281312814128151281612817128181281912820128211282212823128241282512826128271282812829128301283112832128331283412835128361283712838128391284012841128421284312844128451284612847128481284912850128511285212853128541285512856128571285812859128601286112862128631286412865128661286712868128691287012871128721287312874128751287612877128781287912880128811288212883128841288512886128871288812889128901289112892128931289412895128961289712898128991290012901129021290312904129051290612907129081290912910129111291212913129141291512916129171291812919129201292112922129231292412925129261292712928129291293012931129321293312934129351293612937129381293912940129411294212943129441294512946129471294812949129501295112952129531295412955129561295712958129591296012961129621296312964129651296612967129681296912970129711297212973129741297512976129771297812979129801298112982129831298412985129861298712988129891299012991129921299312994129951299612997129981299913000130011300213003130041300513006130071300813009130101301113012130131301413015130161301713018130191302013021130221302313024130251302613027130281302913030130311303213033130341303513036130371303813039130401304113042130431304413045130461304713048130491305013051130521305313054130551305613057130581305913060130611306213063130641306513066130671306813069130701307113072130731307413075130761307713078130791308013081130821308313084130851308613087130881308913090130911309213093130941309513096130971309813099131001310113102131031310413105131061310713108131091311013111131121311313114131151311613117131181311913120131211312213123131241312513126131271312813129131301313113132131331313413135131361313713138131391314013141131421314313144131451314613147131481314913150131511315213153131541315513156131571315813159131601316113162131631316413165131661316713168131691317013171131721317313174131751317613177131781317913180131811318213183131841318513186131871318813189131901319113192131931319413195131961319713198131991320013201132021320313204132051320613207132081320913210132111321213213132141321513216132171321813219132201322113222132231322413225132261322713228132291323013231132321323313234132351323613237132381323913240132411324213243132441324513246132471324813249132501325113252132531325413255132561325713258132591326013261132621326313264132651326613267132681326913270132711327213273132741327513276132771327813279132801328113282132831328413285132861328713288132891329013291132921329313294132951329613297132981329913300133011330213303133041330513306133071330813309133101331113312133131331413315133161331713318133191332013321133221332313324133251332613327133281332913330133311333213333133341333513336133371333813339133401334113342133431334413345133461334713348133491335013351133521335313354133551335613357133581335913360133611336213363133641336513366133671336813369133701337113372133731337413375133761337713378133791338013381133821338313384133851338613387133881338913390133911339213393133941339513396133971339813399134001340113402134031340413405134061340713408134091341013411134121341313414134151341613417134181341913420134211342213423134241342513426134271342813429134301343113432134331343413435134361343713438134391344013441134421344313444134451344613447134481344913450134511345213453134541345513456134571345813459134601346113462134631346413465134661346713468134691347013471134721347313474134751347613477134781347913480134811348213483134841348513486134871348813489134901349113492134931349413495134961349713498134991350013501135021350313504135051350613507135081350913510135111351213513135141351513516135171351813519135201352113522135231352413525135261352713528135291353013531135321353313534135351353613537135381353913540135411354213543135441354513546135471354813549135501355113552135531355413555135561355713558135591356013561135621356313564135651356613567135681356913570135711357213573135741357513576135771357813579135801358113582135831358413585135861358713588135891359013591135921359313594135951359613597135981359913600136011360213603136041360513606136071360813609136101361113612136131361413615136161361713618136191362013621136221362313624136251362613627136281362913630136311363213633136341363513636136371363813639136401364113642136431364413645136461364713648136491365013651136521365313654136551365613657136581365913660136611366213663136641366513666136671366813669136701367113672136731367413675136761367713678136791368013681136821368313684136851368613687136881368913690136911369213693136941369513696136971369813699137001370113702137031370413705137061370713708137091371013711137121371313714137151371613717137181371913720137211372213723137241372513726137271372813729137301373113732137331373413735137361373713738137391374013741137421374313744137451374613747137481374913750137511375213753137541375513756137571375813759137601376113762137631376413765137661376713768137691377013771137721377313774137751377613777137781377913780137811378213783137841378513786137871378813789137901379113792137931379413795137961379713798137991380013801138021380313804138051380613807138081380913810138111381213813138141381513816138171381813819138201382113822138231382413825138261382713828138291383013831138321383313834138351383613837138381383913840138411384213843138441384513846138471384813849138501385113852138531385413855138561385713858138591386013861138621386313864138651386613867138681386913870138711387213873138741387513876138771387813879138801388113882138831388413885138861388713888138891389013891138921389313894138951389613897138981389913900139011390213903139041390513906139071390813909139101391113912139131391413915139161391713918139191392013921139221392313924139251392613927139281392913930139311393213933139341393513936139371393813939139401394113942139431394413945139461394713948139491395013951139521395313954139551395613957139581395913960139611396213963139641396513966139671396813969139701397113972139731397413975139761397713978139791398013981139821398313984139851398613987139881398913990139911399213993139941399513996139971399813999140001400114002140031400414005140061400714008140091401014011140121401314014140151401614017140181401914020140211402214023140241402514026140271402814029140301403114032140331403414035140361403714038140391404014041140421404314044140451404614047140481404914050140511405214053140541405514056140571405814059140601406114062140631406414065140661406714068140691407014071140721407314074140751407614077140781407914080140811408214083140841408514086140871408814089140901409114092140931409414095140961409714098140991410014101141021410314104141051410614107141081410914110141111411214113141141411514116141171411814119141201412114122141231412414125141261412714128141291413014131141321413314134141351413614137141381413914140141411414214143141441414514146141471414814149141501415114152141531415414155141561415714158141591416014161141621416314164141651416614167141681416914170141711417214173141741417514176141771417814179141801418114182141831418414185141861418714188141891419014191141921419314194141951419614197141981419914200142011420214203142041420514206142071420814209142101421114212142131421414215142161421714218142191422014221142221422314224142251422614227142281422914230142311423214233142341423514236142371423814239142401424114242142431424414245142461424714248142491425014251142521425314254142551425614257142581425914260142611426214263142641426514266142671426814269142701427114272142731427414275142761427714278142791428014281142821428314284142851428614287142881428914290142911429214293142941429514296142971429814299143001430114302143031430414305143061430714308143091431014311143121431314314143151431614317143181431914320143211432214323143241432514326143271432814329143301433114332143331433414335143361433714338143391434014341143421434314344143451434614347143481434914350143511435214353143541435514356143571435814359143601436114362143631436414365143661436714368143691437014371143721437314374143751437614377143781437914380143811438214383143841438514386143871438814389143901439114392143931439414395143961439714398143991440014401144021440314404144051440614407144081440914410144111441214413144141441514416144171441814419144201442114422144231442414425144261442714428144291443014431144321443314434144351443614437144381443914440144411444214443144441444514446144471444814449144501445114452144531445414455144561445714458144591446014461144621446314464144651446614467144681446914470144711447214473144741447514476144771447814479144801448114482144831448414485144861448714488144891449014491144921449314494144951449614497144981449914500145011450214503145041450514506145071450814509145101451114512145131451414515145161451714518145191452014521145221452314524145251452614527145281452914530145311453214533145341453514536145371453814539145401454114542145431454414545145461454714548145491455014551145521455314554145551455614557145581455914560145611456214563145641456514566145671456814569145701457114572145731457414575145761457714578145791458014581145821458314584145851458614587145881458914590145911459214593145941459514596145971459814599146001460114602146031460414605146061460714608146091461014611146121461314614146151461614617146181461914620146211462214623146241462514626146271462814629146301463114632146331463414635146361463714638146391464014641146421464314644146451464614647146481464914650146511465214653146541465514656146571465814659146601466114662146631466414665146661466714668146691467014671146721467314674146751467614677146781467914680146811468214683146841468514686146871468814689146901469114692146931469414695146961469714698146991470014701147021470314704147051470614707147081470914710147111471214713147141471514716147171471814719147201472114722147231472414725147261472714728147291473014731147321473314734147351473614737147381473914740147411474214743147441474514746147471474814749147501475114752147531475414755147561475714758147591476014761147621476314764147651476614767147681476914770147711477214773147741477514776147771477814779147801478114782147831478414785147861478714788147891479014791147921479314794147951479614797147981479914800148011480214803148041480514806148071480814809148101481114812148131481414815148161481714818148191482014821148221482314824148251482614827148281482914830148311483214833148341483514836148371483814839148401484114842148431484414845148461484714848148491485014851148521485314854148551485614857148581485914860148611486214863148641486514866148671486814869148701487114872148731487414875148761487714878148791488014881148821488314884148851488614887148881488914890148911489214893148941489514896148971489814899149001490114902149031490414905149061490714908149091491014911149121491314914149151491614917149181491914920149211492214923149241492514926149271492814929149301493114932149331493414935149361493714938149391494014941149421494314944149451494614947149481494914950149511495214953149541495514956149571495814959149601496114962149631496414965149661496714968149691497014971149721497314974149751497614977149781497914980149811498214983149841498514986149871498814989149901499114992149931499414995149961499714998149991500015001150021500315004150051500615007150081500915010150111501215013150141501515016150171501815019150201502115022150231502415025150261502715028150291503015031150321503315034150351503615037150381503915040150411504215043150441504515046150471504815049150501505115052150531505415055150561505715058150591506015061150621506315064150651506615067150681506915070150711507215073150741507515076150771507815079150801508115082150831508415085150861508715088150891509015091150921509315094150951509615097150981509915100151011510215103151041510515106151071510815109151101511115112151131511415115151161511715118151191512015121151221512315124151251512615127151281512915130151311513215133151341513515136151371513815139151401514115142151431514415145151461514715148151491515015151151521515315154151551515615157151581515915160151611516215163151641516515166151671516815169151701517115172151731517415175151761517715178151791518015181151821518315184151851518615187151881518915190151911519215193151941519515196151971519815199152001520115202152031520415205152061520715208152091521015211152121521315214152151521615217152181521915220152211522215223152241522515226152271522815229152301523115232152331523415235152361523715238152391524015241152421524315244152451524615247152481524915250152511525215253152541525515256152571525815259152601526115262152631526415265152661526715268152691527015271152721527315274152751527615277152781527915280152811528215283152841528515286152871528815289152901529115292152931529415295152961529715298152991530015301153021530315304153051530615307153081530915310153111531215313153141531515316153171531815319153201532115322153231532415325153261532715328153291533015331153321533315334153351533615337153381533915340153411534215343153441534515346153471534815349153501535115352153531535415355153561535715358153591536015361153621536315364153651536615367153681536915370153711537215373153741537515376153771537815379153801538115382153831538415385153861538715388153891539015391153921539315394153951539615397153981539915400154011540215403154041540515406154071540815409154101541115412154131541415415154161541715418154191542015421154221542315424154251542615427154281542915430154311543215433154341543515436154371543815439154401544115442154431544415445154461544715448154491545015451154521545315454154551545615457154581545915460154611546215463154641546515466154671546815469154701547115472154731547415475154761547715478154791548015481154821548315484154851548615487154881548915490154911549215493154941549515496154971549815499155001550115502155031550415505155061550715508155091551015511155121551315514155151551615517155181551915520155211552215523155241552515526155271552815529155301553115532155331553415535155361553715538155391554015541155421554315544155451554615547155481554915550155511555215553155541555515556155571555815559155601556115562155631556415565155661556715568155691557015571155721557315574155751557615577155781557915580155811558215583155841558515586155871558815589155901559115592155931559415595155961559715598155991560015601156021560315604156051560615607156081560915610156111561215613156141561515616156171561815619156201562115622156231562415625156261562715628156291563015631156321563315634156351563615637156381563915640156411564215643156441564515646156471564815649156501565115652156531565415655156561565715658156591566015661156621566315664156651566615667156681566915670156711567215673156741567515676156771567815679156801568115682156831568415685156861568715688156891569015691156921569315694156951569615697156981569915700157011570215703157041570515706157071570815709157101571115712157131571415715157161571715718157191572015721157221572315724157251572615727157281572915730157311573215733157341573515736157371573815739157401574115742157431574415745157461574715748157491575015751157521575315754157551575615757157581575915760157611576215763157641576515766157671576815769157701577115772157731577415775157761577715778157791578015781157821578315784157851578615787157881578915790157911579215793157941579515796157971579815799158001580115802158031580415805158061580715808158091581015811158121581315814158151581615817158181581915820158211582215823158241582515826158271582815829158301583115832158331583415835158361583715838158391584015841158421584315844158451584615847158481584915850158511585215853158541585515856158571585815859158601586115862158631586415865158661586715868158691587015871158721587315874158751587615877158781587915880158811588215883158841588515886158871588815889158901589115892158931589415895158961589715898158991590015901159021590315904159051590615907159081590915910159111591215913159141591515916159171591815919159201592115922159231592415925159261592715928159291593015931159321593315934159351593615937159381593915940159411594215943159441594515946159471594815949159501595115952159531595415955159561595715958159591596015961159621596315964159651596615967159681596915970159711597215973159741597515976159771597815979159801598115982159831598415985159861598715988159891599015991159921599315994159951599615997159981599916000160011600216003160041600516006160071600816009160101601116012160131601416015160161601716018160191602016021160221602316024160251602616027160281602916030160311603216033160341603516036160371603816039160401604116042160431604416045160461604716048160491605016051160521605316054160551605616057160581605916060160611606216063160641606516066160671606816069160701607116072160731607416075160761607716078160791608016081160821608316084160851608616087160881608916090160911609216093160941609516096160971609816099161001610116102161031610416105161061610716108161091611016111161121611316114161151611616117161181611916120161211612216123161241612516126161271612816129161301613116132161331613416135161361613716138161391614016141161421614316144161451614616147161481614916150161511615216153161541615516156161571615816159161601616116162161631616416165161661616716168161691617016171161721617316174161751617616177161781617916180161811618216183161841618516186161871618816189161901619116192161931619416195161961619716198161991620016201162021620316204162051620616207162081620916210162111621216213162141621516216162171621816219162201622116222162231622416225162261622716228162291623016231162321623316234162351623616237162381623916240162411624216243162441624516246162471624816249162501625116252162531625416255162561625716258162591626016261162621626316264162651626616267162681626916270162711627216273162741627516276162771627816279162801628116282162831628416285162861628716288162891629016291162921629316294162951629616297162981629916300163011630216303163041630516306163071630816309163101631116312163131631416315163161631716318163191632016321163221632316324163251632616327163281632916330163311633216333163341633516336163371633816339163401634116342163431634416345163461634716348163491635016351163521635316354163551635616357163581635916360163611636216363163641636516366163671636816369163701637116372163731637416375163761637716378163791638016381163821638316384163851638616387163881638916390163911639216393163941639516396163971639816399164001640116402164031640416405164061640716408164091641016411164121641316414164151641616417164181641916420164211642216423164241642516426164271642816429164301643116432164331643416435164361643716438164391644016441164421644316444164451644616447164481644916450164511645216453164541645516456164571645816459164601646116462164631646416465164661646716468164691647016471164721647316474164751647616477164781647916480164811648216483164841648516486164871648816489164901649116492164931649416495164961649716498164991650016501165021650316504165051650616507165081650916510165111651216513165141651516516165171651816519165201652116522165231652416525165261652716528165291653016531165321653316534165351653616537165381653916540165411654216543165441654516546165471654816549165501655116552165531655416555165561655716558165591656016561165621656316564165651656616567165681656916570165711657216573165741657516576165771657816579165801658116582165831658416585165861658716588165891659016591165921659316594165951659616597165981659916600166011660216603166041660516606166071660816609166101661116612166131661416615166161661716618166191662016621166221662316624166251662616627166281662916630166311663216633166341663516636166371663816639166401664116642166431664416645166461664716648166491665016651166521665316654166551665616657166581665916660166611666216663166641666516666166671666816669166701667116672166731667416675166761667716678166791668016681166821668316684166851668616687166881668916690166911669216693166941669516696166971669816699167001670116702167031670416705167061670716708167091671016711167121671316714167151671616717167181671916720167211672216723167241672516726167271672816729167301673116732167331673416735167361673716738167391674016741167421674316744167451674616747167481674916750167511675216753167541675516756167571675816759167601676116762167631676416765167661676716768167691677016771167721677316774167751677616777167781677916780167811678216783167841678516786167871678816789167901679116792167931679416795167961679716798167991680016801168021680316804168051680616807168081680916810168111681216813168141681516816168171681816819168201682116822168231682416825168261682716828168291683016831168321683316834168351683616837168381683916840168411684216843168441684516846168471684816849168501685116852168531685416855168561685716858168591686016861168621686316864168651686616867168681686916870168711687216873168741687516876168771687816879168801688116882168831688416885168861688716888168891689016891168921689316894168951689616897168981689916900169011690216903169041690516906169071690816909169101691116912169131691416915169161691716918169191692016921169221692316924169251692616927169281692916930169311693216933169341693516936169371693816939169401694116942169431694416945169461694716948169491695016951169521695316954169551695616957169581695916960169611696216963169641696516966169671696816969169701697116972169731697416975169761697716978169791698016981169821698316984169851698616987169881698916990169911699216993169941699516996169971699816999170001700117002170031700417005170061700717008170091701017011170121701317014170151701617017170181701917020170211702217023170241702517026170271702817029170301703117032170331703417035170361703717038170391704017041170421704317044170451704617047170481704917050170511705217053170541705517056170571705817059170601706117062170631706417065170661706717068170691707017071170721707317074170751707617077170781707917080170811708217083170841708517086170871708817089170901709117092170931709417095170961709717098170991710017101171021710317104171051710617107171081710917110171111711217113171141711517116171171711817119171201712117122171231712417125171261712717128171291713017131171321713317134171351713617137171381713917140171411714217143171441714517146171471714817149171501715117152171531715417155171561715717158171591716017161171621716317164171651716617167171681716917170171711717217173171741717517176171771717817179171801718117182171831718417185171861718717188171891719017191171921719317194171951719617197171981719917200172011720217203172041720517206172071720817209172101721117212172131721417215172161721717218172191722017221172221722317224172251722617227172281722917230172311723217233172341723517236172371723817239172401724117242172431724417245172461724717248172491725017251172521725317254172551725617257172581725917260172611726217263172641726517266172671726817269172701727117272172731727417275172761727717278172791728017281172821728317284172851728617287172881728917290172911729217293172941729517296172971729817299173001730117302173031730417305173061730717308173091731017311173121731317314173151731617317173181731917320173211732217323173241732517326173271732817329173301733117332173331733417335173361733717338173391734017341173421734317344173451734617347173481734917350173511735217353173541735517356173571735817359173601736117362173631736417365173661736717368173691737017371173721737317374173751737617377173781737917380173811738217383173841738517386173871738817389173901739117392173931739417395173961739717398173991740017401174021740317404174051740617407174081740917410174111741217413174141741517416174171741817419174201742117422174231742417425174261742717428174291743017431174321743317434174351743617437174381743917440174411744217443174441744517446174471744817449174501745117452174531745417455174561745717458174591746017461174621746317464174651746617467174681746917470174711747217473174741747517476174771747817479174801748117482174831748417485174861748717488174891749017491174921749317494174951749617497174981749917500175011750217503175041750517506175071750817509175101751117512175131751417515175161751717518175191752017521175221752317524175251752617527175281752917530175311753217533175341753517536175371753817539175401754117542175431754417545175461754717548175491755017551175521755317554175551755617557175581755917560175611756217563175641756517566175671756817569175701757117572175731757417575175761757717578175791758017581175821758317584175851758617587175881758917590175911759217593175941759517596175971759817599176001760117602176031760417605176061760717608176091761017611176121761317614176151761617617176181761917620176211762217623176241762517626176271762817629176301763117632176331763417635176361763717638176391764017641176421764317644176451764617647176481764917650176511765217653176541765517656176571765817659176601766117662176631766417665176661766717668176691767017671176721767317674176751767617677176781767917680176811768217683176841768517686176871768817689176901769117692176931769417695176961769717698176991770017701177021770317704177051770617707177081770917710177111771217713177141771517716177171771817719177201772117722177231772417725177261772717728177291773017731177321773317734177351773617737177381773917740177411774217743177441774517746177471774817749177501775117752177531775417755177561775717758177591776017761177621776317764177651776617767177681776917770177711777217773177741777517776177771777817779177801778117782177831778417785177861778717788177891779017791177921779317794177951779617797177981779917800178011780217803178041780517806178071780817809178101781117812178131781417815178161781717818178191782017821178221782317824178251782617827178281782917830178311783217833178341783517836178371783817839178401784117842178431784417845178461784717848178491785017851178521785317854178551785617857178581785917860178611786217863178641786517866178671786817869178701787117872178731787417875178761787717878178791788017881178821788317884178851788617887178881788917890178911789217893178941789517896178971789817899179001790117902179031790417905179061790717908179091791017911179121791317914179151791617917179181791917920179211792217923179241792517926179271792817929179301793117932179331793417935179361793717938179391794017941179421794317944179451794617947179481794917950179511795217953179541795517956179571795817959179601796117962179631796417965179661796717968179691797017971179721797317974179751797617977179781797917980179811798217983179841798517986179871798817989179901799117992179931799417995179961799717998179991800018001180021800318004180051800618007180081800918010180111801218013180141801518016180171801818019180201802118022180231802418025180261802718028180291803018031180321803318034180351803618037180381803918040180411804218043180441804518046180471804818049180501805118052180531805418055180561805718058180591806018061180621806318064180651806618067180681806918070180711807218073180741807518076180771807818079180801808118082180831808418085180861808718088180891809018091180921809318094180951809618097180981809918100181011810218103181041810518106181071810818109181101811118112181131811418115181161811718118181191812018121181221812318124181251812618127181281812918130181311813218133181341813518136181371813818139181401814118142181431814418145181461814718148181491815018151181521815318154181551815618157181581815918160181611816218163181641816518166181671816818169181701817118172181731817418175181761817718178181791818018181181821818318184181851818618187181881818918190181911819218193181941819518196181971819818199182001820118202182031820418205182061820718208182091821018211182121821318214182151821618217182181821918220182211822218223182241822518226182271822818229182301823118232182331823418235182361823718238182391824018241182421824318244182451824618247182481824918250182511825218253182541825518256182571825818259182601826118262182631826418265182661826718268182691827018271182721827318274182751827618277182781827918280182811828218283182841828518286182871828818289182901829118292182931829418295182961829718298182991830018301183021830318304183051830618307183081830918310183111831218313183141831518316183171831818319183201832118322183231832418325183261832718328183291833018331183321833318334183351833618337183381833918340183411834218343183441834518346183471834818349183501835118352183531835418355183561835718358183591836018361183621836318364183651836618367183681836918370183711837218373183741837518376183771837818379183801838118382183831838418385183861838718388183891839018391183921839318394183951839618397183981839918400184011840218403184041840518406184071840818409184101841118412184131841418415184161841718418184191842018421184221842318424184251842618427184281842918430184311843218433184341843518436184371843818439184401844118442184431844418445184461844718448184491845018451184521845318454184551845618457184581845918460184611846218463184641846518466184671846818469184701847118472184731847418475184761847718478184791848018481184821848318484184851848618487184881848918490184911849218493184941849518496184971849818499185001850118502185031850418505185061850718508185091851018511185121851318514185151851618517185181851918520185211852218523185241852518526185271852818529185301853118532185331853418535185361853718538185391854018541185421854318544185451854618547185481854918550185511855218553185541855518556185571855818559185601856118562185631856418565185661856718568185691857018571185721857318574185751857618577185781857918580185811858218583185841858518586185871858818589185901859118592185931859418595185961859718598185991860018601186021860318604186051860618607186081860918610186111861218613186141861518616186171861818619186201862118622186231862418625186261862718628186291863018631186321863318634186351863618637186381863918640186411864218643186441864518646186471864818649186501865118652186531865418655186561865718658186591866018661186621866318664186651866618667186681866918670186711867218673186741867518676186771867818679186801868118682186831868418685186861868718688186891869018691186921869318694186951869618697186981869918700187011870218703187041870518706187071870818709187101871118712187131871418715187161871718718187191872018721187221872318724187251872618727187281872918730187311873218733187341873518736187371873818739187401874118742187431874418745187461874718748187491875018751187521875318754187551875618757187581875918760187611876218763187641876518766187671876818769187701877118772187731877418775187761877718778187791878018781187821878318784187851878618787187881878918790187911879218793187941879518796187971879818799188001880118802188031880418805188061880718808188091881018811188121881318814188151881618817188181881918820188211882218823188241882518826188271882818829188301883118832188331883418835188361883718838188391884018841188421884318844188451884618847188481884918850188511885218853188541885518856188571885818859188601886118862188631886418865188661886718868188691887018871188721887318874188751887618877188781887918880188811888218883188841888518886188871888818889188901889118892188931889418895188961889718898188991890018901189021890318904189051890618907189081890918910189111891218913189141891518916189171891818919189201892118922189231892418925189261892718928189291893018931189321893318934189351893618937189381893918940189411894218943189441894518946189471894818949189501895118952189531895418955189561895718958189591896018961189621896318964189651896618967189681896918970189711897218973189741897518976189771897818979189801898118982189831898418985189861898718988189891899018991189921899318994189951899618997189981899919000190011900219003190041900519006190071900819009190101901119012190131901419015190161901719018190191902019021190221902319024190251902619027190281902919030190311903219033190341903519036190371903819039190401904119042190431904419045190461904719048190491905019051190521905319054190551905619057190581905919060190611906219063190641906519066190671906819069190701907119072190731907419075190761907719078190791908019081190821908319084190851908619087190881908919090190911909219093190941909519096190971909819099191001910119102191031910419105191061910719108191091911019111191121911319114191151911619117191181911919120191211912219123191241912519126191271912819129191301913119132191331913419135191361913719138191391914019141191421914319144191451914619147191481914919150191511915219153191541915519156191571915819159191601916119162191631916419165191661916719168191691917019171191721917319174191751917619177191781917919180191811918219183191841918519186191871918819189191901919119192191931919419195191961919719198191991920019201192021920319204192051920619207192081920919210192111921219213192141921519216192171921819219192201922119222192231922419225192261922719228192291923019231192321923319234192351923619237192381923919240192411924219243192441924519246192471924819249192501925119252192531925419255192561925719258192591926019261192621926319264192651926619267192681926919270192711927219273192741927519276192771927819279192801928119282192831928419285192861928719288192891929019291192921929319294192951929619297192981929919300193011930219303193041930519306193071930819309193101931119312193131931419315193161931719318193191932019321193221932319324193251932619327193281932919330193311933219333193341933519336193371933819339193401934119342193431934419345193461934719348193491935019351193521935319354193551935619357193581935919360193611936219363193641936519366193671936819369193701937119372193731937419375193761937719378193791938019381193821938319384193851938619387193881938919390193911939219393193941939519396193971939819399194001940119402194031940419405194061940719408194091941019411194121941319414194151941619417194181941919420194211942219423194241942519426194271942819429194301943119432194331943419435194361943719438194391944019441194421944319444194451944619447194481944919450194511945219453194541945519456194571945819459194601946119462194631946419465194661946719468194691947019471194721947319474194751947619477194781947919480194811948219483194841948519486194871948819489194901949119492194931949419495194961949719498194991950019501195021950319504195051950619507195081950919510195111951219513195141951519516195171951819519195201952119522195231952419525195261952719528195291953019531195321953319534195351953619537195381953919540195411954219543195441954519546195471954819549195501955119552195531955419555195561955719558195591956019561195621956319564195651956619567195681956919570195711957219573195741957519576195771957819579195801958119582195831958419585195861958719588195891959019591195921959319594195951959619597195981959919600196011960219603196041960519606196071960819609196101961119612196131961419615196161961719618196191962019621196221962319624196251962619627196281962919630196311963219633196341963519636196371963819639196401964119642196431964419645196461964719648196491965019651196521965319654196551965619657196581965919660196611966219663196641966519666196671966819669196701967119672196731967419675196761967719678196791968019681196821968319684196851968619687196881968919690196911969219693196941969519696196971969819699197001970119702197031970419705197061970719708197091971019711197121971319714197151971619717197181971919720197211972219723197241972519726197271972819729197301973119732197331973419735197361973719738197391974019741197421974319744197451974619747197481974919750197511975219753197541975519756197571975819759197601976119762197631976419765197661976719768197691977019771197721977319774197751977619777197781977919780197811978219783197841978519786197871978819789197901979119792197931979419795197961979719798197991980019801198021980319804198051980619807198081980919810198111981219813198141981519816198171981819819198201982119822198231982419825198261982719828198291983019831198321983319834198351983619837198381983919840198411984219843198441984519846198471984819849198501985119852198531985419855198561985719858198591986019861198621986319864198651986619867198681986919870198711987219873198741987519876198771987819879198801988119882198831988419885198861988719888198891989019891198921989319894198951989619897198981989919900199011990219903199041990519906199071990819909199101991119912199131991419915199161991719918199191992019921199221992319924199251992619927199281992919930199311993219933199341993519936199371993819939199401994119942199431994419945199461994719948199491995019951199521995319954199551995619957199581995919960199611996219963199641996519966199671996819969199701997119972199731997419975199761997719978199791998019981199821998319984199851998619987199881998919990199911999219993199941999519996199971999819999200002000120002200032000420005200062000720008200092001020011200122001320014200152001620017200182001920020200212002220023200242002520026200272002820029200302003120032200332003420035200362003720038200392004020041200422004320044200452004620047200482004920050200512005220053200542005520056200572005820059200602006120062200632006420065200662006720068200692007020071200722007320074200752007620077200782007920080200812008220083200842008520086200872008820089200902009120092200932009420095200962009720098200992010020101201022010320104201052010620107201082010920110201112011220113201142011520116201172011820119201202012120122201232012420125201262012720128201292013020131201322013320134201352013620137201382013920140201412014220143201442014520146201472014820149201502015120152201532015420155201562015720158201592016020161201622016320164201652016620167201682016920170201712017220173201742017520176201772017820179201802018120182201832018420185201862018720188201892019020191201922019320194201952019620197201982019920200202012020220203202042020520206202072020820209202102021120212202132021420215202162021720218202192022020221202222022320224202252022620227202282022920230202312023220233202342023520236202372023820239202402024120242202432024420245202462024720248202492025020251202522025320254202552025620257202582025920260202612026220263202642026520266202672026820269202702027120272202732027420275202762027720278202792028020281202822028320284202852028620287202882028920290202912029220293202942029520296202972029820299203002030120302203032030420305203062030720308203092031020311203122031320314203152031620317203182031920320203212032220323203242032520326203272032820329203302033120332203332033420335203362033720338203392034020341203422034320344203452034620347203482034920350203512035220353203542035520356203572035820359203602036120362203632036420365203662036720368203692037020371203722037320374203752037620377203782037920380203812038220383203842038520386203872038820389203902039120392203932039420395203962039720398203992040020401204022040320404204052040620407204082040920410204112041220413204142041520416204172041820419204202042120422204232042420425204262042720428204292043020431204322043320434204352043620437204382043920440204412044220443204442044520446204472044820449204502045120452204532045420455204562045720458204592046020461204622046320464204652046620467204682046920470204712047220473204742047520476204772047820479204802048120482204832048420485204862048720488204892049020491204922049320494204952049620497204982049920500205012050220503205042050520506205072050820509205102051120512205132051420515205162051720518205192052020521205222052320524205252052620527205282052920530205312053220533205342053520536205372053820539205402054120542205432054420545205462054720548205492055020551205522055320554205552055620557205582055920560205612056220563205642056520566205672056820569205702057120572205732057420575205762057720578205792058020581205822058320584205852058620587205882058920590205912059220593205942059520596205972059820599206002060120602206032060420605206062060720608206092061020611206122061320614206152061620617206182061920620206212062220623206242062520626206272062820629206302063120632206332063420635206362063720638206392064020641206422064320644206452064620647206482064920650206512065220653206542065520656206572065820659206602066120662206632066420665206662066720668206692067020671206722067320674206752067620677206782067920680206812068220683206842068520686206872068820689206902069120692206932069420695206962069720698206992070020701207022070320704207052070620707207082070920710207112071220713207142071520716207172071820719207202072120722207232072420725207262072720728207292073020731207322073320734207352073620737207382073920740207412074220743207442074520746207472074820749207502075120752207532075420755207562075720758207592076020761207622076320764207652076620767207682076920770207712077220773207742077520776207772077820779207802078120782207832078420785207862078720788207892079020791207922079320794207952079620797207982079920800208012080220803208042080520806208072080820809208102081120812208132081420815208162081720818208192082020821208222082320824208252082620827208282082920830208312083220833208342083520836208372083820839208402084120842208432084420845208462084720848208492085020851208522085320854208552085620857208582085920860208612086220863208642086520866208672086820869208702087120872208732087420875208762087720878208792088020881208822088320884208852088620887208882088920890208912089220893208942089520896208972089820899209002090120902209032090420905209062090720908209092091020911209122091320914209152091620917209182091920920209212092220923209242092520926209272092820929209302093120932209332093420935209362093720938209392094020941209422094320944209452094620947209482094920950209512095220953209542095520956209572095820959209602096120962209632096420965209662096720968209692097020971209722097320974209752097620977209782097920980209812098220983209842098520986209872098820989209902099120992209932099420995209962099720998209992100021001210022100321004210052100621007210082100921010210112101221013210142101521016210172101821019210202102121022210232102421025210262102721028210292103021031210322103321034210352103621037210382103921040210412104221043210442104521046210472104821049210502105121052210532105421055210562105721058210592106021061210622106321064210652106621067210682106921070210712107221073210742107521076210772107821079210802108121082210832108421085210862108721088210892109021091210922109321094210952109621097210982109921100211012110221103211042110521106211072110821109211102111121112211132111421115211162111721118211192112021121211222112321124211252112621127211282112921130211312113221133211342113521136211372113821139211402114121142211432114421145211462114721148211492115021151211522115321154211552115621157211582115921160211612116221163211642116521166211672116821169211702117121172211732117421175211762117721178211792118021181211822118321184211852118621187211882118921190211912119221193211942119521196211972119821199212002120121202212032120421205212062120721208212092121021211212122121321214212152121621217212182121921220212212122221223212242122521226212272122821229212302123121232212332123421235212362123721238212392124021241212422124321244212452124621247212482124921250212512125221253212542125521256212572125821259212602126121262212632126421265212662126721268212692127021271212722127321274212752127621277212782127921280212812128221283212842128521286212872128821289212902129121292212932129421295212962129721298212992130021301213022130321304213052130621307213082130921310213112131221313213142131521316213172131821319213202132121322213232132421325213262132721328213292133021331213322133321334213352133621337213382133921340213412134221343213442134521346213472134821349213502135121352213532135421355213562135721358213592136021361213622136321364213652136621367213682136921370213712137221373213742137521376213772137821379213802138121382213832138421385213862138721388213892139021391213922139321394213952139621397213982139921400214012140221403214042140521406214072140821409214102141121412214132141421415214162141721418214192142021421214222142321424214252142621427214282142921430214312143221433214342143521436214372143821439214402144121442214432144421445214462144721448214492145021451214522145321454214552145621457214582145921460214612146221463214642146521466214672146821469214702147121472214732147421475214762147721478214792148021481214822148321484214852148621487214882148921490214912149221493214942149521496214972149821499215002150121502215032150421505215062150721508215092151021511215122151321514215152151621517215182151921520215212152221523215242152521526215272152821529215302153121532215332153421535215362153721538215392154021541215422154321544215452154621547215482154921550215512155221553215542155521556215572155821559215602156121562215632156421565215662156721568215692157021571215722157321574215752157621577215782157921580215812158221583215842158521586215872158821589215902159121592215932159421595215962159721598215992160021601216022160321604216052160621607216082160921610216112161221613216142161521616216172161821619216202162121622216232162421625216262162721628216292163021631216322163321634216352163621637216382163921640216412164221643216442164521646216472164821649216502165121652216532165421655216562165721658216592166021661216622166321664216652166621667216682166921670216712167221673216742167521676216772167821679216802168121682216832168421685216862168721688216892169021691216922169321694216952169621697216982169921700217012170221703217042170521706217072170821709217102171121712217132171421715217162171721718217192172021721217222172321724217252172621727217282172921730217312173221733217342173521736217372173821739217402174121742217432174421745217462174721748217492175021751217522175321754217552175621757217582175921760217612176221763217642176521766217672176821769217702177121772217732177421775217762177721778217792178021781217822178321784217852178621787217882178921790217912179221793217942179521796217972179821799218002180121802218032180421805218062180721808218092181021811218122181321814218152181621817218182181921820218212182221823218242182521826218272182821829218302183121832218332183421835218362183721838218392184021841218422184321844218452184621847218482184921850218512185221853218542185521856218572185821859218602186121862218632186421865218662186721868218692187021871218722187321874218752187621877218782187921880218812188221883218842188521886218872188821889218902189121892218932189421895218962189721898218992190021901219022190321904219052190621907219082190921910219112191221913219142191521916219172191821919219202192121922219232192421925219262192721928219292193021931219322193321934219352193621937219382193921940219412194221943219442194521946219472194821949219502195121952219532195421955219562195721958219592196021961219622196321964219652196621967219682196921970219712197221973219742197521976219772197821979219802198121982219832198421985219862198721988219892199021991219922199321994219952199621997219982199922000220012200222003220042200522006220072200822009220102201122012220132201422015220162201722018220192202022021220222202322024220252202622027220282202922030220312203222033220342203522036220372203822039220402204122042220432204422045220462204722048220492205022051220522205322054220552205622057220582205922060220612206222063220642206522066220672206822069220702207122072220732207422075220762207722078220792208022081220822208322084220852208622087220882208922090220912209222093220942209522096220972209822099221002210122102221032210422105221062210722108221092211022111221122211322114221152211622117221182211922120221212212222123221242212522126221272212822129221302213122132221332213422135221362213722138221392214022141221422214322144221452214622147221482214922150221512215222153221542215522156221572215822159221602216122162221632216422165221662216722168221692217022171221722217322174221752217622177221782217922180221812218222183221842218522186221872218822189221902219122192221932219422195221962219722198221992220022201222022220322204222052220622207222082220922210222112221222213222142221522216222172221822219222202222122222222232222422225222262222722228222292223022231222322223322234222352223622237222382223922240222412224222243222442224522246222472224822249222502225122252222532225422255222562225722258222592226022261222622226322264222652226622267222682226922270222712227222273222742227522276222772227822279222802228122282222832228422285222862228722288222892229022291222922229322294222952229622297222982229922300223012230222303223042230522306223072230822309223102231122312223132231422315223162231722318223192232022321223222232322324223252232622327223282232922330223312233222333223342233522336223372233822339223402234122342223432234422345223462234722348223492235022351223522235322354223552235622357223582235922360223612236222363223642236522366223672236822369223702237122372223732237422375223762237722378223792238022381223822238322384223852238622387223882238922390223912239222393223942239522396223972239822399224002240122402224032240422405224062240722408224092241022411224122241322414224152241622417224182241922420224212242222423224242242522426224272242822429224302243122432224332243422435224362243722438224392244022441224422244322444224452244622447224482244922450224512245222453224542245522456224572245822459224602246122462224632246422465224662246722468224692247022471224722247322474224752247622477224782247922480224812248222483224842248522486224872248822489224902249122492224932249422495224962249722498224992250022501225022250322504225052250622507225082250922510225112251222513225142251522516225172251822519225202252122522225232252422525225262252722528225292253022531225322253322534225352253622537225382253922540225412254222543225442254522546225472254822549225502255122552225532255422555225562255722558225592256022561225622256322564225652256622567225682256922570225712257222573225742257522576225772257822579225802258122582225832258422585225862258722588225892259022591225922259322594225952259622597225982259922600226012260222603226042260522606226072260822609226102261122612226132261422615226162261722618226192262022621226222262322624226252262622627226282262922630226312263222633226342263522636226372263822639226402264122642226432264422645226462264722648226492265022651226522265322654226552265622657226582265922660226612266222663226642266522666226672266822669226702267122672226732267422675226762267722678226792268022681226822268322684226852268622687226882268922690226912269222693226942269522696226972269822699227002270122702227032270422705227062270722708227092271022711227122271322714227152271622717227182271922720227212272222723227242272522726227272272822729227302273122732227332273422735227362273722738227392274022741227422274322744227452274622747227482274922750227512275222753227542275522756227572275822759227602276122762227632276422765227662276722768227692277022771227722277322774227752277622777227782277922780227812278222783227842278522786227872278822789227902279122792227932279422795227962279722798227992280022801228022280322804228052280622807228082280922810228112281222813228142281522816228172281822819228202282122822228232282422825228262282722828228292283022831228322283322834228352283622837228382283922840228412284222843228442284522846228472284822849228502285122852228532285422855228562285722858228592286022861228622286322864228652286622867228682286922870228712287222873228742287522876228772287822879228802288122882228832288422885228862288722888228892289022891228922289322894228952289622897228982289922900229012290222903229042290522906229072290822909229102291122912229132291422915229162291722918229192292022921229222292322924229252292622927229282292922930229312293222933229342293522936229372293822939229402294122942229432294422945229462294722948229492295022951229522295322954229552295622957229582295922960229612296222963229642296522966229672296822969229702297122972229732297422975229762297722978229792298022981229822298322984229852298622987229882298922990229912299222993229942299522996229972299822999230002300123002230032300423005230062300723008230092301023011230122301323014230152301623017230182301923020230212302223023230242302523026230272302823029230302303123032230332303423035230362303723038230392304023041230422304323044230452304623047230482304923050230512305223053230542305523056230572305823059230602306123062230632306423065230662306723068230692307023071230722307323074230752307623077230782307923080230812308223083230842308523086230872308823089230902309123092230932309423095230962309723098230992310023101231022310323104231052310623107231082310923110231112311223113231142311523116231172311823119231202312123122231232312423125231262312723128231292313023131231322313323134231352313623137231382313923140231412314223143231442314523146231472314823149231502315123152231532315423155231562315723158231592316023161231622316323164231652316623167231682316923170231712317223173231742317523176231772317823179231802318123182231832318423185231862318723188231892319023191231922319323194231952319623197231982319923200232012320223203232042320523206232072320823209232102321123212232132321423215232162321723218232192322023221232222322323224232252322623227232282322923230232312323223233232342323523236232372323823239232402324123242232432324423245232462324723248232492325023251232522325323254232552325623257232582325923260232612326223263232642326523266232672326823269232702327123272232732327423275232762327723278232792328023281232822328323284232852328623287232882328923290232912329223293232942329523296232972329823299233002330123302233032330423305233062330723308233092331023311233122331323314233152331623317233182331923320233212332223323233242332523326233272332823329233302333123332233332333423335233362333723338233392334023341233422334323344233452334623347233482334923350233512335223353233542335523356233572335823359233602336123362233632336423365233662336723368233692337023371233722337323374233752337623377233782337923380233812338223383233842338523386233872338823389233902339123392233932339423395233962339723398233992340023401234022340323404234052340623407234082340923410234112341223413234142341523416234172341823419234202342123422234232342423425234262342723428234292343023431234322343323434234352343623437234382343923440234412344223443234442344523446234472344823449234502345123452234532345423455234562345723458234592346023461234622346323464234652346623467234682346923470234712347223473234742347523476234772347823479234802348123482234832348423485234862348723488234892349023491234922349323494234952349623497234982349923500235012350223503235042350523506235072350823509235102351123512235132351423515235162351723518235192352023521235222352323524235252352623527235282352923530235312353223533235342353523536235372353823539235402354123542235432354423545235462354723548235492355023551235522355323554235552355623557235582355923560235612356223563235642356523566235672356823569235702357123572235732357423575235762357723578235792358023581235822358323584235852358623587235882358923590235912359223593235942359523596235972359823599236002360123602236032360423605236062360723608236092361023611236122361323614236152361623617236182361923620236212362223623236242362523626236272362823629236302363123632236332363423635236362363723638236392364023641236422364323644236452364623647236482364923650236512365223653236542365523656236572365823659236602366123662236632366423665236662366723668236692367023671236722367323674236752367623677236782367923680236812368223683236842368523686236872368823689236902369123692236932369423695236962369723698236992370023701237022370323704237052370623707237082370923710237112371223713237142371523716237172371823719237202372123722237232372423725237262372723728237292373023731237322373323734237352373623737237382373923740237412374223743237442374523746237472374823749237502375123752237532375423755237562375723758237592376023761237622376323764237652376623767237682376923770237712377223773237742377523776237772377823779237802378123782237832378423785237862378723788237892379023791237922379323794237952379623797237982379923800238012380223803238042380523806238072380823809238102381123812238132381423815238162381723818238192382023821238222382323824238252382623827238282382923830238312383223833238342383523836238372383823839238402384123842238432384423845238462384723848238492385023851238522385323854238552385623857238582385923860238612386223863238642386523866238672386823869238702387123872238732387423875238762387723878238792388023881238822388323884238852388623887238882388923890238912389223893238942389523896238972389823899239002390123902239032390423905239062390723908239092391023911239122391323914239152391623917239182391923920239212392223923239242392523926239272392823929239302393123932239332393423935239362393723938239392394023941239422394323944239452394623947239482394923950239512395223953239542395523956239572395823959239602396123962239632396423965239662396723968239692397023971239722397323974239752397623977239782397923980239812398223983239842398523986239872398823989239902399123992239932399423995239962399723998239992400024001240022400324004240052400624007240082400924010240112401224013240142401524016240172401824019240202402124022240232402424025240262402724028240292403024031240322403324034240352403624037240382403924040240412404224043240442404524046240472404824049240502405124052240532405424055240562405724058240592406024061240622406324064240652406624067240682406924070240712407224073240742407524076240772407824079240802408124082240832408424085240862408724088240892409024091240922409324094240952409624097240982409924100241012410224103241042410524106241072410824109241102411124112241132411424115241162411724118241192412024121241222412324124241252412624127241282412924130241312413224133241342413524136241372413824139241402414124142241432414424145241462414724148241492415024151241522415324154241552415624157241582415924160241612416224163241642416524166241672416824169241702417124172241732417424175241762417724178241792418024181241822418324184241852418624187241882418924190241912419224193241942419524196241972419824199242002420124202242032420424205242062420724208242092421024211242122421324214242152421624217242182421924220242212422224223242242422524226242272422824229242302423124232242332423424235242362423724238242392424024241242422424324244242452424624247242482424924250242512425224253242542425524256242572425824259242602426124262242632426424265242662426724268242692427024271242722427324274242752427624277242782427924280242812428224283242842428524286242872428824289242902429124292242932429424295242962429724298242992430024301243022430324304243052430624307243082430924310243112431224313243142431524316243172431824319243202432124322243232432424325243262432724328243292433024331243322433324334243352433624337243382433924340243412434224343243442434524346243472434824349243502435124352243532435424355243562435724358243592436024361243622436324364243652436624367243682436924370243712437224373243742437524376243772437824379243802438124382243832438424385243862438724388243892439024391243922439324394243952439624397243982439924400244012440224403244042440524406244072440824409244102441124412244132441424415244162441724418244192442024421244222442324424244252442624427244282442924430244312443224433244342443524436244372443824439244402444124442244432444424445244462444724448244492445024451244522445324454244552445624457244582445924460244612446224463244642446524466244672446824469244702447124472244732447424475244762447724478244792448024481244822448324484244852448624487244882448924490244912449224493244942449524496244972449824499245002450124502245032450424505245062450724508245092451024511245122451324514245152451624517245182451924520245212452224523245242452524526245272452824529245302453124532245332453424535245362453724538245392454024541245422454324544245452454624547245482454924550245512455224553245542455524556245572455824559245602456124562245632456424565245662456724568245692457024571245722457324574245752457624577245782457924580245812458224583245842458524586245872458824589245902459124592245932459424595245962459724598245992460024601246022460324604246052460624607246082460924610246112461224613246142461524616246172461824619246202462124622246232462424625246262462724628246292463024631246322463324634246352463624637246382463924640246412464224643246442464524646246472464824649246502465124652246532465424655246562465724658246592466024661246622466324664246652466624667246682466924670246712467224673246742467524676246772467824679246802468124682246832468424685246862468724688246892469024691246922469324694246952469624697246982469924700247012470224703247042470524706247072470824709247102471124712247132471424715247162471724718247192472024721247222472324724247252472624727247282472924730247312473224733247342473524736247372473824739247402474124742247432474424745247462474724748247492475024751247522475324754247552475624757247582475924760247612476224763247642476524766247672476824769247702477124772247732477424775247762477724778247792478024781247822478324784247852478624787247882478924790247912479224793247942479524796247972479824799248002480124802248032480424805248062480724808248092481024811248122481324814248152481624817248182481924820248212482224823248242482524826248272482824829248302483124832248332483424835248362483724838248392484024841248422484324844248452484624847248482484924850248512485224853248542485524856248572485824859248602486124862248632486424865248662486724868248692487024871248722487324874248752487624877248782487924880248812488224883248842488524886248872488824889248902489124892248932489424895248962489724898248992490024901249022490324904249052490624907249082490924910249112491224913249142491524916249172491824919249202492124922249232492424925249262492724928249292493024931249322493324934249352493624937249382493924940249412494224943249442494524946249472494824949249502495124952249532495424955249562495724958249592496024961249622496324964249652496624967249682496924970249712497224973249742497524976249772497824979249802498124982249832498424985249862498724988249892499024991249922499324994249952499624997249982499925000250012500225003250042500525006250072500825009250102501125012250132501425015250162501725018250192502025021250222502325024250252502625027250282502925030250312503225033250342503525036250372503825039250402504125042250432504425045250462504725048250492505025051250522505325054250552505625057250582505925060250612506225063250642506525066250672506825069250702507125072250732507425075250762507725078250792508025081250822508325084250852508625087250882508925090250912509225093250942509525096250972509825099251002510125102251032510425105251062510725108251092511025111251122511325114251152511625117251182511925120251212512225123251242512525126251272512825129251302513125132251332513425135251362513725138251392514025141251422514325144251452514625147251482514925150251512515225153251542515525156251572515825159251602516125162251632516425165251662516725168251692517025171251722517325174251752517625177251782517925180251812518225183251842518525186251872518825189251902519125192251932519425195251962519725198251992520025201252022520325204252052520625207252082520925210252112521225213252142521525216252172521825219252202522125222252232522425225252262522725228252292523025231252322523325234252352523625237252382523925240252412524225243252442524525246252472524825249252502525125252252532525425255252562525725258252592526025261252622526325264252652526625267252682526925270252712527225273252742527525276252772527825279252802528125282252832528425285252862528725288252892529025291252922529325294252952529625297252982529925300253012530225303253042530525306253072530825309253102531125312253132531425315253162531725318253192532025321253222532325324253252532625327253282532925330253312533225333253342533525336253372533825339253402534125342253432534425345253462534725348253492535025351253522535325354253552535625357253582535925360253612536225363253642536525366253672536825369253702537125372253732537425375253762537725378253792538025381253822538325384253852538625387253882538925390253912539225393253942539525396253972539825399254002540125402254032540425405254062540725408254092541025411254122541325414254152541625417254182541925420254212542225423254242542525426254272542825429254302543125432254332543425435254362543725438254392544025441254422544325444254452544625447254482544925450254512545225453254542545525456254572545825459254602546125462254632546425465254662546725468254692547025471254722547325474254752547625477254782547925480254812548225483254842548525486254872548825489254902549125492254932549425495254962549725498254992550025501255022550325504255052550625507255082550925510255112551225513255142551525516255172551825519255202552125522255232552425525255262552725528255292553025531255322553325534255352553625537255382553925540255412554225543255442554525546255472554825549255502555125552255532555425555255562555725558255592556025561255622556325564255652556625567255682556925570255712557225573255742557525576255772557825579255802558125582255832558425585255862558725588255892559025591255922559325594255952559625597255982559925600256012560225603256042560525606256072560825609256102561125612256132561425615256162561725618256192562025621256222562325624256252562625627256282562925630256312563225633256342563525636256372563825639256402564125642256432564425645256462564725648256492565025651256522565325654256552565625657256582565925660256612566225663256642566525666256672566825669256702567125672256732567425675256762567725678256792568025681256822568325684256852568625687256882568925690256912569225693256942569525696256972569825699257002570125702257032570425705257062570725708257092571025711257122571325714257152571625717257182571925720257212572225723257242572525726257272572825729257302573125732257332573425735257362573725738257392574025741257422574325744257452574625747257482574925750257512575225753257542575525756257572575825759257602576125762257632576425765257662576725768257692577025771257722577325774257752577625777257782577925780257812578225783257842578525786257872578825789257902579125792257932579425795257962579725798257992580025801258022580325804258052580625807258082580925810258112581225813258142581525816258172581825819258202582125822258232582425825258262582725828258292583025831258322583325834258352583625837258382583925840258412584225843258442584525846258472584825849258502585125852258532585425855258562585725858258592586025861258622586325864258652586625867258682586925870258712587225873258742587525876258772587825879258802588125882258832588425885258862588725888258892589025891258922589325894258952589625897258982589925900259012590225903259042590525906259072590825909259102591125912259132591425915259162591725918259192592025921259222592325924259252592625927259282592925930259312593225933259342593525936259372593825939259402594125942259432594425945259462594725948259492595025951259522595325954259552595625957259582595925960259612596225963259642596525966259672596825969259702597125972259732597425975259762597725978259792598025981259822598325984259852598625987259882598925990259912599225993259942599525996259972599825999260002600126002260032600426005260062600726008260092601026011260122601326014260152601626017260182601926020260212602226023260242602526026260272602826029260302603126032260332603426035260362603726038260392604026041260422604326044260452604626047260482604926050260512605226053260542605526056260572605826059260602606126062260632606426065260662606726068260692607026071260722607326074260752607626077260782607926080260812608226083260842608526086260872608826089260902609126092260932609426095260962609726098260992610026101261022610326104261052610626107261082610926110261112611226113261142611526116261172611826119261202612126122261232612426125261262612726128261292613026131261322613326134261352613626137261382613926140261412614226143261442614526146261472614826149261502615126152261532615426155261562615726158261592616026161261622616326164261652616626167261682616926170261712617226173261742617526176261772617826179261802618126182261832618426185261862618726188261892619026191261922619326194261952619626197261982619926200262012620226203262042620526206262072620826209262102621126212262132621426215262162621726218262192622026221262222622326224262252622626227262282622926230262312623226233262342623526236262372623826239262402624126242262432624426245262462624726248262492625026251262522625326254262552625626257262582625926260262612626226263262642626526266262672626826269262702627126272262732627426275262762627726278262792628026281262822628326284262852628626287262882628926290262912629226293262942629526296262972629826299263002630126302263032630426305263062630726308263092631026311263122631326314263152631626317263182631926320263212632226323263242632526326263272632826329263302633126332263332633426335263362633726338263392634026341263422634326344263452634626347263482634926350263512635226353263542635526356263572635826359263602636126362263632636426365263662636726368263692637026371263722637326374263752637626377263782637926380263812638226383263842638526386263872638826389263902639126392263932639426395263962639726398263992640026401264022640326404264052640626407264082640926410264112641226413264142641526416264172641826419264202642126422264232642426425264262642726428264292643026431264322643326434264352643626437264382643926440264412644226443264442644526446264472644826449264502645126452264532645426455264562645726458264592646026461264622646326464264652646626467264682646926470264712647226473264742647526476264772647826479264802648126482264832648426485264862648726488264892649026491264922649326494264952649626497264982649926500265012650226503265042650526506265072650826509265102651126512265132651426515265162651726518265192652026521265222652326524265252652626527265282652926530265312653226533265342653526536265372653826539265402654126542265432654426545265462654726548265492655026551265522655326554265552655626557265582655926560265612656226563265642656526566265672656826569265702657126572265732657426575265762657726578265792658026581265822658326584265852658626587265882658926590265912659226593265942659526596265972659826599266002660126602266032660426605266062660726608266092661026611266122661326614266152661626617266182661926620266212662226623266242662526626266272662826629266302663126632266332663426635266362663726638266392664026641266422664326644266452664626647266482664926650266512665226653266542665526656266572665826659266602666126662266632666426665266662666726668266692667026671266722667326674266752667626677266782667926680266812668226683266842668526686266872668826689266902669126692266932669426695266962669726698266992670026701267022670326704267052670626707267082670926710267112671226713267142671526716267172671826719267202672126722267232672426725267262672726728267292673026731267322673326734267352673626737267382673926740267412674226743267442674526746267472674826749267502675126752267532675426755267562675726758267592676026761267622676326764267652676626767267682676926770267712677226773267742677526776267772677826779267802678126782267832678426785267862678726788267892679026791267922679326794267952679626797267982679926800268012680226803268042680526806268072680826809268102681126812268132681426815268162681726818268192682026821268222682326824268252682626827268282682926830268312683226833268342683526836268372683826839268402684126842268432684426845268462684726848268492685026851268522685326854268552685626857268582685926860268612686226863268642686526866268672686826869268702687126872268732687426875268762687726878268792688026881268822688326884268852688626887268882688926890268912689226893268942689526896268972689826899269002690126902269032690426905269062690726908269092691026911269122691326914269152691626917269182691926920269212692226923269242692526926269272692826929269302693126932269332693426935269362693726938269392694026941269422694326944269452694626947269482694926950269512695226953269542695526956269572695826959269602696126962269632696426965269662696726968269692697026971269722697326974269752697626977269782697926980269812698226983269842698526986269872698826989269902699126992269932699426995269962699726998269992700027001270022700327004270052700627007270082700927010270112701227013270142701527016270172701827019270202702127022270232702427025270262702727028270292703027031270322703327034270352703627037270382703927040270412704227043270442704527046270472704827049270502705127052270532705427055270562705727058270592706027061270622706327064270652706627067270682706927070270712707227073270742707527076270772707827079270802708127082270832708427085270862708727088270892709027091270922709327094270952709627097270982709927100271012710227103271042710527106271072710827109271102711127112271132711427115271162711727118271192712027121271222712327124271252712627127271282712927130271312713227133271342713527136271372713827139271402714127142271432714427145271462714727148271492715027151271522715327154271552715627157271582715927160271612716227163271642716527166271672716827169271702717127172271732717427175271762717727178271792718027181271822718327184271852718627187271882718927190271912719227193271942719527196271972719827199272002720127202272032720427205272062720727208272092721027211272122721327214272152721627217272182721927220272212722227223272242722527226272272722827229272302723127232272332723427235272362723727238272392724027241272422724327244272452724627247272482724927250272512725227253272542725527256272572725827259272602726127262272632726427265272662726727268272692727027271272722727327274272752727627277272782727927280272812728227283272842728527286272872728827289272902729127292272932729427295272962729727298272992730027301273022730327304273052730627307273082730927310273112731227313273142731527316273172731827319273202732127322273232732427325273262732727328273292733027331273322733327334273352733627337273382733927340273412734227343273442734527346273472734827349273502735127352273532735427355273562735727358273592736027361273622736327364273652736627367273682736927370273712737227373273742737527376273772737827379273802738127382273832738427385273862738727388273892739027391273922739327394273952739627397273982739927400274012740227403274042740527406274072740827409274102741127412274132741427415274162741727418274192742027421274222742327424274252742627427274282742927430274312743227433274342743527436274372743827439274402744127442274432744427445274462744727448274492745027451274522745327454274552745627457274582745927460274612746227463274642746527466274672746827469274702747127472274732747427475274762747727478274792748027481274822748327484274852748627487274882748927490274912749227493274942749527496274972749827499275002750127502275032750427505275062750727508275092751027511275122751327514275152751627517275182751927520275212752227523275242752527526275272752827529275302753127532275332753427535275362753727538275392754027541275422754327544275452754627547275482754927550275512755227553275542755527556275572755827559275602756127562275632756427565275662756727568275692757027571275722757327574275752757627577275782757927580275812758227583275842758527586275872758827589275902759127592275932759427595275962759727598275992760027601276022760327604276052760627607276082760927610276112761227613276142761527616276172761827619276202762127622276232762427625276262762727628276292763027631276322763327634276352763627637276382763927640276412764227643276442764527646276472764827649276502765127652276532765427655276562765727658276592766027661276622766327664276652766627667276682766927670276712767227673276742767527676276772767827679276802768127682276832768427685276862768727688276892769027691276922769327694276952769627697276982769927700277012770227703277042770527706277072770827709277102771127712277132771427715277162771727718277192772027721277222772327724277252772627727277282772927730277312773227733277342773527736277372773827739277402774127742277432774427745277462774727748277492775027751277522775327754277552775627757277582775927760277612776227763277642776527766277672776827769277702777127772277732777427775277762777727778277792778027781277822778327784277852778627787277882778927790277912779227793277942779527796277972779827799278002780127802278032780427805278062780727808278092781027811278122781327814278152781627817278182781927820278212782227823278242782527826278272782827829278302783127832278332783427835278362783727838278392784027841278422784327844278452784627847278482784927850278512785227853278542785527856278572785827859278602786127862278632786427865278662786727868278692787027871278722787327874278752787627877278782787927880278812788227883278842788527886278872788827889278902789127892278932789427895278962789727898278992790027901279022790327904279052790627907279082790927910279112791227913279142791527916279172791827919279202792127922279232792427925279262792727928279292793027931279322793327934279352793627937279382793927940279412794227943279442794527946279472794827949279502795127952279532795427955279562795727958279592796027961279622796327964279652796627967279682796927970279712797227973279742797527976279772797827979279802798127982279832798427985279862798727988279892799027991279922799327994279952799627997279982799928000280012800228003280042800528006280072800828009280102801128012280132801428015280162801728018280192802028021280222802328024280252802628027280282802928030280312803228033280342803528036280372803828039280402804128042280432804428045280462804728048280492805028051280522805328054280552805628057280582805928060280612806228063280642806528066280672806828069280702807128072280732807428075280762807728078280792808028081280822808328084280852808628087280882808928090280912809228093280942809528096280972809828099281002810128102281032810428105281062810728108281092811028111281122811328114281152811628117281182811928120281212812228123281242812528126281272812828129281302813128132281332813428135281362813728138281392814028141281422814328144281452814628147281482814928150281512815228153281542815528156281572815828159281602816128162281632816428165281662816728168281692817028171281722817328174281752817628177281782817928180281812818228183281842818528186281872818828189281902819128192281932819428195281962819728198281992820028201282022820328204282052820628207282082820928210282112821228213282142821528216282172821828219282202822128222282232822428225282262822728228282292823028231282322823328234282352823628237282382823928240282412824228243282442824528246282472824828249282502825128252282532825428255282562825728258282592826028261282622826328264282652826628267282682826928270282712827228273282742827528276282772827828279282802828128282282832828428285282862828728288282892829028291282922829328294282952829628297282982829928300283012830228303283042830528306283072830828309283102831128312283132831428315283162831728318283192832028321283222832328324283252832628327283282832928330283312833228333283342833528336283372833828339283402834128342283432834428345283462834728348283492835028351283522835328354283552835628357283582835928360283612836228363283642836528366283672836828369283702837128372283732837428375283762837728378283792838028381283822838328384283852838628387283882838928390283912839228393283942839528396283972839828399284002840128402284032840428405284062840728408284092841028411284122841328414284152841628417284182841928420284212842228423284242842528426284272842828429284302843128432284332843428435284362843728438284392844028441284422844328444284452844628447284482844928450284512845228453284542845528456284572845828459284602846128462284632846428465284662846728468284692847028471284722847328474284752847628477284782847928480284812848228483284842848528486284872848828489284902849128492284932849428495284962849728498284992850028501285022850328504285052850628507285082850928510285112851228513285142851528516285172851828519285202852128522285232852428525285262852728528285292853028531285322853328534285352853628537285382853928540285412854228543285442854528546285472854828549285502855128552285532855428555285562855728558285592856028561285622856328564285652856628567285682856928570285712857228573285742857528576285772857828579285802858128582285832858428585285862858728588285892859028591285922859328594285952859628597285982859928600286012860228603286042860528606286072860828609286102861128612286132861428615286162861728618286192862028621286222862328624286252862628627286282862928630286312863228633286342863528636286372863828639286402864128642286432864428645286462864728648286492865028651286522865328654286552865628657286582865928660286612866228663286642866528666286672866828669286702867128672286732867428675286762867728678286792868028681286822868328684286852868628687286882868928690286912869228693286942869528696286972869828699287002870128702287032870428705287062870728708287092871028711287122871328714 |
- ---
- apiVersion: apiextensions.k8s.io/v1
- kind: CustomResourceDefinition
- metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: alertmanagerconfigs.monitoring.coreos.com
- spec:
- group: monitoring.coreos.com
- names:
- categories:
- - prometheus-operator
- kind: AlertmanagerConfig
- listKind: AlertmanagerConfigList
- plural: alertmanagerconfigs
- shortNames:
- - amcfg
- singular: alertmanagerconfig
- scope: Namespaced
- versions:
- - name: v1alpha1
- schema:
- openAPIV3Schema:
- description: AlertmanagerConfig defines a namespaced AlertmanagerConfig to
- be aggregated across multiple namespaces configuring one Alertmanager cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: AlertmanagerConfigSpec is a specification of the desired
- behavior of the Alertmanager configuration. By definition, the Alertmanager
- configuration only applies to alerts for which the `namespace` label
- is equal to the namespace of the AlertmanagerConfig resource.
- properties:
- inhibitRules:
- description: List of inhibition rules. The rules will only apply to
- alerts matching the resource’s namespace.
- items:
- description: InhibitRule defines an inhibition rule that allows
- to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule
- properties:
- equal:
- description: Labels that must have an equal value in the source
- and target alert for the inhibition to take effect.
- items:
- type: string
- type: array
- sourceMatch:
- description: Matchers for which one or more alerts have to exist
- for the inhibition to take effect. The operator enforces that
- the alert matches the resource’s namespace.
- items:
- description: Matcher defines how to match on alert's labels.
- properties:
- matchType:
- description: Match operation available with AlertManager
- >= v0.22.0 and takes precedence over Regex (deprecated)
- if non-empty.
- enum:
- - '!='
- - =
- - =~
- - '!~'
- type: string
- name:
- description: Label to match.
- minLength: 1
- type: string
- regex:
- description: Whether to match on equality (false) or regular-expression
- (true). Deprecated as of AlertManager >= v0.22.0 where
- a user should use MatchType instead.
- type: boolean
- value:
- description: Label value to match.
- type: string
- required:
- - name
- type: object
- type: array
- targetMatch:
- description: Matchers that have to be fulfilled in the alerts
- to be muted. The operator enforces that the alert matches
- the resource’s namespace.
- items:
- description: Matcher defines how to match on alert's labels.
- properties:
- matchType:
- description: Match operation available with AlertManager
- >= v0.22.0 and takes precedence over Regex (deprecated)
- if non-empty.
- enum:
- - '!='
- - =
- - =~
- - '!~'
- type: string
- name:
- description: Label to match.
- minLength: 1
- type: string
- regex:
- description: Whether to match on equality (false) or regular-expression
- (true). Deprecated as of AlertManager >= v0.22.0 where
- a user should use MatchType instead.
- type: boolean
- value:
- description: Label value to match.
- type: string
- required:
- - name
- type: object
- type: array
- type: object
- type: array
- muteTimeIntervals:
- description: List of MuteTimeInterval specifying when the routes should
- be muted.
- items:
- description: MuteTimeInterval specifies the periods in time when
- notifications will be muted
- properties:
- name:
- description: Name of the time interval
- type: string
- timeIntervals:
- description: TimeIntervals is a list of TimeInterval
- items:
- description: TimeInterval describes intervals of time
- properties:
- daysOfMonth:
- description: DaysOfMonth is a list of DayOfMonthRange
- items:
- description: DayOfMonthRange is an inclusive range of
- days of the month beginning at 1
- properties:
- end:
- description: End of the inclusive range
- maximum: 31
- minimum: -31
- type: integer
- start:
- description: Start of the inclusive range
- maximum: 31
- minimum: -31
- type: integer
- type: object
- type: array
- months:
- description: Months is a list of MonthRange
- items:
- description: MonthRange is an inclusive range of months
- of the year beginning in January Months can be specified
- by name (e.g 'January') by numerical month (e.g '1')
- or as an inclusive range (e.g 'January:March', '1:3',
- '1:March')
- pattern: ^((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12])(?:((:((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12]))$)|$)
- type: string
- type: array
- times:
- description: Times is a list of TimeRange
- items:
- description: TimeRange defines a start and end time
- in 24hr format
- properties:
- endTime:
- description: EndTime is the end time in 24hr format.
- pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$)
- type: string
- startTime:
- description: StartTime is the start time in 24hr
- format.
- pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$)
- type: string
- type: object
- type: array
- weekdays:
- description: Weekdays is a list of WeekdayRange
- items:
- description: WeekdayRange is an inclusive range of days
- of the week beginning on Sunday Days can be specified
- by name (e.g 'Sunday') or as an inclusive range (e.g
- 'Monday:Friday')
- pattern: ^((?i)sun|mon|tues|wednes|thurs|fri|satur)day(?:((:(sun|mon|tues|wednes|thurs|fri|satur)day)$)|$)
- type: string
- type: array
- years:
- description: Years is a list of YearRange
- items:
- description: YearRange is an inclusive range of years
- pattern: ^2\d{3}(?::2\d{3}|$)
- type: string
- type: array
- type: object
- type: array
- type: object
- type: array
- receivers:
- description: List of receivers.
- items:
- description: Receiver defines one or more notification integrations.
- properties:
- emailConfigs:
- description: List of Email configurations.
- items:
- description: EmailConfig configures notifications via Email.
- properties:
- authIdentity:
- description: The identity to use for authentication.
- type: string
- authPassword:
- description: The secret's key that contains the password
- to use for authentication. The secret needs to be in
- the same namespace as the AlertmanagerConfig object
- and accessible by the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- authSecret:
- description: The secret's key that contains the CRAM-MD5
- secret. The secret needs to be in the same namespace
- as the AlertmanagerConfig object and accessible by the
- Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- authUsername:
- description: The username to use for authentication.
- type: string
- from:
- description: The sender address.
- type: string
- headers:
- description: Further headers email header key/value pairs.
- Overrides any headers previously set by the notification
- implementation.
- items:
- description: KeyValue defines a (key, value) tuple.
- properties:
- key:
- description: Key of the tuple.
- minLength: 1
- type: string
- value:
- description: Value of the tuple.
- type: string
- required:
- - key
- - value
- type: object
- type: array
- hello:
- description: The hostname to identify to the SMTP server.
- type: string
- html:
- description: The HTML body of the email notification.
- type: string
- requireTLS:
- description: The SMTP TLS requirement. Note that Go does
- not support unencrypted connections to remote SMTP endpoints.
- type: boolean
- sendResolved:
- description: Whether or not to notify about resolved alerts.
- type: boolean
- smarthost:
- description: The SMTP host and port through which emails
- are sent. E.g. example.com:25
- type: string
- text:
- description: The text body of the email notification.
- type: string
- tlsConfig:
- description: TLS configuration
- properties:
- ca:
- description: Struct containing the CA cert to use
- for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use
- for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for
- the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert file
- for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use
- for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for
- the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key file
- for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- to:
- description: The email address to send notifications to.
- type: string
- type: object
- type: array
- name:
- description: Name of the receiver. Must be unique across all
- items from the list.
- minLength: 1
- type: string
- opsgenieConfigs:
- description: List of OpsGenie configurations.
- items:
- description: OpsGenieConfig configures notifications via OpsGenie.
- See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config
- properties:
- actions:
- description: Comma separated list of actions that will
- be available for the alert.
- type: string
- apiKey:
- description: The secret's key that contains the OpsGenie
- API key. The secret needs to be in the same namespace
- as the AlertmanagerConfig object and accessible by the
- Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- apiURL:
- description: The URL to send OpsGenie API requests to.
- type: string
- description:
- description: Description of the incident.
- type: string
- details:
- description: A set of arbitrary key/value pairs that provide
- further detail about the incident.
- items:
- description: KeyValue defines a (key, value) tuple.
- properties:
- key:
- description: Key of the tuple.
- minLength: 1
- type: string
- value:
- description: Value of the tuple.
- type: string
- required:
- - key
- - value
- type: object
- type: array
- entity:
- description: Optional field that can be used to specify
- which domain alert is related to.
- type: string
- httpConfig:
- description: HTTP client configuration.
- properties:
- authorization:
- description: Authorization header configuration for
- the client. This is mutually exclusive with BasicAuth
- and is only available starting from Alertmanager
- v0.22+.
- properties:
- credentials:
- description: The secret's key that contains the
- credentials of the request
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults
- to Bearer, Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the client. This is mutually
- exclusive with Authorization. If both are defined,
- BasicAuth takes precedence.
- properties:
- password:
- description: The secret in the service monitor
- namespace that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor
- namespace that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: The secret's key that contains the bearer
- token to be used by the client for authentication.
- The secret needs to be in the same namespace as
- the AlertmanagerConfig object and accessible by
- the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- followRedirects:
- description: FollowRedirects specifies whether the
- client should follow HTTP 3xx redirects.
- type: boolean
- oauth2:
- description: OAuth2 client credentials used to fetch
- a token for the targets.
- properties:
- clientId:
- description: The secret or configmap containing
- the OAuth2 client id
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2
- client secret
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token
- URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token
- request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyURL:
- description: Optional proxy URL.
- type: string
- tlsConfig:
- description: TLS configuration for the client.
- properties:
- ca:
- description: Struct containing the CA cert to
- use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert
- file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key
- file for the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the
- targets.
- type: string
- type: object
- type: object
- message:
- description: Alert text limited to 130 characters.
- type: string
- note:
- description: Additional alert note.
- type: string
- priority:
- description: Priority level of alert. Possible values
- are P1, P2, P3, P4, and P5.
- type: string
- responders:
- description: List of responders responsible for notifications.
- items:
- description: OpsGenieConfigResponder defines a responder
- to an incident. One of `id`, `name` or `username`
- has to be defined.
- properties:
- id:
- description: ID of the responder.
- type: string
- name:
- description: Name of the responder.
- type: string
- type:
- description: Type of responder.
- enum:
- - team
- - teams
- - user
- - escalation
- - schedule
- minLength: 1
- type: string
- username:
- description: Username of the responder.
- type: string
- required:
- - type
- type: object
- type: array
- sendResolved:
- description: Whether or not to notify about resolved alerts.
- type: boolean
- source:
- description: Backlink to the sender of the notification.
- type: string
- tags:
- description: Comma separated list of tags attached to
- the notifications.
- type: string
- updateAlerts:
- description: Whether to update message and description
- of the alert in OpsGenie if it already exists By default,
- the alert is never updated in OpsGenie, the new message
- only appears in activity log.
- type: boolean
- type: object
- type: array
- pagerdutyConfigs:
- description: List of PagerDuty configurations.
- items:
- description: PagerDutyConfig configures notifications via
- PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config
- properties:
- class:
- description: The class/type of the event.
- type: string
- client:
- description: Client identification.
- type: string
- clientURL:
- description: Backlink to the sender of notification.
- type: string
- component:
- description: The part or component of the affected system
- that is broken.
- type: string
- description:
- description: Description of the incident.
- type: string
- details:
- description: Arbitrary key/value pairs that provide further
- detail about the incident.
- items:
- description: KeyValue defines a (key, value) tuple.
- properties:
- key:
- description: Key of the tuple.
- minLength: 1
- type: string
- value:
- description: Value of the tuple.
- type: string
- required:
- - key
- - value
- type: object
- type: array
- group:
- description: A cluster or grouping of sources.
- type: string
- httpConfig:
- description: HTTP client configuration.
- properties:
- authorization:
- description: Authorization header configuration for
- the client. This is mutually exclusive with BasicAuth
- and is only available starting from Alertmanager
- v0.22+.
- properties:
- credentials:
- description: The secret's key that contains the
- credentials of the request
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults
- to Bearer, Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the client. This is mutually
- exclusive with Authorization. If both are defined,
- BasicAuth takes precedence.
- properties:
- password:
- description: The secret in the service monitor
- namespace that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor
- namespace that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: The secret's key that contains the bearer
- token to be used by the client for authentication.
- The secret needs to be in the same namespace as
- the AlertmanagerConfig object and accessible by
- the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- followRedirects:
- description: FollowRedirects specifies whether the
- client should follow HTTP 3xx redirects.
- type: boolean
- oauth2:
- description: OAuth2 client credentials used to fetch
- a token for the targets.
- properties:
- clientId:
- description: The secret or configmap containing
- the OAuth2 client id
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2
- client secret
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token
- URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token
- request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyURL:
- description: Optional proxy URL.
- type: string
- tlsConfig:
- description: TLS configuration for the client.
- properties:
- ca:
- description: Struct containing the CA cert to
- use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert
- file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key
- file for the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the
- targets.
- type: string
- type: object
- type: object
- pagerDutyImageConfigs:
- description: A list of image details to attach that provide
- further detail about an incident.
- items:
- description: PagerDutyImageConfig attaches images to
- an incident
- properties:
- alt:
- description: Alt is the optional alternative text
- for the image.
- type: string
- href:
- description: Optional URL; makes the image a clickable
- link.
- type: string
- src:
- description: Src of the image being attached to
- the incident
- type: string
- type: object
- type: array
- pagerDutyLinkConfigs:
- description: A list of link details to attach that provide
- further detail about an incident.
- items:
- description: PagerDutyLinkConfig attaches text links
- to an incident
- properties:
- alt:
- description: Text that describes the purpose of
- the link, and can be used as the link's text.
- type: string
- href:
- description: Href is the URL of the link to be attached
- type: string
- type: object
- type: array
- routingKey:
- description: The secret's key that contains the PagerDuty
- integration key (when using Events API v2). Either this
- field or `serviceKey` needs to be defined. The secret
- needs to be in the same namespace as the AlertmanagerConfig
- object and accessible by the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- sendResolved:
- description: Whether or not to notify about resolved alerts.
- type: boolean
- serviceKey:
- description: The secret's key that contains the PagerDuty
- service key (when using integration type "Prometheus").
- Either this field or `routingKey` needs to be defined.
- The secret needs to be in the same namespace as the
- AlertmanagerConfig object and accessible by the Prometheus
- Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- severity:
- description: Severity of the incident.
- type: string
- url:
- description: The URL to send requests to.
- type: string
- type: object
- type: array
- pushoverConfigs:
- description: List of Pushover configurations.
- items:
- description: PushoverConfig configures notifications via Pushover.
- See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config
- properties:
- expire:
- description: How long your notification will continue
- to be retried for, unless the user acknowledges the
- notification.
- pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$
- type: string
- html:
- description: Whether notification message is HTML or plain
- text.
- type: boolean
- httpConfig:
- description: HTTP client configuration.
- properties:
- authorization:
- description: Authorization header configuration for
- the client. This is mutually exclusive with BasicAuth
- and is only available starting from Alertmanager
- v0.22+.
- properties:
- credentials:
- description: The secret's key that contains the
- credentials of the request
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults
- to Bearer, Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the client. This is mutually
- exclusive with Authorization. If both are defined,
- BasicAuth takes precedence.
- properties:
- password:
- description: The secret in the service monitor
- namespace that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor
- namespace that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: The secret's key that contains the bearer
- token to be used by the client for authentication.
- The secret needs to be in the same namespace as
- the AlertmanagerConfig object and accessible by
- the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- followRedirects:
- description: FollowRedirects specifies whether the
- client should follow HTTP 3xx redirects.
- type: boolean
- oauth2:
- description: OAuth2 client credentials used to fetch
- a token for the targets.
- properties:
- clientId:
- description: The secret or configmap containing
- the OAuth2 client id
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2
- client secret
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token
- URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token
- request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyURL:
- description: Optional proxy URL.
- type: string
- tlsConfig:
- description: TLS configuration for the client.
- properties:
- ca:
- description: Struct containing the CA cert to
- use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert
- file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key
- file for the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the
- targets.
- type: string
- type: object
- type: object
- message:
- description: Notification message.
- type: string
- priority:
- description: Priority, see https://pushover.net/api#priority
- type: string
- retry:
- description: How often the Pushover servers will send
- the same notification to the user. Must be at least
- 30 seconds.
- pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$
- type: string
- sendResolved:
- description: Whether or not to notify about resolved alerts.
- type: boolean
- sound:
- description: The name of one of the sounds supported by
- device clients to override the user's default sound
- choice
- type: string
- title:
- description: Notification title.
- type: string
- token:
- description: The secret's key that contains the registered
- application’s API token, see https://pushover.net/apps.
- The secret needs to be in the same namespace as the
- AlertmanagerConfig object and accessible by the Prometheus
- Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- url:
- description: A supplementary URL shown alongside the message.
- type: string
- urlTitle:
- description: A title for supplementary URL, otherwise
- just the URL is shown
- type: string
- userKey:
- description: The secret's key that contains the recipient
- user’s user key. The secret needs to be in the same
- namespace as the AlertmanagerConfig object and accessible
- by the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- type: object
- type: array
- slackConfigs:
- description: List of Slack configurations.
- items:
- description: SlackConfig configures notifications via Slack.
- See https://prometheus.io/docs/alerting/latest/configuration/#slack_config
- properties:
- actions:
- description: A list of Slack actions that are sent with
- each notification.
- items:
- description: SlackAction configures a single Slack action
- that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields
- and https://api.slack.com/docs/message-buttons for
- more information.
- properties:
- confirm:
- description: SlackConfirmationField protect users
- from destructive actions or particularly distinguished
- decisions by asking them to confirm their button
- click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields
- for more information.
- properties:
- dismissText:
- type: string
- okText:
- type: string
- text:
- minLength: 1
- type: string
- title:
- type: string
- required:
- - text
- type: object
- name:
- type: string
- style:
- type: string
- text:
- minLength: 1
- type: string
- type:
- minLength: 1
- type: string
- url:
- type: string
- value:
- type: string
- required:
- - text
- - type
- type: object
- type: array
- apiURL:
- description: The secret's key that contains the Slack
- webhook URL. The secret needs to be in the same namespace
- as the AlertmanagerConfig object and accessible by the
- Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- callbackId:
- type: string
- channel:
- description: The channel or user to send notifications
- to.
- type: string
- color:
- type: string
- fallback:
- type: string
- fields:
- description: A list of Slack fields that are sent with
- each notification.
- items:
- description: SlackField configures a single Slack field
- that is sent with each notification. Each field must
- contain a title, value, and optionally, a boolean
- value to indicate if the field is short enough to
- be displayed next to other fields designated as short.
- See https://api.slack.com/docs/message-attachments#fields
- for more information.
- properties:
- short:
- type: boolean
- title:
- minLength: 1
- type: string
- value:
- minLength: 1
- type: string
- required:
- - title
- - value
- type: object
- type: array
- footer:
- type: string
- httpConfig:
- description: HTTP client configuration.
- properties:
- authorization:
- description: Authorization header configuration for
- the client. This is mutually exclusive with BasicAuth
- and is only available starting from Alertmanager
- v0.22+.
- properties:
- credentials:
- description: The secret's key that contains the
- credentials of the request
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults
- to Bearer, Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the client. This is mutually
- exclusive with Authorization. If both are defined,
- BasicAuth takes precedence.
- properties:
- password:
- description: The secret in the service monitor
- namespace that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor
- namespace that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: The secret's key that contains the bearer
- token to be used by the client for authentication.
- The secret needs to be in the same namespace as
- the AlertmanagerConfig object and accessible by
- the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- followRedirects:
- description: FollowRedirects specifies whether the
- client should follow HTTP 3xx redirects.
- type: boolean
- oauth2:
- description: OAuth2 client credentials used to fetch
- a token for the targets.
- properties:
- clientId:
- description: The secret or configmap containing
- the OAuth2 client id
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2
- client secret
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token
- URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token
- request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyURL:
- description: Optional proxy URL.
- type: string
- tlsConfig:
- description: TLS configuration for the client.
- properties:
- ca:
- description: Struct containing the CA cert to
- use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert
- file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key
- file for the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the
- targets.
- type: string
- type: object
- type: object
- iconEmoji:
- type: string
- iconURL:
- type: string
- imageURL:
- type: string
- linkNames:
- type: boolean
- mrkdwnIn:
- items:
- type: string
- type: array
- pretext:
- type: string
- sendResolved:
- description: Whether or not to notify about resolved alerts.
- type: boolean
- shortFields:
- type: boolean
- text:
- type: string
- thumbURL:
- type: string
- title:
- type: string
- titleLink:
- type: string
- username:
- type: string
- type: object
- type: array
- snsConfigs:
- description: List of SNS configurations
- items:
- description: SNSConfig configures notifications via AWS SNS.
- See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs
- properties:
- apiURL:
- description: The SNS API URL i.e. https://sns.us-east-2.amazonaws.com.
- If not specified, the SNS API URL from the SNS SDK will
- be used.
- type: string
- attributes:
- additionalProperties:
- type: string
- description: SNS message attributes.
- type: object
- httpConfig:
- description: HTTP client configuration.
- properties:
- authorization:
- description: Authorization header configuration for
- the client. This is mutually exclusive with BasicAuth
- and is only available starting from Alertmanager
- v0.22+.
- properties:
- credentials:
- description: The secret's key that contains the
- credentials of the request
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults
- to Bearer, Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the client. This is mutually
- exclusive with Authorization. If both are defined,
- BasicAuth takes precedence.
- properties:
- password:
- description: The secret in the service monitor
- namespace that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor
- namespace that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: The secret's key that contains the bearer
- token to be used by the client for authentication.
- The secret needs to be in the same namespace as
- the AlertmanagerConfig object and accessible by
- the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- followRedirects:
- description: FollowRedirects specifies whether the
- client should follow HTTP 3xx redirects.
- type: boolean
- oauth2:
- description: OAuth2 client credentials used to fetch
- a token for the targets.
- properties:
- clientId:
- description: The secret or configmap containing
- the OAuth2 client id
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2
- client secret
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token
- URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token
- request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyURL:
- description: Optional proxy URL.
- type: string
- tlsConfig:
- description: TLS configuration for the client.
- properties:
- ca:
- description: Struct containing the CA cert to
- use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert
- file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key
- file for the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the
- targets.
- type: string
- type: object
- type: object
- message:
- description: The message content of the SNS notification.
- type: string
- phoneNumber:
- description: Phone number if message is delivered via
- SMS in E.164 format. If you don't specify this value,
- you must specify a value for the TopicARN or TargetARN.
- type: string
- sendResolved:
- description: Whether or not to notify about resolved alerts.
- type: boolean
- sigv4:
- description: Configures AWS's Signature Verification 4
- signing process to sign requests.
- properties:
- accessKey:
- description: AccessKey is the AWS API key. If blank,
- the environment variable `AWS_ACCESS_KEY_ID` is
- used.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- profile:
- description: Profile is the named AWS profile used
- to authenticate.
- type: string
- region:
- description: Region is the AWS region. If blank, the
- region from the default credentials chain used.
- type: string
- roleArn:
- description: RoleArn is the named AWS profile used
- to authenticate.
- type: string
- secretKey:
- description: SecretKey is the AWS API secret. If blank,
- the environment variable `AWS_SECRET_ACCESS_KEY`
- is used.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- subject:
- description: Subject line when the message is delivered
- to email endpoints.
- type: string
- targetARN:
- description: The mobile platform endpoint ARN if message
- is delivered via mobile notifications. If you don't
- specify this value, you must specify a value for the
- topic_arn or PhoneNumber.
- type: string
- topicARN:
- description: SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic
- If you don't specify this value, you must specify a
- value for the PhoneNumber or TargetARN.
- type: string
- type: object
- type: array
- telegramConfigs:
- description: List of Telegram configurations.
- items:
- description: TelegramConfig configures notifications via Telegram.
- See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config
- properties:
- apiURL:
- description: The Telegram API URL i.e. https://api.telegram.org.
- If not specified, default API URL will be used.
- type: string
- botToken:
- description: Telegram bot token The secret needs to be
- in the same namespace as the AlertmanagerConfig object
- and accessible by the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- chatID:
- description: The Telegram chat ID.
- format: int64
- type: integer
- disableNotifications:
- description: Disable telegram notifications
- type: boolean
- httpConfig:
- description: HTTP client configuration.
- properties:
- authorization:
- description: Authorization header configuration for
- the client. This is mutually exclusive with BasicAuth
- and is only available starting from Alertmanager
- v0.22+.
- properties:
- credentials:
- description: The secret's key that contains the
- credentials of the request
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults
- to Bearer, Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the client. This is mutually
- exclusive with Authorization. If both are defined,
- BasicAuth takes precedence.
- properties:
- password:
- description: The secret in the service monitor
- namespace that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor
- namespace that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: The secret's key that contains the bearer
- token to be used by the client for authentication.
- The secret needs to be in the same namespace as
- the AlertmanagerConfig object and accessible by
- the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- followRedirects:
- description: FollowRedirects specifies whether the
- client should follow HTTP 3xx redirects.
- type: boolean
- oauth2:
- description: OAuth2 client credentials used to fetch
- a token for the targets.
- properties:
- clientId:
- description: The secret or configmap containing
- the OAuth2 client id
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2
- client secret
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token
- URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token
- request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyURL:
- description: Optional proxy URL.
- type: string
- tlsConfig:
- description: TLS configuration for the client.
- properties:
- ca:
- description: Struct containing the CA cert to
- use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert
- file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key
- file for the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the
- targets.
- type: string
- type: object
- type: object
- message:
- description: Message template
- type: string
- parseMode:
- description: Parse mode for telegram message
- enum:
- - MarkdownV2
- - Markdown
- - HTML
- type: string
- sendResolved:
- description: Whether to notify about resolved alerts.
- type: boolean
- type: object
- type: array
- victoropsConfigs:
- description: List of VictorOps configurations.
- items:
- description: VictorOpsConfig configures notifications via
- VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config
- properties:
- apiKey:
- description: The secret's key that contains the API key
- to use when talking to the VictorOps API. The secret
- needs to be in the same namespace as the AlertmanagerConfig
- object and accessible by the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- apiUrl:
- description: The VictorOps API URL.
- type: string
- customFields:
- description: Additional custom fields for notification.
- items:
- description: KeyValue defines a (key, value) tuple.
- properties:
- key:
- description: Key of the tuple.
- minLength: 1
- type: string
- value:
- description: Value of the tuple.
- type: string
- required:
- - key
- - value
- type: object
- type: array
- entityDisplayName:
- description: Contains summary of the alerted problem.
- type: string
- httpConfig:
- description: The HTTP client's configuration.
- properties:
- authorization:
- description: Authorization header configuration for
- the client. This is mutually exclusive with BasicAuth
- and is only available starting from Alertmanager
- v0.22+.
- properties:
- credentials:
- description: The secret's key that contains the
- credentials of the request
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults
- to Bearer, Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the client. This is mutually
- exclusive with Authorization. If both are defined,
- BasicAuth takes precedence.
- properties:
- password:
- description: The secret in the service monitor
- namespace that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor
- namespace that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: The secret's key that contains the bearer
- token to be used by the client for authentication.
- The secret needs to be in the same namespace as
- the AlertmanagerConfig object and accessible by
- the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- followRedirects:
- description: FollowRedirects specifies whether the
- client should follow HTTP 3xx redirects.
- type: boolean
- oauth2:
- description: OAuth2 client credentials used to fetch
- a token for the targets.
- properties:
- clientId:
- description: The secret or configmap containing
- the OAuth2 client id
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2
- client secret
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token
- URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token
- request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyURL:
- description: Optional proxy URL.
- type: string
- tlsConfig:
- description: TLS configuration for the client.
- properties:
- ca:
- description: Struct containing the CA cert to
- use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert
- file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key
- file for the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the
- targets.
- type: string
- type: object
- type: object
- messageType:
- description: Describes the behavior of the alert (CRITICAL,
- WARNING, INFO).
- type: string
- monitoringTool:
- description: The monitoring tool the state message is
- from.
- type: string
- routingKey:
- description: A key used to map the alert to a team.
- type: string
- sendResolved:
- description: Whether or not to notify about resolved alerts.
- type: boolean
- stateMessage:
- description: Contains long explanation of the alerted
- problem.
- type: string
- type: object
- type: array
- webhookConfigs:
- description: List of webhook configurations.
- items:
- description: WebhookConfig configures notifications via a
- generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config
- properties:
- httpConfig:
- description: HTTP client configuration.
- properties:
- authorization:
- description: Authorization header configuration for
- the client. This is mutually exclusive with BasicAuth
- and is only available starting from Alertmanager
- v0.22+.
- properties:
- credentials:
- description: The secret's key that contains the
- credentials of the request
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults
- to Bearer, Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the client. This is mutually
- exclusive with Authorization. If both are defined,
- BasicAuth takes precedence.
- properties:
- password:
- description: The secret in the service monitor
- namespace that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor
- namespace that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: The secret's key that contains the bearer
- token to be used by the client for authentication.
- The secret needs to be in the same namespace as
- the AlertmanagerConfig object and accessible by
- the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- followRedirects:
- description: FollowRedirects specifies whether the
- client should follow HTTP 3xx redirects.
- type: boolean
- oauth2:
- description: OAuth2 client credentials used to fetch
- a token for the targets.
- properties:
- clientId:
- description: The secret or configmap containing
- the OAuth2 client id
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2
- client secret
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token
- URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token
- request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyURL:
- description: Optional proxy URL.
- type: string
- tlsConfig:
- description: TLS configuration for the client.
- properties:
- ca:
- description: Struct containing the CA cert to
- use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert
- file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key
- file for the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the
- targets.
- type: string
- type: object
- type: object
- maxAlerts:
- description: Maximum number of alerts to be sent per webhook
- message. When 0, all alerts are included.
- format: int32
- minimum: 0
- type: integer
- sendResolved:
- description: Whether or not to notify about resolved alerts.
- type: boolean
- url:
- description: The URL to send HTTP POST requests to. `urlSecret`
- takes precedence over `url`. One of `urlSecret` and
- `url` should be defined.
- type: string
- urlSecret:
- description: The secret's key that contains the webhook
- URL to send HTTP requests to. `urlSecret` takes precedence
- over `url`. One of `urlSecret` and `url` should be defined.
- The secret needs to be in the same namespace as the
- AlertmanagerConfig object and accessible by the Prometheus
- Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- type: object
- type: array
- wechatConfigs:
- description: List of WeChat configurations.
- items:
- description: WeChatConfig configures notifications via WeChat.
- See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config
- properties:
- agentID:
- type: string
- apiSecret:
- description: The secret's key that contains the WeChat
- API key. The secret needs to be in the same namespace
- as the AlertmanagerConfig object and accessible by the
- Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- apiURL:
- description: The WeChat API URL.
- type: string
- corpID:
- description: The corp id for authentication.
- type: string
- httpConfig:
- description: HTTP client configuration.
- properties:
- authorization:
- description: Authorization header configuration for
- the client. This is mutually exclusive with BasicAuth
- and is only available starting from Alertmanager
- v0.22+.
- properties:
- credentials:
- description: The secret's key that contains the
- credentials of the request
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults
- to Bearer, Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the client. This is mutually
- exclusive with Authorization. If both are defined,
- BasicAuth takes precedence.
- properties:
- password:
- description: The secret in the service monitor
- namespace that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor
- namespace that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: The secret's key that contains the bearer
- token to be used by the client for authentication.
- The secret needs to be in the same namespace as
- the AlertmanagerConfig object and accessible by
- the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- followRedirects:
- description: FollowRedirects specifies whether the
- client should follow HTTP 3xx redirects.
- type: boolean
- oauth2:
- description: OAuth2 client credentials used to fetch
- a token for the targets.
- properties:
- clientId:
- description: The secret or configmap containing
- the OAuth2 client id
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2
- client secret
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token
- URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token
- request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyURL:
- description: Optional proxy URL.
- type: string
- tlsConfig:
- description: TLS configuration for the client.
- properties:
- ca:
- description: Struct containing the CA cert to
- use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert
- file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to
- use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use
- for the targets.
- properties:
- key:
- description: The key of the secret to
- select from. Must be a valid secret
- key.
- type: string
- name:
- description: 'Name of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key
- file for the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the
- targets.
- type: string
- type: object
- type: object
- message:
- description: API request data as defined by the WeChat
- API.
- type: string
- messageType:
- type: string
- sendResolved:
- description: Whether or not to notify about resolved alerts.
- type: boolean
- toParty:
- type: string
- toTag:
- type: string
- toUser:
- type: string
- type: object
- type: array
- required:
- - name
- type: object
- type: array
- route:
- description: The Alertmanager route definition for alerts matching
- the resource’s namespace. If present, it will be added to the generated
- Alertmanager configuration as a first-level route.
- properties:
- continue:
- description: Boolean indicating whether an alert should continue
- matching subsequent sibling nodes. It will always be overridden
- to true for the first-level route by the Prometheus operator.
- type: boolean
- groupBy:
- description: List of labels to group by. Labels must not be repeated
- (unique list). Special label "..." (aggregate by all possible
- labels), if provided, must be the only element in the list.
- items:
- type: string
- type: array
- groupInterval:
- description: 'How long to wait before sending an updated notification.
- Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
- Example: "5m"'
- type: string
- groupWait:
- description: 'How long to wait before sending the initial notification.
- Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
- Example: "30s"'
- type: string
- matchers:
- description: 'List of matchers that the alert’s labels should
- match. For the first level route, the operator removes any existing
- equality and regexp matcher on the `namespace` label and adds
- a `namespace: <object namespace>` matcher.'
- items:
- description: Matcher defines how to match on alert's labels.
- properties:
- matchType:
- description: Match operation available with AlertManager
- >= v0.22.0 and takes precedence over Regex (deprecated)
- if non-empty.
- enum:
- - '!='
- - =
- - =~
- - '!~'
- type: string
- name:
- description: Label to match.
- minLength: 1
- type: string
- regex:
- description: Whether to match on equality (false) or regular-expression
- (true). Deprecated as of AlertManager >= v0.22.0 where
- a user should use MatchType instead.
- type: boolean
- value:
- description: Label value to match.
- type: string
- required:
- - name
- type: object
- type: array
- muteTimeIntervals:
- description: 'Note: this comment applies to the field definition
- above but appears below otherwise it gets included in the generated
- manifest. CRD schema doesn''t support self-referential types
- for now (see https://github.com/kubernetes/kubernetes/issues/62872).
- We have to use an alternative type to circumvent the limitation.
- The downside is that the Kube API can''t validate the data beyond
- the fact that it is a valid JSON representation. MuteTimeIntervals
- is a list of MuteTimeInterval names that will mute this route
- when matched,'
- items:
- type: string
- type: array
- receiver:
- description: Name of the receiver for this route. If not empty,
- it should be listed in the `receivers` field.
- type: string
- repeatInterval:
- description: 'How long to wait before repeating the last notification.
- Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
- Example: "4h"'
- type: string
- routes:
- description: Child routes.
- items:
- x-kubernetes-preserve-unknown-fields: true
- type: array
- type: object
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
- ---
- ---
- apiVersion: apiextensions.k8s.io/v1
- kind: CustomResourceDefinition
- metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: alertmanagers.monitoring.coreos.com
- spec:
- group: monitoring.coreos.com
- names:
- categories:
- - prometheus-operator
- kind: Alertmanager
- listKind: AlertmanagerList
- plural: alertmanagers
- shortNames:
- - am
- singular: alertmanager
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The version of Alertmanager
- jsonPath: .spec.version
- name: Version
- type: string
- - description: The desired replicas number of Alertmanagers
- jsonPath: .spec.replicas
- name: Replicas
- type: integer
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1
- schema:
- openAPIV3Schema:
- description: Alertmanager describes an Alertmanager cluster.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: 'Specification of the desired behavior of the Alertmanager
- cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- additionalPeers:
- description: AdditionalPeers allows injecting a set of additional
- Alertmanagers to peer with to form a highly available cluster.
- items:
- type: string
- type: array
- affinity:
- description: If specified, the pod's scheduling constraints.
- properties:
- nodeAffinity:
- description: Describes node affinity scheduling rules for the
- pod.
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to
- nodes that satisfy the affinity expressions specified by
- this field, but it may choose a node that violates one or
- more of the expressions. The node that is most preferred
- is the one with the greatest sum of weights, i.e. for each
- node that meets all of the scheduling requirements (resource
- request, requiredDuringScheduling affinity expressions,
- etc.), compute a sum by iterating through the elements of
- this field and adding "weight" to the sum if the node matches
- the corresponding matchExpressions; the node(s) with the
- highest sum are the most preferred.
- items:
- description: An empty preferred scheduling term matches
- all objects with implicit weight 0 (i.e. it's a no-op).
- A null preferred scheduling term matches no objects (i.e.
- is also a no-op).
- properties:
- preference:
- description: A node selector term, associated with the
- corresponding weight.
- properties:
- matchExpressions:
- description: A list of node selector requirements
- by node's labels.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchFields:
- description: A list of node selector requirements
- by node's fields.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- type: object
- x-kubernetes-map-type: atomic
- weight:
- description: Weight associated with matching the corresponding
- nodeSelectorTerm, in the range 1-100.
- format: int32
- type: integer
- required:
- - preference
- - weight
- type: object
- type: array
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this
- field are not met at scheduling time, the pod will not be
- scheduled onto the node. If the affinity requirements specified
- by this field cease to be met at some point during pod execution
- (e.g. due to an update), the system may or may not try to
- eventually evict the pod from its node.
- properties:
- nodeSelectorTerms:
- description: Required. A list of node selector terms.
- The terms are ORed.
- items:
- description: A null or empty node selector term matches
- no objects. The requirements of them are ANDed. The
- TopologySelectorTerm type implements a subset of the
- NodeSelectorTerm.
- properties:
- matchExpressions:
- description: A list of node selector requirements
- by node's labels.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchFields:
- description: A list of node selector requirements
- by node's fields.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- type: object
- x-kubernetes-map-type: atomic
- type: array
- required:
- - nodeSelectorTerms
- type: object
- x-kubernetes-map-type: atomic
- type: object
- podAffinity:
- description: Describes pod affinity scheduling rules (e.g. co-locate
- this pod in the same node, zone, etc. as some other pod(s)).
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to
- nodes that satisfy the affinity expressions specified by
- this field, but it may choose a node that violates one or
- more of the expressions. The node that is most preferred
- is the one with the greatest sum of weights, i.e. for each
- node that meets all of the scheduling requirements (resource
- request, requiredDuringScheduling affinity expressions,
- etc.), compute a sum by iterating through the elements of
- this field and adding "weight" to the sum if the node has
- pods which matches the corresponding podAffinityTerm; the
- node(s) with the highest sum are the most preferred.
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm
- fields are added per-node to find the most preferred node(s)
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated
- with the corresponding weight.
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied
- to the union of the namespaces selected by this
- field and the ones listed in the namespaces field.
- null selector and null or empty namespaces list
- means "this pod's namespace". An empty selector
- ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list
- of namespace names that the term applies to. The
- term is applied to the union of the namespaces
- listed in this field and the ones selected by
- namespaceSelector. null or empty namespaces list
- and null namespaceSelector means "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods
- matching the labelSelector in the specified namespaces,
- where co-located is defined as running on a node
- whose value of the label with key topologyKey
- matches that of any node on which any of the selected
- pods is running. Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- weight:
- description: weight associated with matching the corresponding
- podAffinityTerm, in the range 1-100.
- format: int32
- type: integer
- required:
- - podAffinityTerm
- - weight
- type: object
- type: array
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this
- field are not met at scheduling time, the pod will not be
- scheduled onto the node. If the affinity requirements specified
- by this field cease to be met at some point during pod execution
- (e.g. due to a pod label update), the system may or may
- not try to eventually evict the pod from its node. When
- there are multiple elements, the lists of nodes corresponding
- to each podAffinityTerm are intersected, i.e. all terms
- must be satisfied.
- items:
- description: Defines a set of pods (namely those matching
- the labelSelector relative to the given namespace(s))
- that this pod should be co-located (affinity) or not co-located
- (anti-affinity) with, where co-located is defined as running
- on a node whose value of the label with key <topologyKey>
- matches that of any node on which a pod of the set of
- pods is running
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied to the
- union of the namespaces selected by this field and
- the ones listed in the namespaces field. null selector
- and null or empty namespaces list means "this pod's
- namespace". An empty selector ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace
- names that the term applies to. The term is applied
- to the union of the namespaces listed in this field
- and the ones selected by namespaceSelector. null or
- empty namespaces list and null namespaceSelector means
- "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods matching
- the labelSelector in the specified namespaces, where
- co-located is defined as running on a node whose value
- of the label with key topologyKey matches that of
- any node on which any of the selected pods is running.
- Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- type: array
- type: object
- podAntiAffinity:
- description: Describes pod anti-affinity scheduling rules (e.g.
- avoid putting this pod in the same node, zone, etc. as some
- other pod(s)).
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to
- nodes that satisfy the anti-affinity expressions specified
- by this field, but it may choose a node that violates one
- or more of the expressions. The node that is most preferred
- is the one with the greatest sum of weights, i.e. for each
- node that meets all of the scheduling requirements (resource
- request, requiredDuringScheduling anti-affinity expressions,
- etc.), compute a sum by iterating through the elements of
- this field and adding "weight" to the sum if the node has
- pods which matches the corresponding podAffinityTerm; the
- node(s) with the highest sum are the most preferred.
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm
- fields are added per-node to find the most preferred node(s)
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated
- with the corresponding weight.
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied
- to the union of the namespaces selected by this
- field and the ones listed in the namespaces field.
- null selector and null or empty namespaces list
- means "this pod's namespace". An empty selector
- ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list
- of namespace names that the term applies to. The
- term is applied to the union of the namespaces
- listed in this field and the ones selected by
- namespaceSelector. null or empty namespaces list
- and null namespaceSelector means "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods
- matching the labelSelector in the specified namespaces,
- where co-located is defined as running on a node
- whose value of the label with key topologyKey
- matches that of any node on which any of the selected
- pods is running. Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- weight:
- description: weight associated with matching the corresponding
- podAffinityTerm, in the range 1-100.
- format: int32
- type: integer
- required:
- - podAffinityTerm
- - weight
- type: object
- type: array
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the anti-affinity requirements specified by
- this field are not met at scheduling time, the pod will
- not be scheduled onto the node. If the anti-affinity requirements
- specified by this field cease to be met at some point during
- pod execution (e.g. due to a pod label update), the system
- may or may not try to eventually evict the pod from its
- node. When there are multiple elements, the lists of nodes
- corresponding to each podAffinityTerm are intersected, i.e.
- all terms must be satisfied.
- items:
- description: Defines a set of pods (namely those matching
- the labelSelector relative to the given namespace(s))
- that this pod should be co-located (affinity) or not co-located
- (anti-affinity) with, where co-located is defined as running
- on a node whose value of the label with key <topologyKey>
- matches that of any node on which a pod of the set of
- pods is running
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied to the
- union of the namespaces selected by this field and
- the ones listed in the namespaces field. null selector
- and null or empty namespaces list means "this pod's
- namespace". An empty selector ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace
- names that the term applies to. The term is applied
- to the union of the namespaces listed in this field
- and the ones selected by namespaceSelector. null or
- empty namespaces list and null namespaceSelector means
- "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods matching
- the labelSelector in the specified namespaces, where
- co-located is defined as running on a node whose value
- of the label with key topologyKey matches that of
- any node on which any of the selected pods is running.
- Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- type: array
- type: object
- type: object
- alertmanagerConfigNamespaceSelector:
- description: Namespaces to be selected for AlertmanagerConfig discovery.
- If nil, only check own namespace.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- alertmanagerConfigSelector:
- description: AlertmanagerConfigs to be selected for to merge and configure
- Alertmanager with.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- alertmanagerConfiguration:
- description: 'EXPERIMENTAL: alertmanagerConfiguration specifies the
- configuration of Alertmanager. If defined, it takes precedence over
- the `configSecret` field. This field may change in future releases.'
- properties:
- global:
- description: Defines the global parameters of the Alertmanager
- configuration.
- properties:
- httpConfig:
- description: HTTP client configuration.
- properties:
- authorization:
- description: Authorization header configuration for the
- client. This is mutually exclusive with BasicAuth and
- is only available starting from Alertmanager v0.22+.
- properties:
- credentials:
- description: The secret's key that contains the credentials
- of the request
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults
- to Bearer, Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the client. This is mutually
- exclusive with Authorization. If both are defined, BasicAuth
- takes precedence.
- properties:
- password:
- description: The secret in the service monitor namespace
- that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor namespace
- that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: The secret's key that contains the bearer
- token to be used by the client for authentication. The
- secret needs to be in the same namespace as the Alertmanager
- object and accessible by the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- followRedirects:
- description: FollowRedirects specifies whether the client
- should follow HTTP 3xx redirects.
- type: boolean
- oauth2:
- description: OAuth2 client credentials used to fetch a
- token for the targets.
- properties:
- clientId:
- description: The secret or configmap containing the
- OAuth2 client id
- properties:
- configMap:
- description: ConfigMap containing data to use
- for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for
- the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2 client
- secret
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyURL:
- description: Optional proxy URL.
- type: string
- tlsConfig:
- description: TLS configuration for the client.
- properties:
- ca:
- description: Struct containing the CA cert to use
- for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use
- for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for
- the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert file
- for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use
- for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap
- or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for
- the targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key file
- for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- type: object
- resolveTimeout:
- description: ResolveTimeout is the default value used by alertmanager
- if the alert does not include EndsAt, after this time passes
- it can declare the alert as resolved if it has not been
- updated. This has no impact on alerts from Prometheus, as
- they always include EndsAt.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- type: object
- name:
- description: The name of the AlertmanagerConfig resource which
- is used to generate the Alertmanager configuration. It must
- be defined in the same namespace as the Alertmanager object.
- The operator will not enforce a `namespace` label for routes
- and inhibition rules.
- minLength: 1
- type: string
- type: object
- baseImage:
- description: 'Base image that is used to deploy pods, without tag.
- Deprecated: use ''image'' instead'
- type: string
- clusterAdvertiseAddress:
- description: 'ClusterAdvertiseAddress is the explicit address to advertise
- in cluster. Needs to be provided for non RFC1918 [1] (public) addresses.
- [1] RFC1918: https://tools.ietf.org/html/rfc1918'
- type: string
- clusterGossipInterval:
- description: Interval between gossip attempts.
- pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- clusterPeerTimeout:
- description: Timeout for cluster peering.
- pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- clusterPushpullInterval:
- description: Interval between pushpull attempts.
- pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- configMaps:
- description: ConfigMaps is a list of ConfigMaps in the same namespace
- as the Alertmanager object, which shall be mounted into the Alertmanager
- Pods. The ConfigMaps are mounted into /etc/alertmanager/configmaps/<configmap-name>.
- items:
- type: string
- type: array
- configSecret:
- description: "ConfigSecret is the name of a Kubernetes Secret in the
- same namespace as the Alertmanager object, which contains the configuration
- for this Alertmanager instance. If empty, it defaults to 'alertmanager-<alertmanager-name>'.
- \n The Alertmanager configuration should be available under the
- `alertmanager.yaml` key. Additional keys from the original secret
- are copied to the generated secret. \n If either the secret or the
- `alertmanager.yaml` key is missing, the operator provisions an Alertmanager
- configuration with one empty receiver (effectively dropping alert
- notifications)."
- type: string
- containers:
- description: 'Containers allows injecting additional containers. This
- is meant to allow adding an authentication proxy to an Alertmanager
- pod. Containers described here modify an operator generated container
- if they share the same name and modifications are done via a strategic
- merge patch. The current container names are: `alertmanager` and
- `config-reloader`. Overriding containers is entirely outside the
- scope of what the maintainers will support and by doing so, you
- accept that this behaviour may break at any time without notice.'
- items:
- description: A single application container that you want to run
- within a pod.
- properties:
- args:
- description: 'Arguments to the entrypoint. The container image''s
- CMD is used if this is not provided. Variable references $(VAR_NAME)
- are expanded using the container''s environment. If a variable
- cannot be resolved, the reference in the input string will
- be unchanged. Double $$ are reduced to a single $, which allows
- for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references
- will never be expanded, regardless of whether the variable
- exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- command:
- description: 'Entrypoint array. Not executed within a shell.
- The container image''s ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container''s
- environment. If a variable cannot be resolved, the reference
- in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax:
- i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether
- the variable exists or not. Cannot be updated. More info:
- https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- env:
- description: List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment variable present
- in a Container.
- properties:
- name:
- description: Name of the environment variable. Must be
- a C_IDENTIFIER.
- type: string
- value:
- description: 'Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in
- the container and any service environment variables.
- If a variable cannot be resolved, the reference in the
- input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME)
- syntax: i.e. "$$(VAR_NAME)" will produce the string
- literal "$(VAR_NAME)". Escaped references will never
- be expanded, regardless of whether the variable exists
- or not. Defaults to "".'
- type: string
- valueFrom:
- description: Source for the environment variable's value.
- Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: 'Selects a field of the pod: supports
- metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
- `metadata.annotations[''<KEY>'']`, spec.nodeName,
- spec.serviceAccountName, status.hostIP, status.podIP,
- status.podIPs.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select in the
- specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, limits.ephemeral-storage, requests.cpu,
- requests.memory and requests.ephemeral-storage)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for volumes,
- optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format of the
- exposed resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret in the pod's
- namespace
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: List of sources to populate environment variables
- in the container. The keys defined within a source must be
- a C_IDENTIFIER. All invalid keys will be reported as an event
- when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take
- precedence. Values defined by an Env with a duplicate key
- will take precedence. Cannot be updated.
- items:
- description: EnvFromSource represents the source of a set
- of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap must be
- defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend to each
- key in the ConfigMap. Must be a C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
- This field is optional to allow higher level config management
- to default or override container images in workload controllers
- like Deployments and StatefulSets.'
- type: string
- imagePullPolicy:
- description: 'Image pull policy. One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent
- otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- type: string
- lifecycle:
- description: Actions that the management system should take
- in response to container lifecycle events. Cannot be updated.
- properties:
- postStart:
- description: 'PostStart is called immediately after a container
- is created. If the handler fails, the container is terminated
- and restarted according to its restart policy. Other management
- of the container blocks until the hook completes. More
- info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: 'PreStop is called immediately before a container
- is terminated due to an API request or management event
- such as liveness/startup probe failure, preemption, resource
- contention, etc. The handler is not called if the container
- crashes or exits. The Pod''s termination grace period
- countdown begins before the PreStop hook is executed.
- Regardless of the outcome of the handler, the container
- will eventually terminate within the Pod''s termination
- grace period (unless delayed by finalizers). Other management
- of the container blocks until the hook completes or until
- the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: 'Periodic probe of container liveness. Container
- will be restarted if the probe fails. Cannot be updated. More
- info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- name:
- description: Name of the container specified as a DNS_LABEL.
- Each container in a pod must have a unique name (DNS_LABEL).
- Cannot be updated.
- type: string
- ports:
- description: List of ports to expose from the container. Exposing
- a port here gives the system additional information about
- the network connections a container uses, but is primarily
- informational. Not specifying a port here DOES NOT prevent
- that port from being exposed. Any port which is listening
- on the default "0.0.0.0" address inside a container will be
- accessible from the network. Cannot be updated.
- items:
- description: ContainerPort represents a network port in a
- single container.
- properties:
- containerPort:
- description: Number of port to expose on the pod's IP
- address. This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external port to.
- type: string
- hostPort:
- description: Number of port to expose on the host. If
- specified, this must be a valid port number, 0 < x <
- 65536. If HostNetwork is specified, this must match
- ContainerPort. Most containers do not need this.
- format: int32
- type: integer
- name:
- description: If specified, this must be an IANA_SVC_NAME
- and unique within the pod. Each named port in a pod
- must have a unique name. Name for the port that can
- be referred to by services.
- type: string
- protocol:
- default: TCP
- description: Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: 'Periodic probe of container service readiness.
- Container will be removed from service endpoints if the probe
- fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- resources:
- description: 'Compute Resources required by this container.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- securityContext:
- description: 'SecurityContext defines the security options the
- container should be run with. If set, the fields of SecurityContext
- override the equivalent fields of PodSecurityContext. More
- info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
- properties:
- allowPrivilegeEscalation:
- description: 'AllowPrivilegeEscalation controls whether
- a process can gain more privileges than its parent process.
- This bool directly controls if the no_new_privs flag will
- be set on the container process. AllowPrivilegeEscalation
- is true always when the container is: 1) run as Privileged
- 2) has CAP_SYS_ADMIN Note that this field cannot be set
- when spec.os.name is windows.'
- type: boolean
- capabilities:
- description: The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by
- the container runtime. Note that this field cannot be
- set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- type: object
- privileged:
- description: Run container in privileged mode. Processes
- in privileged containers are essentially equivalent to
- root on the host. Defaults to false. Note that this field
- cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: procMount denotes the type of proc mount to
- use for the containers. The default is DefaultProcMount
- which uses the container runtime defaults for readonly
- paths and masked paths. This requires the ProcMountType
- feature flag to be enabled. Note that this field cannot
- be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: Whether this container has a read-only root
- filesystem. Default is false. Note that this field cannot
- be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: The GID to run the entrypoint of the container
- process. Uses runtime default if unset. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: Indicates that the container must run as a
- non-root user. If true, the Kubelet will validate the
- image at runtime to ensure that it does not run as UID
- 0 (root) and fail to start the container if it does. If
- unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both
- SecurityContext and PodSecurityContext, the value specified
- in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: The UID to run the entrypoint of the container
- process. Defaults to user specified in image metadata
- if unspecified. May also be set in PodSecurityContext. If
- set in both SecurityContext and PodSecurityContext, the
- value specified in SecurityContext takes precedence. Note
- that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a
- random SELinux context for each container. May also be
- set in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that applies
- to the container.
- type: string
- role:
- description: Role is a SELinux role label that applies
- to the container.
- type: string
- type:
- description: Type is a SELinux type label that applies
- to the container.
- type: string
- user:
- description: User is a SELinux user label that applies
- to the container.
- type: string
- type: object
- seccompProfile:
- description: The seccomp options to use by this container.
- If seccomp options are provided at both the pod & container
- level, the container options override the pod options.
- Note that this field cannot be set when spec.os.name is
- windows.
- properties:
- localhostProfile:
- description: localhostProfile indicates a profile defined
- in a file on the node should be used. The profile
- must be preconfigured on the node to work. Must be
- a descending path, relative to the kubelet's configured
- seccomp profile location. Must only be set if type
- is "Localhost".
- type: string
- type:
- description: "type indicates which kind of seccomp profile
- will be applied. Valid options are: \n Localhost -
- a profile defined in a file on the node should be
- used. RuntimeDefault - the container runtime default
- profile should be used. Unconfined - no profile should
- be applied."
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: The Windows specific settings applied to all
- containers. If unspecified, the options from the PodSecurityContext
- will be used. If set in both SecurityContext and PodSecurityContext,
- the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is
- linux.
- properties:
- gmsaCredentialSpec:
- description: GMSACredentialSpec is where the GMSA admission
- webhook (https://github.com/kubernetes-sigs/windows-gmsa)
- inlines the contents of the GMSA credential spec named
- by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name of the
- GMSA credential spec to use.
- type: string
- hostProcess:
- description: HostProcess determines if a container should
- be run as a 'Host Process' container. This field is
- alpha-level and will only be honored by components
- that enable the WindowsHostProcessContainers feature
- flag. Setting this field without the feature flag
- will result in errors when validating the Pod. All
- of a Pod's containers must have the same effective
- HostProcess value (it is not allowed to have a mix
- of HostProcess containers and non-HostProcess containers). In
- addition, if HostProcess is true then HostNetwork
- must also be set to true.
- type: boolean
- runAsUserName:
- description: The UserName in Windows to run the entrypoint
- of the container process. Defaults to the user specified
- in image metadata if unspecified. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: 'StartupProbe indicates that the Pod has successfully
- initialized. If specified, no other probes are executed until
- this completes successfully. If this probe fails, the Pod
- will be restarted, just as if the livenessProbe failed. This
- can be used to provide different probe parameters at the beginning
- of a Pod''s lifecycle, when it might take a long time to load
- data or warm a cache, than during steady-state operation.
- This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- stdin:
- description: Whether this container should allocate a buffer
- for stdin in the container runtime. If this is not set, reads
- from stdin in the container will always result in EOF. Default
- is false.
- type: boolean
- stdinOnce:
- description: Whether the container runtime should close the
- stdin channel after it has been opened by a single attach.
- When stdin is true the stdin stream will remain open across
- multiple attach sessions. If stdinOnce is set to true, stdin
- is opened on container start, is empty until the first client
- attaches to stdin, and then remains open and accepts data
- until the client disconnects, at which time stdin is closed
- and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin
- will never receive an EOF. Default is false
- type: boolean
- terminationMessagePath:
- description: 'Optional: Path at which the file to which the
- container''s termination message will be written is mounted
- into the container''s filesystem. Message written is intended
- to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes.
- The total message length across all containers will be limited
- to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
- type: string
- terminationMessagePolicy:
- description: Indicate how the termination message should be
- populated. File will use the contents of terminationMessagePath
- to populate the container status message on both success and
- failure. FallbackToLogsOnError will use the last chunk of
- container log output if the termination message file is empty
- and the container exited with an error. The log output is
- limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
- to File. Cannot be updated.
- type: string
- tty:
- description: Whether this container should allocate a TTY for
- itself, also requires 'stdin' to be true. Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block devices to be
- used by the container.
- items:
- description: volumeDevice describes a mapping of a raw block
- device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside of the container
- that the device will be mapped to.
- type: string
- name:
- description: name must match the name of a persistentVolumeClaim
- in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: Pod volumes to mount into the container's filesystem.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting of a Volume
- within a container.
- properties:
- mountPath:
- description: Path within the container at which the volume
- should be mounted. Must not contain ':'.
- type: string
- mountPropagation:
- description: mountPropagation determines how mounts are
- propagated from the host to container and the other
- way around. When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: Mounted read-only if true, read-write otherwise
- (false or unspecified). Defaults to false.
- type: boolean
- subPath:
- description: Path within the volume from which the container's
- volume should be mounted. Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: Expanded path within the volume from which
- the container's volume should be mounted. Behaves similarly
- to SubPath but environment variable references $(VAR_NAME)
- are expanded using the container's environment. Defaults
- to "" (volume's root). SubPathExpr and SubPath are mutually
- exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: Container's working directory. If not specified,
- the container runtime's default will be used, which might
- be configured in the container image. Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- externalUrl:
- description: The external URL the Alertmanager instances will be available
- under. This is necessary to generate correct URLs. This is necessary
- if Alertmanager is not served from root of a DNS name.
- type: string
- forceEnableClusterMode:
- description: ForceEnableClusterMode ensures Alertmanager does not
- deactivate the cluster mode when running with a single replica.
- Use case is e.g. spanning an Alertmanager cluster across Kubernetes
- clusters with a single replica in each.
- type: boolean
- hostAliases:
- description: Pods' hostAliases configuration
- items:
- description: HostAlias holds the mapping between IP and hostnames
- that will be injected as an entry in the pod's hosts file.
- properties:
- hostnames:
- description: Hostnames for the above IP address.
- items:
- type: string
- type: array
- ip:
- description: IP address of the host file entry.
- type: string
- required:
- - hostnames
- - ip
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - ip
- x-kubernetes-list-type: map
- image:
- description: Image if specified has precedence over baseImage, tag
- and sha combinations. Specifying the version is still necessary
- to ensure the Prometheus Operator knows what version of Alertmanager
- is being configured.
- type: string
- imagePullSecrets:
- description: An optional list of references to secrets in the same
- namespace to use for pulling prometheus and alertmanager images
- from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- initContainers:
- description: 'InitContainers allows adding initContainers to the pod
- definition. Those can be used to e.g. fetch secrets for injection
- into the Alertmanager configuration from external sources. Any errors
- during the execution of an initContainer will lead to a restart
- of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
- Using initContainers for any use case other then secret fetching
- is entirely outside the scope of what the maintainers will support
- and by doing so, you accept that this behaviour may break at any
- time without notice.'
- items:
- description: A single application container that you want to run
- within a pod.
- properties:
- args:
- description: 'Arguments to the entrypoint. The container image''s
- CMD is used if this is not provided. Variable references $(VAR_NAME)
- are expanded using the container''s environment. If a variable
- cannot be resolved, the reference in the input string will
- be unchanged. Double $$ are reduced to a single $, which allows
- for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references
- will never be expanded, regardless of whether the variable
- exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- command:
- description: 'Entrypoint array. Not executed within a shell.
- The container image''s ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container''s
- environment. If a variable cannot be resolved, the reference
- in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax:
- i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether
- the variable exists or not. Cannot be updated. More info:
- https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- env:
- description: List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment variable present
- in a Container.
- properties:
- name:
- description: Name of the environment variable. Must be
- a C_IDENTIFIER.
- type: string
- value:
- description: 'Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in
- the container and any service environment variables.
- If a variable cannot be resolved, the reference in the
- input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME)
- syntax: i.e. "$$(VAR_NAME)" will produce the string
- literal "$(VAR_NAME)". Escaped references will never
- be expanded, regardless of whether the variable exists
- or not. Defaults to "".'
- type: string
- valueFrom:
- description: Source for the environment variable's value.
- Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: 'Selects a field of the pod: supports
- metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
- `metadata.annotations[''<KEY>'']`, spec.nodeName,
- spec.serviceAccountName, status.hostIP, status.podIP,
- status.podIPs.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select in the
- specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, limits.ephemeral-storage, requests.cpu,
- requests.memory and requests.ephemeral-storage)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for volumes,
- optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format of the
- exposed resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret in the pod's
- namespace
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: List of sources to populate environment variables
- in the container. The keys defined within a source must be
- a C_IDENTIFIER. All invalid keys will be reported as an event
- when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take
- precedence. Values defined by an Env with a duplicate key
- will take precedence. Cannot be updated.
- items:
- description: EnvFromSource represents the source of a set
- of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap must be
- defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend to each
- key in the ConfigMap. Must be a C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
- This field is optional to allow higher level config management
- to default or override container images in workload controllers
- like Deployments and StatefulSets.'
- type: string
- imagePullPolicy:
- description: 'Image pull policy. One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent
- otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- type: string
- lifecycle:
- description: Actions that the management system should take
- in response to container lifecycle events. Cannot be updated.
- properties:
- postStart:
- description: 'PostStart is called immediately after a container
- is created. If the handler fails, the container is terminated
- and restarted according to its restart policy. Other management
- of the container blocks until the hook completes. More
- info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: 'PreStop is called immediately before a container
- is terminated due to an API request or management event
- such as liveness/startup probe failure, preemption, resource
- contention, etc. The handler is not called if the container
- crashes or exits. The Pod''s termination grace period
- countdown begins before the PreStop hook is executed.
- Regardless of the outcome of the handler, the container
- will eventually terminate within the Pod''s termination
- grace period (unless delayed by finalizers). Other management
- of the container blocks until the hook completes or until
- the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: 'Periodic probe of container liveness. Container
- will be restarted if the probe fails. Cannot be updated. More
- info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- name:
- description: Name of the container specified as a DNS_LABEL.
- Each container in a pod must have a unique name (DNS_LABEL).
- Cannot be updated.
- type: string
- ports:
- description: List of ports to expose from the container. Exposing
- a port here gives the system additional information about
- the network connections a container uses, but is primarily
- informational. Not specifying a port here DOES NOT prevent
- that port from being exposed. Any port which is listening
- on the default "0.0.0.0" address inside a container will be
- accessible from the network. Cannot be updated.
- items:
- description: ContainerPort represents a network port in a
- single container.
- properties:
- containerPort:
- description: Number of port to expose on the pod's IP
- address. This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external port to.
- type: string
- hostPort:
- description: Number of port to expose on the host. If
- specified, this must be a valid port number, 0 < x <
- 65536. If HostNetwork is specified, this must match
- ContainerPort. Most containers do not need this.
- format: int32
- type: integer
- name:
- description: If specified, this must be an IANA_SVC_NAME
- and unique within the pod. Each named port in a pod
- must have a unique name. Name for the port that can
- be referred to by services.
- type: string
- protocol:
- default: TCP
- description: Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: 'Periodic probe of container service readiness.
- Container will be removed from service endpoints if the probe
- fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- resources:
- description: 'Compute Resources required by this container.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- securityContext:
- description: 'SecurityContext defines the security options the
- container should be run with. If set, the fields of SecurityContext
- override the equivalent fields of PodSecurityContext. More
- info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
- properties:
- allowPrivilegeEscalation:
- description: 'AllowPrivilegeEscalation controls whether
- a process can gain more privileges than its parent process.
- This bool directly controls if the no_new_privs flag will
- be set on the container process. AllowPrivilegeEscalation
- is true always when the container is: 1) run as Privileged
- 2) has CAP_SYS_ADMIN Note that this field cannot be set
- when spec.os.name is windows.'
- type: boolean
- capabilities:
- description: The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by
- the container runtime. Note that this field cannot be
- set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- type: object
- privileged:
- description: Run container in privileged mode. Processes
- in privileged containers are essentially equivalent to
- root on the host. Defaults to false. Note that this field
- cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: procMount denotes the type of proc mount to
- use for the containers. The default is DefaultProcMount
- which uses the container runtime defaults for readonly
- paths and masked paths. This requires the ProcMountType
- feature flag to be enabled. Note that this field cannot
- be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: Whether this container has a read-only root
- filesystem. Default is false. Note that this field cannot
- be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: The GID to run the entrypoint of the container
- process. Uses runtime default if unset. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: Indicates that the container must run as a
- non-root user. If true, the Kubelet will validate the
- image at runtime to ensure that it does not run as UID
- 0 (root) and fail to start the container if it does. If
- unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both
- SecurityContext and PodSecurityContext, the value specified
- in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: The UID to run the entrypoint of the container
- process. Defaults to user specified in image metadata
- if unspecified. May also be set in PodSecurityContext. If
- set in both SecurityContext and PodSecurityContext, the
- value specified in SecurityContext takes precedence. Note
- that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a
- random SELinux context for each container. May also be
- set in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that applies
- to the container.
- type: string
- role:
- description: Role is a SELinux role label that applies
- to the container.
- type: string
- type:
- description: Type is a SELinux type label that applies
- to the container.
- type: string
- user:
- description: User is a SELinux user label that applies
- to the container.
- type: string
- type: object
- seccompProfile:
- description: The seccomp options to use by this container.
- If seccomp options are provided at both the pod & container
- level, the container options override the pod options.
- Note that this field cannot be set when spec.os.name is
- windows.
- properties:
- localhostProfile:
- description: localhostProfile indicates a profile defined
- in a file on the node should be used. The profile
- must be preconfigured on the node to work. Must be
- a descending path, relative to the kubelet's configured
- seccomp profile location. Must only be set if type
- is "Localhost".
- type: string
- type:
- description: "type indicates which kind of seccomp profile
- will be applied. Valid options are: \n Localhost -
- a profile defined in a file on the node should be
- used. RuntimeDefault - the container runtime default
- profile should be used. Unconfined - no profile should
- be applied."
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: The Windows specific settings applied to all
- containers. If unspecified, the options from the PodSecurityContext
- will be used. If set in both SecurityContext and PodSecurityContext,
- the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is
- linux.
- properties:
- gmsaCredentialSpec:
- description: GMSACredentialSpec is where the GMSA admission
- webhook (https://github.com/kubernetes-sigs/windows-gmsa)
- inlines the contents of the GMSA credential spec named
- by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name of the
- GMSA credential spec to use.
- type: string
- hostProcess:
- description: HostProcess determines if a container should
- be run as a 'Host Process' container. This field is
- alpha-level and will only be honored by components
- that enable the WindowsHostProcessContainers feature
- flag. Setting this field without the feature flag
- will result in errors when validating the Pod. All
- of a Pod's containers must have the same effective
- HostProcess value (it is not allowed to have a mix
- of HostProcess containers and non-HostProcess containers). In
- addition, if HostProcess is true then HostNetwork
- must also be set to true.
- type: boolean
- runAsUserName:
- description: The UserName in Windows to run the entrypoint
- of the container process. Defaults to the user specified
- in image metadata if unspecified. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: 'StartupProbe indicates that the Pod has successfully
- initialized. If specified, no other probes are executed until
- this completes successfully. If this probe fails, the Pod
- will be restarted, just as if the livenessProbe failed. This
- can be used to provide different probe parameters at the beginning
- of a Pod''s lifecycle, when it might take a long time to load
- data or warm a cache, than during steady-state operation.
- This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- stdin:
- description: Whether this container should allocate a buffer
- for stdin in the container runtime. If this is not set, reads
- from stdin in the container will always result in EOF. Default
- is false.
- type: boolean
- stdinOnce:
- description: Whether the container runtime should close the
- stdin channel after it has been opened by a single attach.
- When stdin is true the stdin stream will remain open across
- multiple attach sessions. If stdinOnce is set to true, stdin
- is opened on container start, is empty until the first client
- attaches to stdin, and then remains open and accepts data
- until the client disconnects, at which time stdin is closed
- and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin
- will never receive an EOF. Default is false
- type: boolean
- terminationMessagePath:
- description: 'Optional: Path at which the file to which the
- container''s termination message will be written is mounted
- into the container''s filesystem. Message written is intended
- to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes.
- The total message length across all containers will be limited
- to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
- type: string
- terminationMessagePolicy:
- description: Indicate how the termination message should be
- populated. File will use the contents of terminationMessagePath
- to populate the container status message on both success and
- failure. FallbackToLogsOnError will use the last chunk of
- container log output if the termination message file is empty
- and the container exited with an error. The log output is
- limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
- to File. Cannot be updated.
- type: string
- tty:
- description: Whether this container should allocate a TTY for
- itself, also requires 'stdin' to be true. Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block devices to be
- used by the container.
- items:
- description: volumeDevice describes a mapping of a raw block
- device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside of the container
- that the device will be mapped to.
- type: string
- name:
- description: name must match the name of a persistentVolumeClaim
- in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: Pod volumes to mount into the container's filesystem.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting of a Volume
- within a container.
- properties:
- mountPath:
- description: Path within the container at which the volume
- should be mounted. Must not contain ':'.
- type: string
- mountPropagation:
- description: mountPropagation determines how mounts are
- propagated from the host to container and the other
- way around. When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: Mounted read-only if true, read-write otherwise
- (false or unspecified). Defaults to false.
- type: boolean
- subPath:
- description: Path within the volume from which the container's
- volume should be mounted. Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: Expanded path within the volume from which
- the container's volume should be mounted. Behaves similarly
- to SubPath but environment variable references $(VAR_NAME)
- are expanded using the container's environment. Defaults
- to "" (volume's root). SubPathExpr and SubPath are mutually
- exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: Container's working directory. If not specified,
- the container runtime's default will be used, which might
- be configured in the container image. Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- listenLocal:
- description: ListenLocal makes the Alertmanager server listen on loopback,
- so that it does not bind against the Pod IP. Note this is only for
- the Alertmanager UI, not the gossip communication.
- type: boolean
- logFormat:
- description: Log format for Alertmanager to be configured with.
- enum:
- - ""
- - logfmt
- - json
- type: string
- logLevel:
- description: Log level for Alertmanager to be configured with.
- enum:
- - ""
- - debug
- - info
- - warn
- - error
- type: string
- minReadySeconds:
- description: Minimum number of seconds for which a newly created pod
- should be ready without any of its container crashing for it to
- be considered available. Defaults to 0 (pod will be considered available
- as soon as it is ready) This is an alpha field and requires enabling
- StatefulSetMinReadySeconds feature gate.
- format: int32
- type: integer
- nodeSelector:
- additionalProperties:
- type: string
- description: Define which Nodes the Pods are scheduled on.
- type: object
- paused:
- description: If set to true all actions on the underlying managed
- objects are not goint to be performed, except for delete actions.
- type: boolean
- podMetadata:
- description: PodMetadata configures Labels and Annotations which are
- propagated to the alertmanager pods.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map stored
- with a resource that may be set by external tools to store and
- retrieve arbitrary metadata. They are not queryable and should
- be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used to
- organize and categorize (scope and select) objects. May match
- selectors of replication controllers and services. More info:
- http://kubernetes.io/docs/user-guide/labels'
- type: object
- name:
- description: 'Name must be unique within a namespace. Is required
- when creating resources, although some resources may allow a
- client to request the generation of an appropriate name automatically.
- Name is primarily intended for creation idempotence and configuration
- definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
- type: string
- type: object
- portName:
- description: Port name used for the pods and governing service. This
- defaults to web
- type: string
- priorityClassName:
- description: Priority class assigned to the Pods
- type: string
- replicas:
- description: Size is the expected size of the alertmanager cluster.
- The controller will eventually make the size of the running cluster
- equal to the expected size.
- format: int32
- type: integer
- resources:
- description: Define resources requests and limits for single Pods.
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- retention:
- default: 120h
- description: Time duration Alertmanager shall retain data for. Default
- is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)`
- (milliseconds seconds minutes hours).
- pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- routePrefix:
- description: The route prefix Alertmanager registers HTTP handlers
- for. This is useful, if using ExternalURL and a proxy is rewriting
- HTTP routes of a request, and the actual ExternalURL is still true,
- but the server serves requests under a different route prefix. For
- example for use with `kubectl proxy`.
- type: string
- secrets:
- description: Secrets is a list of Secrets in the same namespace as
- the Alertmanager object, which shall be mounted into the Alertmanager
- Pods. The Secrets are mounted into /etc/alertmanager/secrets/<secret-name>.
- items:
- type: string
- type: array
- securityContext:
- description: SecurityContext holds pod-level security attributes and
- common container settings. This defaults to the default PodSecurityContext.
- properties:
- fsGroup:
- description: "A special supplemental group that applies to all
- containers in a pod. Some volume types allow the Kubelet to
- change the ownership of that volume to be owned by the pod:
- \n 1. The owning GID will be the FSGroup 2. The setgid bit is
- set (new files created in the volume will be owned by FSGroup)
- 3. The permission bits are OR'd with rw-rw---- \n If unset,
- the Kubelet will not modify the ownership and permissions of
- any volume. Note that this field cannot be set when spec.os.name
- is windows."
- format: int64
- type: integer
- fsGroupChangePolicy:
- description: 'fsGroupChangePolicy defines behavior of changing
- ownership and permission of the volume before being exposed
- inside Pod. This field will only apply to volume types which
- support fsGroup based ownership(and permissions). It will have
- no effect on ephemeral volume types such as: secret, configmaps
- and emptydir. Valid values are "OnRootMismatch" and "Always".
- If not specified, "Always" is used. Note that this field cannot
- be set when spec.os.name is windows.'
- type: string
- runAsGroup:
- description: The GID to run the entrypoint of the container process.
- Uses runtime default if unset. May also be set in SecurityContext. If
- set in both SecurityContext and PodSecurityContext, the value
- specified in SecurityContext takes precedence for that container.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: Indicates that the container must run as a non-root
- user. If true, the Kubelet will validate the image at runtime
- to ensure that it does not run as UID 0 (root) and fail to start
- the container if it does. If unset or false, no such validation
- will be performed. May also be set in SecurityContext. If set
- in both SecurityContext and PodSecurityContext, the value specified
- in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in SecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence for that container. Note that this field cannot
- be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: The SELinux context to be applied to all containers.
- If unspecified, the container runtime will allocate a random
- SELinux context for each container. May also be set in SecurityContext. If
- set in both SecurityContext and PodSecurityContext, the value
- specified in SecurityContext takes precedence for that container.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that applies to
- the container.
- type: string
- role:
- description: Role is a SELinux role label that applies to
- the container.
- type: string
- type:
- description: Type is a SELinux type label that applies to
- the container.
- type: string
- user:
- description: User is a SELinux user label that applies to
- the container.
- type: string
- type: object
- seccompProfile:
- description: The seccomp options to use by the containers in this
- pod. Note that this field cannot be set when spec.os.name is
- windows.
- properties:
- localhostProfile:
- description: localhostProfile indicates a profile defined
- in a file on the node should be used. The profile must be
- preconfigured on the node to work. Must be a descending
- path, relative to the kubelet's configured seccomp profile
- location. Must only be set if type is "Localhost".
- type: string
- type:
- description: "type indicates which kind of seccomp profile
- will be applied. Valid options are: \n Localhost - a profile
- defined in a file on the node should be used. RuntimeDefault
- - the container runtime default profile should be used.
- Unconfined - no profile should be applied."
- type: string
- required:
- - type
- type: object
- supplementalGroups:
- description: A list of groups applied to the first process run
- in each container, in addition to the container's primary GID. If
- unspecified, no groups will be added to any container. Note
- that this field cannot be set when spec.os.name is windows.
- items:
- format: int64
- type: integer
- type: array
- sysctls:
- description: Sysctls hold a list of namespaced sysctls used for
- the pod. Pods with unsupported sysctls (by the container runtime)
- might fail to launch. Note that this field cannot be set when
- spec.os.name is windows.
- items:
- description: Sysctl defines a kernel parameter to be set
- properties:
- name:
- description: Name of a property to set
- type: string
- value:
- description: Value of a property to set
- type: string
- required:
- - name
- - value
- type: object
- type: array
- windowsOptions:
- description: The Windows specific settings applied to all containers.
- If unspecified, the options within a container's SecurityContext
- will be used. If set in both SecurityContext and PodSecurityContext,
- the value specified in SecurityContext takes precedence. Note
- that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: GMSACredentialSpec is where the GMSA admission
- webhook (https://github.com/kubernetes-sigs/windows-gmsa)
- inlines the contents of the GMSA credential spec named by
- the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name of the GMSA
- credential spec to use.
- type: string
- hostProcess:
- description: HostProcess determines if a container should
- be run as a 'Host Process' container. This field is alpha-level
- and will only be honored by components that enable the WindowsHostProcessContainers
- feature flag. Setting this field without the feature flag
- will result in errors when validating the Pod. All of a
- Pod's containers must have the same effective HostProcess
- value (it is not allowed to have a mix of HostProcess containers
- and non-HostProcess containers). In addition, if HostProcess
- is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: The UserName in Windows to run the entrypoint
- of the container process. Defaults to the user specified
- in image metadata if unspecified. May also be set in PodSecurityContext.
- If set in both SecurityContext and PodSecurityContext, the
- value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- serviceAccountName:
- description: ServiceAccountName is the name of the ServiceAccount
- to use to run the Prometheus Pods.
- type: string
- sha:
- description: 'SHA of Alertmanager container image to be deployed.
- Defaults to the value of `version`. Similar to a tag, but the SHA
- explicitly deploys an immutable container image. Version and Tag
- are ignored if SHA is set. Deprecated: use ''image'' instead. The
- image digest can be specified as part of the image URL.'
- type: string
- storage:
- description: Storage is the definition of how storage will be used
- by the Alertmanager instances.
- properties:
- disableMountSubPath:
- description: 'Deprecated: subPath usage will be disabled by default
- in a future release, this option will become unnecessary. DisableMountSubPath
- allows to remove any subPath usage in volume mounts.'
- type: boolean
- emptyDir:
- description: 'EmptyDirVolumeSource to be used by the Prometheus
- StatefulSets. If specified, used in place of any volumeClaimTemplate.
- More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
- properties:
- medium:
- description: 'medium represents what type of storage medium
- should back this directory. The default is "" which means
- to use the node''s default medium. Must be an empty string
- (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'sizeLimit is the total amount of local storage
- required for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage on memory
- medium EmptyDir would be the minimum value between the SizeLimit
- specified here and the sum of memory limits of all containers
- in a pod. The default is nil which means that the limit
- is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: 'EphemeralVolumeSource to be used by the Prometheus
- StatefulSets. This is a beta field in k8s 1.21, for lower versions,
- starting with k8s 1.19, it requires enabling the GenericEphemeralVolume
- feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone PVC to
- provision the volume. The pod in which this EphemeralVolumeSource
- is embedded will be the owner of the PVC, i.e. the PVC will
- be deleted together with the pod. The name of the PVC will
- be `<pod name>-<volume name>` where `<volume name>` is the
- name from the `PodSpec.Volumes` array entry. Pod validation
- will reject the pod if the concatenated name is not valid
- for a PVC (for example, too long). \n An existing PVC with
- that name that is not owned by the pod will *not* be used
- for the pod to avoid using an unrelated volume by mistake.
- Starting the pod is then blocked until the unrelated PVC
- is removed. If such a pre-created PVC is meant to be used
- by the pod, the PVC has to updated with an owner reference
- to the pod once the pod exists. Normally this should not
- be necessary, but it may be useful when manually reconstructing
- a broken cluster. \n This field is read-only and no changes
- will be made by Kubernetes to the PVC after it has been
- created. \n Required, must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations that will
- be copied into the PVC when creating it. No other fields
- are allowed and will be rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into the PVC
- that gets created from this template. The same fields
- as in a PersistentVolumeClaim are also valid here.
- properties:
- accessModes:
- description: 'accessModes contains the desired access
- modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'dataSource field can be used to specify
- either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim) If the
- provisioner or an external controller can support
- the specified data source, it will create a new
- volume based on the contents of the specified data
- source. If the AnyVolumeDataSource feature gate
- is enabled, this field will always have the same
- contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'dataSourceRef specifies the object from
- which to populate the volume with data, if a non-empty
- volume is desired. This may be any local object
- from a non-empty API group (non core object) or
- a PersistentVolumeClaim object. When this field
- is specified, volume binding will only succeed if
- the type of the specified object matches some installed
- volume populator or dynamic provisioner. This field
- will replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards compatibility,
- both fields (DataSource and DataSourceRef) will
- be set to the same value automatically if one of
- them is empty and the other is non-empty. There
- are two important differences between DataSource
- and DataSourceRef: * While DataSource only allows
- two specific types of objects, DataSourceRef allows
- any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed values
- (dropping them), DataSourceRef preserves all values,
- and generates an error if a disallowed value is
- specified. (Beta) Using this field requires the
- AnyVolumeDataSource feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'resources represents the minimum resources
- the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify
- resource requirements that are lower than previous
- value but must still be higher than capacity recorded
- in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is
- omitted for a container, it defaults to Limits
- if that is explicitly specified, otherwise to
- an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: selector is a label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement is
- a selector that contains values, a key, and
- an operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If
- the operator is Exists or DoesNotExist,
- the values array must be empty. This array
- is replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'storageClassName is the name of the
- StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume
- is required by the claim. Value of Filesystem is
- implied when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding reference to
- the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- volumeClaimTemplate:
- description: A PVC spec to be used by the Prometheus StatefulSets.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- description: EmbeddedMetadata contains metadata relevant to
- an EmbeddedResource.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value
- map stored with a resource that may be set by external
- tools to store and retrieve arbitrary metadata. They
- are not queryable and should be preserved when modifying
- objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be
- used to organize and categorize (scope and select) objects.
- May match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- name:
- description: 'Name must be unique within a namespace.
- Is required when creating resources, although some resources
- may allow a client to request the generation of an appropriate
- name automatically. Name is primarily intended for creation
- idempotence and configuration definition. Cannot be
- updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
- type: string
- type: object
- spec:
- description: 'Spec defines the desired characteristics of
- a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- accessModes:
- description: 'accessModes contains the desired access
- modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'dataSource field can be used to specify
- either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim) If the provisioner
- or an external controller can support the specified
- data source, it will create a new volume based on the
- contents of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will always have
- the same contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource being referenced
- type: string
- name:
- description: Name is the name of resource being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'dataSourceRef specifies the object from
- which to populate the volume with data, if a non-empty
- volume is desired. This may be any local object from
- a non-empty API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified, volume binding
- will only succeed if the type of the specified object
- matches some installed volume populator or dynamic provisioner.
- This field will replace the functionality of the DataSource
- field and as such if both fields are non-empty, they
- must have the same value. For backwards compatibility,
- both fields (DataSource and DataSourceRef) will be set
- to the same value automatically if one of them is empty
- and the other is non-empty. There are two important
- differences between DataSource and DataSourceRef: *
- While DataSource only allows two specific types of objects,
- DataSourceRef allows any non-core object, as well as
- PersistentVolumeClaim objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef preserves
- all values, and generates an error if a disallowed value
- is specified. (Beta) Using this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource being referenced
- type: string
- name:
- description: Name is the name of resource being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'resources represents the minimum resources
- the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify resource
- requirements that are lower than previous value but
- must still be higher than capacity recorded in the status
- field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is omitted
- for a container, it defaults to Limits if that is
- explicitly specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: selector is a label query over volumes to
- consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector
- requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a selector
- that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the label key that the selector
- applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are In,
- NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values.
- If the operator is In or NotIn, the values
- array must be non-empty. If the operator is
- Exists or DoesNotExist, the values array must
- be empty. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs.
- A single {key,value} in the matchLabels map is equivalent
- to an element of matchExpressions, whose key field
- is "key", the operator is "In", and the values array
- contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'storageClassName is the name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume is
- required by the claim. Value of Filesystem is implied
- when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding reference to the
- PersistentVolume backing this claim.
- type: string
- type: object
- status:
- description: 'Status represents the current information/status
- of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- accessModes:
- description: 'accessModes contains the actual access modes
- the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- allocatedResources:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: allocatedResources is the storage resource
- within AllocatedResources tracks the capacity allocated
- to a PVC. It may be larger than the actual capacity
- when a volume expansion operation is requested. For
- storage quota, the larger value from allocatedResources
- and PVC.spec.resources is used. If allocatedResources
- is not set, PVC.spec.resources alone is used for quota
- calculation. If a volume expansion capacity request
- is lowered, allocatedResources is only lowered if there
- are no expansion operations in progress and if the actual
- volume capacity is equal or lower than the requested
- capacity. This is an alpha field and requires enabling
- RecoverVolumeExpansionFailure feature.
- type: object
- capacity:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: capacity represents the actual resources
- of the underlying volume.
- type: object
- conditions:
- description: conditions is the current Condition of persistent
- volume claim. If underlying persistent volume is being
- resized then the Condition will be set to 'ResizeStarted'.
- items:
- description: PersistentVolumeClaimCondition contails
- details about state of pvc
- properties:
- lastProbeTime:
- description: lastProbeTime is the time we probed
- the condition.
- format: date-time
- type: string
- lastTransitionTime:
- description: lastTransitionTime is the time the
- condition transitioned from one status to another.
- format: date-time
- type: string
- message:
- description: message is the human-readable message
- indicating details about last transition.
- type: string
- reason:
- description: reason is a unique, this should be
- a short, machine understandable string that gives
- the reason for condition's last transition. If
- it reports "ResizeStarted" that means the underlying
- persistent volume is being resized.
- type: string
- status:
- type: string
- type:
- description: PersistentVolumeClaimConditionType
- is a valid value of PersistentVolumeClaimCondition.Type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- phase:
- description: phase represents the current phase of PersistentVolumeClaim.
- type: string
- resizeStatus:
- description: resizeStatus stores status of resize operation.
- ResizeStatus is not set by default but when expansion
- is complete resizeStatus is set to empty string by resize
- controller or kubelet. This is an alpha field and requires
- enabling RecoverVolumeExpansionFailure feature.
- type: string
- type: object
- type: object
- type: object
- tag:
- description: 'Tag of Alertmanager container image to be deployed.
- Defaults to the value of `version`. Version is ignored if Tag is
- set. Deprecated: use ''image'' instead. The image tag can be specified
- as part of the image URL.'
- type: string
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple <key,value,effect> using the matching
- operator <operator>.
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- topologySpreadConstraints:
- description: If specified, the pod's topology spread constraints.
- items:
- description: TopologySpreadConstraint specifies how to spread matching
- pods among the given topology.
- properties:
- labelSelector:
- description: LabelSelector is used to find matching pods. Pods
- that match this label selector are counted to determine the
- number of pods in their corresponding topology domain.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector
- requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a selector
- that contains values, a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label key that the selector
- applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are In, NotIn,
- Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values.
- If the operator is In or NotIn, the values array
- must be non-empty. If the operator is Exists or
- DoesNotExist, the values array must be empty. This
- array is replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs.
- A single {key,value} in the matchLabels map is equivalent
- to an element of matchExpressions, whose key field is
- "key", the operator is "In", and the values array contains
- only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- maxSkew:
- description: 'MaxSkew describes the degree to which pods may
- be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
- it is the maximum permitted difference between the number
- of matching pods in the target topology and the global minimum.
- The global minimum is the minimum number of matching pods
- in an eligible domain or zero if the number of eligible domains
- is less than MinDomains. For example, in a 3-zone cluster,
- MaxSkew is set to 1, and pods with the same labelSelector
- spread as 2/2/1: In this case, the global minimum is 1. |
- zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew
- is 1, incoming pod can only be scheduled to zone3 to become
- 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1)
- on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming
- pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`,
- it is used to give higher precedence to topologies that satisfy
- it. It''s a required field. Default value is 1 and 0 is not
- allowed.'
- format: int32
- type: integer
- minDomains:
- description: "MinDomains indicates a minimum number of eligible
- domains. When the number of eligible domains with matching
- topology keys is less than minDomains, Pod Topology Spread
- treats \"global minimum\" as 0, and then the calculation of
- Skew is performed. And when the number of eligible domains
- with matching topology keys equals or greater than minDomains,
- this value has no effect on scheduling. As a result, when
- the number of eligible domains is less than minDomains, scheduler
- won't schedule more than maxSkew Pods to those domains. If
- value is nil, the constraint behaves as if MinDomains is equal
- to 1. Valid values are integers greater than 0. When value
- is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For
- example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains
- is set to 5 and pods with the same labelSelector spread as
- 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P |
- The number of domains is less than 5(MinDomains), so \"global
- minimum\" is treated as 0. In this situation, new pod with
- the same labelSelector cannot be scheduled, because computed
- skew will be 3(3 - 0) if new Pod is scheduled to any of the
- three zones, it will violate MaxSkew. \n This is an alpha
- field and requires enabling MinDomainsInPodTopologySpread
- feature gate."
- format: int32
- type: integer
- topologyKey:
- description: TopologyKey is the key of node labels. Nodes that
- have a label with this key and identical values are considered
- to be in the same topology. We consider each <key, value>
- as a "bucket", and try to put balanced number of pods into
- each bucket. We define a domain as a particular instance of
- a topology. Also, we define an eligible domain as a domain
- whose nodes match the node selector. e.g. If TopologyKey is
- "kubernetes.io/hostname", each Node is a domain of that topology.
- And, if TopologyKey is "topology.kubernetes.io/zone", each
- zone is a domain of that topology. It's a required field.
- type: string
- whenUnsatisfiable:
- description: 'WhenUnsatisfiable indicates how to deal with a
- pod if it doesn''t satisfy the spread constraint. - DoNotSchedule
- (default) tells the scheduler not to schedule it. - ScheduleAnyway
- tells the scheduler to schedule the pod in any location, but
- giving higher precedence to topologies that would help reduce
- the skew. A constraint is considered "Unsatisfiable" for an
- incoming pod if and only if every possible node assignment
- for that pod would violate "MaxSkew" on some topology. For
- example, in a 3-zone cluster, MaxSkew is set to 1, and pods
- with the same labelSelector spread as 3/1/1: | zone1 | zone2
- | zone3 | | P P P | P | P | If WhenUnsatisfiable is
- set to DoNotSchedule, incoming pod can only be scheduled to
- zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on
- zone2(zone3) satisfies MaxSkew(1). In other words, the cluster
- can still be imbalanced, but scheduler won''t make it *more*
- imbalanced. It''s a required field.'
- type: string
- required:
- - maxSkew
- - topologyKey
- - whenUnsatisfiable
- type: object
- type: array
- version:
- description: Version the cluster should be on.
- type: string
- volumeMounts:
- description: VolumeMounts allows configuration of additional VolumeMounts
- on the output StatefulSet definition. VolumeMounts specified will
- be appended to other VolumeMounts in the alertmanager container,
- that are generated as a result of StorageSpec objects.
- items:
- description: VolumeMount describes a mounting of a Volume within
- a container.
- properties:
- mountPath:
- description: Path within the container at which the volume should
- be mounted. Must not contain ':'.
- type: string
- mountPropagation:
- description: mountPropagation determines how mounts are propagated
- from the host to container and the other way around. When
- not set, MountPropagationNone is used. This field is beta
- in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: Mounted read-only if true, read-write otherwise
- (false or unspecified). Defaults to false.
- type: boolean
- subPath:
- description: Path within the volume from which the container's
- volume should be mounted. Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: Expanded path within the volume from which the
- container's volume should be mounted. Behaves similarly to
- SubPath but environment variable references $(VAR_NAME) are
- expanded using the container's environment. Defaults to ""
- (volume's root). SubPathExpr and SubPath are mutually exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- volumes:
- description: Volumes allows configuration of additional volumes on
- the output StatefulSet definition. Volumes specified will be appended
- to other volumes that are generated as a result of StorageSpec objects.
- items:
- description: Volume represents a named volume in a pod that may
- be accessed by any container in the pod.
- properties:
- awsElasticBlockStore:
- description: 'awsElasticBlockStore represents an AWS Disk resource
- that is attached to a kubelet''s host machine and then exposed
- to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'fsType is the filesystem type of the volume
- that you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- partition:
- description: 'partition is the partition in the volume that
- you want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1, you specify
- the partition as "1". Similarly, the volume partition
- for /dev/sda is "0" (or you can leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'readOnly value true will force the readOnly
- setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'volumeID is unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: azureDisk represents an Azure Data Disk mount on
- the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'cachingMode is the Host Caching mode: None,
- Read Only, Read Write.'
- type: string
- diskName:
- description: diskName is the Name of the data disk in the
- blob storage
- type: string
- diskURI:
- description: diskURI is the URI of data disk in the blob
- storage
- type: string
- fsType:
- description: fsType is Filesystem type to mount. Must be
- a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- kind:
- description: 'kind expected values are Shared: multiple
- blob disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed data
- disk (only in managed availability set). defaults to shared'
- type: string
- readOnly:
- description: readOnly Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: azureFile represents an Azure File Service mount
- on the host and bind mount to the pod.
- properties:
- readOnly:
- description: readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: secretName is the name of secret that contains
- Azure Storage Account Name and Key
- type: string
- shareName:
- description: shareName is the azure share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: cephFS represents a Ceph FS mount on the host that
- shares a pod's lifetime
- properties:
- monitors:
- description: 'monitors is Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'path is Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'readOnly is Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in VolumeMounts.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'secretFile is Optional: SecretFile is the
- path to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'secretRef is Optional: SecretRef is reference
- to the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'user is optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'cinder represents a cinder volume attached and
- mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to
- be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'secretRef is optional: points to a secret
- object containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volumeID used to identify the volume in cinder.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: configMap represents a configMap that should populate
- this volume
- properties:
- defaultMode:
- description: 'defaultMode is optional: mode bits used to
- set permissions on created files by default. Must be an
- octal value between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults to
- 0644. Directories within the path are not affected by
- this setting. This might be in conflict with other options
- that affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: items if unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will be projected
- into the volume as a file whose name is the key and content
- is the value. If specified, the listed keys will be projected
- into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in
- the ConfigMap, the volume setup will error unless it is
- marked optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits used to
- set permissions on this file. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. If not
- specified, the volume defaultMode will be used.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of the file
- to map the key to. May not be an absolute path.
- May not contain the path element '..'. May not start
- with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: optional specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: csi (Container Storage Interface) represents ephemeral
- storage that is handled by certain external CSI drivers (Beta
- feature).
- properties:
- driver:
- description: driver is the name of the CSI driver that handles
- this volume. Consult with your admin for the correct name
- as registered in the cluster.
- type: string
- fsType:
- description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
- If not provided, the empty value is passed to the associated
- CSI driver which will determine the default filesystem
- to apply.
- type: string
- nodePublishSecretRef:
- description: nodePublishSecretRef is a reference to the
- secret object containing sensitive information to pass
- to the CSI driver to complete the CSI NodePublishVolume
- and NodeUnpublishVolume calls. This field is optional,
- and may be empty if no secret is required. If the secret
- object contains more than one secret, all secret references
- are passed.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: readOnly specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: volumeAttributes stores driver-specific properties
- that are passed to the CSI driver. Consult your driver's
- documentation for supported values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: downwardAPI represents downward API about the pod
- that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created files
- by default. Must be a Optional: mode bits used to set
- permissions on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults to
- 0644. Directories within the path are not affected by
- this setting. This might be in conflict with other options
- that affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume file
- items:
- description: DownwardAPIVolumeFile represents information
- to create the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of the pod:
- only annotations, labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select in the
- specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to set permissions
- on this file, must be an octal value between 0000
- and 0777 or a decimal value between 0 and 511. YAML
- accepts both octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This might
- be in conflict with other options that affect the
- file mode, like fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative path
- name of the file to be created. Must not be absolute
- or contain the ''..'' path. Must be utf-8 encoded.
- The first item of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for volumes,
- optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format of the
- exposed resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'emptyDir represents a temporary directory that
- shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'medium represents what type of storage medium
- should back this directory. The default is "" which means
- to use the node''s default medium. Must be an empty string
- (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'sizeLimit is the total amount of local storage
- required for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage on memory
- medium EmptyDir would be the minimum value between the
- SizeLimit specified here and the sum of memory limits
- of all containers in a pod. The default is nil which means
- that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "ephemeral represents a volume that is handled
- by a cluster storage driver. The volume's lifecycle is tied
- to the pod that defines it - it will be created before the
- pod starts, and deleted when the pod is removed. \n Use this
- if: a) the volume is only needed while the pod runs, b) features
- of normal volumes like restoring from snapshot or capacity
- tracking are needed, c) the storage driver is specified through
- a storage class, and d) the storage driver supports dynamic
- volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this volume
- type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that persist
- for longer than the lifecycle of an individual pod. \n Use
- CSI for light-weight local ephemeral volumes if the CSI driver
- is meant to be used that way - see the documentation of the
- driver for more information. \n A pod can use both types of
- ephemeral volumes and persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone PVC to
- provision the volume. The pod in which this EphemeralVolumeSource
- is embedded will be the owner of the PVC, i.e. the PVC
- will be deleted together with the pod. The name of the
- PVC will be `<pod name>-<volume name>` where `<volume
- name>` is the name from the `PodSpec.Volumes` array entry.
- Pod validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too long). \n
- An existing PVC with that name that is not owned by the
- pod will *not* be used for the pod to avoid using an unrelated
- volume by mistake. Starting the pod is then blocked until
- the unrelated PVC is removed. If such a pre-created PVC
- is meant to be used by the pod, the PVC has to updated
- with an owner reference to the pod once the pod exists.
- Normally this should not be necessary, but it may be useful
- when manually reconstructing a broken cluster. \n This
- field is read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required, must
- not be nil."
- properties:
- metadata:
- description: May contain labels and annotations that
- will be copied into the PVC when creating it. No other
- fields are allowed and will be rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into the PVC
- that gets created from this template. The same fields
- as in a PersistentVolumeClaim are also valid here.
- properties:
- accessModes:
- description: 'accessModes contains the desired access
- modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'dataSource field can be used to specify
- either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim) If the
- provisioner or an external controller can support
- the specified data source, it will create a new
- volume based on the contents of the specified
- data source. If the AnyVolumeDataSource feature
- gate is enabled, this field will always have the
- same contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API
- group. For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'dataSourceRef specifies the object
- from which to populate the volume with data, if
- a non-empty volume is desired. This may be any
- local object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object. When
- this field is specified, volume binding will only
- succeed if the type of the specified object matches
- some installed volume populator or dynamic provisioner.
- This field will replace the functionality of the
- DataSource field and as such if both fields are
- non-empty, they must have the same value. For
- backwards compatibility, both fields (DataSource
- and DataSourceRef) will be set to the same value
- automatically if one of them is empty and the
- other is non-empty. There are two important differences
- between DataSource and DataSourceRef: * While
- DataSource only allows two specific types of objects,
- DataSourceRef allows any non-core object, as well
- as PersistentVolumeClaim objects. * While DataSource
- ignores disallowed values (dropping them), DataSourceRef
- preserves all values, and generates an error if
- a disallowed value is specified. (Beta) Using
- this field requires the AnyVolumeDataSource feature
- gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API
- group. For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'resources represents the minimum resources
- the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify
- resource requirements that are lower than previous
- value but must still be higher than capacity recorded
- in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum
- amount of compute resources required. If Requests
- is omitted for a container, it defaults to
- Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: selector is a label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'storageClassName is the name of the
- StorageClass required by the claim. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume
- is required by the claim. Value of Filesystem
- is implied when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: fc represents a Fibre Channel resource that is
- attached to a kubelet's host machine and then exposed to the
- pod.
- properties:
- fsType:
- description: 'fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. TODO: how do we prevent errors in the
- filesystem from compromising the machine'
- type: string
- lun:
- description: 'lun is Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'readOnly is Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'targetWWNs is Optional: FC target worldwide
- names (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'wwids Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs and
- lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: flexVolume represents a generic volume resource
- that is provisioned/attached using an exec based plugin.
- properties:
- driver:
- description: driver is the name of the driver to use for
- this volume.
- type: string
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'options is Optional: this field holds extra
- command options if any.'
- type: object
- readOnly:
- description: 'readOnly is Optional: defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'secretRef is Optional: secretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty if no
- secret object is specified. If the secret object contains
- more than one secret, all secrets are passed to the plugin
- scripts.'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: flocker represents a Flocker volume attached to
- a kubelet's host machine. This depends on the Flocker control
- service being running
- properties:
- datasetName:
- description: datasetName is Name of the dataset stored as
- metadata -> name on the dataset for Flocker should be
- considered as deprecated
- type: string
- datasetUUID:
- description: datasetUUID is the UUID of the dataset. This
- is unique identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'gcePersistentDisk represents a GCE Disk resource
- that is attached to a kubelet''s host machine and then exposed
- to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'fsType is filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples: "ext4",
- "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- partition:
- description: 'partition is the partition in the volume that
- you want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1, you specify
- the partition as "1". Similarly, the volume partition
- for /dev/sda is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'pdName is unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'readOnly here will force the ReadOnly setting
- in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'gitRepo represents a git repository at a particular
- revision. DEPRECATED: GitRepo is deprecated. To provision
- a container with a git repo, mount an EmptyDir into an InitContainer
- that clones the repo using git, then mount the EmptyDir into
- the Pod''s container.'
- properties:
- directory:
- description: directory is the target directory name. Must
- not contain or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git repository
- in the subdirectory with the given name.
- type: string
- repository:
- description: repository is the URL
- type: string
- revision:
- description: revision is the commit hash for the specified
- revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'glusterfs represents a Glusterfs mount on the
- host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'endpoints is the endpoint name that details
- Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'path is the Glusterfs volume path. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'readOnly here will force the Glusterfs volume
- to be mounted with read-only permissions. Defaults to
- false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'hostPath represents a pre-existing file or directory
- on the host machine that is directly exposed to the container.
- This is generally used for system agents or other privileged
- things that are allowed to see the host machine. Most containers
- will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use host directory
- mounts and who can/can not mount host directories as read/write.'
- properties:
- path:
- description: 'path of the directory on the host. If the
- path is a symlink, it will follow the link to the real
- path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'type for HostPath Volume Defaults to "" More
- info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'iscsi represents an ISCSI Disk resource that is
- attached to a kubelet''s host machine and then exposed to
- the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: chapAuthDiscovery defines whether support iSCSI
- Discovery CHAP authentication
- type: boolean
- chapAuthSession:
- description: chapAuthSession defines whether support iSCSI
- Session CHAP authentication
- type: boolean
- fsType:
- description: 'fsType is the filesystem type of the volume
- that you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- initiatorName:
- description: initiatorName is the custom iSCSI Initiator
- Name. If initiatorName is specified with iscsiInterface
- simultaneously, new iSCSI interface <target portal>:<volume
- name> will be created for the connection.
- type: string
- iqn:
- description: iqn is the target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iscsiInterface is the interface Name that uses
- an iSCSI transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: lun represents iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: portals is the iSCSI Target Portal List. The
- portal is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: readOnly here will force the ReadOnly setting
- in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: secretRef is the CHAP Secret for iSCSI target
- and initiator authentication
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: targetPortal is iSCSI Target Portal. The Portal
- is either an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- name:
- description: 'name of the volume. Must be a DNS_LABEL and unique
- within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- nfs:
- description: 'nfs represents an NFS mount on the host that shares
- a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'path that is exported by the NFS server. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'readOnly here will force the NFS export to
- be mounted with read-only permissions. Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'server is the hostname or IP address of the
- NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'persistentVolumeClaimVolumeSource represents a
- reference to a PersistentVolumeClaim in the same namespace.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'claimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: readOnly Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: photonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host machine
- properties:
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- pdID:
- description: pdID is the ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: portworxVolume represents a portworx volume attached
- and mounted on kubelets host machine
- properties:
- fsType:
- description: fSType represents the filesystem type to mount
- Must be a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- readOnly:
- description: readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: volumeID uniquely identifies a Portworx volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: projected items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: defaultMode are the mode bits used to set permissions
- on created files by default. Must be an octal value between
- 0000 and 0777 or a decimal value between 0 and 511. YAML
- accepts both octal and decimal values, JSON requires decimal
- values for mode bits. Directories within the path are
- not affected by this setting. This might be in conflict
- with other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.
- format: int32
- type: integer
- sources:
- description: sources is the list of volume projections
- items:
- description: Projection that may be projected along with
- other supported volume types
- properties:
- configMap:
- description: configMap information about the configMap
- data to project
- properties:
- items:
- description: items if unspecified, each key-value
- pair in the Data field of the referenced ConfigMap
- will be projected into the volume as a file
- whose name is the key and content is the value.
- If specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the ConfigMap, the volume
- setup will error unless it is marked optional.
- Paths must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits
- used to set permissions on this file.
- Must be an octal value between 0000 and
- 0777 or a decimal value between 0 and
- 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for
- mode bits. If not specified, the volume
- defaultMode will be used. This might be
- in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of
- the file to map the key to. May not be
- an absolute path. May not contain the
- path element '..'. May not start with
- the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: optional specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: downwardAPI information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field
- of the pod: only annotations, labels,
- name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of,
- defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..''
- path. Must be utf-8 encoded. The first
- item of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the
- container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu
- and requests.memory) are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults
- to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: secret information about the secret data
- to project
- properties:
- items:
- description: items if unspecified, each key-value
- pair in the Data field of the referenced Secret
- will be projected into the volume as a file
- whose name is the key and content is the value.
- If specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the Secret, the volume setup
- will error unless it is marked optional. Paths
- must be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits
- used to set permissions on this file.
- Must be an octal value between 0000 and
- 0777 or a decimal value between 0 and
- 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for
- mode bits. If not specified, the volume
- defaultMode will be used. This might be
- in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of
- the file to map the key to. May not be
- an absolute path. May not contain the
- path element '..'. May not start with
- the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: optional field specify whether the
- Secret or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: serviceAccountToken is information about
- the serviceAccountToken data to project
- properties:
- audience:
- description: audience is the intended audience
- of the token. A recipient of a token must identify
- itself with an identifier specified in the audience
- of the token, and otherwise should reject the
- token. The audience defaults to the identifier
- of the apiserver.
- type: string
- expirationSeconds:
- description: expirationSeconds is the requested
- duration of validity of the service account
- token. As the token approaches expiration, the
- kubelet volume plugin will proactively rotate
- the service account token. The kubelet will
- start trying to rotate the token if the token
- is older than 80 percent of its time to live
- or if the token is older than 24 hours.Defaults
- to 1 hour and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: path is the path relative to the
- mount point of the file to project the token
- into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: quobyte represents a Quobyte mount on the host
- that shares a pod's lifetime
- properties:
- group:
- description: group to map volume access to Default is no
- group
- type: string
- readOnly:
- description: readOnly here will force the Quobyte volume
- to be mounted with read-only permissions. Defaults to
- false.
- type: boolean
- registry:
- description: registry represents a single or multiple Quobyte
- Registry services specified as a string as host:port pair
- (multiple entries are separated with commas) which acts
- as the central registry for volumes
- type: string
- tenant:
- description: tenant owning the given Quobyte volume in the
- Backend Used with dynamically provisioned Quobyte volumes,
- value is set by the plugin
- type: string
- user:
- description: user to map volume access to Defaults to serivceaccount
- user
- type: string
- volume:
- description: volume is a string that references an already
- created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'rbd represents a Rados Block Device mount on the
- host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'fsType is the filesystem type of the volume
- that you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- image:
- description: 'image is the rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'keyring is the path to key ring for RBDUser.
- Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'monitors is a collection of Ceph monitors.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'pool is the rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'readOnly here will force the ReadOnly setting
- in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'secretRef is name of the authentication secret
- for RBDUser. If provided overrides keyring. Default is
- nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'user is the rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: scaleIO represents a ScaleIO persistent volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Default is "xfs".
- type: string
- gateway:
- description: gateway is the host address of the ScaleIO
- API Gateway.
- type: string
- protectionDomain:
- description: protectionDomain is the name of the ScaleIO
- Protection Domain for the configured storage.
- type: string
- readOnly:
- description: readOnly Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: secretRef references to the secret for ScaleIO
- user and other sensitive information. If this is not provided,
- Login operation will fail.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: sslEnabled Flag enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: storageMode indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: storagePool is the ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: system is the name of the storage system as
- configured in ScaleIO.
- type: string
- volumeName:
- description: volumeName is the name of a volume already
- created in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'secret represents a secret that should populate
- this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'defaultMode is Optional: mode bits used to
- set permissions on created files by default. Must be an
- octal value between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults to
- 0644. Directories within the path are not affected by
- this setting. This might be in conflict with other options
- that affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: items If unspecified, each key-value pair in
- the Data field of the referenced Secret will be projected
- into the volume as a file whose name is the key and content
- is the value. If specified, the listed keys will be projected
- into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in
- the Secret, the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path within a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits used to
- set permissions on this file. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. If not
- specified, the volume defaultMode will be used.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of the file
- to map the key to. May not be an absolute path.
- May not contain the path element '..'. May not start
- with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: optional field specify whether the Secret or
- its keys must be defined
- type: boolean
- secretName:
- description: 'secretName is the name of the secret in the
- pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: storageOS represents a StorageOS volume attached
- and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- readOnly:
- description: readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: secretRef specifies the secret to use for obtaining
- the StorageOS API credentials. If not specified, default
- values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: volumeName is the human-readable name of the
- StorageOS volume. Volume names are only unique within
- a namespace.
- type: string
- volumeNamespace:
- description: volumeNamespace specifies the scope of the
- volume within StorageOS. If no namespace is specified
- then the Pod's namespace will be used. This allows the
- Kubernetes name scoping to be mirrored within StorageOS
- for tighter integration. Set VolumeName to any name to
- override the default behaviour. Set to "default" if you
- are not using namespaces within StorageOS. Namespaces
- that do not pre-exist within StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: vsphereVolume represents a vSphere volume attached
- and mounted on kubelets host machine
- properties:
- fsType:
- description: fsType is filesystem type to mount. Must be
- a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- storagePolicyID:
- description: storagePolicyID is the storage Policy Based
- Management (SPBM) profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: storagePolicyName is the storage Policy Based
- Management (SPBM) profile name.
- type: string
- volumePath:
- description: volumePath is the path that identifies vSphere
- volume vmdk
- type: string
- required:
- - volumePath
- type: object
- required:
- - name
- type: object
- type: array
- web:
- description: Defines the web command line flags when starting Alertmanager.
- properties:
- httpConfig:
- description: Defines HTTP parameters for web server.
- properties:
- headers:
- description: List of headers that can be added to HTTP responses.
- properties:
- contentSecurityPolicy:
- description: Set the Content-Security-Policy header to
- HTTP responses. Unset if blank.
- type: string
- strictTransportSecurity:
- description: Set the Strict-Transport-Security header
- to HTTP responses. Unset if blank. Please make sure
- that you use this with care as this header might force
- browsers to load Prometheus and the other applications
- hosted on the same domain and subdomains over HTTPS.
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
- type: string
- xContentTypeOptions:
- description: Set the X-Content-Type-Options header to
- HTTP responses. Unset if blank. Accepted value is nosniff.
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
- enum:
- - ""
- - NoSniff
- type: string
- xFrameOptions:
- description: Set the X-Frame-Options header to HTTP responses.
- Unset if blank. Accepted values are deny and sameorigin.
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
- enum:
- - ""
- - Deny
- - SameOrigin
- type: string
- xXSSProtection:
- description: Set the X-XSS-Protection header to all responses.
- Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
- type: string
- type: object
- http2:
- description: Enable HTTP/2 support. Note that HTTP/2 is only
- supported with TLS. When TLSConfig is not configured, HTTP/2
- will be disabled. Whenever the value of the field changes,
- a rolling update will be triggered.
- type: boolean
- type: object
- tlsConfig:
- description: Defines the TLS parameters for HTTPS.
- properties:
- cert:
- description: Contains the TLS certificate for the server.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cipherSuites:
- description: 'List of supported cipher suites for TLS versions
- up to TLS 1.2. If empty, Go default cipher suites are used.
- Available cipher suites are documented in the go documentation:
- https://golang.org/pkg/crypto/tls/#pkg-constants'
- items:
- type: string
- type: array
- client_ca:
- description: Contains the CA certificate for client certificate
- authentication to the server.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientAuthType:
- description: 'Server policy for client authentication. Maps
- to ClientAuth Policies. For more detail on clientAuth options:
- https://golang.org/pkg/crypto/tls/#ClientAuthType'
- type: string
- curvePreferences:
- description: 'Elliptic curves that will be used in an ECDHE
- handshake, in preference order. Available curves are documented
- in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID'
- items:
- type: string
- type: array
- keySecret:
- description: Secret containing the TLS key for the server.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- maxVersion:
- description: Maximum TLS version that is acceptable. Defaults
- to TLS13.
- type: string
- minVersion:
- description: Minimum TLS version that is acceptable. Defaults
- to TLS12.
- type: string
- preferServerCipherSuites:
- description: Controls whether the server selects the client's
- most preferred cipher suite, or the server's most preferred
- cipher suite. If true then the server's preference, as expressed
- in the order of elements in cipherSuites, is used.
- type: boolean
- required:
- - cert
- - keySecret
- type: object
- type: object
- type: object
- status:
- description: 'Most recent observed status of the Alertmanager cluster.
- Read-only. Not included when requesting from the apiserver, only from
- the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- availableReplicas:
- description: Total number of available pods (ready for at least minReadySeconds)
- targeted by this Alertmanager cluster.
- format: int32
- type: integer
- paused:
- description: Represents whether any actions on the underlying managed
- objects are being performed. Only delete actions will be performed.
- type: boolean
- replicas:
- description: Total number of non-terminated pods targeted by this
- Alertmanager cluster (their labels match the selector).
- format: int32
- type: integer
- unavailableReplicas:
- description: Total number of unavailable pods targeted by this Alertmanager
- cluster.
- format: int32
- type: integer
- updatedReplicas:
- description: Total number of non-terminated pods targeted by this
- Alertmanager cluster that have the desired version spec.
- format: int32
- type: integer
- required:
- - availableReplicas
- - paused
- - replicas
- - unavailableReplicas
- - updatedReplicas
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
- subresources: {}
- ---
- ---
- apiVersion: apiextensions.k8s.io/v1
- kind: CustomResourceDefinition
- metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: podmonitors.monitoring.coreos.com
- spec:
- group: monitoring.coreos.com
- names:
- categories:
- - prometheus-operator
- kind: PodMonitor
- listKind: PodMonitorList
- plural: podmonitors
- shortNames:
- - pmon
- singular: podmonitor
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: PodMonitor defines monitoring for a set of pods.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Specification of desired Pod selection for target discovery
- by Prometheus.
- properties:
- attachMetadata:
- description: 'Attaches node metadata to discovered targets. Only valid
- for role: pod. Only valid in Prometheus versions 2.35.0 and newer.'
- properties:
- node:
- description: When set to true, Prometheus must have permissions
- to get Nodes.
- type: boolean
- type: object
- jobLabel:
- description: The label to use to retrieve the job name from.
- type: string
- labelLimit:
- description: Per-scrape limit on number of labels that will be accepted
- for a sample. Only valid in Prometheus versions 2.27.0 and newer.
- format: int64
- type: integer
- labelNameLengthLimit:
- description: Per-scrape limit on length of labels name that will be
- accepted for a sample. Only valid in Prometheus versions 2.27.0
- and newer.
- format: int64
- type: integer
- labelValueLengthLimit:
- description: Per-scrape limit on length of labels value that will
- be accepted for a sample. Only valid in Prometheus versions 2.27.0
- and newer.
- format: int64
- type: integer
- namespaceSelector:
- description: Selector to select which namespaces the Endpoints objects
- are discovered from.
- properties:
- any:
- description: Boolean describing whether all namespaces are selected
- in contrast to a list restricting them.
- type: boolean
- matchNames:
- description: List of namespace names to select from.
- items:
- type: string
- type: array
- type: object
- podMetricsEndpoints:
- description: A list of endpoints allowed as part of this PodMonitor.
- items:
- description: PodMetricsEndpoint defines a scrapeable endpoint of
- a Kubernetes Pod serving Prometheus metrics.
- properties:
- authorization:
- description: Authorization section for this endpoint
- properties:
- credentials:
- description: The secret's key that contains the credentials
- of the request
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults to Bearer,
- Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: 'BasicAuth allow an endpoint to authenticate over
- basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint'
- properties:
- password:
- description: The secret in the service monitor namespace
- that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor namespace
- that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: Secret to mount to read bearer token for scraping
- targets. The secret needs to be in the same namespace as the
- pod monitor and accessible by the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- enableHttp2:
- description: Whether to enable HTTP2.
- type: boolean
- followRedirects:
- description: FollowRedirects configures whether scrape requests
- follow HTTP 3xx redirects.
- type: boolean
- honorLabels:
- description: HonorLabels chooses the metric's labels on collisions
- with target labels.
- type: boolean
- honorTimestamps:
- description: HonorTimestamps controls whether Prometheus respects
- the timestamps present in scraped data.
- type: boolean
- interval:
- description: Interval at which metrics should be scraped If
- not specified Prometheus' global scrape interval is used.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- metricRelabelings:
- description: MetricRelabelConfigs to apply to samples before
- ingestion.
- items:
- description: 'RelabelConfig allows dynamic rewriting of the
- label set, being applied to samples before ingestion. It
- defines `<metric_relabel_configs>`-section of Prometheus
- configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
- properties:
- action:
- default: replace
- description: Action to perform based on regex matching.
- Default is 'replace'. uppercase and lowercase actions
- require Prometheus >= 2.36.
- enum:
- - replace
- - Replace
- - keep
- - Keep
- - drop
- - Drop
- - hashmod
- - HashMod
- - labelmap
- - LabelMap
- - labeldrop
- - LabelDrop
- - labelkeep
- - LabelKeep
- - lowercase
- - Lowercase
- - uppercase
- - Uppercase
- type: string
- modulus:
- description: Modulus to take of the hash of the source
- label values.
- format: int64
- type: integer
- regex:
- description: Regular expression against which the extracted
- value is matched. Default is '(.*)'
- type: string
- replacement:
- description: Replacement value against which a regex replace
- is performed if the regular expression matches. Regex
- capture groups are available. Default is '$1'
- type: string
- separator:
- description: Separator placed between concatenated source
- label values. default is ';'.
- type: string
- sourceLabels:
- description: The source labels select values from existing
- labels. Their content is concatenated using the configured
- separator and matched against the configured regular
- expression for the replace, keep, and drop actions.
- items:
- description: LabelName is a valid Prometheus label name
- which may only contain ASCII letters, numbers, as
- well as underscores.
- pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
- type: string
- type: array
- targetLabel:
- description: Label to which the resulting value is written
- in a replace action. It is mandatory for replace actions.
- Regex capture groups are available.
- type: string
- type: object
- type: array
- oauth2:
- description: OAuth2 for the URL. Only valid in Prometheus versions
- 2.27.0 and newer.
- properties:
- clientId:
- description: The secret or configmap containing the OAuth2
- client id
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2 client secret
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- params:
- additionalProperties:
- items:
- type: string
- type: array
- description: Optional HTTP URL parameters
- type: object
- path:
- description: HTTP path to scrape for metrics. If empty, Prometheus
- uses the default value (e.g. `/metrics`).
- type: string
- port:
- description: Name of the pod port this endpoint refers to. Mutually
- exclusive with targetPort.
- type: string
- proxyUrl:
- description: ProxyURL eg http://proxyserver:2195 Directs scrapes
- to proxy through this endpoint.
- type: string
- relabelings:
- description: 'RelabelConfigs to apply to samples before scraping.
- Prometheus Operator automatically adds relabelings for a few
- standard Kubernetes fields. The original scrape job''s name
- is available via the `__tmp_prometheus_job_name` label. More
- info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
- items:
- description: 'RelabelConfig allows dynamic rewriting of the
- label set, being applied to samples before ingestion. It
- defines `<metric_relabel_configs>`-section of Prometheus
- configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
- properties:
- action:
- default: replace
- description: Action to perform based on regex matching.
- Default is 'replace'. uppercase and lowercase actions
- require Prometheus >= 2.36.
- enum:
- - replace
- - Replace
- - keep
- - Keep
- - drop
- - Drop
- - hashmod
- - HashMod
- - labelmap
- - LabelMap
- - labeldrop
- - LabelDrop
- - labelkeep
- - LabelKeep
- - lowercase
- - Lowercase
- - uppercase
- - Uppercase
- type: string
- modulus:
- description: Modulus to take of the hash of the source
- label values.
- format: int64
- type: integer
- regex:
- description: Regular expression against which the extracted
- value is matched. Default is '(.*)'
- type: string
- replacement:
- description: Replacement value against which a regex replace
- is performed if the regular expression matches. Regex
- capture groups are available. Default is '$1'
- type: string
- separator:
- description: Separator placed between concatenated source
- label values. default is ';'.
- type: string
- sourceLabels:
- description: The source labels select values from existing
- labels. Their content is concatenated using the configured
- separator and matched against the configured regular
- expression for the replace, keep, and drop actions.
- items:
- description: LabelName is a valid Prometheus label name
- which may only contain ASCII letters, numbers, as
- well as underscores.
- pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
- type: string
- type: array
- targetLabel:
- description: Label to which the resulting value is written
- in a replace action. It is mandatory for replace actions.
- Regex capture groups are available.
- type: string
- type: object
- type: array
- scheme:
- description: HTTP scheme to use for scraping.
- type: string
- scrapeTimeout:
- description: Timeout after which the scrape is ended If not
- specified, the Prometheus global scrape interval is used.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- targetPort:
- anyOf:
- - type: integer
- - type: string
- description: 'Deprecated: Use ''port'' instead.'
- x-kubernetes-int-or-string: true
- tlsConfig:
- description: TLS configuration to use when scraping the endpoint.
- properties:
- ca:
- description: Struct containing the CA cert to use for the
- targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert file for
- the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key file for the
- targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- type: object
- type: array
- podTargetLabels:
- description: PodTargetLabels transfers labels on the Kubernetes Pod
- onto the target.
- items:
- type: string
- type: array
- sampleLimit:
- description: SampleLimit defines per-scrape limit on number of scraped
- samples that will be accepted.
- format: int64
- type: integer
- selector:
- description: Selector to select Pod objects.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- targetLimit:
- description: TargetLimit defines a limit on the number of scraped
- targets that will be accepted.
- format: int64
- type: integer
- required:
- - podMetricsEndpoints
- - selector
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
- ---
- ---
- apiVersion: apiextensions.k8s.io/v1
- kind: CustomResourceDefinition
- metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: probes.monitoring.coreos.com
- spec:
- group: monitoring.coreos.com
- names:
- categories:
- - prometheus-operator
- kind: Probe
- listKind: ProbeList
- plural: probes
- shortNames:
- - prb
- singular: probe
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: Probe defines monitoring for a set of static targets or ingresses.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Specification of desired Ingress selection for target discovery
- by Prometheus.
- properties:
- authorization:
- description: Authorization section for this endpoint
- properties:
- credentials:
- description: The secret's key that contains the credentials of
- the request
- properties:
- key:
- description: The key of the secret to select from. Must be
- a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be
- defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults to Bearer,
- Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: 'BasicAuth allow an endpoint to authenticate over basic
- authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint'
- properties:
- password:
- description: The secret in the service monitor namespace that
- contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must be
- a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be
- defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor namespace that
- contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must be
- a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be
- defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenSecret:
- description: Secret to mount to read bearer token for scraping targets.
- The secret needs to be in the same namespace as the probe and accessible
- by the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must be a
- valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- interval:
- description: Interval at which targets are probed using the configured
- prober. If not specified Prometheus' global scrape interval is used.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- jobName:
- description: The job name assigned to scraped metrics by default.
- type: string
- labelLimit:
- description: Per-scrape limit on number of labels that will be accepted
- for a sample. Only valid in Prometheus versions 2.27.0 and newer.
- format: int64
- type: integer
- labelNameLengthLimit:
- description: Per-scrape limit on length of labels name that will be
- accepted for a sample. Only valid in Prometheus versions 2.27.0
- and newer.
- format: int64
- type: integer
- labelValueLengthLimit:
- description: Per-scrape limit on length of labels value that will
- be accepted for a sample. Only valid in Prometheus versions 2.27.0
- and newer.
- format: int64
- type: integer
- metricRelabelings:
- description: MetricRelabelConfigs to apply to samples before ingestion.
- items:
- description: 'RelabelConfig allows dynamic rewriting of the label
- set, being applied to samples before ingestion. It defines `<metric_relabel_configs>`-section
- of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
- properties:
- action:
- default: replace
- description: Action to perform based on regex matching. Default
- is 'replace'. uppercase and lowercase actions require Prometheus
- >= 2.36.
- enum:
- - replace
- - Replace
- - keep
- - Keep
- - drop
- - Drop
- - hashmod
- - HashMod
- - labelmap
- - LabelMap
- - labeldrop
- - LabelDrop
- - labelkeep
- - LabelKeep
- - lowercase
- - Lowercase
- - uppercase
- - Uppercase
- type: string
- modulus:
- description: Modulus to take of the hash of the source label
- values.
- format: int64
- type: integer
- regex:
- description: Regular expression against which the extracted
- value is matched. Default is '(.*)'
- type: string
- replacement:
- description: Replacement value against which a regex replace
- is performed if the regular expression matches. Regex capture
- groups are available. Default is '$1'
- type: string
- separator:
- description: Separator placed between concatenated source label
- values. default is ';'.
- type: string
- sourceLabels:
- description: The source labels select values from existing labels.
- Their content is concatenated using the configured separator
- and matched against the configured regular expression for
- the replace, keep, and drop actions.
- items:
- description: LabelName is a valid Prometheus label name which
- may only contain ASCII letters, numbers, as well as underscores.
- pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
- type: string
- type: array
- targetLabel:
- description: Label to which the resulting value is written in
- a replace action. It is mandatory for replace actions. Regex
- capture groups are available.
- type: string
- type: object
- type: array
- module:
- description: 'The module to use for probing specifying how to probe
- the target. Example module configuring in the blackbox exporter:
- https://github.com/prometheus/blackbox_exporter/blob/master/example.yml'
- type: string
- oauth2:
- description: OAuth2 for the URL. Only valid in Prometheus versions
- 2.27.0 and newer.
- properties:
- clientId:
- description: The secret or configmap containing the OAuth2 client
- id
- properties:
- configMap:
- description: ConfigMap containing data to use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2 client secret
- properties:
- key:
- description: The key of the secret to select from. Must be
- a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be
- defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- prober:
- description: Specification for the prober to use for probing targets.
- The prober.URL parameter is required. Targets cannot be probed if
- left empty.
- properties:
- path:
- default: /probe
- description: Path to collect metrics from. Defaults to `/probe`.
- type: string
- proxyUrl:
- description: Optional ProxyURL.
- type: string
- scheme:
- description: HTTP scheme to use for scraping. Defaults to `http`.
- type: string
- url:
- description: Mandatory URL of the prober.
- type: string
- required:
- - url
- type: object
- sampleLimit:
- description: SampleLimit defines per-scrape limit on number of scraped
- samples that will be accepted.
- format: int64
- type: integer
- scrapeTimeout:
- description: Timeout for scraping metrics from the Prometheus exporter.
- If not specified, the Prometheus global scrape interval is used.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- targetLimit:
- description: TargetLimit defines a limit on the number of scraped
- targets that will be accepted.
- format: int64
- type: integer
- targets:
- description: Targets defines a set of static or dynamically discovered
- targets to probe.
- properties:
- ingress:
- description: ingress defines the Ingress objects to probe and
- the relabeling configuration. If `staticConfig` is also defined,
- `staticConfig` takes precedence.
- properties:
- namespaceSelector:
- description: From which namespaces to select Ingress objects.
- properties:
- any:
- description: Boolean describing whether all namespaces
- are selected in contrast to a list restricting them.
- type: boolean
- matchNames:
- description: List of namespace names to select from.
- items:
- type: string
- type: array
- type: object
- relabelingConfigs:
- description: 'RelabelConfigs to apply to the label set of
- the target before it gets scraped. The original ingress
- address is available via the `__tmp_prometheus_ingress_address`
- label. It can be used to customize the probed URL. The original
- scrape job''s name is available via the `__tmp_prometheus_job_name`
- label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
- items:
- description: 'RelabelConfig allows dynamic rewriting of
- the label set, being applied to samples before ingestion.
- It defines `<metric_relabel_configs>`-section of Prometheus
- configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
- properties:
- action:
- default: replace
- description: Action to perform based on regex matching.
- Default is 'replace'. uppercase and lowercase actions
- require Prometheus >= 2.36.
- enum:
- - replace
- - Replace
- - keep
- - Keep
- - drop
- - Drop
- - hashmod
- - HashMod
- - labelmap
- - LabelMap
- - labeldrop
- - LabelDrop
- - labelkeep
- - LabelKeep
- - lowercase
- - Lowercase
- - uppercase
- - Uppercase
- type: string
- modulus:
- description: Modulus to take of the hash of the source
- label values.
- format: int64
- type: integer
- regex:
- description: Regular expression against which the extracted
- value is matched. Default is '(.*)'
- type: string
- replacement:
- description: Replacement value against which a regex
- replace is performed if the regular expression matches.
- Regex capture groups are available. Default is '$1'
- type: string
- separator:
- description: Separator placed between concatenated source
- label values. default is ';'.
- type: string
- sourceLabels:
- description: The source labels select values from existing
- labels. Their content is concatenated using the configured
- separator and matched against the configured regular
- expression for the replace, keep, and drop actions.
- items:
- description: LabelName is a valid Prometheus label
- name which may only contain ASCII letters, numbers,
- as well as underscores.
- pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
- type: string
- type: array
- targetLabel:
- description: Label to which the resulting value is written
- in a replace action. It is mandatory for replace actions.
- Regex capture groups are available.
- type: string
- type: object
- type: array
- selector:
- description: Selector to select the Ingress objects.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector
- requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a selector
- that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the label key that the selector
- applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are In, NotIn,
- Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values.
- If the operator is In or NotIn, the values array
- must be non-empty. If the operator is Exists or
- DoesNotExist, the values array must be empty.
- This array is replaced during a strategic merge
- patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs.
- A single {key,value} in the matchLabels map is equivalent
- to an element of matchExpressions, whose key field is
- "key", the operator is "In", and the values array contains
- only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- type: object
- staticConfig:
- description: 'staticConfig defines the static list of targets
- to probe and the relabeling configuration. If `ingress` is also
- defined, `staticConfig` takes precedence. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.'
- properties:
- labels:
- additionalProperties:
- type: string
- description: Labels assigned to all metrics scraped from the
- targets.
- type: object
- relabelingConfigs:
- description: 'RelabelConfigs to apply to the label set of
- the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
- items:
- description: 'RelabelConfig allows dynamic rewriting of
- the label set, being applied to samples before ingestion.
- It defines `<metric_relabel_configs>`-section of Prometheus
- configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
- properties:
- action:
- default: replace
- description: Action to perform based on regex matching.
- Default is 'replace'. uppercase and lowercase actions
- require Prometheus >= 2.36.
- enum:
- - replace
- - Replace
- - keep
- - Keep
- - drop
- - Drop
- - hashmod
- - HashMod
- - labelmap
- - LabelMap
- - labeldrop
- - LabelDrop
- - labelkeep
- - LabelKeep
- - lowercase
- - Lowercase
- - uppercase
- - Uppercase
- type: string
- modulus:
- description: Modulus to take of the hash of the source
- label values.
- format: int64
- type: integer
- regex:
- description: Regular expression against which the extracted
- value is matched. Default is '(.*)'
- type: string
- replacement:
- description: Replacement value against which a regex
- replace is performed if the regular expression matches.
- Regex capture groups are available. Default is '$1'
- type: string
- separator:
- description: Separator placed between concatenated source
- label values. default is ';'.
- type: string
- sourceLabels:
- description: The source labels select values from existing
- labels. Their content is concatenated using the configured
- separator and matched against the configured regular
- expression for the replace, keep, and drop actions.
- items:
- description: LabelName is a valid Prometheus label
- name which may only contain ASCII letters, numbers,
- as well as underscores.
- pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
- type: string
- type: array
- targetLabel:
- description: Label to which the resulting value is written
- in a replace action. It is mandatory for replace actions.
- Regex capture groups are available.
- type: string
- type: object
- type: array
- static:
- description: The list of hosts to probe.
- items:
- type: string
- type: array
- type: object
- type: object
- tlsConfig:
- description: TLS configuration to use when scraping the endpoint.
- properties:
- ca:
- description: Struct containing the CA cert to use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cert:
- description: Struct containing the client cert file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keySecret:
- description: Secret containing the client key file for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must be
- a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be
- defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
- ---
- ---
- apiVersion: apiextensions.k8s.io/v1
- kind: CustomResourceDefinition
- metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: prometheuses.monitoring.coreos.com
- spec:
- group: monitoring.coreos.com
- names:
- categories:
- - prometheus-operator
- kind: Prometheus
- listKind: PrometheusList
- plural: prometheuses
- shortNames:
- - prom
- singular: prometheus
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The version of Prometheus
- jsonPath: .spec.version
- name: Version
- type: string
- - description: The desired replicas number of Prometheuses
- jsonPath: .spec.replicas
- name: Replicas
- type: integer
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1
- schema:
- openAPIV3Schema:
- description: Prometheus defines a Prometheus deployment.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: 'Specification of the desired behavior of the Prometheus
- cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- additionalAlertManagerConfigs:
- description: 'AdditionalAlertManagerConfigs allows specifying a key
- of a Secret containing additional Prometheus AlertManager configurations.
- AlertManager configurations specified are appended to the configurations
- generated by the Prometheus Operator. Job configurations specified
- must have the form as specified in the official Prometheus documentation:
- https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config.
- As AlertManager configs are appended, the user is responsible to
- make sure it is valid. Note that using this feature may expose the
- possibility to break upgrades of Prometheus. It is advised to review
- Prometheus release notes to ensure that no incompatible AlertManager
- configs are going to break Prometheus after the upgrade.'
- properties:
- key:
- description: The key of the secret to select from. Must be a
- valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- additionalAlertRelabelConfigs:
- description: 'AdditionalAlertRelabelConfigs allows specifying a key
- of a Secret containing additional Prometheus alert relabel configurations.
- Alert relabel configurations specified are appended to the configurations
- generated by the Prometheus Operator. Alert relabel configurations
- specified must have the form as specified in the official Prometheus
- documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs.
- As alert relabel configs are appended, the user is responsible to
- make sure it is valid. Note that using this feature may expose the
- possibility to break upgrades of Prometheus. It is advised to review
- Prometheus release notes to ensure that no incompatible alert relabel
- configs are going to break Prometheus after the upgrade.'
- properties:
- key:
- description: The key of the secret to select from. Must be a
- valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- additionalArgs:
- description: AdditionalArgs allows setting additional arguments for
- the Prometheus container. It is intended for e.g. activating hidden
- flags which are not supported by the dedicated configuration options
- yet. The arguments are passed as-is to the Prometheus container
- which may cause issues if they are invalid or not supporeted by
- the given Prometheus version. In case of an argument conflict (e.g.
- an argument which is already set by the operator itself) or when
- providing an invalid argument the reconciliation will fail and an
- error will be logged.
- items:
- description: Argument as part of the AdditionalArgs list.
- properties:
- name:
- description: Name of the argument, e.g. "scrape.discovery-reload-interval".
- minLength: 1
- type: string
- value:
- description: Argument value, e.g. 30s. Can be empty for name-only
- arguments (e.g. --storage.tsdb.no-lockfile)
- type: string
- required:
- - name
- type: object
- type: array
- additionalScrapeConfigs:
- description: 'AdditionalScrapeConfigs allows specifying a key of a
- Secret containing additional Prometheus scrape configurations. Scrape
- configurations specified are appended to the configurations generated
- by the Prometheus Operator. Job configurations specified must have
- the form as specified in the official Prometheus documentation:
- https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config.
- As scrape configs are appended, the user is responsible to make
- sure it is valid. Note that using this feature may expose the possibility
- to break upgrades of Prometheus. It is advised to review Prometheus
- release notes to ensure that no incompatible scrape configs are
- going to break Prometheus after the upgrade.'
- properties:
- key:
- description: The key of the secret to select from. Must be a
- valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- affinity:
- description: If specified, the pod's scheduling constraints.
- properties:
- nodeAffinity:
- description: Describes node affinity scheduling rules for the
- pod.
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to
- nodes that satisfy the affinity expressions specified by
- this field, but it may choose a node that violates one or
- more of the expressions. The node that is most preferred
- is the one with the greatest sum of weights, i.e. for each
- node that meets all of the scheduling requirements (resource
- request, requiredDuringScheduling affinity expressions,
- etc.), compute a sum by iterating through the elements of
- this field and adding "weight" to the sum if the node matches
- the corresponding matchExpressions; the node(s) with the
- highest sum are the most preferred.
- items:
- description: An empty preferred scheduling term matches
- all objects with implicit weight 0 (i.e. it's a no-op).
- A null preferred scheduling term matches no objects (i.e.
- is also a no-op).
- properties:
- preference:
- description: A node selector term, associated with the
- corresponding weight.
- properties:
- matchExpressions:
- description: A list of node selector requirements
- by node's labels.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchFields:
- description: A list of node selector requirements
- by node's fields.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- type: object
- x-kubernetes-map-type: atomic
- weight:
- description: Weight associated with matching the corresponding
- nodeSelectorTerm, in the range 1-100.
- format: int32
- type: integer
- required:
- - preference
- - weight
- type: object
- type: array
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this
- field are not met at scheduling time, the pod will not be
- scheduled onto the node. If the affinity requirements specified
- by this field cease to be met at some point during pod execution
- (e.g. due to an update), the system may or may not try to
- eventually evict the pod from its node.
- properties:
- nodeSelectorTerms:
- description: Required. A list of node selector terms.
- The terms are ORed.
- items:
- description: A null or empty node selector term matches
- no objects. The requirements of them are ANDed. The
- TopologySelectorTerm type implements a subset of the
- NodeSelectorTerm.
- properties:
- matchExpressions:
- description: A list of node selector requirements
- by node's labels.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchFields:
- description: A list of node selector requirements
- by node's fields.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- type: object
- x-kubernetes-map-type: atomic
- type: array
- required:
- - nodeSelectorTerms
- type: object
- x-kubernetes-map-type: atomic
- type: object
- podAffinity:
- description: Describes pod affinity scheduling rules (e.g. co-locate
- this pod in the same node, zone, etc. as some other pod(s)).
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to
- nodes that satisfy the affinity expressions specified by
- this field, but it may choose a node that violates one or
- more of the expressions. The node that is most preferred
- is the one with the greatest sum of weights, i.e. for each
- node that meets all of the scheduling requirements (resource
- request, requiredDuringScheduling affinity expressions,
- etc.), compute a sum by iterating through the elements of
- this field and adding "weight" to the sum if the node has
- pods which matches the corresponding podAffinityTerm; the
- node(s) with the highest sum are the most preferred.
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm
- fields are added per-node to find the most preferred node(s)
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated
- with the corresponding weight.
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied
- to the union of the namespaces selected by this
- field and the ones listed in the namespaces field.
- null selector and null or empty namespaces list
- means "this pod's namespace". An empty selector
- ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list
- of namespace names that the term applies to. The
- term is applied to the union of the namespaces
- listed in this field and the ones selected by
- namespaceSelector. null or empty namespaces list
- and null namespaceSelector means "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods
- matching the labelSelector in the specified namespaces,
- where co-located is defined as running on a node
- whose value of the label with key topologyKey
- matches that of any node on which any of the selected
- pods is running. Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- weight:
- description: weight associated with matching the corresponding
- podAffinityTerm, in the range 1-100.
- format: int32
- type: integer
- required:
- - podAffinityTerm
- - weight
- type: object
- type: array
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this
- field are not met at scheduling time, the pod will not be
- scheduled onto the node. If the affinity requirements specified
- by this field cease to be met at some point during pod execution
- (e.g. due to a pod label update), the system may or may
- not try to eventually evict the pod from its node. When
- there are multiple elements, the lists of nodes corresponding
- to each podAffinityTerm are intersected, i.e. all terms
- must be satisfied.
- items:
- description: Defines a set of pods (namely those matching
- the labelSelector relative to the given namespace(s))
- that this pod should be co-located (affinity) or not co-located
- (anti-affinity) with, where co-located is defined as running
- on a node whose value of the label with key <topologyKey>
- matches that of any node on which a pod of the set of
- pods is running
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied to the
- union of the namespaces selected by this field and
- the ones listed in the namespaces field. null selector
- and null or empty namespaces list means "this pod's
- namespace". An empty selector ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace
- names that the term applies to. The term is applied
- to the union of the namespaces listed in this field
- and the ones selected by namespaceSelector. null or
- empty namespaces list and null namespaceSelector means
- "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods matching
- the labelSelector in the specified namespaces, where
- co-located is defined as running on a node whose value
- of the label with key topologyKey matches that of
- any node on which any of the selected pods is running.
- Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- type: array
- type: object
- podAntiAffinity:
- description: Describes pod anti-affinity scheduling rules (e.g.
- avoid putting this pod in the same node, zone, etc. as some
- other pod(s)).
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to
- nodes that satisfy the anti-affinity expressions specified
- by this field, but it may choose a node that violates one
- or more of the expressions. The node that is most preferred
- is the one with the greatest sum of weights, i.e. for each
- node that meets all of the scheduling requirements (resource
- request, requiredDuringScheduling anti-affinity expressions,
- etc.), compute a sum by iterating through the elements of
- this field and adding "weight" to the sum if the node has
- pods which matches the corresponding podAffinityTerm; the
- node(s) with the highest sum are the most preferred.
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm
- fields are added per-node to find the most preferred node(s)
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated
- with the corresponding weight.
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied
- to the union of the namespaces selected by this
- field and the ones listed in the namespaces field.
- null selector and null or empty namespaces list
- means "this pod's namespace". An empty selector
- ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list
- of namespace names that the term applies to. The
- term is applied to the union of the namespaces
- listed in this field and the ones selected by
- namespaceSelector. null or empty namespaces list
- and null namespaceSelector means "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods
- matching the labelSelector in the specified namespaces,
- where co-located is defined as running on a node
- whose value of the label with key topologyKey
- matches that of any node on which any of the selected
- pods is running. Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- weight:
- description: weight associated with matching the corresponding
- podAffinityTerm, in the range 1-100.
- format: int32
- type: integer
- required:
- - podAffinityTerm
- - weight
- type: object
- type: array
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the anti-affinity requirements specified by
- this field are not met at scheduling time, the pod will
- not be scheduled onto the node. If the anti-affinity requirements
- specified by this field cease to be met at some point during
- pod execution (e.g. due to a pod label update), the system
- may or may not try to eventually evict the pod from its
- node. When there are multiple elements, the lists of nodes
- corresponding to each podAffinityTerm are intersected, i.e.
- all terms must be satisfied.
- items:
- description: Defines a set of pods (namely those matching
- the labelSelector relative to the given namespace(s))
- that this pod should be co-located (affinity) or not co-located
- (anti-affinity) with, where co-located is defined as running
- on a node whose value of the label with key <topologyKey>
- matches that of any node on which a pod of the set of
- pods is running
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied to the
- union of the namespaces selected by this field and
- the ones listed in the namespaces field. null selector
- and null or empty namespaces list means "this pod's
- namespace". An empty selector ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace
- names that the term applies to. The term is applied
- to the union of the namespaces listed in this field
- and the ones selected by namespaceSelector. null or
- empty namespaces list and null namespaceSelector means
- "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods matching
- the labelSelector in the specified namespaces, where
- co-located is defined as running on a node whose value
- of the label with key topologyKey matches that of
- any node on which any of the selected pods is running.
- Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- type: array
- type: object
- type: object
- alerting:
- description: Define details regarding alerting.
- properties:
- alertmanagers:
- description: AlertmanagerEndpoints Prometheus should fire alerts
- against.
- items:
- description: AlertmanagerEndpoints defines a selection of a
- single Endpoints object containing alertmanager IPs to fire
- alerts against.
- properties:
- apiVersion:
- description: Version of the Alertmanager API that Prometheus
- uses to send alerts. It can be "v1" or "v2".
- type: string
- authorization:
- description: Authorization section for this alertmanager
- endpoint
- properties:
- credentials:
- description: The secret's key that contains the credentials
- of the request
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults to
- Bearer, Basic will cause an error
- type: string
- type: object
- bearerTokenFile:
- description: BearerTokenFile to read from filesystem to
- use when authenticating to Alertmanager.
- type: string
- name:
- description: Name of Endpoints object in Namespace.
- type: string
- namespace:
- description: Namespace of Endpoints object.
- type: string
- pathPrefix:
- description: Prefix for the HTTP path alerts are pushed
- to.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Port the Alertmanager API is exposed on.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use when firing alerts.
- type: string
- timeout:
- description: Timeout is a per-target Alertmanager timeout
- when pushing alerts.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- tlsConfig:
- description: TLS Config to use for alertmanager connection.
- properties:
- ca:
- description: Struct containing the CA cert to use for
- the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for
- the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the
- targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- caFile:
- description: Path to the CA cert in the Prometheus container
- to use for the targets.
- type: string
- cert:
- description: Struct containing the client cert file
- for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for
- the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the
- targets.
- properties:
- key:
- description: The key of the secret to select
- from. Must be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion,
- kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- certFile:
- description: Path to the client cert file in the Prometheus
- container for the targets.
- type: string
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keyFile:
- description: Path to the client key file in the Prometheus
- container for the targets.
- type: string
- keySecret:
- description: Secret containing the client key file for
- the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- required:
- - name
- - namespace
- - port
- type: object
- type: array
- required:
- - alertmanagers
- type: object
- allowOverlappingBlocks:
- description: AllowOverlappingBlocks enables vertical compaction and
- vertical query merge in Prometheus. This is still experimental in
- Prometheus so it may change in any upcoming release.
- type: boolean
- apiserverConfig:
- description: APIServerConfig allows specifying a host and auth methods
- to access apiserver. If left empty, Prometheus is assumed to run
- inside of the cluster and will discover API servers automatically
- and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
- properties:
- authorization:
- description: Authorization section for accessing apiserver
- properties:
- credentials:
- description: The secret's key that contains the credentials
- of the request
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- credentialsFile:
- description: File to read a secret from, mutually exclusive
- with Credentials (from SafeAuthorization)
- type: string
- type:
- description: Set the authentication type. Defaults to Bearer,
- Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth allow an endpoint to authenticate over
- basic authentication
- properties:
- password:
- description: The secret in the service monitor namespace that
- contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor namespace that
- contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerToken:
- description: Bearer token for accessing apiserver.
- type: string
- bearerTokenFile:
- description: File to read bearer token for accessing apiserver.
- type: string
- host:
- description: Host of apiserver. A valid string consisting of a
- hostname or IP followed by an optional port number
- type: string
- tlsConfig:
- description: TLS Config to use for accessing apiserver.
- properties:
- ca:
- description: Struct containing the CA cert to use for the
- targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- caFile:
- description: Path to the CA cert in the Prometheus container
- to use for the targets.
- type: string
- cert:
- description: Struct containing the client cert file for the
- targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- certFile:
- description: Path to the client cert file in the Prometheus
- container for the targets.
- type: string
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keyFile:
- description: Path to the client key file in the Prometheus
- container for the targets.
- type: string
- keySecret:
- description: Secret containing the client key file for the
- targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- required:
- - host
- type: object
- arbitraryFSAccessThroughSMs:
- description: ArbitraryFSAccessThroughSMs configures whether configuration
- based on a service monitor can access arbitrary files on the file
- system of the Prometheus container e.g. bearer token files.
- properties:
- deny:
- type: boolean
- type: object
- baseImage:
- description: 'Base image to use for a Prometheus deployment. Deprecated:
- use ''image'' instead'
- type: string
- configMaps:
- description: ConfigMaps is a list of ConfigMaps in the same namespace
- as the Prometheus object, which shall be mounted into the Prometheus
- Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/<configmap-name>.
- items:
- type: string
- type: array
- containers:
- description: 'Containers allows injecting additional containers or
- modifying operator generated containers. This can be used to allow
- adding an authentication proxy to a Prometheus pod or to change
- the behavior of an operator generated container. Containers described
- here modify an operator generated container if they share the same
- name and modifications are done via a strategic merge patch. The
- current container names are: `prometheus`, `config-reloader`, and
- `thanos-sidecar`. Overriding containers is entirely outside the
- scope of what the maintainers will support and by doing so, you
- accept that this behaviour may break at any time without notice.'
- items:
- description: A single application container that you want to run
- within a pod.
- properties:
- args:
- description: 'Arguments to the entrypoint. The container image''s
- CMD is used if this is not provided. Variable references $(VAR_NAME)
- are expanded using the container''s environment. If a variable
- cannot be resolved, the reference in the input string will
- be unchanged. Double $$ are reduced to a single $, which allows
- for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references
- will never be expanded, regardless of whether the variable
- exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- command:
- description: 'Entrypoint array. Not executed within a shell.
- The container image''s ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container''s
- environment. If a variable cannot be resolved, the reference
- in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax:
- i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether
- the variable exists or not. Cannot be updated. More info:
- https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- env:
- description: List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment variable present
- in a Container.
- properties:
- name:
- description: Name of the environment variable. Must be
- a C_IDENTIFIER.
- type: string
- value:
- description: 'Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in
- the container and any service environment variables.
- If a variable cannot be resolved, the reference in the
- input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME)
- syntax: i.e. "$$(VAR_NAME)" will produce the string
- literal "$(VAR_NAME)". Escaped references will never
- be expanded, regardless of whether the variable exists
- or not. Defaults to "".'
- type: string
- valueFrom:
- description: Source for the environment variable's value.
- Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: 'Selects a field of the pod: supports
- metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
- `metadata.annotations[''<KEY>'']`, spec.nodeName,
- spec.serviceAccountName, status.hostIP, status.podIP,
- status.podIPs.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select in the
- specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, limits.ephemeral-storage, requests.cpu,
- requests.memory and requests.ephemeral-storage)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for volumes,
- optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format of the
- exposed resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret in the pod's
- namespace
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: List of sources to populate environment variables
- in the container. The keys defined within a source must be
- a C_IDENTIFIER. All invalid keys will be reported as an event
- when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take
- precedence. Values defined by an Env with a duplicate key
- will take precedence. Cannot be updated.
- items:
- description: EnvFromSource represents the source of a set
- of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap must be
- defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend to each
- key in the ConfigMap. Must be a C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
- This field is optional to allow higher level config management
- to default or override container images in workload controllers
- like Deployments and StatefulSets.'
- type: string
- imagePullPolicy:
- description: 'Image pull policy. One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent
- otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- type: string
- lifecycle:
- description: Actions that the management system should take
- in response to container lifecycle events. Cannot be updated.
- properties:
- postStart:
- description: 'PostStart is called immediately after a container
- is created. If the handler fails, the container is terminated
- and restarted according to its restart policy. Other management
- of the container blocks until the hook completes. More
- info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: 'PreStop is called immediately before a container
- is terminated due to an API request or management event
- such as liveness/startup probe failure, preemption, resource
- contention, etc. The handler is not called if the container
- crashes or exits. The Pod''s termination grace period
- countdown begins before the PreStop hook is executed.
- Regardless of the outcome of the handler, the container
- will eventually terminate within the Pod''s termination
- grace period (unless delayed by finalizers). Other management
- of the container blocks until the hook completes or until
- the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: 'Periodic probe of container liveness. Container
- will be restarted if the probe fails. Cannot be updated. More
- info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- name:
- description: Name of the container specified as a DNS_LABEL.
- Each container in a pod must have a unique name (DNS_LABEL).
- Cannot be updated.
- type: string
- ports:
- description: List of ports to expose from the container. Exposing
- a port here gives the system additional information about
- the network connections a container uses, but is primarily
- informational. Not specifying a port here DOES NOT prevent
- that port from being exposed. Any port which is listening
- on the default "0.0.0.0" address inside a container will be
- accessible from the network. Cannot be updated.
- items:
- description: ContainerPort represents a network port in a
- single container.
- properties:
- containerPort:
- description: Number of port to expose on the pod's IP
- address. This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external port to.
- type: string
- hostPort:
- description: Number of port to expose on the host. If
- specified, this must be a valid port number, 0 < x <
- 65536. If HostNetwork is specified, this must match
- ContainerPort. Most containers do not need this.
- format: int32
- type: integer
- name:
- description: If specified, this must be an IANA_SVC_NAME
- and unique within the pod. Each named port in a pod
- must have a unique name. Name for the port that can
- be referred to by services.
- type: string
- protocol:
- default: TCP
- description: Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: 'Periodic probe of container service readiness.
- Container will be removed from service endpoints if the probe
- fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- resources:
- description: 'Compute Resources required by this container.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- securityContext:
- description: 'SecurityContext defines the security options the
- container should be run with. If set, the fields of SecurityContext
- override the equivalent fields of PodSecurityContext. More
- info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
- properties:
- allowPrivilegeEscalation:
- description: 'AllowPrivilegeEscalation controls whether
- a process can gain more privileges than its parent process.
- This bool directly controls if the no_new_privs flag will
- be set on the container process. AllowPrivilegeEscalation
- is true always when the container is: 1) run as Privileged
- 2) has CAP_SYS_ADMIN Note that this field cannot be set
- when spec.os.name is windows.'
- type: boolean
- capabilities:
- description: The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by
- the container runtime. Note that this field cannot be
- set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- type: object
- privileged:
- description: Run container in privileged mode. Processes
- in privileged containers are essentially equivalent to
- root on the host. Defaults to false. Note that this field
- cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: procMount denotes the type of proc mount to
- use for the containers. The default is DefaultProcMount
- which uses the container runtime defaults for readonly
- paths and masked paths. This requires the ProcMountType
- feature flag to be enabled. Note that this field cannot
- be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: Whether this container has a read-only root
- filesystem. Default is false. Note that this field cannot
- be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: The GID to run the entrypoint of the container
- process. Uses runtime default if unset. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: Indicates that the container must run as a
- non-root user. If true, the Kubelet will validate the
- image at runtime to ensure that it does not run as UID
- 0 (root) and fail to start the container if it does. If
- unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both
- SecurityContext and PodSecurityContext, the value specified
- in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: The UID to run the entrypoint of the container
- process. Defaults to user specified in image metadata
- if unspecified. May also be set in PodSecurityContext. If
- set in both SecurityContext and PodSecurityContext, the
- value specified in SecurityContext takes precedence. Note
- that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a
- random SELinux context for each container. May also be
- set in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that applies
- to the container.
- type: string
- role:
- description: Role is a SELinux role label that applies
- to the container.
- type: string
- type:
- description: Type is a SELinux type label that applies
- to the container.
- type: string
- user:
- description: User is a SELinux user label that applies
- to the container.
- type: string
- type: object
- seccompProfile:
- description: The seccomp options to use by this container.
- If seccomp options are provided at both the pod & container
- level, the container options override the pod options.
- Note that this field cannot be set when spec.os.name is
- windows.
- properties:
- localhostProfile:
- description: localhostProfile indicates a profile defined
- in a file on the node should be used. The profile
- must be preconfigured on the node to work. Must be
- a descending path, relative to the kubelet's configured
- seccomp profile location. Must only be set if type
- is "Localhost".
- type: string
- type:
- description: "type indicates which kind of seccomp profile
- will be applied. Valid options are: \n Localhost -
- a profile defined in a file on the node should be
- used. RuntimeDefault - the container runtime default
- profile should be used. Unconfined - no profile should
- be applied."
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: The Windows specific settings applied to all
- containers. If unspecified, the options from the PodSecurityContext
- will be used. If set in both SecurityContext and PodSecurityContext,
- the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is
- linux.
- properties:
- gmsaCredentialSpec:
- description: GMSACredentialSpec is where the GMSA admission
- webhook (https://github.com/kubernetes-sigs/windows-gmsa)
- inlines the contents of the GMSA credential spec named
- by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name of the
- GMSA credential spec to use.
- type: string
- hostProcess:
- description: HostProcess determines if a container should
- be run as a 'Host Process' container. This field is
- alpha-level and will only be honored by components
- that enable the WindowsHostProcessContainers feature
- flag. Setting this field without the feature flag
- will result in errors when validating the Pod. All
- of a Pod's containers must have the same effective
- HostProcess value (it is not allowed to have a mix
- of HostProcess containers and non-HostProcess containers). In
- addition, if HostProcess is true then HostNetwork
- must also be set to true.
- type: boolean
- runAsUserName:
- description: The UserName in Windows to run the entrypoint
- of the container process. Defaults to the user specified
- in image metadata if unspecified. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: 'StartupProbe indicates that the Pod has successfully
- initialized. If specified, no other probes are executed until
- this completes successfully. If this probe fails, the Pod
- will be restarted, just as if the livenessProbe failed. This
- can be used to provide different probe parameters at the beginning
- of a Pod''s lifecycle, when it might take a long time to load
- data or warm a cache, than during steady-state operation.
- This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- stdin:
- description: Whether this container should allocate a buffer
- for stdin in the container runtime. If this is not set, reads
- from stdin in the container will always result in EOF. Default
- is false.
- type: boolean
- stdinOnce:
- description: Whether the container runtime should close the
- stdin channel after it has been opened by a single attach.
- When stdin is true the stdin stream will remain open across
- multiple attach sessions. If stdinOnce is set to true, stdin
- is opened on container start, is empty until the first client
- attaches to stdin, and then remains open and accepts data
- until the client disconnects, at which time stdin is closed
- and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin
- will never receive an EOF. Default is false
- type: boolean
- terminationMessagePath:
- description: 'Optional: Path at which the file to which the
- container''s termination message will be written is mounted
- into the container''s filesystem. Message written is intended
- to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes.
- The total message length across all containers will be limited
- to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
- type: string
- terminationMessagePolicy:
- description: Indicate how the termination message should be
- populated. File will use the contents of terminationMessagePath
- to populate the container status message on both success and
- failure. FallbackToLogsOnError will use the last chunk of
- container log output if the termination message file is empty
- and the container exited with an error. The log output is
- limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
- to File. Cannot be updated.
- type: string
- tty:
- description: Whether this container should allocate a TTY for
- itself, also requires 'stdin' to be true. Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block devices to be
- used by the container.
- items:
- description: volumeDevice describes a mapping of a raw block
- device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside of the container
- that the device will be mapped to.
- type: string
- name:
- description: name must match the name of a persistentVolumeClaim
- in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: Pod volumes to mount into the container's filesystem.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting of a Volume
- within a container.
- properties:
- mountPath:
- description: Path within the container at which the volume
- should be mounted. Must not contain ':'.
- type: string
- mountPropagation:
- description: mountPropagation determines how mounts are
- propagated from the host to container and the other
- way around. When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: Mounted read-only if true, read-write otherwise
- (false or unspecified). Defaults to false.
- type: boolean
- subPath:
- description: Path within the volume from which the container's
- volume should be mounted. Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: Expanded path within the volume from which
- the container's volume should be mounted. Behaves similarly
- to SubPath but environment variable references $(VAR_NAME)
- are expanded using the container's environment. Defaults
- to "" (volume's root). SubPathExpr and SubPath are mutually
- exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: Container's working directory. If not specified,
- the container runtime's default will be used, which might
- be configured in the container image. Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- disableCompaction:
- description: Disable prometheus compaction.
- type: boolean
- enableAdminAPI:
- description: 'Enable access to prometheus web admin API. Defaults
- to the value of `false`. WARNING: Enabling the admin APIs enables
- mutating endpoints, to delete data, shutdown Prometheus, and more.
- Enabling this should be done with care and the user is advised to
- add additional authentication authorization via a proxy to ensure
- only clients authorized to perform these actions can do so. For
- more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis'
- type: boolean
- enableFeatures:
- description: Enable access to Prometheus disabled features. By default,
- no features are enabled. Enabling disabled features is entirely
- outside the scope of what the maintainers will support and by doing
- so, you accept that this behaviour may break at any time without
- notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/
- items:
- type: string
- type: array
- enableRemoteWriteReceiver:
- description: 'Enable Prometheus to be used as a receiver for the Prometheus
- remote write protocol. Defaults to the value of `false`. WARNING:
- This is not considered an efficient way of ingesting samples. Use
- it with caution for specific low-volume use cases. It is not suitable
- for replacing the ingestion via scraping and turning Prometheus
- into a push-based metrics collection system. For more information
- see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver
- Only valid in Prometheus versions 2.33.0 and newer.'
- type: boolean
- enforcedBodySizeLimit:
- description: 'EnforcedBodySizeLimit defines the maximum size of uncompressed
- response body that will be accepted by Prometheus. Targets responding
- with a body larger than this many bytes will cause the scrape to
- fail. Example: 100MB. If defined, the limit will apply to all service/pod
- monitors and probes. This is an experimental feature, this behaviour
- could change or be removed in the future. Only valid in Prometheus
- versions 2.28.0 and newer.'
- pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
- type: string
- enforcedLabelLimit:
- description: Per-scrape limit on number of labels that will be accepted
- for a sample. If more than this number of labels are present post
- metric-relabeling, the entire scrape will be treated as failed.
- 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
- format: int64
- type: integer
- enforcedLabelNameLengthLimit:
- description: Per-scrape limit on length of labels name that will be
- accepted for a sample. If a label name is longer than this number
- post metric-relabeling, the entire scrape will be treated as failed.
- 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
- format: int64
- type: integer
- enforcedLabelValueLengthLimit:
- description: Per-scrape limit on length of labels value that will
- be accepted for a sample. If a label value is longer than this number
- post metric-relabeling, the entire scrape will be treated as failed.
- 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer.
- format: int64
- type: integer
- enforcedNamespaceLabel:
- description: "EnforcedNamespaceLabel If set, a label will be added
- to \n 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor`
- and `Probe` objects) and 2. in all `PrometheusRule` objects (except
- the ones excluded in `prometheusRulesExcludedFromEnforce`) to *
- alerting & recording rules and * the metrics used in their expressions
- (`expr`). \n Label name is this field's value. Label value is the
- namespace of the created object (mentioned above)."
- type: string
- enforcedSampleLimit:
- description: EnforcedSampleLimit defines global limit on number of
- scraped samples that will be accepted. This overrides any SampleLimit
- set per ServiceMonitor or/and PodMonitor. It is meant to be used
- by admins to enforce the SampleLimit to keep overall number of samples/series
- under the desired limit. Note that if SampleLimit is lower that
- value will be taken instead.
- format: int64
- type: integer
- enforcedTargetLimit:
- description: EnforcedTargetLimit defines a global limit on the number
- of scraped targets. This overrides any TargetLimit set per ServiceMonitor
- or/and PodMonitor. It is meant to be used by admins to enforce
- the TargetLimit to keep the overall number of targets under the
- desired limit. Note that if TargetLimit is lower, that value will
- be taken instead, except if either value is zero, in which case
- the non-zero value will be used. If both values are zero, no limit
- is enforced.
- format: int64
- type: integer
- evaluationInterval:
- default: 30s
- description: 'Interval between consecutive evaluations. Default: `30s`'
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- excludedFromEnforcement:
- description: List of references to PodMonitor, ServiceMonitor, Probe
- and PrometheusRule objects to be excluded from enforcing a namespace
- label of origin. Applies only if enforcedNamespaceLabel set to true.
- items:
- description: ObjectReference references a PodMonitor, ServiceMonitor,
- Probe or PrometheusRule object.
- properties:
- group:
- default: monitoring.coreos.com
- description: Group of the referent. When not specified, it defaults
- to `monitoring.coreos.com`
- enum:
- - monitoring.coreos.com
- type: string
- name:
- description: Name of the referent. When not set, all resources
- are matched.
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- minLength: 1
- type: string
- resource:
- description: Resource of the referent.
- enum:
- - prometheusrules
- - servicemonitors
- - podmonitors
- - probes
- type: string
- required:
- - namespace
- - resource
- type: object
- type: array
- exemplars:
- description: Exemplars related settings that are runtime reloadable.
- It requires to enable the exemplar storage feature to be effective.
- properties:
- maxSize:
- description: Maximum number of exemplars stored in memory for
- all series. If not set, Prometheus uses its default value. A
- value of zero or less than zero disables the storage.
- format: int64
- type: integer
- type: object
- externalLabels:
- additionalProperties:
- type: string
- description: The labels to add to any time series or alerts when communicating
- with external systems (federation, remote storage, Alertmanager).
- type: object
- externalUrl:
- description: The external URL the Prometheus instances will be available
- under. This is necessary to generate correct URLs. This is necessary
- if Prometheus is not served from root of a DNS name.
- type: string
- hostAliases:
- description: Pods' hostAliases configuration
- items:
- description: HostAlias holds the mapping between IP and hostnames
- that will be injected as an entry in the pod's hosts file.
- properties:
- hostnames:
- description: Hostnames for the above IP address.
- items:
- type: string
- type: array
- ip:
- description: IP address of the host file entry.
- type: string
- required:
- - hostnames
- - ip
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - ip
- x-kubernetes-list-type: map
- ignoreNamespaceSelectors:
- description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector
- settings from all PodMonitor, ServiceMonitor and Probe objects.
- They will only discover endpoints within the namespace of the PodMonitor,
- ServiceMonitor and Probe objects. Defaults to false.
- type: boolean
- image:
- description: Image if specified has precedence over baseImage, tag
- and sha combinations. Specifying the version is still necessary
- to ensure the Prometheus Operator knows what version of Prometheus
- is being configured.
- type: string
- imagePullSecrets:
- description: An optional list of references to secrets in the same
- namespace to use for pulling prometheus and alertmanager images
- from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- initContainers:
- description: 'InitContainers allows adding initContainers to the pod
- definition. Those can be used to e.g. fetch secrets for injection
- into the Prometheus configuration from external sources. Any errors
- during the execution of an initContainer will lead to a restart
- of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
- InitContainers described here modify an operator generated init
- containers if they share the same name and modifications are done
- via a strategic merge patch. The current init container name is:
- `init-config-reloader`. Overriding init containers is entirely outside
- the scope of what the maintainers will support and by doing so,
- you accept that this behaviour may break at any time without notice.'
- items:
- description: A single application container that you want to run
- within a pod.
- properties:
- args:
- description: 'Arguments to the entrypoint. The container image''s
- CMD is used if this is not provided. Variable references $(VAR_NAME)
- are expanded using the container''s environment. If a variable
- cannot be resolved, the reference in the input string will
- be unchanged. Double $$ are reduced to a single $, which allows
- for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references
- will never be expanded, regardless of whether the variable
- exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- command:
- description: 'Entrypoint array. Not executed within a shell.
- The container image''s ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container''s
- environment. If a variable cannot be resolved, the reference
- in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax:
- i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether
- the variable exists or not. Cannot be updated. More info:
- https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- env:
- description: List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment variable present
- in a Container.
- properties:
- name:
- description: Name of the environment variable. Must be
- a C_IDENTIFIER.
- type: string
- value:
- description: 'Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in
- the container and any service environment variables.
- If a variable cannot be resolved, the reference in the
- input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME)
- syntax: i.e. "$$(VAR_NAME)" will produce the string
- literal "$(VAR_NAME)". Escaped references will never
- be expanded, regardless of whether the variable exists
- or not. Defaults to "".'
- type: string
- valueFrom:
- description: Source for the environment variable's value.
- Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: 'Selects a field of the pod: supports
- metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
- `metadata.annotations[''<KEY>'']`, spec.nodeName,
- spec.serviceAccountName, status.hostIP, status.podIP,
- status.podIPs.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select in the
- specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, limits.ephemeral-storage, requests.cpu,
- requests.memory and requests.ephemeral-storage)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for volumes,
- optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format of the
- exposed resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret in the pod's
- namespace
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: List of sources to populate environment variables
- in the container. The keys defined within a source must be
- a C_IDENTIFIER. All invalid keys will be reported as an event
- when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take
- precedence. Values defined by an Env with a duplicate key
- will take precedence. Cannot be updated.
- items:
- description: EnvFromSource represents the source of a set
- of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap must be
- defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend to each
- key in the ConfigMap. Must be a C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
- This field is optional to allow higher level config management
- to default or override container images in workload controllers
- like Deployments and StatefulSets.'
- type: string
- imagePullPolicy:
- description: 'Image pull policy. One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent
- otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- type: string
- lifecycle:
- description: Actions that the management system should take
- in response to container lifecycle events. Cannot be updated.
- properties:
- postStart:
- description: 'PostStart is called immediately after a container
- is created. If the handler fails, the container is terminated
- and restarted according to its restart policy. Other management
- of the container blocks until the hook completes. More
- info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: 'PreStop is called immediately before a container
- is terminated due to an API request or management event
- such as liveness/startup probe failure, preemption, resource
- contention, etc. The handler is not called if the container
- crashes or exits. The Pod''s termination grace period
- countdown begins before the PreStop hook is executed.
- Regardless of the outcome of the handler, the container
- will eventually terminate within the Pod''s termination
- grace period (unless delayed by finalizers). Other management
- of the container blocks until the hook completes or until
- the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: 'Periodic probe of container liveness. Container
- will be restarted if the probe fails. Cannot be updated. More
- info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- name:
- description: Name of the container specified as a DNS_LABEL.
- Each container in a pod must have a unique name (DNS_LABEL).
- Cannot be updated.
- type: string
- ports:
- description: List of ports to expose from the container. Exposing
- a port here gives the system additional information about
- the network connections a container uses, but is primarily
- informational. Not specifying a port here DOES NOT prevent
- that port from being exposed. Any port which is listening
- on the default "0.0.0.0" address inside a container will be
- accessible from the network. Cannot be updated.
- items:
- description: ContainerPort represents a network port in a
- single container.
- properties:
- containerPort:
- description: Number of port to expose on the pod's IP
- address. This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external port to.
- type: string
- hostPort:
- description: Number of port to expose on the host. If
- specified, this must be a valid port number, 0 < x <
- 65536. If HostNetwork is specified, this must match
- ContainerPort. Most containers do not need this.
- format: int32
- type: integer
- name:
- description: If specified, this must be an IANA_SVC_NAME
- and unique within the pod. Each named port in a pod
- must have a unique name. Name for the port that can
- be referred to by services.
- type: string
- protocol:
- default: TCP
- description: Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: 'Periodic probe of container service readiness.
- Container will be removed from service endpoints if the probe
- fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- resources:
- description: 'Compute Resources required by this container.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- securityContext:
- description: 'SecurityContext defines the security options the
- container should be run with. If set, the fields of SecurityContext
- override the equivalent fields of PodSecurityContext. More
- info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
- properties:
- allowPrivilegeEscalation:
- description: 'AllowPrivilegeEscalation controls whether
- a process can gain more privileges than its parent process.
- This bool directly controls if the no_new_privs flag will
- be set on the container process. AllowPrivilegeEscalation
- is true always when the container is: 1) run as Privileged
- 2) has CAP_SYS_ADMIN Note that this field cannot be set
- when spec.os.name is windows.'
- type: boolean
- capabilities:
- description: The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by
- the container runtime. Note that this field cannot be
- set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- type: object
- privileged:
- description: Run container in privileged mode. Processes
- in privileged containers are essentially equivalent to
- root on the host. Defaults to false. Note that this field
- cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: procMount denotes the type of proc mount to
- use for the containers. The default is DefaultProcMount
- which uses the container runtime defaults for readonly
- paths and masked paths. This requires the ProcMountType
- feature flag to be enabled. Note that this field cannot
- be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: Whether this container has a read-only root
- filesystem. Default is false. Note that this field cannot
- be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: The GID to run the entrypoint of the container
- process. Uses runtime default if unset. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: Indicates that the container must run as a
- non-root user. If true, the Kubelet will validate the
- image at runtime to ensure that it does not run as UID
- 0 (root) and fail to start the container if it does. If
- unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both
- SecurityContext and PodSecurityContext, the value specified
- in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: The UID to run the entrypoint of the container
- process. Defaults to user specified in image metadata
- if unspecified. May also be set in PodSecurityContext. If
- set in both SecurityContext and PodSecurityContext, the
- value specified in SecurityContext takes precedence. Note
- that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a
- random SELinux context for each container. May also be
- set in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that applies
- to the container.
- type: string
- role:
- description: Role is a SELinux role label that applies
- to the container.
- type: string
- type:
- description: Type is a SELinux type label that applies
- to the container.
- type: string
- user:
- description: User is a SELinux user label that applies
- to the container.
- type: string
- type: object
- seccompProfile:
- description: The seccomp options to use by this container.
- If seccomp options are provided at both the pod & container
- level, the container options override the pod options.
- Note that this field cannot be set when spec.os.name is
- windows.
- properties:
- localhostProfile:
- description: localhostProfile indicates a profile defined
- in a file on the node should be used. The profile
- must be preconfigured on the node to work. Must be
- a descending path, relative to the kubelet's configured
- seccomp profile location. Must only be set if type
- is "Localhost".
- type: string
- type:
- description: "type indicates which kind of seccomp profile
- will be applied. Valid options are: \n Localhost -
- a profile defined in a file on the node should be
- used. RuntimeDefault - the container runtime default
- profile should be used. Unconfined - no profile should
- be applied."
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: The Windows specific settings applied to all
- containers. If unspecified, the options from the PodSecurityContext
- will be used. If set in both SecurityContext and PodSecurityContext,
- the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is
- linux.
- properties:
- gmsaCredentialSpec:
- description: GMSACredentialSpec is where the GMSA admission
- webhook (https://github.com/kubernetes-sigs/windows-gmsa)
- inlines the contents of the GMSA credential spec named
- by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name of the
- GMSA credential spec to use.
- type: string
- hostProcess:
- description: HostProcess determines if a container should
- be run as a 'Host Process' container. This field is
- alpha-level and will only be honored by components
- that enable the WindowsHostProcessContainers feature
- flag. Setting this field without the feature flag
- will result in errors when validating the Pod. All
- of a Pod's containers must have the same effective
- HostProcess value (it is not allowed to have a mix
- of HostProcess containers and non-HostProcess containers). In
- addition, if HostProcess is true then HostNetwork
- must also be set to true.
- type: boolean
- runAsUserName:
- description: The UserName in Windows to run the entrypoint
- of the container process. Defaults to the user specified
- in image metadata if unspecified. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: 'StartupProbe indicates that the Pod has successfully
- initialized. If specified, no other probes are executed until
- this completes successfully. If this probe fails, the Pod
- will be restarted, just as if the livenessProbe failed. This
- can be used to provide different probe parameters at the beginning
- of a Pod''s lifecycle, when it might take a long time to load
- data or warm a cache, than during steady-state operation.
- This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- stdin:
- description: Whether this container should allocate a buffer
- for stdin in the container runtime. If this is not set, reads
- from stdin in the container will always result in EOF. Default
- is false.
- type: boolean
- stdinOnce:
- description: Whether the container runtime should close the
- stdin channel after it has been opened by a single attach.
- When stdin is true the stdin stream will remain open across
- multiple attach sessions. If stdinOnce is set to true, stdin
- is opened on container start, is empty until the first client
- attaches to stdin, and then remains open and accepts data
- until the client disconnects, at which time stdin is closed
- and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin
- will never receive an EOF. Default is false
- type: boolean
- terminationMessagePath:
- description: 'Optional: Path at which the file to which the
- container''s termination message will be written is mounted
- into the container''s filesystem. Message written is intended
- to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes.
- The total message length across all containers will be limited
- to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
- type: string
- terminationMessagePolicy:
- description: Indicate how the termination message should be
- populated. File will use the contents of terminationMessagePath
- to populate the container status message on both success and
- failure. FallbackToLogsOnError will use the last chunk of
- container log output if the termination message file is empty
- and the container exited with an error. The log output is
- limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
- to File. Cannot be updated.
- type: string
- tty:
- description: Whether this container should allocate a TTY for
- itself, also requires 'stdin' to be true. Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block devices to be
- used by the container.
- items:
- description: volumeDevice describes a mapping of a raw block
- device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside of the container
- that the device will be mapped to.
- type: string
- name:
- description: name must match the name of a persistentVolumeClaim
- in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: Pod volumes to mount into the container's filesystem.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting of a Volume
- within a container.
- properties:
- mountPath:
- description: Path within the container at which the volume
- should be mounted. Must not contain ':'.
- type: string
- mountPropagation:
- description: mountPropagation determines how mounts are
- propagated from the host to container and the other
- way around. When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: Mounted read-only if true, read-write otherwise
- (false or unspecified). Defaults to false.
- type: boolean
- subPath:
- description: Path within the volume from which the container's
- volume should be mounted. Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: Expanded path within the volume from which
- the container's volume should be mounted. Behaves similarly
- to SubPath but environment variable references $(VAR_NAME)
- are expanded using the container's environment. Defaults
- to "" (volume's root). SubPathExpr and SubPath are mutually
- exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: Container's working directory. If not specified,
- the container runtime's default will be used, which might
- be configured in the container image. Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- listenLocal:
- description: ListenLocal makes the Prometheus server listen on loopback,
- so that it does not bind against the Pod IP.
- type: boolean
- logFormat:
- description: Log format for Prometheus to be configured with.
- enum:
- - ""
- - logfmt
- - json
- type: string
- logLevel:
- description: Log level for Prometheus to be configured with.
- enum:
- - ""
- - debug
- - info
- - warn
- - error
- type: string
- minReadySeconds:
- description: Minimum number of seconds for which a newly created pod
- should be ready without any of its container crashing for it to
- be considered available. Defaults to 0 (pod will be considered available
- as soon as it is ready) This is an alpha field and requires enabling
- StatefulSetMinReadySeconds feature gate.
- format: int32
- type: integer
- nodeSelector:
- additionalProperties:
- type: string
- description: Define which Nodes the Pods are scheduled on.
- type: object
- overrideHonorLabels:
- description: When true, Prometheus resolves label conflicts by renaming
- the labels in the scraped data to "exported_<label value>" for all
- targets created from service and pod monitors. Otherwise the HonorLabels
- field of the service or pod monitor applies.
- type: boolean
- overrideHonorTimestamps:
- description: When true, Prometheus ignores the timestamps for all
- the targets created from service and pod monitors. Otherwise the
- HonorTimestamps field of the service or pod monitor applies.
- type: boolean
- paused:
- description: When a Prometheus deployment is paused, no actions except
- for deletion will be performed on the underlying objects.
- type: boolean
- podMetadata:
- description: PodMetadata configures Labels and Annotations which are
- propagated to the prometheus pods.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map stored
- with a resource that may be set by external tools to store and
- retrieve arbitrary metadata. They are not queryable and should
- be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used to
- organize and categorize (scope and select) objects. May match
- selectors of replication controllers and services. More info:
- http://kubernetes.io/docs/user-guide/labels'
- type: object
- name:
- description: 'Name must be unique within a namespace. Is required
- when creating resources, although some resources may allow a
- client to request the generation of an appropriate name automatically.
- Name is primarily intended for creation idempotence and configuration
- definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
- type: string
- type: object
- podMonitorNamespaceSelector:
- description: Namespace's labels to match for PodMonitor discovery.
- If nil, only check own namespace.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- podMonitorSelector:
- description: '*Experimental* PodMonitors to be selected for target
- discovery. *Deprecated:* if neither this nor serviceMonitorSelector
- are specified, configuration is unmanaged.'
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- portName:
- description: Port name used for the pods and governing service. This
- defaults to web
- type: string
- priorityClassName:
- description: Priority class assigned to the Pods
- type: string
- probeNamespaceSelector:
- description: '*Experimental* Namespaces to be selected for Probe discovery.
- If nil, only check own namespace.'
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- probeSelector:
- description: '*Experimental* Probes to be selected for target discovery.'
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- prometheusExternalLabelName:
- description: Name of Prometheus external label used to denote Prometheus
- instance name. Defaults to the value of `prometheus`. External label
- will _not_ be added when value is set to empty string (`""`).
- type: string
- prometheusRulesExcludedFromEnforce:
- description: 'PrometheusRulesExcludedFromEnforce - list of prometheus
- rules to be excluded from enforcing of adding namespace labels.
- Works only if enforcedNamespaceLabel set to true. Make sure both
- ruleNamespace and ruleName are set for each pair. Deprecated: use
- excludedFromEnforcement instead.'
- items:
- description: PrometheusRuleExcludeConfig enables users to configure
- excluded PrometheusRule names and their namespaces to be ignored
- while enforcing namespace label for alerts and metrics.
- properties:
- ruleName:
- description: RuleNamespace - name of excluded rule
- type: string
- ruleNamespace:
- description: RuleNamespace - namespace of excluded rule
- type: string
- required:
- - ruleName
- - ruleNamespace
- type: object
- type: array
- query:
- description: QuerySpec defines the query command line flags when starting
- Prometheus.
- properties:
- lookbackDelta:
- description: The delta difference allowed for retrieving metrics
- during expression evaluations.
- type: string
- maxConcurrency:
- description: Number of concurrent queries that can be run at once.
- format: int32
- type: integer
- maxSamples:
- description: Maximum number of samples a single query can load
- into memory. Note that queries will fail if they would load
- more samples than this into memory, so this also limits the
- number of samples a query can return.
- format: int32
- type: integer
- timeout:
- description: Maximum time a query may take before being aborted.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- type: object
- queryLogFile:
- description: QueryLogFile specifies the file to which PromQL queries
- are logged. If the filename has an empty path, e.g. 'query.log',
- prometheus-operator will mount the file into an emptyDir volume
- at `/var/log/prometheus`. If a full path is provided, e.g. /var/log/prometheus/query.log,
- you must mount a volume in the specified directory and it must be
- writable. This is because the prometheus container runs with a read-only
- root filesystem for security reasons. Alternatively, the location
- can be set to a stdout location such as `/dev/stdout` to log query
- information to the default Prometheus log stream. This is only available
- in versions of Prometheus >= 2.16.0. For more details, see the Prometheus
- docs (https://prometheus.io/docs/guides/query-log/)
- type: string
- remoteRead:
- description: remoteRead is the list of remote read configurations.
- items:
- description: RemoteReadSpec defines the configuration for Prometheus
- to read back samples from a remote endpoint.
- properties:
- authorization:
- description: Authorization section for remote read
- properties:
- credentials:
- description: The secret's key that contains the credentials
- of the request
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- credentialsFile:
- description: File to read a secret from, mutually exclusive
- with Credentials (from SafeAuthorization)
- type: string
- type:
- description: Set the authentication type. Defaults to Bearer,
- Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the URL.
- properties:
- password:
- description: The secret in the service monitor namespace
- that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor namespace
- that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerToken:
- description: Bearer token for remote read.
- type: string
- bearerTokenFile:
- description: File to read bearer token for remote read.
- type: string
- headers:
- additionalProperties:
- type: string
- description: Custom HTTP headers to be sent along with each
- remote read request. Be aware that headers that are set by
- Prometheus itself can't be overwritten. Only valid in Prometheus
- versions 2.26.0 and newer.
- type: object
- name:
- description: The name of the remote read queue, it must be unique
- if specified. The name is used in metrics and logging in order
- to differentiate read configurations. Only valid in Prometheus
- versions 2.15.0 and newer.
- type: string
- oauth2:
- description: OAuth2 for the URL. Only valid in Prometheus versions
- 2.27.0 and newer.
- properties:
- clientId:
- description: The secret or configmap containing the OAuth2
- client id
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2 client secret
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyUrl:
- description: Optional ProxyURL.
- type: string
- readRecent:
- description: Whether reads should be made for queries for time
- ranges that the local storage should have complete data for.
- type: boolean
- remoteTimeout:
- description: Timeout for requests to the remote read endpoint.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- requiredMatchers:
- additionalProperties:
- type: string
- description: An optional list of equality matchers which have
- to be present in a selector to query the remote read endpoint.
- type: object
- tlsConfig:
- description: TLS Config to use for remote read.
- properties:
- ca:
- description: Struct containing the CA cert to use for the
- targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- caFile:
- description: Path to the CA cert in the Prometheus container
- to use for the targets.
- type: string
- cert:
- description: Struct containing the client cert file for
- the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- certFile:
- description: Path to the client cert file in the Prometheus
- container for the targets.
- type: string
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keyFile:
- description: Path to the client key file in the Prometheus
- container for the targets.
- type: string
- keySecret:
- description: Secret containing the client key file for the
- targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- url:
- description: The URL of the endpoint to query from.
- type: string
- required:
- - url
- type: object
- type: array
- remoteWrite:
- description: remoteWrite is the list of remote write configurations.
- items:
- description: RemoteWriteSpec defines the configuration to write
- samples from Prometheus to a remote endpoint.
- properties:
- authorization:
- description: Authorization section for remote write
- properties:
- credentials:
- description: The secret's key that contains the credentials
- of the request
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- credentialsFile:
- description: File to read a secret from, mutually exclusive
- with Credentials (from SafeAuthorization)
- type: string
- type:
- description: Set the authentication type. Defaults to Bearer,
- Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: BasicAuth for the URL.
- properties:
- password:
- description: The secret in the service monitor namespace
- that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor namespace
- that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerToken:
- description: Bearer token for remote write.
- type: string
- bearerTokenFile:
- description: File to read bearer token for remote write.
- type: string
- headers:
- additionalProperties:
- type: string
- description: Custom HTTP headers to be sent along with each
- remote write request. Be aware that headers that are set by
- Prometheus itself can't be overwritten. Only valid in Prometheus
- versions 2.25.0 and newer.
- type: object
- metadataConfig:
- description: MetadataConfig configures the sending of series
- metadata to the remote storage.
- properties:
- send:
- description: Whether metric metadata is sent to the remote
- storage or not.
- type: boolean
- sendInterval:
- description: How frequently metric metadata is sent to the
- remote storage.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- type: object
- name:
- description: The name of the remote write queue, it must be
- unique if specified. The name is used in metrics and logging
- in order to differentiate queues. Only valid in Prometheus
- versions 2.15.0 and newer.
- type: string
- oauth2:
- description: OAuth2 for the URL. Only valid in Prometheus versions
- 2.27.0 and newer.
- properties:
- clientId:
- description: The secret or configmap containing the OAuth2
- client id
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2 client secret
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- proxyUrl:
- description: Optional ProxyURL.
- type: string
- queueConfig:
- description: QueueConfig allows tuning of the remote write queue
- parameters.
- properties:
- batchSendDeadline:
- description: BatchSendDeadline is the maximum time a sample
- will wait in buffer.
- type: string
- capacity:
- description: Capacity is the number of samples to buffer
- per shard before we start dropping them.
- type: integer
- maxBackoff:
- description: MaxBackoff is the maximum retry delay.
- type: string
- maxRetries:
- description: MaxRetries is the maximum number of times to
- retry a batch on recoverable errors.
- type: integer
- maxSamplesPerSend:
- description: MaxSamplesPerSend is the maximum number of
- samples per send.
- type: integer
- maxShards:
- description: MaxShards is the maximum number of shards,
- i.e. amount of concurrency.
- type: integer
- minBackoff:
- description: MinBackoff is the initial retry delay. Gets
- doubled for every retry.
- type: string
- minShards:
- description: MinShards is the minimum number of shards,
- i.e. amount of concurrency.
- type: integer
- retryOnRateLimit:
- description: Retry upon receiving a 429 status code from
- the remote-write storage. This is experimental feature
- and might change in the future.
- type: boolean
- type: object
- remoteTimeout:
- description: Timeout for requests to the remote write endpoint.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- sendExemplars:
- description: Enables sending of exemplars over remote write.
- Note that exemplar-storage itself must be enabled using the
- enableFeature option for exemplars to be scraped in the first
- place. Only valid in Prometheus versions 2.27.0 and newer.
- type: boolean
- sigv4:
- description: Sigv4 allows to configures AWS's Signature Verification
- 4
- properties:
- accessKey:
- description: AccessKey is the AWS API key. If blank, the
- environment variable `AWS_ACCESS_KEY_ID` is used.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- profile:
- description: Profile is the named AWS profile used to authenticate.
- type: string
- region:
- description: Region is the AWS region. If blank, the region
- from the default credentials chain used.
- type: string
- roleArn:
- description: RoleArn is the named AWS profile used to authenticate.
- type: string
- secretKey:
- description: SecretKey is the AWS API secret. If blank,
- the environment variable `AWS_SECRET_ACCESS_KEY` is used.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- tlsConfig:
- description: TLS Config to use for remote write.
- properties:
- ca:
- description: Struct containing the CA cert to use for the
- targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- caFile:
- description: Path to the CA cert in the Prometheus container
- to use for the targets.
- type: string
- cert:
- description: Struct containing the client cert file for
- the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- certFile:
- description: Path to the client cert file in the Prometheus
- container for the targets.
- type: string
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keyFile:
- description: Path to the client key file in the Prometheus
- container for the targets.
- type: string
- keySecret:
- description: Secret containing the client key file for the
- targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- url:
- description: The URL of the endpoint to send samples to.
- type: string
- writeRelabelConfigs:
- description: The list of remote write relabel configurations.
- items:
- description: 'RelabelConfig allows dynamic rewriting of the
- label set, being applied to samples before ingestion. It
- defines `<metric_relabel_configs>`-section of Prometheus
- configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
- properties:
- action:
- default: replace
- description: Action to perform based on regex matching.
- Default is 'replace'. uppercase and lowercase actions
- require Prometheus >= 2.36.
- enum:
- - replace
- - Replace
- - keep
- - Keep
- - drop
- - Drop
- - hashmod
- - HashMod
- - labelmap
- - LabelMap
- - labeldrop
- - LabelDrop
- - labelkeep
- - LabelKeep
- - lowercase
- - Lowercase
- - uppercase
- - Uppercase
- type: string
- modulus:
- description: Modulus to take of the hash of the source
- label values.
- format: int64
- type: integer
- regex:
- description: Regular expression against which the extracted
- value is matched. Default is '(.*)'
- type: string
- replacement:
- description: Replacement value against which a regex replace
- is performed if the regular expression matches. Regex
- capture groups are available. Default is '$1'
- type: string
- separator:
- description: Separator placed between concatenated source
- label values. default is ';'.
- type: string
- sourceLabels:
- description: The source labels select values from existing
- labels. Their content is concatenated using the configured
- separator and matched against the configured regular
- expression for the replace, keep, and drop actions.
- items:
- description: LabelName is a valid Prometheus label name
- which may only contain ASCII letters, numbers, as
- well as underscores.
- pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
- type: string
- type: array
- targetLabel:
- description: Label to which the resulting value is written
- in a replace action. It is mandatory for replace actions.
- Regex capture groups are available.
- type: string
- type: object
- type: array
- required:
- - url
- type: object
- type: array
- replicaExternalLabelName:
- description: Name of Prometheus external label used to denote replica
- name. Defaults to the value of `prometheus_replica`. External label
- will _not_ be added when value is set to empty string (`""`).
- type: string
- replicas:
- description: Number of replicas of each shard to deploy for a Prometheus
- deployment. Number of replicas multiplied by shards is the total
- number of Pods created.
- format: int32
- type: integer
- resources:
- description: Define resources requests and limits for single Pods.
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- retention:
- description: Time duration Prometheus shall retain data for. Default
- is '24h' if retentionSize is not set, and must match the regular
- expression `[0-9]+(ms|s|m|h|d|w|y)` (milliseconds seconds minutes
- hours days weeks years).
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- retentionSize:
- description: Maximum amount of disk space used by blocks.
- pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$
- type: string
- routePrefix:
- description: The route prefix Prometheus registers HTTP handlers for.
- This is useful, if using ExternalURL and a proxy is rewriting HTTP
- routes of a request, and the actual ExternalURL is still true, but
- the server serves requests under a different route prefix. For example
- for use with `kubectl proxy`.
- type: string
- ruleNamespaceSelector:
- description: Namespaces to be selected for PrometheusRules discovery.
- If unspecified, only the same namespace as the Prometheus object
- is in is used.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- ruleSelector:
- description: A selector to select which PrometheusRules to mount for
- loading alerting/recording rules from. Until (excluding) Prometheus
- Operator v0.24.0 Prometheus Operator will migrate any legacy rule
- ConfigMaps to PrometheusRule custom resources selected by RuleSelector.
- Make sure it does not match any config maps that you do not want
- to be migrated.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- rules:
- description: /--rules.*/ command-line arguments.
- properties:
- alert:
- description: /--rules.alert.*/ command-line arguments
- properties:
- forGracePeriod:
- description: Minimum duration between alert and restored 'for'
- state. This is maintained only for alerts with configured
- 'for' time greater than grace period.
- type: string
- forOutageTolerance:
- description: Max time to tolerate prometheus outage for restoring
- 'for' state of alert.
- type: string
- resendDelay:
- description: Minimum amount of time to wait before resending
- an alert to Alertmanager.
- type: string
- type: object
- type: object
- scrapeInterval:
- default: 30s
- description: 'Interval between consecutive scrapes. Default: `30s`'
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- scrapeTimeout:
- description: Number of seconds to wait for target to respond before
- erroring.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- secrets:
- description: Secrets is a list of Secrets in the same namespace as
- the Prometheus object, which shall be mounted into the Prometheus
- Pods. The Secrets are mounted into /etc/prometheus/secrets/<secret-name>.
- items:
- type: string
- type: array
- securityContext:
- description: SecurityContext holds pod-level security attributes and
- common container settings. This defaults to the default PodSecurityContext.
- properties:
- fsGroup:
- description: "A special supplemental group that applies to all
- containers in a pod. Some volume types allow the Kubelet to
- change the ownership of that volume to be owned by the pod:
- \n 1. The owning GID will be the FSGroup 2. The setgid bit is
- set (new files created in the volume will be owned by FSGroup)
- 3. The permission bits are OR'd with rw-rw---- \n If unset,
- the Kubelet will not modify the ownership and permissions of
- any volume. Note that this field cannot be set when spec.os.name
- is windows."
- format: int64
- type: integer
- fsGroupChangePolicy:
- description: 'fsGroupChangePolicy defines behavior of changing
- ownership and permission of the volume before being exposed
- inside Pod. This field will only apply to volume types which
- support fsGroup based ownership(and permissions). It will have
- no effect on ephemeral volume types such as: secret, configmaps
- and emptydir. Valid values are "OnRootMismatch" and "Always".
- If not specified, "Always" is used. Note that this field cannot
- be set when spec.os.name is windows.'
- type: string
- runAsGroup:
- description: The GID to run the entrypoint of the container process.
- Uses runtime default if unset. May also be set in SecurityContext. If
- set in both SecurityContext and PodSecurityContext, the value
- specified in SecurityContext takes precedence for that container.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: Indicates that the container must run as a non-root
- user. If true, the Kubelet will validate the image at runtime
- to ensure that it does not run as UID 0 (root) and fail to start
- the container if it does. If unset or false, no such validation
- will be performed. May also be set in SecurityContext. If set
- in both SecurityContext and PodSecurityContext, the value specified
- in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in SecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence for that container. Note that this field cannot
- be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: The SELinux context to be applied to all containers.
- If unspecified, the container runtime will allocate a random
- SELinux context for each container. May also be set in SecurityContext. If
- set in both SecurityContext and PodSecurityContext, the value
- specified in SecurityContext takes precedence for that container.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that applies to
- the container.
- type: string
- role:
- description: Role is a SELinux role label that applies to
- the container.
- type: string
- type:
- description: Type is a SELinux type label that applies to
- the container.
- type: string
- user:
- description: User is a SELinux user label that applies to
- the container.
- type: string
- type: object
- seccompProfile:
- description: The seccomp options to use by the containers in this
- pod. Note that this field cannot be set when spec.os.name is
- windows.
- properties:
- localhostProfile:
- description: localhostProfile indicates a profile defined
- in a file on the node should be used. The profile must be
- preconfigured on the node to work. Must be a descending
- path, relative to the kubelet's configured seccomp profile
- location. Must only be set if type is "Localhost".
- type: string
- type:
- description: "type indicates which kind of seccomp profile
- will be applied. Valid options are: \n Localhost - a profile
- defined in a file on the node should be used. RuntimeDefault
- - the container runtime default profile should be used.
- Unconfined - no profile should be applied."
- type: string
- required:
- - type
- type: object
- supplementalGroups:
- description: A list of groups applied to the first process run
- in each container, in addition to the container's primary GID. If
- unspecified, no groups will be added to any container. Note
- that this field cannot be set when spec.os.name is windows.
- items:
- format: int64
- type: integer
- type: array
- sysctls:
- description: Sysctls hold a list of namespaced sysctls used for
- the pod. Pods with unsupported sysctls (by the container runtime)
- might fail to launch. Note that this field cannot be set when
- spec.os.name is windows.
- items:
- description: Sysctl defines a kernel parameter to be set
- properties:
- name:
- description: Name of a property to set
- type: string
- value:
- description: Value of a property to set
- type: string
- required:
- - name
- - value
- type: object
- type: array
- windowsOptions:
- description: The Windows specific settings applied to all containers.
- If unspecified, the options within a container's SecurityContext
- will be used. If set in both SecurityContext and PodSecurityContext,
- the value specified in SecurityContext takes precedence. Note
- that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: GMSACredentialSpec is where the GMSA admission
- webhook (https://github.com/kubernetes-sigs/windows-gmsa)
- inlines the contents of the GMSA credential spec named by
- the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name of the GMSA
- credential spec to use.
- type: string
- hostProcess:
- description: HostProcess determines if a container should
- be run as a 'Host Process' container. This field is alpha-level
- and will only be honored by components that enable the WindowsHostProcessContainers
- feature flag. Setting this field without the feature flag
- will result in errors when validating the Pod. All of a
- Pod's containers must have the same effective HostProcess
- value (it is not allowed to have a mix of HostProcess containers
- and non-HostProcess containers). In addition, if HostProcess
- is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: The UserName in Windows to run the entrypoint
- of the container process. Defaults to the user specified
- in image metadata if unspecified. May also be set in PodSecurityContext.
- If set in both SecurityContext and PodSecurityContext, the
- value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- serviceAccountName:
- description: ServiceAccountName is the name of the ServiceAccount
- to use to run the Prometheus Pods.
- type: string
- serviceMonitorNamespaceSelector:
- description: Namespace's labels to match for ServiceMonitor discovery.
- If nil, only check own namespace.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- serviceMonitorSelector:
- description: ServiceMonitors to be selected for target discovery.
- *Deprecated:* if neither this nor podMonitorSelector are specified,
- configuration is unmanaged.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- sha:
- description: 'SHA of Prometheus container image to be deployed. Defaults
- to the value of `version`. Similar to a tag, but the SHA explicitly
- deploys an immutable container image. Version and Tag are ignored
- if SHA is set. Deprecated: use ''image'' instead. The image digest
- can be specified as part of the image URL.'
- type: string
- shards:
- description: 'EXPERIMENTAL: Number of shards to distribute targets
- onto. Number of replicas multiplied by shards is the total number
- of Pods created. Note that scaling down shards will not reshard
- data onto remaining instances, it must be manually moved. Increasing
- shards will not reshard data either but it will continue to be available
- from the same instances. To query globally use Thanos sidecar and
- Thanos querier or remote write data to a central location. Sharding
- is done on the content of the `__address__` target meta-label.'
- format: int32
- type: integer
- storage:
- description: Storage spec to specify how storage shall be used.
- properties:
- disableMountSubPath:
- description: 'Deprecated: subPath usage will be disabled by default
- in a future release, this option will become unnecessary. DisableMountSubPath
- allows to remove any subPath usage in volume mounts.'
- type: boolean
- emptyDir:
- description: 'EmptyDirVolumeSource to be used by the Prometheus
- StatefulSets. If specified, used in place of any volumeClaimTemplate.
- More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
- properties:
- medium:
- description: 'medium represents what type of storage medium
- should back this directory. The default is "" which means
- to use the node''s default medium. Must be an empty string
- (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'sizeLimit is the total amount of local storage
- required for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage on memory
- medium EmptyDir would be the minimum value between the SizeLimit
- specified here and the sum of memory limits of all containers
- in a pod. The default is nil which means that the limit
- is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: 'EphemeralVolumeSource to be used by the Prometheus
- StatefulSets. This is a beta field in k8s 1.21, for lower versions,
- starting with k8s 1.19, it requires enabling the GenericEphemeralVolume
- feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone PVC to
- provision the volume. The pod in which this EphemeralVolumeSource
- is embedded will be the owner of the PVC, i.e. the PVC will
- be deleted together with the pod. The name of the PVC will
- be `<pod name>-<volume name>` where `<volume name>` is the
- name from the `PodSpec.Volumes` array entry. Pod validation
- will reject the pod if the concatenated name is not valid
- for a PVC (for example, too long). \n An existing PVC with
- that name that is not owned by the pod will *not* be used
- for the pod to avoid using an unrelated volume by mistake.
- Starting the pod is then blocked until the unrelated PVC
- is removed. If such a pre-created PVC is meant to be used
- by the pod, the PVC has to updated with an owner reference
- to the pod once the pod exists. Normally this should not
- be necessary, but it may be useful when manually reconstructing
- a broken cluster. \n This field is read-only and no changes
- will be made by Kubernetes to the PVC after it has been
- created. \n Required, must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations that will
- be copied into the PVC when creating it. No other fields
- are allowed and will be rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into the PVC
- that gets created from this template. The same fields
- as in a PersistentVolumeClaim are also valid here.
- properties:
- accessModes:
- description: 'accessModes contains the desired access
- modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'dataSource field can be used to specify
- either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim) If the
- provisioner or an external controller can support
- the specified data source, it will create a new
- volume based on the contents of the specified data
- source. If the AnyVolumeDataSource feature gate
- is enabled, this field will always have the same
- contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'dataSourceRef specifies the object from
- which to populate the volume with data, if a non-empty
- volume is desired. This may be any local object
- from a non-empty API group (non core object) or
- a PersistentVolumeClaim object. When this field
- is specified, volume binding will only succeed if
- the type of the specified object matches some installed
- volume populator or dynamic provisioner. This field
- will replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards compatibility,
- both fields (DataSource and DataSourceRef) will
- be set to the same value automatically if one of
- them is empty and the other is non-empty. There
- are two important differences between DataSource
- and DataSourceRef: * While DataSource only allows
- two specific types of objects, DataSourceRef allows
- any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed values
- (dropping them), DataSourceRef preserves all values,
- and generates an error if a disallowed value is
- specified. (Beta) Using this field requires the
- AnyVolumeDataSource feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'resources represents the minimum resources
- the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify
- resource requirements that are lower than previous
- value but must still be higher than capacity recorded
- in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is
- omitted for a container, it defaults to Limits
- if that is explicitly specified, otherwise to
- an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: selector is a label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement is
- a selector that contains values, a key, and
- an operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If
- the operator is Exists or DoesNotExist,
- the values array must be empty. This array
- is replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'storageClassName is the name of the
- StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume
- is required by the claim. Value of Filesystem is
- implied when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding reference to
- the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- volumeClaimTemplate:
- description: A PVC spec to be used by the Prometheus StatefulSets.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- description: EmbeddedMetadata contains metadata relevant to
- an EmbeddedResource.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value
- map stored with a resource that may be set by external
- tools to store and retrieve arbitrary metadata. They
- are not queryable and should be preserved when modifying
- objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be
- used to organize and categorize (scope and select) objects.
- May match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- name:
- description: 'Name must be unique within a namespace.
- Is required when creating resources, although some resources
- may allow a client to request the generation of an appropriate
- name automatically. Name is primarily intended for creation
- idempotence and configuration definition. Cannot be
- updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
- type: string
- type: object
- spec:
- description: 'Spec defines the desired characteristics of
- a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- accessModes:
- description: 'accessModes contains the desired access
- modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'dataSource field can be used to specify
- either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim) If the provisioner
- or an external controller can support the specified
- data source, it will create a new volume based on the
- contents of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will always have
- the same contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource being referenced
- type: string
- name:
- description: Name is the name of resource being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'dataSourceRef specifies the object from
- which to populate the volume with data, if a non-empty
- volume is desired. This may be any local object from
- a non-empty API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified, volume binding
- will only succeed if the type of the specified object
- matches some installed volume populator or dynamic provisioner.
- This field will replace the functionality of the DataSource
- field and as such if both fields are non-empty, they
- must have the same value. For backwards compatibility,
- both fields (DataSource and DataSourceRef) will be set
- to the same value automatically if one of them is empty
- and the other is non-empty. There are two important
- differences between DataSource and DataSourceRef: *
- While DataSource only allows two specific types of objects,
- DataSourceRef allows any non-core object, as well as
- PersistentVolumeClaim objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef preserves
- all values, and generates an error if a disallowed value
- is specified. (Beta) Using this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource being referenced
- type: string
- name:
- description: Name is the name of resource being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'resources represents the minimum resources
- the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify resource
- requirements that are lower than previous value but
- must still be higher than capacity recorded in the status
- field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is omitted
- for a container, it defaults to Limits if that is
- explicitly specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: selector is a label query over volumes to
- consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector
- requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a selector
- that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the label key that the selector
- applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are In,
- NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values.
- If the operator is In or NotIn, the values
- array must be non-empty. If the operator is
- Exists or DoesNotExist, the values array must
- be empty. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs.
- A single {key,value} in the matchLabels map is equivalent
- to an element of matchExpressions, whose key field
- is "key", the operator is "In", and the values array
- contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'storageClassName is the name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume is
- required by the claim. Value of Filesystem is implied
- when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding reference to the
- PersistentVolume backing this claim.
- type: string
- type: object
- status:
- description: 'Status represents the current information/status
- of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- accessModes:
- description: 'accessModes contains the actual access modes
- the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- allocatedResources:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: allocatedResources is the storage resource
- within AllocatedResources tracks the capacity allocated
- to a PVC. It may be larger than the actual capacity
- when a volume expansion operation is requested. For
- storage quota, the larger value from allocatedResources
- and PVC.spec.resources is used. If allocatedResources
- is not set, PVC.spec.resources alone is used for quota
- calculation. If a volume expansion capacity request
- is lowered, allocatedResources is only lowered if there
- are no expansion operations in progress and if the actual
- volume capacity is equal or lower than the requested
- capacity. This is an alpha field and requires enabling
- RecoverVolumeExpansionFailure feature.
- type: object
- capacity:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: capacity represents the actual resources
- of the underlying volume.
- type: object
- conditions:
- description: conditions is the current Condition of persistent
- volume claim. If underlying persistent volume is being
- resized then the Condition will be set to 'ResizeStarted'.
- items:
- description: PersistentVolumeClaimCondition contails
- details about state of pvc
- properties:
- lastProbeTime:
- description: lastProbeTime is the time we probed
- the condition.
- format: date-time
- type: string
- lastTransitionTime:
- description: lastTransitionTime is the time the
- condition transitioned from one status to another.
- format: date-time
- type: string
- message:
- description: message is the human-readable message
- indicating details about last transition.
- type: string
- reason:
- description: reason is a unique, this should be
- a short, machine understandable string that gives
- the reason for condition's last transition. If
- it reports "ResizeStarted" that means the underlying
- persistent volume is being resized.
- type: string
- status:
- type: string
- type:
- description: PersistentVolumeClaimConditionType
- is a valid value of PersistentVolumeClaimCondition.Type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- phase:
- description: phase represents the current phase of PersistentVolumeClaim.
- type: string
- resizeStatus:
- description: resizeStatus stores status of resize operation.
- ResizeStatus is not set by default but when expansion
- is complete resizeStatus is set to empty string by resize
- controller or kubelet. This is an alpha field and requires
- enabling RecoverVolumeExpansionFailure feature.
- type: string
- type: object
- type: object
- type: object
- tag:
- description: 'Tag of Prometheus container image to be deployed. Defaults
- to the value of `version`. Version is ignored if Tag is set. Deprecated:
- use ''image'' instead. The image tag can be specified as part of
- the image URL.'
- type: string
- thanos:
- description: "Thanos configuration allows configuring various aspects
- of a Prometheus server in a Thanos environment. \n This section
- is experimental, it may change significantly without deprecation
- notice in any release. \n This is experimental and may change significantly
- without backward compatibility in any release."
- properties:
- additionalArgs:
- description: AdditionalArgs allows setting additional arguments
- for the Thanos container. The arguments are passed as-is to
- the Thanos container which may cause issues if they are invalid
- or not supporeted the given Thanos version. In case of an argument
- conflict (e.g. an argument which is already set by the operator
- itself) or when providing an invalid argument the reconciliation
- will fail and an error will be logged.
- items:
- description: Argument as part of the AdditionalArgs list.
- properties:
- name:
- description: Name of the argument, e.g. "scrape.discovery-reload-interval".
- minLength: 1
- type: string
- value:
- description: Argument value, e.g. 30s. Can be empty for
- name-only arguments (e.g. --storage.tsdb.no-lockfile)
- type: string
- required:
- - name
- type: object
- type: array
- baseImage:
- description: 'Thanos base image if other than default. Deprecated:
- use ''image'' instead'
- type: string
- grpcServerTlsConfig:
- description: 'GRPCServerTLSConfig configures the gRPC server from
- which Thanos Querier reads recorded rule data. Note: Currently
- only the CAFile, CertFile, and KeyFile fields are supported.
- Maps to the ''--grpc-server-tls-*'' CLI args.'
- properties:
- ca:
- description: Struct containing the CA cert to use for the
- targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- caFile:
- description: Path to the CA cert in the Prometheus container
- to use for the targets.
- type: string
- cert:
- description: Struct containing the client cert file for the
- targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- certFile:
- description: Path to the client cert file in the Prometheus
- container for the targets.
- type: string
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keyFile:
- description: Path to the client key file in the Prometheus
- container for the targets.
- type: string
- keySecret:
- description: Secret containing the client key file for the
- targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- image:
- description: Image if specified has precedence over baseImage,
- tag and sha combinations. Specifying the version is still necessary
- to ensure the Prometheus Operator knows what version of Thanos
- is being configured.
- type: string
- listenLocal:
- description: ListenLocal makes the Thanos sidecar listen on loopback,
- so that it does not bind against the Pod IP.
- type: boolean
- logFormat:
- description: LogFormat for Thanos sidecar to be configured with.
- enum:
- - ""
- - logfmt
- - json
- type: string
- logLevel:
- description: LogLevel for Thanos sidecar to be configured with.
- enum:
- - ""
- - debug
- - info
- - warn
- - error
- type: string
- minTime:
- description: MinTime for Thanos sidecar to be configured with.
- Option can be a constant time in RFC3339 format or time duration
- relative to current time, such as -1d or 2h45m. Valid duration
- units are ms, s, m, h, d, w, y.
- type: string
- objectStorageConfig:
- description: ObjectStorageConfig configures object storage in
- Thanos. Alternative to ObjectStorageConfigFile, and lower order
- priority.
- properties:
- key:
- description: The key of the secret to select from. Must be
- a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be
- defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- objectStorageConfigFile:
- description: ObjectStorageConfigFile specifies the path of the
- object storage configuration file. When used alongside with
- ObjectStorageConfig, ObjectStorageConfigFile takes precedence.
- type: string
- readyTimeout:
- description: ReadyTimeout is the maximum time Thanos sidecar will
- wait for Prometheus to start. Eg 10m
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- resources:
- description: Resources defines the resource requirements for the
- Thanos sidecar. If not provided, no requests/limits will be
- set
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- sha:
- description: 'SHA of Thanos container image to be deployed. Defaults
- to the value of `version`. Similar to a tag, but the SHA explicitly
- deploys an immutable container image. Version and Tag are ignored
- if SHA is set. Deprecated: use ''image'' instead. The image
- digest can be specified as part of the image URL.'
- type: string
- tag:
- description: 'Tag of Thanos sidecar container image to be deployed.
- Defaults to the value of `version`. Version is ignored if Tag
- is set. Deprecated: use ''image'' instead. The image tag can
- be specified as part of the image URL.'
- type: string
- tracingConfig:
- description: TracingConfig configures tracing in Thanos. This
- is an experimental feature, it may change in any upcoming release
- in a breaking way.
- properties:
- key:
- description: The key of the secret to select from. Must be
- a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be
- defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- tracingConfigFile:
- description: TracingConfig specifies the path of the tracing configuration
- file. When used alongside with TracingConfig, TracingConfigFile
- takes precedence.
- type: string
- version:
- description: Version describes the version of Thanos to use.
- type: string
- volumeMounts:
- description: VolumeMounts allows configuration of additional VolumeMounts
- on the output StatefulSet definition. VolumeMounts specified
- will be appended to other VolumeMounts in the thanos-sidecar
- container.
- items:
- description: VolumeMount describes a mounting of a Volume within
- a container.
- properties:
- mountPath:
- description: Path within the container at which the volume
- should be mounted. Must not contain ':'.
- type: string
- mountPropagation:
- description: mountPropagation determines how mounts are
- propagated from the host to container and the other way
- around. When not set, MountPropagationNone is used. This
- field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: Mounted read-only if true, read-write otherwise
- (false or unspecified). Defaults to false.
- type: boolean
- subPath:
- description: Path within the volume from which the container's
- volume should be mounted. Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: Expanded path within the volume from which
- the container's volume should be mounted. Behaves similarly
- to SubPath but environment variable references $(VAR_NAME)
- are expanded using the container's environment. Defaults
- to "" (volume's root). SubPathExpr and SubPath are mutually
- exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple <key,value,effect> using the matching
- operator <operator>.
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- topologySpreadConstraints:
- description: If specified, the pod's topology spread constraints.
- items:
- description: TopologySpreadConstraint specifies how to spread matching
- pods among the given topology.
- properties:
- labelSelector:
- description: LabelSelector is used to find matching pods. Pods
- that match this label selector are counted to determine the
- number of pods in their corresponding topology domain.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector
- requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a selector
- that contains values, a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label key that the selector
- applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are In, NotIn,
- Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values.
- If the operator is In or NotIn, the values array
- must be non-empty. If the operator is Exists or
- DoesNotExist, the values array must be empty. This
- array is replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs.
- A single {key,value} in the matchLabels map is equivalent
- to an element of matchExpressions, whose key field is
- "key", the operator is "In", and the values array contains
- only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- maxSkew:
- description: 'MaxSkew describes the degree to which pods may
- be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
- it is the maximum permitted difference between the number
- of matching pods in the target topology and the global minimum.
- The global minimum is the minimum number of matching pods
- in an eligible domain or zero if the number of eligible domains
- is less than MinDomains. For example, in a 3-zone cluster,
- MaxSkew is set to 1, and pods with the same labelSelector
- spread as 2/2/1: In this case, the global minimum is 1. |
- zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew
- is 1, incoming pod can only be scheduled to zone3 to become
- 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1)
- on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming
- pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`,
- it is used to give higher precedence to topologies that satisfy
- it. It''s a required field. Default value is 1 and 0 is not
- allowed.'
- format: int32
- type: integer
- minDomains:
- description: "MinDomains indicates a minimum number of eligible
- domains. When the number of eligible domains with matching
- topology keys is less than minDomains, Pod Topology Spread
- treats \"global minimum\" as 0, and then the calculation of
- Skew is performed. And when the number of eligible domains
- with matching topology keys equals or greater than minDomains,
- this value has no effect on scheduling. As a result, when
- the number of eligible domains is less than minDomains, scheduler
- won't schedule more than maxSkew Pods to those domains. If
- value is nil, the constraint behaves as if MinDomains is equal
- to 1. Valid values are integers greater than 0. When value
- is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For
- example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains
- is set to 5 and pods with the same labelSelector spread as
- 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P |
- The number of domains is less than 5(MinDomains), so \"global
- minimum\" is treated as 0. In this situation, new pod with
- the same labelSelector cannot be scheduled, because computed
- skew will be 3(3 - 0) if new Pod is scheduled to any of the
- three zones, it will violate MaxSkew. \n This is an alpha
- field and requires enabling MinDomainsInPodTopologySpread
- feature gate."
- format: int32
- type: integer
- topologyKey:
- description: TopologyKey is the key of node labels. Nodes that
- have a label with this key and identical values are considered
- to be in the same topology. We consider each <key, value>
- as a "bucket", and try to put balanced number of pods into
- each bucket. We define a domain as a particular instance of
- a topology. Also, we define an eligible domain as a domain
- whose nodes match the node selector. e.g. If TopologyKey is
- "kubernetes.io/hostname", each Node is a domain of that topology.
- And, if TopologyKey is "topology.kubernetes.io/zone", each
- zone is a domain of that topology. It's a required field.
- type: string
- whenUnsatisfiable:
- description: 'WhenUnsatisfiable indicates how to deal with a
- pod if it doesn''t satisfy the spread constraint. - DoNotSchedule
- (default) tells the scheduler not to schedule it. - ScheduleAnyway
- tells the scheduler to schedule the pod in any location, but
- giving higher precedence to topologies that would help reduce
- the skew. A constraint is considered "Unsatisfiable" for an
- incoming pod if and only if every possible node assignment
- for that pod would violate "MaxSkew" on some topology. For
- example, in a 3-zone cluster, MaxSkew is set to 1, and pods
- with the same labelSelector spread as 3/1/1: | zone1 | zone2
- | zone3 | | P P P | P | P | If WhenUnsatisfiable is
- set to DoNotSchedule, incoming pod can only be scheduled to
- zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on
- zone2(zone3) satisfies MaxSkew(1). In other words, the cluster
- can still be imbalanced, but scheduler won''t make it *more*
- imbalanced. It''s a required field.'
- type: string
- required:
- - maxSkew
- - topologyKey
- - whenUnsatisfiable
- type: object
- type: array
- version:
- description: Version of Prometheus to be deployed.
- type: string
- volumeMounts:
- description: VolumeMounts allows configuration of additional VolumeMounts
- on the output StatefulSet definition. VolumeMounts specified will
- be appended to other VolumeMounts in the prometheus container, that
- are generated as a result of StorageSpec objects.
- items:
- description: VolumeMount describes a mounting of a Volume within
- a container.
- properties:
- mountPath:
- description: Path within the container at which the volume should
- be mounted. Must not contain ':'.
- type: string
- mountPropagation:
- description: mountPropagation determines how mounts are propagated
- from the host to container and the other way around. When
- not set, MountPropagationNone is used. This field is beta
- in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: Mounted read-only if true, read-write otherwise
- (false or unspecified). Defaults to false.
- type: boolean
- subPath:
- description: Path within the volume from which the container's
- volume should be mounted. Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: Expanded path within the volume from which the
- container's volume should be mounted. Behaves similarly to
- SubPath but environment variable references $(VAR_NAME) are
- expanded using the container's environment. Defaults to ""
- (volume's root). SubPathExpr and SubPath are mutually exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- volumes:
- description: Volumes allows configuration of additional volumes on
- the output StatefulSet definition. Volumes specified will be appended
- to other volumes that are generated as a result of StorageSpec objects.
- items:
- description: Volume represents a named volume in a pod that may
- be accessed by any container in the pod.
- properties:
- awsElasticBlockStore:
- description: 'awsElasticBlockStore represents an AWS Disk resource
- that is attached to a kubelet''s host machine and then exposed
- to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'fsType is the filesystem type of the volume
- that you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- partition:
- description: 'partition is the partition in the volume that
- you want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1, you specify
- the partition as "1". Similarly, the volume partition
- for /dev/sda is "0" (or you can leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'readOnly value true will force the readOnly
- setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'volumeID is unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: azureDisk represents an Azure Data Disk mount on
- the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'cachingMode is the Host Caching mode: None,
- Read Only, Read Write.'
- type: string
- diskName:
- description: diskName is the Name of the data disk in the
- blob storage
- type: string
- diskURI:
- description: diskURI is the URI of data disk in the blob
- storage
- type: string
- fsType:
- description: fsType is Filesystem type to mount. Must be
- a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- kind:
- description: 'kind expected values are Shared: multiple
- blob disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed data
- disk (only in managed availability set). defaults to shared'
- type: string
- readOnly:
- description: readOnly Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: azureFile represents an Azure File Service mount
- on the host and bind mount to the pod.
- properties:
- readOnly:
- description: readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: secretName is the name of secret that contains
- Azure Storage Account Name and Key
- type: string
- shareName:
- description: shareName is the azure share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: cephFS represents a Ceph FS mount on the host that
- shares a pod's lifetime
- properties:
- monitors:
- description: 'monitors is Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'path is Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'readOnly is Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in VolumeMounts.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'secretFile is Optional: SecretFile is the
- path to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'secretRef is Optional: SecretRef is reference
- to the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'user is optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'cinder represents a cinder volume attached and
- mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to
- be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'secretRef is optional: points to a secret
- object containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volumeID used to identify the volume in cinder.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: configMap represents a configMap that should populate
- this volume
- properties:
- defaultMode:
- description: 'defaultMode is optional: mode bits used to
- set permissions on created files by default. Must be an
- octal value between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults to
- 0644. Directories within the path are not affected by
- this setting. This might be in conflict with other options
- that affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: items if unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will be projected
- into the volume as a file whose name is the key and content
- is the value. If specified, the listed keys will be projected
- into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in
- the ConfigMap, the volume setup will error unless it is
- marked optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits used to
- set permissions on this file. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. If not
- specified, the volume defaultMode will be used.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of the file
- to map the key to. May not be an absolute path.
- May not contain the path element '..'. May not start
- with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: optional specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: csi (Container Storage Interface) represents ephemeral
- storage that is handled by certain external CSI drivers (Beta
- feature).
- properties:
- driver:
- description: driver is the name of the CSI driver that handles
- this volume. Consult with your admin for the correct name
- as registered in the cluster.
- type: string
- fsType:
- description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
- If not provided, the empty value is passed to the associated
- CSI driver which will determine the default filesystem
- to apply.
- type: string
- nodePublishSecretRef:
- description: nodePublishSecretRef is a reference to the
- secret object containing sensitive information to pass
- to the CSI driver to complete the CSI NodePublishVolume
- and NodeUnpublishVolume calls. This field is optional,
- and may be empty if no secret is required. If the secret
- object contains more than one secret, all secret references
- are passed.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: readOnly specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: volumeAttributes stores driver-specific properties
- that are passed to the CSI driver. Consult your driver's
- documentation for supported values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: downwardAPI represents downward API about the pod
- that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created files
- by default. Must be a Optional: mode bits used to set
- permissions on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults to
- 0644. Directories within the path are not affected by
- this setting. This might be in conflict with other options
- that affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume file
- items:
- description: DownwardAPIVolumeFile represents information
- to create the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of the pod:
- only annotations, labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select in the
- specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to set permissions
- on this file, must be an octal value between 0000
- and 0777 or a decimal value between 0 and 511. YAML
- accepts both octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This might
- be in conflict with other options that affect the
- file mode, like fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative path
- name of the file to be created. Must not be absolute
- or contain the ''..'' path. Must be utf-8 encoded.
- The first item of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for volumes,
- optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format of the
- exposed resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'emptyDir represents a temporary directory that
- shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'medium represents what type of storage medium
- should back this directory. The default is "" which means
- to use the node''s default medium. Must be an empty string
- (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'sizeLimit is the total amount of local storage
- required for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage on memory
- medium EmptyDir would be the minimum value between the
- SizeLimit specified here and the sum of memory limits
- of all containers in a pod. The default is nil which means
- that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "ephemeral represents a volume that is handled
- by a cluster storage driver. The volume's lifecycle is tied
- to the pod that defines it - it will be created before the
- pod starts, and deleted when the pod is removed. \n Use this
- if: a) the volume is only needed while the pod runs, b) features
- of normal volumes like restoring from snapshot or capacity
- tracking are needed, c) the storage driver is specified through
- a storage class, and d) the storage driver supports dynamic
- volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this volume
- type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that persist
- for longer than the lifecycle of an individual pod. \n Use
- CSI for light-weight local ephemeral volumes if the CSI driver
- is meant to be used that way - see the documentation of the
- driver for more information. \n A pod can use both types of
- ephemeral volumes and persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone PVC to
- provision the volume. The pod in which this EphemeralVolumeSource
- is embedded will be the owner of the PVC, i.e. the PVC
- will be deleted together with the pod. The name of the
- PVC will be `<pod name>-<volume name>` where `<volume
- name>` is the name from the `PodSpec.Volumes` array entry.
- Pod validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too long). \n
- An existing PVC with that name that is not owned by the
- pod will *not* be used for the pod to avoid using an unrelated
- volume by mistake. Starting the pod is then blocked until
- the unrelated PVC is removed. If such a pre-created PVC
- is meant to be used by the pod, the PVC has to updated
- with an owner reference to the pod once the pod exists.
- Normally this should not be necessary, but it may be useful
- when manually reconstructing a broken cluster. \n This
- field is read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required, must
- not be nil."
- properties:
- metadata:
- description: May contain labels and annotations that
- will be copied into the PVC when creating it. No other
- fields are allowed and will be rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into the PVC
- that gets created from this template. The same fields
- as in a PersistentVolumeClaim are also valid here.
- properties:
- accessModes:
- description: 'accessModes contains the desired access
- modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'dataSource field can be used to specify
- either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim) If the
- provisioner or an external controller can support
- the specified data source, it will create a new
- volume based on the contents of the specified
- data source. If the AnyVolumeDataSource feature
- gate is enabled, this field will always have the
- same contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API
- group. For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'dataSourceRef specifies the object
- from which to populate the volume with data, if
- a non-empty volume is desired. This may be any
- local object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object. When
- this field is specified, volume binding will only
- succeed if the type of the specified object matches
- some installed volume populator or dynamic provisioner.
- This field will replace the functionality of the
- DataSource field and as such if both fields are
- non-empty, they must have the same value. For
- backwards compatibility, both fields (DataSource
- and DataSourceRef) will be set to the same value
- automatically if one of them is empty and the
- other is non-empty. There are two important differences
- between DataSource and DataSourceRef: * While
- DataSource only allows two specific types of objects,
- DataSourceRef allows any non-core object, as well
- as PersistentVolumeClaim objects. * While DataSource
- ignores disallowed values (dropping them), DataSourceRef
- preserves all values, and generates an error if
- a disallowed value is specified. (Beta) Using
- this field requires the AnyVolumeDataSource feature
- gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API
- group. For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'resources represents the minimum resources
- the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify
- resource requirements that are lower than previous
- value but must still be higher than capacity recorded
- in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum
- amount of compute resources required. If Requests
- is omitted for a container, it defaults to
- Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: selector is a label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'storageClassName is the name of the
- StorageClass required by the claim. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume
- is required by the claim. Value of Filesystem
- is implied when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: fc represents a Fibre Channel resource that is
- attached to a kubelet's host machine and then exposed to the
- pod.
- properties:
- fsType:
- description: 'fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. TODO: how do we prevent errors in the
- filesystem from compromising the machine'
- type: string
- lun:
- description: 'lun is Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'readOnly is Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'targetWWNs is Optional: FC target worldwide
- names (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'wwids Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs and
- lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: flexVolume represents a generic volume resource
- that is provisioned/attached using an exec based plugin.
- properties:
- driver:
- description: driver is the name of the driver to use for
- this volume.
- type: string
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'options is Optional: this field holds extra
- command options if any.'
- type: object
- readOnly:
- description: 'readOnly is Optional: defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'secretRef is Optional: secretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty if no
- secret object is specified. If the secret object contains
- more than one secret, all secrets are passed to the plugin
- scripts.'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: flocker represents a Flocker volume attached to
- a kubelet's host machine. This depends on the Flocker control
- service being running
- properties:
- datasetName:
- description: datasetName is Name of the dataset stored as
- metadata -> name on the dataset for Flocker should be
- considered as deprecated
- type: string
- datasetUUID:
- description: datasetUUID is the UUID of the dataset. This
- is unique identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'gcePersistentDisk represents a GCE Disk resource
- that is attached to a kubelet''s host machine and then exposed
- to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'fsType is filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples: "ext4",
- "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- partition:
- description: 'partition is the partition in the volume that
- you want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1, you specify
- the partition as "1". Similarly, the volume partition
- for /dev/sda is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'pdName is unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'readOnly here will force the ReadOnly setting
- in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'gitRepo represents a git repository at a particular
- revision. DEPRECATED: GitRepo is deprecated. To provision
- a container with a git repo, mount an EmptyDir into an InitContainer
- that clones the repo using git, then mount the EmptyDir into
- the Pod''s container.'
- properties:
- directory:
- description: directory is the target directory name. Must
- not contain or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git repository
- in the subdirectory with the given name.
- type: string
- repository:
- description: repository is the URL
- type: string
- revision:
- description: revision is the commit hash for the specified
- revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'glusterfs represents a Glusterfs mount on the
- host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'endpoints is the endpoint name that details
- Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'path is the Glusterfs volume path. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'readOnly here will force the Glusterfs volume
- to be mounted with read-only permissions. Defaults to
- false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'hostPath represents a pre-existing file or directory
- on the host machine that is directly exposed to the container.
- This is generally used for system agents or other privileged
- things that are allowed to see the host machine. Most containers
- will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use host directory
- mounts and who can/can not mount host directories as read/write.'
- properties:
- path:
- description: 'path of the directory on the host. If the
- path is a symlink, it will follow the link to the real
- path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'type for HostPath Volume Defaults to "" More
- info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'iscsi represents an ISCSI Disk resource that is
- attached to a kubelet''s host machine and then exposed to
- the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: chapAuthDiscovery defines whether support iSCSI
- Discovery CHAP authentication
- type: boolean
- chapAuthSession:
- description: chapAuthSession defines whether support iSCSI
- Session CHAP authentication
- type: boolean
- fsType:
- description: 'fsType is the filesystem type of the volume
- that you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- initiatorName:
- description: initiatorName is the custom iSCSI Initiator
- Name. If initiatorName is specified with iscsiInterface
- simultaneously, new iSCSI interface <target portal>:<volume
- name> will be created for the connection.
- type: string
- iqn:
- description: iqn is the target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iscsiInterface is the interface Name that uses
- an iSCSI transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: lun represents iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: portals is the iSCSI Target Portal List. The
- portal is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: readOnly here will force the ReadOnly setting
- in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: secretRef is the CHAP Secret for iSCSI target
- and initiator authentication
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: targetPortal is iSCSI Target Portal. The Portal
- is either an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- name:
- description: 'name of the volume. Must be a DNS_LABEL and unique
- within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- nfs:
- description: 'nfs represents an NFS mount on the host that shares
- a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'path that is exported by the NFS server. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'readOnly here will force the NFS export to
- be mounted with read-only permissions. Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'server is the hostname or IP address of the
- NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'persistentVolumeClaimVolumeSource represents a
- reference to a PersistentVolumeClaim in the same namespace.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'claimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: readOnly Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: photonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host machine
- properties:
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- pdID:
- description: pdID is the ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: portworxVolume represents a portworx volume attached
- and mounted on kubelets host machine
- properties:
- fsType:
- description: fSType represents the filesystem type to mount
- Must be a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- readOnly:
- description: readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: volumeID uniquely identifies a Portworx volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: projected items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: defaultMode are the mode bits used to set permissions
- on created files by default. Must be an octal value between
- 0000 and 0777 or a decimal value between 0 and 511. YAML
- accepts both octal and decimal values, JSON requires decimal
- values for mode bits. Directories within the path are
- not affected by this setting. This might be in conflict
- with other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.
- format: int32
- type: integer
- sources:
- description: sources is the list of volume projections
- items:
- description: Projection that may be projected along with
- other supported volume types
- properties:
- configMap:
- description: configMap information about the configMap
- data to project
- properties:
- items:
- description: items if unspecified, each key-value
- pair in the Data field of the referenced ConfigMap
- will be projected into the volume as a file
- whose name is the key and content is the value.
- If specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the ConfigMap, the volume
- setup will error unless it is marked optional.
- Paths must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits
- used to set permissions on this file.
- Must be an octal value between 0000 and
- 0777 or a decimal value between 0 and
- 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for
- mode bits. If not specified, the volume
- defaultMode will be used. This might be
- in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of
- the file to map the key to. May not be
- an absolute path. May not contain the
- path element '..'. May not start with
- the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: optional specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: downwardAPI information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field
- of the pod: only annotations, labels,
- name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of,
- defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..''
- path. Must be utf-8 encoded. The first
- item of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the
- container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu
- and requests.memory) are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults
- to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: secret information about the secret data
- to project
- properties:
- items:
- description: items if unspecified, each key-value
- pair in the Data field of the referenced Secret
- will be projected into the volume as a file
- whose name is the key and content is the value.
- If specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the Secret, the volume setup
- will error unless it is marked optional. Paths
- must be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits
- used to set permissions on this file.
- Must be an octal value between 0000 and
- 0777 or a decimal value between 0 and
- 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for
- mode bits. If not specified, the volume
- defaultMode will be used. This might be
- in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of
- the file to map the key to. May not be
- an absolute path. May not contain the
- path element '..'. May not start with
- the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: optional field specify whether the
- Secret or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: serviceAccountToken is information about
- the serviceAccountToken data to project
- properties:
- audience:
- description: audience is the intended audience
- of the token. A recipient of a token must identify
- itself with an identifier specified in the audience
- of the token, and otherwise should reject the
- token. The audience defaults to the identifier
- of the apiserver.
- type: string
- expirationSeconds:
- description: expirationSeconds is the requested
- duration of validity of the service account
- token. As the token approaches expiration, the
- kubelet volume plugin will proactively rotate
- the service account token. The kubelet will
- start trying to rotate the token if the token
- is older than 80 percent of its time to live
- or if the token is older than 24 hours.Defaults
- to 1 hour and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: path is the path relative to the
- mount point of the file to project the token
- into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: quobyte represents a Quobyte mount on the host
- that shares a pod's lifetime
- properties:
- group:
- description: group to map volume access to Default is no
- group
- type: string
- readOnly:
- description: readOnly here will force the Quobyte volume
- to be mounted with read-only permissions. Defaults to
- false.
- type: boolean
- registry:
- description: registry represents a single or multiple Quobyte
- Registry services specified as a string as host:port pair
- (multiple entries are separated with commas) which acts
- as the central registry for volumes
- type: string
- tenant:
- description: tenant owning the given Quobyte volume in the
- Backend Used with dynamically provisioned Quobyte volumes,
- value is set by the plugin
- type: string
- user:
- description: user to map volume access to Defaults to serivceaccount
- user
- type: string
- volume:
- description: volume is a string that references an already
- created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'rbd represents a Rados Block Device mount on the
- host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'fsType is the filesystem type of the volume
- that you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- image:
- description: 'image is the rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'keyring is the path to key ring for RBDUser.
- Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'monitors is a collection of Ceph monitors.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'pool is the rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'readOnly here will force the ReadOnly setting
- in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'secretRef is name of the authentication secret
- for RBDUser. If provided overrides keyring. Default is
- nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'user is the rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: scaleIO represents a ScaleIO persistent volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Default is "xfs".
- type: string
- gateway:
- description: gateway is the host address of the ScaleIO
- API Gateway.
- type: string
- protectionDomain:
- description: protectionDomain is the name of the ScaleIO
- Protection Domain for the configured storage.
- type: string
- readOnly:
- description: readOnly Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: secretRef references to the secret for ScaleIO
- user and other sensitive information. If this is not provided,
- Login operation will fail.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: sslEnabled Flag enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: storageMode indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: storagePool is the ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: system is the name of the storage system as
- configured in ScaleIO.
- type: string
- volumeName:
- description: volumeName is the name of a volume already
- created in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'secret represents a secret that should populate
- this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'defaultMode is Optional: mode bits used to
- set permissions on created files by default. Must be an
- octal value between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults to
- 0644. Directories within the path are not affected by
- this setting. This might be in conflict with other options
- that affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: items If unspecified, each key-value pair in
- the Data field of the referenced Secret will be projected
- into the volume as a file whose name is the key and content
- is the value. If specified, the listed keys will be projected
- into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in
- the Secret, the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path within a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits used to
- set permissions on this file. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. If not
- specified, the volume defaultMode will be used.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of the file
- to map the key to. May not be an absolute path.
- May not contain the path element '..'. May not start
- with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: optional field specify whether the Secret or
- its keys must be defined
- type: boolean
- secretName:
- description: 'secretName is the name of the secret in the
- pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: storageOS represents a StorageOS volume attached
- and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- readOnly:
- description: readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: secretRef specifies the secret to use for obtaining
- the StorageOS API credentials. If not specified, default
- values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: volumeName is the human-readable name of the
- StorageOS volume. Volume names are only unique within
- a namespace.
- type: string
- volumeNamespace:
- description: volumeNamespace specifies the scope of the
- volume within StorageOS. If no namespace is specified
- then the Pod's namespace will be used. This allows the
- Kubernetes name scoping to be mirrored within StorageOS
- for tighter integration. Set VolumeName to any name to
- override the default behaviour. Set to "default" if you
- are not using namespaces within StorageOS. Namespaces
- that do not pre-exist within StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: vsphereVolume represents a vSphere volume attached
- and mounted on kubelets host machine
- properties:
- fsType:
- description: fsType is filesystem type to mount. Must be
- a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- storagePolicyID:
- description: storagePolicyID is the storage Policy Based
- Management (SPBM) profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: storagePolicyName is the storage Policy Based
- Management (SPBM) profile name.
- type: string
- volumePath:
- description: volumePath is the path that identifies vSphere
- volume vmdk
- type: string
- required:
- - volumePath
- type: object
- required:
- - name
- type: object
- type: array
- walCompression:
- description: Enable compression of the write-ahead log using Snappy.
- This flag is only available in versions of Prometheus >= 2.11.0.
- type: boolean
- web:
- description: Defines the web command line flags when starting Prometheus.
- properties:
- httpConfig:
- description: Defines HTTP parameters for web server.
- properties:
- headers:
- description: List of headers that can be added to HTTP responses.
- properties:
- contentSecurityPolicy:
- description: Set the Content-Security-Policy header to
- HTTP responses. Unset if blank.
- type: string
- strictTransportSecurity:
- description: Set the Strict-Transport-Security header
- to HTTP responses. Unset if blank. Please make sure
- that you use this with care as this header might force
- browsers to load Prometheus and the other applications
- hosted on the same domain and subdomains over HTTPS.
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
- type: string
- xContentTypeOptions:
- description: Set the X-Content-Type-Options header to
- HTTP responses. Unset if blank. Accepted value is nosniff.
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
- enum:
- - ""
- - NoSniff
- type: string
- xFrameOptions:
- description: Set the X-Frame-Options header to HTTP responses.
- Unset if blank. Accepted values are deny and sameorigin.
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
- enum:
- - ""
- - Deny
- - SameOrigin
- type: string
- xXSSProtection:
- description: Set the X-XSS-Protection header to all responses.
- Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
- type: string
- type: object
- http2:
- description: Enable HTTP/2 support. Note that HTTP/2 is only
- supported with TLS. When TLSConfig is not configured, HTTP/2
- will be disabled. Whenever the value of the field changes,
- a rolling update will be triggered.
- type: boolean
- type: object
- pageTitle:
- description: The prometheus web page title
- type: string
- tlsConfig:
- description: Defines the TLS parameters for HTTPS.
- properties:
- cert:
- description: Contains the TLS certificate for the server.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- cipherSuites:
- description: 'List of supported cipher suites for TLS versions
- up to TLS 1.2. If empty, Go default cipher suites are used.
- Available cipher suites are documented in the go documentation:
- https://golang.org/pkg/crypto/tls/#pkg-constants'
- items:
- type: string
- type: array
- client_ca:
- description: Contains the CA certificate for client certificate
- authentication to the server.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientAuthType:
- description: 'Server policy for client authentication. Maps
- to ClientAuth Policies. For more detail on clientAuth options:
- https://golang.org/pkg/crypto/tls/#ClientAuthType'
- type: string
- curvePreferences:
- description: 'Elliptic curves that will be used in an ECDHE
- handshake, in preference order. Available curves are documented
- in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID'
- items:
- type: string
- type: array
- keySecret:
- description: Secret containing the TLS key for the server.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- maxVersion:
- description: Maximum TLS version that is acceptable. Defaults
- to TLS13.
- type: string
- minVersion:
- description: Minimum TLS version that is acceptable. Defaults
- to TLS12.
- type: string
- preferServerCipherSuites:
- description: Controls whether the server selects the client's
- most preferred cipher suite, or the server's most preferred
- cipher suite. If true then the server's preference, as expressed
- in the order of elements in cipherSuites, is used.
- type: boolean
- required:
- - cert
- - keySecret
- type: object
- type: object
- type: object
- status:
- description: 'Most recent observed status of the Prometheus cluster. Read-only.
- More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- availableReplicas:
- description: Total number of available pods (ready for at least minReadySeconds)
- targeted by this Prometheus deployment.
- format: int32
- type: integer
- conditions:
- description: The current state of the Prometheus deployment.
- items:
- description: PrometheusCondition represents the state of the resources
- associated with the Prometheus resource.
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the time of the last update
- to the current status property.
- format: date-time
- type: string
- message:
- description: Human-readable message indicating details for the
- condition's last transition.
- type: string
- reason:
- description: Reason for the condition's last transition.
- type: string
- status:
- description: status of the condition.
- type: string
- type:
- description: Type of the condition being reported.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - type
- x-kubernetes-list-type: map
- paused:
- description: Represents whether any actions on the underlying managed
- objects are being performed. Only delete actions will be performed.
- type: boolean
- replicas:
- description: Total number of non-terminated pods targeted by this
- Prometheus deployment (their labels match the selector).
- format: int32
- type: integer
- shardStatuses:
- description: The list has one entry per shard. Each entry provides
- a summary of the shard status.
- items:
- properties:
- availableReplicas:
- description: Total number of available pods (ready for at least
- minReadySeconds) targeted by this shard.
- format: int32
- type: integer
- replicas:
- description: Total number of pods targeted by this shard.
- format: int32
- type: integer
- shardID:
- description: Identifier of the shard.
- type: string
- unavailableReplicas:
- description: Total number of unavailable pods targeted by this
- shard.
- format: int32
- type: integer
- updatedReplicas:
- description: Total number of non-terminated pods targeted by
- this shard that have the desired spec.
- format: int32
- type: integer
- required:
- - availableReplicas
- - replicas
- - shardID
- - unavailableReplicas
- - updatedReplicas
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - shardID
- x-kubernetes-list-type: map
- unavailableReplicas:
- description: Total number of unavailable pods targeted by this Prometheus
- deployment.
- format: int32
- type: integer
- updatedReplicas:
- description: Total number of non-terminated pods targeted by this
- Prometheus deployment that have the desired version spec.
- format: int32
- type: integer
- required:
- - availableReplicas
- - paused
- - replicas
- - unavailableReplicas
- - updatedReplicas
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
- subresources:
- status: {}
- ---
- ---
- apiVersion: apiextensions.k8s.io/v1
- kind: CustomResourceDefinition
- metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: prometheusrules.monitoring.coreos.com
- spec:
- group: monitoring.coreos.com
- names:
- categories:
- - prometheus-operator
- kind: PrometheusRule
- listKind: PrometheusRuleList
- plural: prometheusrules
- shortNames:
- - promrule
- singular: prometheusrule
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: PrometheusRule defines recording and alerting rules for a Prometheus
- instance
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Specification of desired alerting rule definitions for Prometheus.
- properties:
- groups:
- description: Content of Prometheus rule file
- items:
- description: 'RuleGroup is a list of sequentially evaluated recording
- and alerting rules. Note: PartialResponseStrategy is only used
- by ThanosRuler and will be ignored by Prometheus instances. Valid
- values for this field are ''warn'' or ''abort''. More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response'
- properties:
- interval:
- type: string
- name:
- type: string
- partial_response_strategy:
- type: string
- rules:
- items:
- description: 'Rule describes an alerting or recording rule
- See Prometheus documentation: [alerting](https://www.prometheus.io/docs/prometheus/latest/configuration/alerting_rules/)
- or [recording](https://www.prometheus.io/docs/prometheus/latest/configuration/recording_rules/#recording-rules)
- rule'
- properties:
- alert:
- type: string
- annotations:
- additionalProperties:
- type: string
- type: object
- expr:
- anyOf:
- - type: integer
- - type: string
- x-kubernetes-int-or-string: true
- for:
- type: string
- labels:
- additionalProperties:
- type: string
- type: object
- record:
- type: string
- required:
- - expr
- type: object
- type: array
- required:
- - name
- - rules
- type: object
- type: array
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
- ---
- ---
- apiVersion: apiextensions.k8s.io/v1
- kind: CustomResourceDefinition
- metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: servicemonitors.monitoring.coreos.com
- spec:
- group: monitoring.coreos.com
- names:
- categories:
- - prometheus-operator
- kind: ServiceMonitor
- listKind: ServiceMonitorList
- plural: servicemonitors
- shortNames:
- - smon
- singular: servicemonitor
- scope: Namespaced
- versions:
- - name: v1
- schema:
- openAPIV3Schema:
- description: ServiceMonitor defines monitoring for a set of services.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Specification of desired Service selection for target discovery
- by Prometheus.
- properties:
- endpoints:
- description: A list of endpoints allowed as part of this ServiceMonitor.
- items:
- description: Endpoint defines a scrapeable endpoint serving Prometheus
- metrics.
- properties:
- authorization:
- description: Authorization section for this endpoint
- properties:
- credentials:
- description: The secret's key that contains the credentials
- of the request
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type:
- description: Set the authentication type. Defaults to Bearer,
- Basic will cause an error
- type: string
- type: object
- basicAuth:
- description: 'BasicAuth allow an endpoint to authenticate over
- basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints'
- properties:
- password:
- description: The secret in the service monitor namespace
- that contains the password for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- username:
- description: The secret in the service monitor namespace
- that contains the username for authentication.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- bearerTokenFile:
- description: File to read bearer token for scraping targets.
- type: string
- bearerTokenSecret:
- description: Secret to mount to read bearer token for scraping
- targets. The secret needs to be in the same namespace as the
- service monitor and accessible by the Prometheus Operator.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- enableHttp2:
- description: Whether to enable HTTP2.
- type: boolean
- followRedirects:
- description: FollowRedirects configures whether scrape requests
- follow HTTP 3xx redirects.
- type: boolean
- honorLabels:
- description: HonorLabels chooses the metric's labels on collisions
- with target labels.
- type: boolean
- honorTimestamps:
- description: HonorTimestamps controls whether Prometheus respects
- the timestamps present in scraped data.
- type: boolean
- interval:
- description: Interval at which metrics should be scraped If
- not specified Prometheus' global scrape interval is used.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- metricRelabelings:
- description: MetricRelabelConfigs to apply to samples before
- ingestion.
- items:
- description: 'RelabelConfig allows dynamic rewriting of the
- label set, being applied to samples before ingestion. It
- defines `<metric_relabel_configs>`-section of Prometheus
- configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
- properties:
- action:
- default: replace
- description: Action to perform based on regex matching.
- Default is 'replace'. uppercase and lowercase actions
- require Prometheus >= 2.36.
- enum:
- - replace
- - Replace
- - keep
- - Keep
- - drop
- - Drop
- - hashmod
- - HashMod
- - labelmap
- - LabelMap
- - labeldrop
- - LabelDrop
- - labelkeep
- - LabelKeep
- - lowercase
- - Lowercase
- - uppercase
- - Uppercase
- type: string
- modulus:
- description: Modulus to take of the hash of the source
- label values.
- format: int64
- type: integer
- regex:
- description: Regular expression against which the extracted
- value is matched. Default is '(.*)'
- type: string
- replacement:
- description: Replacement value against which a regex replace
- is performed if the regular expression matches. Regex
- capture groups are available. Default is '$1'
- type: string
- separator:
- description: Separator placed between concatenated source
- label values. default is ';'.
- type: string
- sourceLabels:
- description: The source labels select values from existing
- labels. Their content is concatenated using the configured
- separator and matched against the configured regular
- expression for the replace, keep, and drop actions.
- items:
- description: LabelName is a valid Prometheus label name
- which may only contain ASCII letters, numbers, as
- well as underscores.
- pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
- type: string
- type: array
- targetLabel:
- description: Label to which the resulting value is written
- in a replace action. It is mandatory for replace actions.
- Regex capture groups are available.
- type: string
- type: object
- type: array
- oauth2:
- description: OAuth2 for the URL. Only valid in Prometheus versions
- 2.27.0 and newer.
- properties:
- clientId:
- description: The secret or configmap containing the OAuth2
- client id
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- clientSecret:
- description: The secret containing the OAuth2 client secret
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- endpointParams:
- additionalProperties:
- type: string
- description: Parameters to append to the token URL
- type: object
- scopes:
- description: OAuth2 scopes used for the token request
- items:
- type: string
- type: array
- tokenUrl:
- description: The URL to fetch the token from
- minLength: 1
- type: string
- required:
- - clientId
- - clientSecret
- - tokenUrl
- type: object
- params:
- additionalProperties:
- items:
- type: string
- type: array
- description: Optional HTTP URL parameters
- type: object
- path:
- description: HTTP path to scrape for metrics. If empty, Prometheus
- uses the default value (e.g. `/metrics`).
- type: string
- port:
- description: Name of the service port this endpoint refers to.
- Mutually exclusive with targetPort.
- type: string
- proxyUrl:
- description: ProxyURL eg http://proxyserver:2195 Directs scrapes
- to proxy through this endpoint.
- type: string
- relabelings:
- description: 'RelabelConfigs to apply to samples before scraping.
- Prometheus Operator automatically adds relabelings for a few
- standard Kubernetes fields. The original scrape job''s name
- is available via the `__tmp_prometheus_job_name` label. More
- info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
- items:
- description: 'RelabelConfig allows dynamic rewriting of the
- label set, being applied to samples before ingestion. It
- defines `<metric_relabel_configs>`-section of Prometheus
- configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
- properties:
- action:
- default: replace
- description: Action to perform based on regex matching.
- Default is 'replace'. uppercase and lowercase actions
- require Prometheus >= 2.36.
- enum:
- - replace
- - Replace
- - keep
- - Keep
- - drop
- - Drop
- - hashmod
- - HashMod
- - labelmap
- - LabelMap
- - labeldrop
- - LabelDrop
- - labelkeep
- - LabelKeep
- - lowercase
- - Lowercase
- - uppercase
- - Uppercase
- type: string
- modulus:
- description: Modulus to take of the hash of the source
- label values.
- format: int64
- type: integer
- regex:
- description: Regular expression against which the extracted
- value is matched. Default is '(.*)'
- type: string
- replacement:
- description: Replacement value against which a regex replace
- is performed if the regular expression matches. Regex
- capture groups are available. Default is '$1'
- type: string
- separator:
- description: Separator placed between concatenated source
- label values. default is ';'.
- type: string
- sourceLabels:
- description: The source labels select values from existing
- labels. Their content is concatenated using the configured
- separator and matched against the configured regular
- expression for the replace, keep, and drop actions.
- items:
- description: LabelName is a valid Prometheus label name
- which may only contain ASCII letters, numbers, as
- well as underscores.
- pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
- type: string
- type: array
- targetLabel:
- description: Label to which the resulting value is written
- in a replace action. It is mandatory for replace actions.
- Regex capture groups are available.
- type: string
- type: object
- type: array
- scheme:
- description: HTTP scheme to use for scraping.
- type: string
- scrapeTimeout:
- description: Timeout after which the scrape is ended If not
- specified, the Prometheus global scrape timeout is used unless
- it is less than `Interval` in which the latter is used.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- targetPort:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the target port of the Pod behind
- the Service, the port must be specified with container port
- property. Mutually exclusive with port.
- x-kubernetes-int-or-string: true
- tlsConfig:
- description: TLS configuration to use when scraping the endpoint
- properties:
- ca:
- description: Struct containing the CA cert to use for the
- targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- caFile:
- description: Path to the CA cert in the Prometheus container
- to use for the targets.
- type: string
- cert:
- description: Struct containing the client cert file for
- the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the
- targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- certFile:
- description: Path to the client cert file in the Prometheus
- container for the targets.
- type: string
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keyFile:
- description: Path to the client key file in the Prometheus
- container for the targets.
- type: string
- keySecret:
- description: Secret containing the client key file for the
- targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- type: object
- type: array
- jobLabel:
- description: "JobLabel selects the label from the associated Kubernetes
- service which will be used as the `job` label for all metrics. \n
- For example: If in `ServiceMonitor.spec.jobLabel: foo` and in `Service.metadata.labels.foo:
- bar`, then the `job=\"bar\"` label is added to all metrics. \n If
- the value of this field is empty or if the label doesn't exist for
- the given Service, the `job` label of the metrics defaults to the
- name of the Kubernetes Service."
- type: string
- labelLimit:
- description: Per-scrape limit on number of labels that will be accepted
- for a sample. Only valid in Prometheus versions 2.27.0 and newer.
- format: int64
- type: integer
- labelNameLengthLimit:
- description: Per-scrape limit on length of labels name that will be
- accepted for a sample. Only valid in Prometheus versions 2.27.0
- and newer.
- format: int64
- type: integer
- labelValueLengthLimit:
- description: Per-scrape limit on length of labels value that will
- be accepted for a sample. Only valid in Prometheus versions 2.27.0
- and newer.
- format: int64
- type: integer
- namespaceSelector:
- description: Selector to select which namespaces the Kubernetes Endpoints
- objects are discovered from.
- properties:
- any:
- description: Boolean describing whether all namespaces are selected
- in contrast to a list restricting them.
- type: boolean
- matchNames:
- description: List of namespace names to select from.
- items:
- type: string
- type: array
- type: object
- podTargetLabels:
- description: PodTargetLabels transfers labels on the Kubernetes `Pod`
- onto the created metrics.
- items:
- type: string
- type: array
- sampleLimit:
- description: SampleLimit defines per-scrape limit on number of scraped
- samples that will be accepted.
- format: int64
- type: integer
- selector:
- description: Selector to select Endpoints objects.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- targetLabels:
- description: TargetLabels transfers labels from the Kubernetes `Service`
- onto the created metrics.
- items:
- type: string
- type: array
- targetLimit:
- description: TargetLimit defines a limit on the number of scraped
- targets that will be accepted.
- format: int64
- type: integer
- required:
- - endpoints
- - selector
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
- ---
- ---
- apiVersion: apiextensions.k8s.io/v1
- kind: CustomResourceDefinition
- metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.9.2
- creationTimestamp: null
- name: thanosrulers.monitoring.coreos.com
- spec:
- group: monitoring.coreos.com
- names:
- categories:
- - prometheus-operator
- kind: ThanosRuler
- listKind: ThanosRulerList
- plural: thanosrulers
- shortNames:
- - ruler
- singular: thanosruler
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: The desired replicas number of Thanos Rulers
- jsonPath: .spec.replicas
- name: Replicas
- type: integer
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1
- schema:
- openAPIV3Schema:
- description: ThanosRuler defines a ThanosRuler deployment.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: 'Specification of the desired behavior of the ThanosRuler
- cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- affinity:
- description: If specified, the pod's scheduling constraints.
- properties:
- nodeAffinity:
- description: Describes node affinity scheduling rules for the
- pod.
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to
- nodes that satisfy the affinity expressions specified by
- this field, but it may choose a node that violates one or
- more of the expressions. The node that is most preferred
- is the one with the greatest sum of weights, i.e. for each
- node that meets all of the scheduling requirements (resource
- request, requiredDuringScheduling affinity expressions,
- etc.), compute a sum by iterating through the elements of
- this field and adding "weight" to the sum if the node matches
- the corresponding matchExpressions; the node(s) with the
- highest sum are the most preferred.
- items:
- description: An empty preferred scheduling term matches
- all objects with implicit weight 0 (i.e. it's a no-op).
- A null preferred scheduling term matches no objects (i.e.
- is also a no-op).
- properties:
- preference:
- description: A node selector term, associated with the
- corresponding weight.
- properties:
- matchExpressions:
- description: A list of node selector requirements
- by node's labels.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchFields:
- description: A list of node selector requirements
- by node's fields.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- type: object
- x-kubernetes-map-type: atomic
- weight:
- description: Weight associated with matching the corresponding
- nodeSelectorTerm, in the range 1-100.
- format: int32
- type: integer
- required:
- - preference
- - weight
- type: object
- type: array
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this
- field are not met at scheduling time, the pod will not be
- scheduled onto the node. If the affinity requirements specified
- by this field cease to be met at some point during pod execution
- (e.g. due to an update), the system may or may not try to
- eventually evict the pod from its node.
- properties:
- nodeSelectorTerms:
- description: Required. A list of node selector terms.
- The terms are ORed.
- items:
- description: A null or empty node selector term matches
- no objects. The requirements of them are ANDed. The
- TopologySelectorTerm type implements a subset of the
- NodeSelectorTerm.
- properties:
- matchExpressions:
- description: A list of node selector requirements
- by node's labels.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchFields:
- description: A list of node selector requirements
- by node's fields.
- items:
- description: A node selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: The label key that the selector
- applies to.
- type: string
- operator:
- description: Represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists, DoesNotExist. Gt, and
- Lt.
- type: string
- values:
- description: An array of string values. If
- the operator is In or NotIn, the values
- array must be non-empty. If the operator
- is Exists or DoesNotExist, the values array
- must be empty. If the operator is Gt or
- Lt, the values array must have a single
- element, which will be interpreted as an
- integer. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- type: object
- x-kubernetes-map-type: atomic
- type: array
- required:
- - nodeSelectorTerms
- type: object
- x-kubernetes-map-type: atomic
- type: object
- podAffinity:
- description: Describes pod affinity scheduling rules (e.g. co-locate
- this pod in the same node, zone, etc. as some other pod(s)).
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to
- nodes that satisfy the affinity expressions specified by
- this field, but it may choose a node that violates one or
- more of the expressions. The node that is most preferred
- is the one with the greatest sum of weights, i.e. for each
- node that meets all of the scheduling requirements (resource
- request, requiredDuringScheduling affinity expressions,
- etc.), compute a sum by iterating through the elements of
- this field and adding "weight" to the sum if the node has
- pods which matches the corresponding podAffinityTerm; the
- node(s) with the highest sum are the most preferred.
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm
- fields are added per-node to find the most preferred node(s)
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated
- with the corresponding weight.
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied
- to the union of the namespaces selected by this
- field and the ones listed in the namespaces field.
- null selector and null or empty namespaces list
- means "this pod's namespace". An empty selector
- ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list
- of namespace names that the term applies to. The
- term is applied to the union of the namespaces
- listed in this field and the ones selected by
- namespaceSelector. null or empty namespaces list
- and null namespaceSelector means "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods
- matching the labelSelector in the specified namespaces,
- where co-located is defined as running on a node
- whose value of the label with key topologyKey
- matches that of any node on which any of the selected
- pods is running. Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- weight:
- description: weight associated with matching the corresponding
- podAffinityTerm, in the range 1-100.
- format: int32
- type: integer
- required:
- - podAffinityTerm
- - weight
- type: object
- type: array
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the affinity requirements specified by this
- field are not met at scheduling time, the pod will not be
- scheduled onto the node. If the affinity requirements specified
- by this field cease to be met at some point during pod execution
- (e.g. due to a pod label update), the system may or may
- not try to eventually evict the pod from its node. When
- there are multiple elements, the lists of nodes corresponding
- to each podAffinityTerm are intersected, i.e. all terms
- must be satisfied.
- items:
- description: Defines a set of pods (namely those matching
- the labelSelector relative to the given namespace(s))
- that this pod should be co-located (affinity) or not co-located
- (anti-affinity) with, where co-located is defined as running
- on a node whose value of the label with key <topologyKey>
- matches that of any node on which a pod of the set of
- pods is running
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied to the
- union of the namespaces selected by this field and
- the ones listed in the namespaces field. null selector
- and null or empty namespaces list means "this pod's
- namespace". An empty selector ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace
- names that the term applies to. The term is applied
- to the union of the namespaces listed in this field
- and the ones selected by namespaceSelector. null or
- empty namespaces list and null namespaceSelector means
- "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods matching
- the labelSelector in the specified namespaces, where
- co-located is defined as running on a node whose value
- of the label with key topologyKey matches that of
- any node on which any of the selected pods is running.
- Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- type: array
- type: object
- podAntiAffinity:
- description: Describes pod anti-affinity scheduling rules (e.g.
- avoid putting this pod in the same node, zone, etc. as some
- other pod(s)).
- properties:
- preferredDuringSchedulingIgnoredDuringExecution:
- description: The scheduler will prefer to schedule pods to
- nodes that satisfy the anti-affinity expressions specified
- by this field, but it may choose a node that violates one
- or more of the expressions. The node that is most preferred
- is the one with the greatest sum of weights, i.e. for each
- node that meets all of the scheduling requirements (resource
- request, requiredDuringScheduling anti-affinity expressions,
- etc.), compute a sum by iterating through the elements of
- this field and adding "weight" to the sum if the node has
- pods which matches the corresponding podAffinityTerm; the
- node(s) with the highest sum are the most preferred.
- items:
- description: The weights of all of the matched WeightedPodAffinityTerm
- fields are added per-node to find the most preferred node(s)
- properties:
- podAffinityTerm:
- description: Required. A pod affinity term, associated
- with the corresponding weight.
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied
- to the union of the namespaces selected by this
- field and the ones listed in the namespaces field.
- null selector and null or empty namespaces list
- means "this pod's namespace". An empty selector
- ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list
- of namespace names that the term applies to. The
- term is applied to the union of the namespaces
- listed in this field and the ones selected by
- namespaceSelector. null or empty namespaces list
- and null namespaceSelector means "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods
- matching the labelSelector in the specified namespaces,
- where co-located is defined as running on a node
- whose value of the label with key topologyKey
- matches that of any node on which any of the selected
- pods is running. Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- weight:
- description: weight associated with matching the corresponding
- podAffinityTerm, in the range 1-100.
- format: int32
- type: integer
- required:
- - podAffinityTerm
- - weight
- type: object
- type: array
- requiredDuringSchedulingIgnoredDuringExecution:
- description: If the anti-affinity requirements specified by
- this field are not met at scheduling time, the pod will
- not be scheduled onto the node. If the anti-affinity requirements
- specified by this field cease to be met at some point during
- pod execution (e.g. due to a pod label update), the system
- may or may not try to eventually evict the pod from its
- node. When there are multiple elements, the lists of nodes
- corresponding to each podAffinityTerm are intersected, i.e.
- all terms must be satisfied.
- items:
- description: Defines a set of pods (namely those matching
- the labelSelector relative to the given namespace(s))
- that this pod should be co-located (affinity) or not co-located
- (anti-affinity) with, where co-located is defined as running
- on a node whose value of the label with key <topologyKey>
- matches that of any node on which a pod of the set of
- pods is running
- properties:
- labelSelector:
- description: A label query over a set of resources,
- in this case pods.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaceSelector:
- description: A label query over the set of namespaces
- that the term applies to. The term is applied to the
- union of the namespaces selected by this field and
- the ones listed in the namespaces field. null selector
- and null or empty namespaces list means "this pod's
- namespace". An empty selector ({}) matches all namespaces.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a
- selector that contains values, a key, and an
- operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are
- In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If the
- operator is Exists or DoesNotExist, the
- values array must be empty. This array is
- replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value". The
- requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- namespaces:
- description: namespaces specifies a static list of namespace
- names that the term applies to. The term is applied
- to the union of the namespaces listed in this field
- and the ones selected by namespaceSelector. null or
- empty namespaces list and null namespaceSelector means
- "this pod's namespace".
- items:
- type: string
- type: array
- topologyKey:
- description: This pod should be co-located (affinity)
- or not co-located (anti-affinity) with the pods matching
- the labelSelector in the specified namespaces, where
- co-located is defined as running on a node whose value
- of the label with key topologyKey matches that of
- any node on which any of the selected pods is running.
- Empty topologyKey is not allowed.
- type: string
- required:
- - topologyKey
- type: object
- type: array
- type: object
- type: object
- alertDropLabels:
- description: AlertDropLabels configure the label names which should
- be dropped in ThanosRuler alerts. The replica label `thanos_ruler_replica`
- will always be dropped in alerts.
- items:
- type: string
- type: array
- alertQueryUrl:
- description: The external Query URL the Thanos Ruler will set in the
- 'Source' field of all alerts. Maps to the '--alert.query-url' CLI
- arg.
- type: string
- alertRelabelConfigFile:
- description: AlertRelabelConfigFile specifies the path of the alert
- relabeling configuration file. When used alongside with AlertRelabelConfigs,
- alertRelabelConfigFile takes precedence.
- type: string
- alertRelabelConfigs:
- description: 'AlertRelabelConfigs configures alert relabeling in ThanosRuler.
- Alert relabel configurations must have the form as specified in
- the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs
- Alternative to AlertRelabelConfigFile, and lower order priority.'
- properties:
- key:
- description: The key of the secret to select from. Must be a
- valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- alertmanagersConfig:
- description: Define configuration for connecting to alertmanager. Only
- available with thanos v0.10.0 and higher. Maps to the `alertmanagers.config`
- arg.
- properties:
- key:
- description: The key of the secret to select from. Must be a
- valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- alertmanagersUrl:
- description: 'Define URLs to send alerts to Alertmanager. For Thanos
- v0.10.0 and higher, AlertManagersConfig should be used instead. Note:
- this field will be ignored if AlertManagersConfig is specified.
- Maps to the `alertmanagers.url` arg.'
- items:
- type: string
- type: array
- containers:
- description: 'Containers allows injecting additional containers or
- modifying operator generated containers. This can be used to allow
- adding an authentication proxy to a ThanosRuler pod or to change
- the behavior of an operator generated container. Containers described
- here modify an operator generated container if they share the same
- name and modifications are done via a strategic merge patch. The
- current container names are: `thanos-ruler` and `config-reloader`.
- Overriding containers is entirely outside the scope of what the
- maintainers will support and by doing so, you accept that this behaviour
- may break at any time without notice.'
- items:
- description: A single application container that you want to run
- within a pod.
- properties:
- args:
- description: 'Arguments to the entrypoint. The container image''s
- CMD is used if this is not provided. Variable references $(VAR_NAME)
- are expanded using the container''s environment. If a variable
- cannot be resolved, the reference in the input string will
- be unchanged. Double $$ are reduced to a single $, which allows
- for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references
- will never be expanded, regardless of whether the variable
- exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- command:
- description: 'Entrypoint array. Not executed within a shell.
- The container image''s ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container''s
- environment. If a variable cannot be resolved, the reference
- in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax:
- i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether
- the variable exists or not. Cannot be updated. More info:
- https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- env:
- description: List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment variable present
- in a Container.
- properties:
- name:
- description: Name of the environment variable. Must be
- a C_IDENTIFIER.
- type: string
- value:
- description: 'Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in
- the container and any service environment variables.
- If a variable cannot be resolved, the reference in the
- input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME)
- syntax: i.e. "$$(VAR_NAME)" will produce the string
- literal "$(VAR_NAME)". Escaped references will never
- be expanded, regardless of whether the variable exists
- or not. Defaults to "".'
- type: string
- valueFrom:
- description: Source for the environment variable's value.
- Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: 'Selects a field of the pod: supports
- metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
- `metadata.annotations[''<KEY>'']`, spec.nodeName,
- spec.serviceAccountName, status.hostIP, status.podIP,
- status.podIPs.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select in the
- specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, limits.ephemeral-storage, requests.cpu,
- requests.memory and requests.ephemeral-storage)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for volumes,
- optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format of the
- exposed resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret in the pod's
- namespace
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: List of sources to populate environment variables
- in the container. The keys defined within a source must be
- a C_IDENTIFIER. All invalid keys will be reported as an event
- when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take
- precedence. Values defined by an Env with a duplicate key
- will take precedence. Cannot be updated.
- items:
- description: EnvFromSource represents the source of a set
- of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap must be
- defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend to each
- key in the ConfigMap. Must be a C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
- This field is optional to allow higher level config management
- to default or override container images in workload controllers
- like Deployments and StatefulSets.'
- type: string
- imagePullPolicy:
- description: 'Image pull policy. One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent
- otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- type: string
- lifecycle:
- description: Actions that the management system should take
- in response to container lifecycle events. Cannot be updated.
- properties:
- postStart:
- description: 'PostStart is called immediately after a container
- is created. If the handler fails, the container is terminated
- and restarted according to its restart policy. Other management
- of the container blocks until the hook completes. More
- info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: 'PreStop is called immediately before a container
- is terminated due to an API request or management event
- such as liveness/startup probe failure, preemption, resource
- contention, etc. The handler is not called if the container
- crashes or exits. The Pod''s termination grace period
- countdown begins before the PreStop hook is executed.
- Regardless of the outcome of the handler, the container
- will eventually terminate within the Pod''s termination
- grace period (unless delayed by finalizers). Other management
- of the container blocks until the hook completes or until
- the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: 'Periodic probe of container liveness. Container
- will be restarted if the probe fails. Cannot be updated. More
- info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- name:
- description: Name of the container specified as a DNS_LABEL.
- Each container in a pod must have a unique name (DNS_LABEL).
- Cannot be updated.
- type: string
- ports:
- description: List of ports to expose from the container. Exposing
- a port here gives the system additional information about
- the network connections a container uses, but is primarily
- informational. Not specifying a port here DOES NOT prevent
- that port from being exposed. Any port which is listening
- on the default "0.0.0.0" address inside a container will be
- accessible from the network. Cannot be updated.
- items:
- description: ContainerPort represents a network port in a
- single container.
- properties:
- containerPort:
- description: Number of port to expose on the pod's IP
- address. This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external port to.
- type: string
- hostPort:
- description: Number of port to expose on the host. If
- specified, this must be a valid port number, 0 < x <
- 65536. If HostNetwork is specified, this must match
- ContainerPort. Most containers do not need this.
- format: int32
- type: integer
- name:
- description: If specified, this must be an IANA_SVC_NAME
- and unique within the pod. Each named port in a pod
- must have a unique name. Name for the port that can
- be referred to by services.
- type: string
- protocol:
- default: TCP
- description: Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: 'Periodic probe of container service readiness.
- Container will be removed from service endpoints if the probe
- fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- resources:
- description: 'Compute Resources required by this container.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- securityContext:
- description: 'SecurityContext defines the security options the
- container should be run with. If set, the fields of SecurityContext
- override the equivalent fields of PodSecurityContext. More
- info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
- properties:
- allowPrivilegeEscalation:
- description: 'AllowPrivilegeEscalation controls whether
- a process can gain more privileges than its parent process.
- This bool directly controls if the no_new_privs flag will
- be set on the container process. AllowPrivilegeEscalation
- is true always when the container is: 1) run as Privileged
- 2) has CAP_SYS_ADMIN Note that this field cannot be set
- when spec.os.name is windows.'
- type: boolean
- capabilities:
- description: The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by
- the container runtime. Note that this field cannot be
- set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- type: object
- privileged:
- description: Run container in privileged mode. Processes
- in privileged containers are essentially equivalent to
- root on the host. Defaults to false. Note that this field
- cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: procMount denotes the type of proc mount to
- use for the containers. The default is DefaultProcMount
- which uses the container runtime defaults for readonly
- paths and masked paths. This requires the ProcMountType
- feature flag to be enabled. Note that this field cannot
- be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: Whether this container has a read-only root
- filesystem. Default is false. Note that this field cannot
- be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: The GID to run the entrypoint of the container
- process. Uses runtime default if unset. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: Indicates that the container must run as a
- non-root user. If true, the Kubelet will validate the
- image at runtime to ensure that it does not run as UID
- 0 (root) and fail to start the container if it does. If
- unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both
- SecurityContext and PodSecurityContext, the value specified
- in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: The UID to run the entrypoint of the container
- process. Defaults to user specified in image metadata
- if unspecified. May also be set in PodSecurityContext. If
- set in both SecurityContext and PodSecurityContext, the
- value specified in SecurityContext takes precedence. Note
- that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a
- random SELinux context for each container. May also be
- set in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that applies
- to the container.
- type: string
- role:
- description: Role is a SELinux role label that applies
- to the container.
- type: string
- type:
- description: Type is a SELinux type label that applies
- to the container.
- type: string
- user:
- description: User is a SELinux user label that applies
- to the container.
- type: string
- type: object
- seccompProfile:
- description: The seccomp options to use by this container.
- If seccomp options are provided at both the pod & container
- level, the container options override the pod options.
- Note that this field cannot be set when spec.os.name is
- windows.
- properties:
- localhostProfile:
- description: localhostProfile indicates a profile defined
- in a file on the node should be used. The profile
- must be preconfigured on the node to work. Must be
- a descending path, relative to the kubelet's configured
- seccomp profile location. Must only be set if type
- is "Localhost".
- type: string
- type:
- description: "type indicates which kind of seccomp profile
- will be applied. Valid options are: \n Localhost -
- a profile defined in a file on the node should be
- used. RuntimeDefault - the container runtime default
- profile should be used. Unconfined - no profile should
- be applied."
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: The Windows specific settings applied to all
- containers. If unspecified, the options from the PodSecurityContext
- will be used. If set in both SecurityContext and PodSecurityContext,
- the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is
- linux.
- properties:
- gmsaCredentialSpec:
- description: GMSACredentialSpec is where the GMSA admission
- webhook (https://github.com/kubernetes-sigs/windows-gmsa)
- inlines the contents of the GMSA credential spec named
- by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name of the
- GMSA credential spec to use.
- type: string
- hostProcess:
- description: HostProcess determines if a container should
- be run as a 'Host Process' container. This field is
- alpha-level and will only be honored by components
- that enable the WindowsHostProcessContainers feature
- flag. Setting this field without the feature flag
- will result in errors when validating the Pod. All
- of a Pod's containers must have the same effective
- HostProcess value (it is not allowed to have a mix
- of HostProcess containers and non-HostProcess containers). In
- addition, if HostProcess is true then HostNetwork
- must also be set to true.
- type: boolean
- runAsUserName:
- description: The UserName in Windows to run the entrypoint
- of the container process. Defaults to the user specified
- in image metadata if unspecified. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: 'StartupProbe indicates that the Pod has successfully
- initialized. If specified, no other probes are executed until
- this completes successfully. If this probe fails, the Pod
- will be restarted, just as if the livenessProbe failed. This
- can be used to provide different probe parameters at the beginning
- of a Pod''s lifecycle, when it might take a long time to load
- data or warm a cache, than during steady-state operation.
- This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- stdin:
- description: Whether this container should allocate a buffer
- for stdin in the container runtime. If this is not set, reads
- from stdin in the container will always result in EOF. Default
- is false.
- type: boolean
- stdinOnce:
- description: Whether the container runtime should close the
- stdin channel after it has been opened by a single attach.
- When stdin is true the stdin stream will remain open across
- multiple attach sessions. If stdinOnce is set to true, stdin
- is opened on container start, is empty until the first client
- attaches to stdin, and then remains open and accepts data
- until the client disconnects, at which time stdin is closed
- and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin
- will never receive an EOF. Default is false
- type: boolean
- terminationMessagePath:
- description: 'Optional: Path at which the file to which the
- container''s termination message will be written is mounted
- into the container''s filesystem. Message written is intended
- to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes.
- The total message length across all containers will be limited
- to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
- type: string
- terminationMessagePolicy:
- description: Indicate how the termination message should be
- populated. File will use the contents of terminationMessagePath
- to populate the container status message on both success and
- failure. FallbackToLogsOnError will use the last chunk of
- container log output if the termination message file is empty
- and the container exited with an error. The log output is
- limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
- to File. Cannot be updated.
- type: string
- tty:
- description: Whether this container should allocate a TTY for
- itself, also requires 'stdin' to be true. Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block devices to be
- used by the container.
- items:
- description: volumeDevice describes a mapping of a raw block
- device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside of the container
- that the device will be mapped to.
- type: string
- name:
- description: name must match the name of a persistentVolumeClaim
- in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: Pod volumes to mount into the container's filesystem.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting of a Volume
- within a container.
- properties:
- mountPath:
- description: Path within the container at which the volume
- should be mounted. Must not contain ':'.
- type: string
- mountPropagation:
- description: mountPropagation determines how mounts are
- propagated from the host to container and the other
- way around. When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: Mounted read-only if true, read-write otherwise
- (false or unspecified). Defaults to false.
- type: boolean
- subPath:
- description: Path within the volume from which the container's
- volume should be mounted. Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: Expanded path within the volume from which
- the container's volume should be mounted. Behaves similarly
- to SubPath but environment variable references $(VAR_NAME)
- are expanded using the container's environment. Defaults
- to "" (volume's root). SubPathExpr and SubPath are mutually
- exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: Container's working directory. If not specified,
- the container runtime's default will be used, which might
- be configured in the container image. Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- enforcedNamespaceLabel:
- description: EnforcedNamespaceLabel enforces adding a namespace label
- of origin for each alert and metric that is user created. The label
- value will always be the namespace of the object that is being created.
- type: string
- evaluationInterval:
- default: 15s
- description: Interval between consecutive evaluations.
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- excludedFromEnforcement:
- description: List of references to PrometheusRule objects to be excluded
- from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel
- set to true.
- items:
- description: ObjectReference references a PodMonitor, ServiceMonitor,
- Probe or PrometheusRule object.
- properties:
- group:
- default: monitoring.coreos.com
- description: Group of the referent. When not specified, it defaults
- to `monitoring.coreos.com`
- enum:
- - monitoring.coreos.com
- type: string
- name:
- description: Name of the referent. When not set, all resources
- are matched.
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- minLength: 1
- type: string
- resource:
- description: Resource of the referent.
- enum:
- - prometheusrules
- - servicemonitors
- - podmonitors
- - probes
- type: string
- required:
- - namespace
- - resource
- type: object
- type: array
- externalPrefix:
- description: The external URL the Thanos Ruler instances will be available
- under. This is necessary to generate correct URLs. This is necessary
- if Thanos Ruler is not served from root of a DNS name.
- type: string
- grpcServerTlsConfig:
- description: 'GRPCServerTLSConfig configures the gRPC server from
- which Thanos Querier reads recorded rule data. Note: Currently only
- the CAFile, CertFile, and KeyFile fields are supported. Maps to
- the ''--grpc-server-tls-*'' CLI args.'
- properties:
- ca:
- description: Struct containing the CA cert to use for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- caFile:
- description: Path to the CA cert in the Prometheus container to
- use for the targets.
- type: string
- cert:
- description: Struct containing the client cert file for the targets.
- properties:
- configMap:
- description: ConfigMap containing data to use for the targets.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or its key
- must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- secret:
- description: Secret containing data to use for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must
- be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- certFile:
- description: Path to the client cert file in the Prometheus container
- for the targets.
- type: string
- insecureSkipVerify:
- description: Disable target certificate validation.
- type: boolean
- keyFile:
- description: Path to the client key file in the Prometheus container
- for the targets.
- type: string
- keySecret:
- description: Secret containing the client key file for the targets.
- properties:
- key:
- description: The key of the secret to select from. Must be
- a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be
- defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- serverName:
- description: Used to verify the hostname for the targets.
- type: string
- type: object
- hostAliases:
- description: Pods' hostAliases configuration
- items:
- description: HostAlias holds the mapping between IP and hostnames
- that will be injected as an entry in the pod's hosts file.
- properties:
- hostnames:
- description: Hostnames for the above IP address.
- items:
- type: string
- type: array
- ip:
- description: IP address of the host file entry.
- type: string
- required:
- - hostnames
- - ip
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - ip
- x-kubernetes-list-type: map
- image:
- description: Thanos container image URL.
- type: string
- imagePullSecrets:
- description: An optional list of references to secrets in the same
- namespace to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod
- items:
- description: LocalObjectReference contains enough information to
- let you locate the referenced object inside the same namespace.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- type: array
- initContainers:
- description: 'InitContainers allows adding initContainers to the pod
- definition. Those can be used to e.g. fetch secrets for injection
- into the ThanosRuler configuration from external sources. Any errors
- during the execution of an initContainer will lead to a restart
- of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
- Using initContainers for any use case other then secret fetching
- is entirely outside the scope of what the maintainers will support
- and by doing so, you accept that this behaviour may break at any
- time without notice.'
- items:
- description: A single application container that you want to run
- within a pod.
- properties:
- args:
- description: 'Arguments to the entrypoint. The container image''s
- CMD is used if this is not provided. Variable references $(VAR_NAME)
- are expanded using the container''s environment. If a variable
- cannot be resolved, the reference in the input string will
- be unchanged. Double $$ are reduced to a single $, which allows
- for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
- produce the string literal "$(VAR_NAME)". Escaped references
- will never be expanded, regardless of whether the variable
- exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- command:
- description: 'Entrypoint array. Not executed within a shell.
- The container image''s ENTRYPOINT is used if this is not provided.
- Variable references $(VAR_NAME) are expanded using the container''s
- environment. If a variable cannot be resolved, the reference
- in the input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME) syntax:
- i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
- Escaped references will never be expanded, regardless of whether
- the variable exists or not. Cannot be updated. More info:
- https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
- items:
- type: string
- type: array
- env:
- description: List of environment variables to set in the container.
- Cannot be updated.
- items:
- description: EnvVar represents an environment variable present
- in a Container.
- properties:
- name:
- description: Name of the environment variable. Must be
- a C_IDENTIFIER.
- type: string
- value:
- description: 'Variable references $(VAR_NAME) are expanded
- using the previously defined environment variables in
- the container and any service environment variables.
- If a variable cannot be resolved, the reference in the
- input string will be unchanged. Double $$ are reduced
- to a single $, which allows for escaping the $(VAR_NAME)
- syntax: i.e. "$$(VAR_NAME)" will produce the string
- literal "$(VAR_NAME)". Escaped references will never
- be expanded, regardless of whether the variable exists
- or not. Defaults to "".'
- type: string
- valueFrom:
- description: Source for the environment variable's value.
- Cannot be used if value is not empty.
- properties:
- configMapKeyRef:
- description: Selects a key of a ConfigMap.
- properties:
- key:
- description: The key to select.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap or
- its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- fieldRef:
- description: 'Selects a field of the pod: supports
- metadata.name, metadata.namespace, `metadata.labels[''<KEY>'']`,
- `metadata.annotations[''<KEY>'']`, spec.nodeName,
- spec.serviceAccountName, status.hostIP, status.podIP,
- status.podIPs.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select in the
- specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, limits.ephemeral-storage, requests.cpu,
- requests.memory and requests.ephemeral-storage)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for volumes,
- optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format of the
- exposed resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- secretKeyRef:
- description: Selects a key of a secret in the pod's
- namespace
- properties:
- key:
- description: The key of the secret to select from. Must
- be a valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret or its
- key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- type: object
- required:
- - name
- type: object
- type: array
- envFrom:
- description: List of sources to populate environment variables
- in the container. The keys defined within a source must be
- a C_IDENTIFIER. All invalid keys will be reported as an event
- when the container is starting. When a key exists in multiple
- sources, the value associated with the last source will take
- precedence. Values defined by an Env with a duplicate key
- will take precedence. Cannot be updated.
- items:
- description: EnvFromSource represents the source of a set
- of ConfigMaps
- properties:
- configMapRef:
- description: The ConfigMap to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the ConfigMap must be
- defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- prefix:
- description: An optional identifier to prepend to each
- key in the ConfigMap. Must be a C_IDENTIFIER.
- type: string
- secretRef:
- description: The Secret to select from
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: Specify whether the Secret must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- type: object
- type: array
- image:
- description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
- This field is optional to allow higher level config management
- to default or override container images in workload controllers
- like Deployments and StatefulSets.'
- type: string
- imagePullPolicy:
- description: 'Image pull policy. One of Always, Never, IfNotPresent.
- Defaults to Always if :latest tag is specified, or IfNotPresent
- otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
- type: string
- lifecycle:
- description: Actions that the management system should take
- in response to container lifecycle events. Cannot be updated.
- properties:
- postStart:
- description: 'PostStart is called immediately after a container
- is created. If the handler fails, the container is terminated
- and restarted according to its restart policy. Other management
- of the container blocks until the hook completes. More
- info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- preStop:
- description: 'PreStop is called immediately before a container
- is terminated due to an API request or management event
- such as liveness/startup probe failure, preemption, resource
- contention, etc. The handler is not called if the container
- crashes or exits. The Pod''s termination grace period
- countdown begins before the PreStop hook is executed.
- Regardless of the outcome of the handler, the container
- will eventually terminate within the Pod''s termination
- grace period (unless delayed by finalizers). Other management
- of the container blocks until the hook completes or until
- the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for
- the command is root ('/') in the container's
- filesystem. The command is simply exec'd, it is
- not run inside a shell, so traditional shell instructions
- ('|', etc) won't work. To use a shell, you need
- to explicitly call out to that shell. Exit status
- of 0 is treated as live/healthy and non-zero is
- unhealthy.
- items:
- type: string
- type: array
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to
- the pod IP. You probably want to set "Host" in
- httpHeaders instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request.
- HTTP allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the
- host. Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- tcpSocket:
- description: Deprecated. TCPSocket is NOT supported
- as a LifecycleHandler and kept for the backward compatibility.
- There are no validation of this field and lifecycle
- hooks will fail in runtime when tcp handler is specified.
- properties:
- host:
- description: 'Optional: Host name to connect to,
- defaults to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access
- on the container. Number must be in the range
- 1 to 65535. Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- type: object
- type: object
- livenessProbe:
- description: 'Periodic probe of container liveness. Container
- will be restarted if the probe fails. Cannot be updated. More
- info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- name:
- description: Name of the container specified as a DNS_LABEL.
- Each container in a pod must have a unique name (DNS_LABEL).
- Cannot be updated.
- type: string
- ports:
- description: List of ports to expose from the container. Exposing
- a port here gives the system additional information about
- the network connections a container uses, but is primarily
- informational. Not specifying a port here DOES NOT prevent
- that port from being exposed. Any port which is listening
- on the default "0.0.0.0" address inside a container will be
- accessible from the network. Cannot be updated.
- items:
- description: ContainerPort represents a network port in a
- single container.
- properties:
- containerPort:
- description: Number of port to expose on the pod's IP
- address. This must be a valid port number, 0 < x < 65536.
- format: int32
- type: integer
- hostIP:
- description: What host IP to bind the external port to.
- type: string
- hostPort:
- description: Number of port to expose on the host. If
- specified, this must be a valid port number, 0 < x <
- 65536. If HostNetwork is specified, this must match
- ContainerPort. Most containers do not need this.
- format: int32
- type: integer
- name:
- description: If specified, this must be an IANA_SVC_NAME
- and unique within the pod. Each named port in a pod
- must have a unique name. Name for the port that can
- be referred to by services.
- type: string
- protocol:
- default: TCP
- description: Protocol for port. Must be UDP, TCP, or SCTP.
- Defaults to "TCP".
- type: string
- required:
- - containerPort
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - containerPort
- - protocol
- x-kubernetes-list-type: map
- readinessProbe:
- description: 'Periodic probe of container service readiness.
- Container will be removed from service endpoints if the probe
- fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- resources:
- description: 'Compute Resources required by this container.
- Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute
- resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified,
- otherwise to an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- securityContext:
- description: 'SecurityContext defines the security options the
- container should be run with. If set, the fields of SecurityContext
- override the equivalent fields of PodSecurityContext. More
- info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
- properties:
- allowPrivilegeEscalation:
- description: 'AllowPrivilegeEscalation controls whether
- a process can gain more privileges than its parent process.
- This bool directly controls if the no_new_privs flag will
- be set on the container process. AllowPrivilegeEscalation
- is true always when the container is: 1) run as Privileged
- 2) has CAP_SYS_ADMIN Note that this field cannot be set
- when spec.os.name is windows.'
- type: boolean
- capabilities:
- description: The capabilities to add/drop when running containers.
- Defaults to the default set of capabilities granted by
- the container runtime. Note that this field cannot be
- set when spec.os.name is windows.
- properties:
- add:
- description: Added capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- drop:
- description: Removed capabilities
- items:
- description: Capability represent POSIX capabilities
- type
- type: string
- type: array
- type: object
- privileged:
- description: Run container in privileged mode. Processes
- in privileged containers are essentially equivalent to
- root on the host. Defaults to false. Note that this field
- cannot be set when spec.os.name is windows.
- type: boolean
- procMount:
- description: procMount denotes the type of proc mount to
- use for the containers. The default is DefaultProcMount
- which uses the container runtime defaults for readonly
- paths and masked paths. This requires the ProcMountType
- feature flag to be enabled. Note that this field cannot
- be set when spec.os.name is windows.
- type: string
- readOnlyRootFilesystem:
- description: Whether this container has a read-only root
- filesystem. Default is false. Note that this field cannot
- be set when spec.os.name is windows.
- type: boolean
- runAsGroup:
- description: The GID to run the entrypoint of the container
- process. Uses runtime default if unset. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: Indicates that the container must run as a
- non-root user. If true, the Kubelet will validate the
- image at runtime to ensure that it does not run as UID
- 0 (root) and fail to start the container if it does. If
- unset or false, no such validation will be performed.
- May also be set in PodSecurityContext. If set in both
- SecurityContext and PodSecurityContext, the value specified
- in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: The UID to run the entrypoint of the container
- process. Defaults to user specified in image metadata
- if unspecified. May also be set in PodSecurityContext. If
- set in both SecurityContext and PodSecurityContext, the
- value specified in SecurityContext takes precedence. Note
- that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: The SELinux context to be applied to the container.
- If unspecified, the container runtime will allocate a
- random SELinux context for each container. May also be
- set in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence. Note that this field cannot be set when
- spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that applies
- to the container.
- type: string
- role:
- description: Role is a SELinux role label that applies
- to the container.
- type: string
- type:
- description: Type is a SELinux type label that applies
- to the container.
- type: string
- user:
- description: User is a SELinux user label that applies
- to the container.
- type: string
- type: object
- seccompProfile:
- description: The seccomp options to use by this container.
- If seccomp options are provided at both the pod & container
- level, the container options override the pod options.
- Note that this field cannot be set when spec.os.name is
- windows.
- properties:
- localhostProfile:
- description: localhostProfile indicates a profile defined
- in a file on the node should be used. The profile
- must be preconfigured on the node to work. Must be
- a descending path, relative to the kubelet's configured
- seccomp profile location. Must only be set if type
- is "Localhost".
- type: string
- type:
- description: "type indicates which kind of seccomp profile
- will be applied. Valid options are: \n Localhost -
- a profile defined in a file on the node should be
- used. RuntimeDefault - the container runtime default
- profile should be used. Unconfined - no profile should
- be applied."
- type: string
- required:
- - type
- type: object
- windowsOptions:
- description: The Windows specific settings applied to all
- containers. If unspecified, the options from the PodSecurityContext
- will be used. If set in both SecurityContext and PodSecurityContext,
- the value specified in SecurityContext takes precedence.
- Note that this field cannot be set when spec.os.name is
- linux.
- properties:
- gmsaCredentialSpec:
- description: GMSACredentialSpec is where the GMSA admission
- webhook (https://github.com/kubernetes-sigs/windows-gmsa)
- inlines the contents of the GMSA credential spec named
- by the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name of the
- GMSA credential spec to use.
- type: string
- hostProcess:
- description: HostProcess determines if a container should
- be run as a 'Host Process' container. This field is
- alpha-level and will only be honored by components
- that enable the WindowsHostProcessContainers feature
- flag. Setting this field without the feature flag
- will result in errors when validating the Pod. All
- of a Pod's containers must have the same effective
- HostProcess value (it is not allowed to have a mix
- of HostProcess containers and non-HostProcess containers). In
- addition, if HostProcess is true then HostNetwork
- must also be set to true.
- type: boolean
- runAsUserName:
- description: The UserName in Windows to run the entrypoint
- of the container process. Defaults to the user specified
- in image metadata if unspecified. May also be set
- in PodSecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence.
- type: string
- type: object
- type: object
- startupProbe:
- description: 'StartupProbe indicates that the Pod has successfully
- initialized. If specified, no other probes are executed until
- this completes successfully. If this probe fails, the Pod
- will be restarted, just as if the livenessProbe failed. This
- can be used to provide different probe parameters at the beginning
- of a Pod''s lifecycle, when it might take a long time to load
- data or warm a cache, than during steady-state operation.
- This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- properties:
- exec:
- description: Exec specifies the action to take.
- properties:
- command:
- description: Command is the command line to execute
- inside the container, the working directory for the
- command is root ('/') in the container's filesystem.
- The command is simply exec'd, it is not run inside
- a shell, so traditional shell instructions ('|', etc)
- won't work. To use a shell, you need to explicitly
- call out to that shell. Exit status of 0 is treated
- as live/healthy and non-zero is unhealthy.
- items:
- type: string
- type: array
- type: object
- failureThreshold:
- description: Minimum consecutive failures for the probe
- to be considered failed after having succeeded. Defaults
- to 3. Minimum value is 1.
- format: int32
- type: integer
- grpc:
- description: GRPC specifies an action involving a GRPC port.
- This is a beta field and requires enabling GRPCContainerProbe
- feature gate.
- properties:
- port:
- description: Port number of the gRPC service. Number
- must be in the range 1 to 65535.
- format: int32
- type: integer
- service:
- description: "Service is the name of the service to
- place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
- \n If this is not specified, the default behavior
- is defined by gRPC."
- type: string
- required:
- - port
- type: object
- httpGet:
- description: HTTPGet specifies the http request to perform.
- properties:
- host:
- description: Host name to connect to, defaults to the
- pod IP. You probably want to set "Host" in httpHeaders
- instead.
- type: string
- httpHeaders:
- description: Custom headers to set in the request. HTTP
- allows repeated headers.
- items:
- description: HTTPHeader describes a custom header
- to be used in HTTP probes
- properties:
- name:
- description: The header field name
- type: string
- value:
- description: The header field value
- type: string
- required:
- - name
- - value
- type: object
- type: array
- path:
- description: Path to access on the HTTP server.
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Name or number of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- scheme:
- description: Scheme to use for connecting to the host.
- Defaults to HTTP.
- type: string
- required:
- - port
- type: object
- initialDelaySeconds:
- description: 'Number of seconds after the container has
- started before liveness probes are initiated. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- periodSeconds:
- description: How often (in seconds) to perform the probe.
- Default to 10 seconds. Minimum value is 1.
- format: int32
- type: integer
- successThreshold:
- description: Minimum consecutive successes for the probe
- to be considered successful after having failed. Defaults
- to 1. Must be 1 for liveness and startup. Minimum value
- is 1.
- format: int32
- type: integer
- tcpSocket:
- description: TCPSocket specifies an action involving a TCP
- port.
- properties:
- host:
- description: 'Optional: Host name to connect to, defaults
- to the pod IP.'
- type: string
- port:
- anyOf:
- - type: integer
- - type: string
- description: Number or name of the port to access on
- the container. Number must be in the range 1 to 65535.
- Name must be an IANA_SVC_NAME.
- x-kubernetes-int-or-string: true
- required:
- - port
- type: object
- terminationGracePeriodSeconds:
- description: Optional duration in seconds the pod needs
- to terminate gracefully upon probe failure. The grace
- period is the duration in seconds after the processes
- running in the pod are sent a termination signal and the
- time when the processes are forcibly halted with a kill
- signal. Set this value longer than the expected cleanup
- time for your process. If this value is nil, the pod's
- terminationGracePeriodSeconds will be used. Otherwise,
- this value overrides the value provided by the pod spec.
- Value must be non-negative integer. The value zero indicates
- stop immediately via the kill signal (no opportunity to
- shut down). This is a beta field and requires enabling
- ProbeTerminationGracePeriod feature gate. Minimum value
- is 1. spec.terminationGracePeriodSeconds is used if unset.
- format: int64
- type: integer
- timeoutSeconds:
- description: 'Number of seconds after which the probe times
- out. Defaults to 1 second. Minimum value is 1. More info:
- https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
- format: int32
- type: integer
- type: object
- stdin:
- description: Whether this container should allocate a buffer
- for stdin in the container runtime. If this is not set, reads
- from stdin in the container will always result in EOF. Default
- is false.
- type: boolean
- stdinOnce:
- description: Whether the container runtime should close the
- stdin channel after it has been opened by a single attach.
- When stdin is true the stdin stream will remain open across
- multiple attach sessions. If stdinOnce is set to true, stdin
- is opened on container start, is empty until the first client
- attaches to stdin, and then remains open and accepts data
- until the client disconnects, at which time stdin is closed
- and remains closed until the container is restarted. If this
- flag is false, a container processes that reads from stdin
- will never receive an EOF. Default is false
- type: boolean
- terminationMessagePath:
- description: 'Optional: Path at which the file to which the
- container''s termination message will be written is mounted
- into the container''s filesystem. Message written is intended
- to be brief final status, such as an assertion failure message.
- Will be truncated by the node if greater than 4096 bytes.
- The total message length across all containers will be limited
- to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
- type: string
- terminationMessagePolicy:
- description: Indicate how the termination message should be
- populated. File will use the contents of terminationMessagePath
- to populate the container status message on both success and
- failure. FallbackToLogsOnError will use the last chunk of
- container log output if the termination message file is empty
- and the container exited with an error. The log output is
- limited to 2048 bytes or 80 lines, whichever is smaller. Defaults
- to File. Cannot be updated.
- type: string
- tty:
- description: Whether this container should allocate a TTY for
- itself, also requires 'stdin' to be true. Default is false.
- type: boolean
- volumeDevices:
- description: volumeDevices is the list of block devices to be
- used by the container.
- items:
- description: volumeDevice describes a mapping of a raw block
- device within a container.
- properties:
- devicePath:
- description: devicePath is the path inside of the container
- that the device will be mapped to.
- type: string
- name:
- description: name must match the name of a persistentVolumeClaim
- in the pod
- type: string
- required:
- - devicePath
- - name
- type: object
- type: array
- volumeMounts:
- description: Pod volumes to mount into the container's filesystem.
- Cannot be updated.
- items:
- description: VolumeMount describes a mounting of a Volume
- within a container.
- properties:
- mountPath:
- description: Path within the container at which the volume
- should be mounted. Must not contain ':'.
- type: string
- mountPropagation:
- description: mountPropagation determines how mounts are
- propagated from the host to container and the other
- way around. When not set, MountPropagationNone is used.
- This field is beta in 1.10.
- type: string
- name:
- description: This must match the Name of a Volume.
- type: string
- readOnly:
- description: Mounted read-only if true, read-write otherwise
- (false or unspecified). Defaults to false.
- type: boolean
- subPath:
- description: Path within the volume from which the container's
- volume should be mounted. Defaults to "" (volume's root).
- type: string
- subPathExpr:
- description: Expanded path within the volume from which
- the container's volume should be mounted. Behaves similarly
- to SubPath but environment variable references $(VAR_NAME)
- are expanded using the container's environment. Defaults
- to "" (volume's root). SubPathExpr and SubPath are mutually
- exclusive.
- type: string
- required:
- - mountPath
- - name
- type: object
- type: array
- workingDir:
- description: Container's working directory. If not specified,
- the container runtime's default will be used, which might
- be configured in the container image. Cannot be updated.
- type: string
- required:
- - name
- type: object
- type: array
- labels:
- additionalProperties:
- type: string
- description: Labels configure the external label pairs to ThanosRuler.
- A default replica label `thanos_ruler_replica` will be always added as
- a label with the value of the pod's name and it will be dropped
- in the alerts.
- type: object
- listenLocal:
- description: ListenLocal makes the Thanos ruler listen on loopback,
- so that it does not bind against the Pod IP.
- type: boolean
- logFormat:
- description: Log format for ThanosRuler to be configured with.
- enum:
- - ""
- - logfmt
- - json
- type: string
- logLevel:
- description: Log level for ThanosRuler to be configured with.
- enum:
- - ""
- - debug
- - info
- - warn
- - error
- type: string
- minReadySeconds:
- description: Minimum number of seconds for which a newly created pod
- should be ready without any of its container crashing for it to
- be considered available. Defaults to 0 (pod will be considered available
- as soon as it is ready) This is an alpha field and requires enabling
- StatefulSetMinReadySeconds feature gate.
- format: int32
- type: integer
- nodeSelector:
- additionalProperties:
- type: string
- description: Define which Nodes the Pods are scheduled on.
- type: object
- objectStorageConfig:
- description: ObjectStorageConfig configures object storage in Thanos.
- Alternative to ObjectStorageConfigFile, and lower order priority.
- properties:
- key:
- description: The key of the secret to select from. Must be a
- valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- objectStorageConfigFile:
- description: ObjectStorageConfigFile specifies the path of the object
- storage configuration file. When used alongside with ObjectStorageConfig,
- ObjectStorageConfigFile takes precedence.
- type: string
- paused:
- description: When a ThanosRuler deployment is paused, no actions except
- for deletion will be performed on the underlying objects.
- type: boolean
- podMetadata:
- description: PodMetadata contains Labels and Annotations gets propagated
- to the thanos ruler pods.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map stored
- with a resource that may be set by external tools to store and
- retrieve arbitrary metadata. They are not queryable and should
- be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used to
- organize and categorize (scope and select) objects. May match
- selectors of replication controllers and services. More info:
- http://kubernetes.io/docs/user-guide/labels'
- type: object
- name:
- description: 'Name must be unique within a namespace. Is required
- when creating resources, although some resources may allow a
- client to request the generation of an appropriate name automatically.
- Name is primarily intended for creation idempotence and configuration
- definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
- type: string
- type: object
- portName:
- description: Port name used for the pods and governing service. This
- defaults to web
- type: string
- priorityClassName:
- description: Priority class assigned to the Pods
- type: string
- prometheusRulesExcludedFromEnforce:
- description: 'PrometheusRulesExcludedFromEnforce - list of Prometheus
- rules to be excluded from enforcing of adding namespace labels.
- Works only if enforcedNamespaceLabel set to true. Make sure both
- ruleNamespace and ruleName are set for each pair Deprecated: use
- excludedFromEnforcement instead.'
- items:
- description: PrometheusRuleExcludeConfig enables users to configure
- excluded PrometheusRule names and their namespaces to be ignored
- while enforcing namespace label for alerts and metrics.
- properties:
- ruleName:
- description: RuleNamespace - name of excluded rule
- type: string
- ruleNamespace:
- description: RuleNamespace - namespace of excluded rule
- type: string
- required:
- - ruleName
- - ruleNamespace
- type: object
- type: array
- queryConfig:
- description: Define configuration for connecting to thanos query instances.
- If this is defined, the QueryEndpoints field will be ignored. Maps
- to the `query.config` CLI argument. Only available with thanos v0.11.0
- and higher.
- properties:
- key:
- description: The key of the secret to select from. Must be a
- valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- queryEndpoints:
- description: QueryEndpoints defines Thanos querier endpoints from
- which to query metrics. Maps to the --query flag of thanos ruler.
- items:
- type: string
- type: array
- replicas:
- description: Number of thanos ruler instances to deploy.
- format: int32
- type: integer
- resources:
- description: Resources defines the resource requirements for single
- Pods. If not provided, no requests/limits will be set
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount of compute resources
- allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount of compute
- resources required. If Requests is omitted for a container,
- it defaults to Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- retention:
- default: 24h
- description: Time duration ThanosRuler shall retain data for. Default
- is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)`
- (milliseconds seconds minutes hours days weeks years).
- pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
- type: string
- routePrefix:
- description: The route prefix ThanosRuler registers HTTP handlers
- for. This allows thanos UI to be served on a sub-path.
- type: string
- ruleNamespaceSelector:
- description: Namespaces to be selected for Rules discovery. If unspecified,
- only the same namespace as the ThanosRuler object is in is used.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- ruleSelector:
- description: A label selector to select which PrometheusRules to mount
- for alerting and recording.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- securityContext:
- description: SecurityContext holds pod-level security attributes and
- common container settings. This defaults to the default PodSecurityContext.
- properties:
- fsGroup:
- description: "A special supplemental group that applies to all
- containers in a pod. Some volume types allow the Kubelet to
- change the ownership of that volume to be owned by the pod:
- \n 1. The owning GID will be the FSGroup 2. The setgid bit is
- set (new files created in the volume will be owned by FSGroup)
- 3. The permission bits are OR'd with rw-rw---- \n If unset,
- the Kubelet will not modify the ownership and permissions of
- any volume. Note that this field cannot be set when spec.os.name
- is windows."
- format: int64
- type: integer
- fsGroupChangePolicy:
- description: 'fsGroupChangePolicy defines behavior of changing
- ownership and permission of the volume before being exposed
- inside Pod. This field will only apply to volume types which
- support fsGroup based ownership(and permissions). It will have
- no effect on ephemeral volume types such as: secret, configmaps
- and emptydir. Valid values are "OnRootMismatch" and "Always".
- If not specified, "Always" is used. Note that this field cannot
- be set when spec.os.name is windows.'
- type: string
- runAsGroup:
- description: The GID to run the entrypoint of the container process.
- Uses runtime default if unset. May also be set in SecurityContext. If
- set in both SecurityContext and PodSecurityContext, the value
- specified in SecurityContext takes precedence for that container.
- Note that this field cannot be set when spec.os.name is windows.
- format: int64
- type: integer
- runAsNonRoot:
- description: Indicates that the container must run as a non-root
- user. If true, the Kubelet will validate the image at runtime
- to ensure that it does not run as UID 0 (root) and fail to start
- the container if it does. If unset or false, no such validation
- will be performed. May also be set in SecurityContext. If set
- in both SecurityContext and PodSecurityContext, the value specified
- in SecurityContext takes precedence.
- type: boolean
- runAsUser:
- description: The UID to run the entrypoint of the container process.
- Defaults to user specified in image metadata if unspecified.
- May also be set in SecurityContext. If set in both SecurityContext
- and PodSecurityContext, the value specified in SecurityContext
- takes precedence for that container. Note that this field cannot
- be set when spec.os.name is windows.
- format: int64
- type: integer
- seLinuxOptions:
- description: The SELinux context to be applied to all containers.
- If unspecified, the container runtime will allocate a random
- SELinux context for each container. May also be set in SecurityContext. If
- set in both SecurityContext and PodSecurityContext, the value
- specified in SecurityContext takes precedence for that container.
- Note that this field cannot be set when spec.os.name is windows.
- properties:
- level:
- description: Level is SELinux level label that applies to
- the container.
- type: string
- role:
- description: Role is a SELinux role label that applies to
- the container.
- type: string
- type:
- description: Type is a SELinux type label that applies to
- the container.
- type: string
- user:
- description: User is a SELinux user label that applies to
- the container.
- type: string
- type: object
- seccompProfile:
- description: The seccomp options to use by the containers in this
- pod. Note that this field cannot be set when spec.os.name is
- windows.
- properties:
- localhostProfile:
- description: localhostProfile indicates a profile defined
- in a file on the node should be used. The profile must be
- preconfigured on the node to work. Must be a descending
- path, relative to the kubelet's configured seccomp profile
- location. Must only be set if type is "Localhost".
- type: string
- type:
- description: "type indicates which kind of seccomp profile
- will be applied. Valid options are: \n Localhost - a profile
- defined in a file on the node should be used. RuntimeDefault
- - the container runtime default profile should be used.
- Unconfined - no profile should be applied."
- type: string
- required:
- - type
- type: object
- supplementalGroups:
- description: A list of groups applied to the first process run
- in each container, in addition to the container's primary GID. If
- unspecified, no groups will be added to any container. Note
- that this field cannot be set when spec.os.name is windows.
- items:
- format: int64
- type: integer
- type: array
- sysctls:
- description: Sysctls hold a list of namespaced sysctls used for
- the pod. Pods with unsupported sysctls (by the container runtime)
- might fail to launch. Note that this field cannot be set when
- spec.os.name is windows.
- items:
- description: Sysctl defines a kernel parameter to be set
- properties:
- name:
- description: Name of a property to set
- type: string
- value:
- description: Value of a property to set
- type: string
- required:
- - name
- - value
- type: object
- type: array
- windowsOptions:
- description: The Windows specific settings applied to all containers.
- If unspecified, the options within a container's SecurityContext
- will be used. If set in both SecurityContext and PodSecurityContext,
- the value specified in SecurityContext takes precedence. Note
- that this field cannot be set when spec.os.name is linux.
- properties:
- gmsaCredentialSpec:
- description: GMSACredentialSpec is where the GMSA admission
- webhook (https://github.com/kubernetes-sigs/windows-gmsa)
- inlines the contents of the GMSA credential spec named by
- the GMSACredentialSpecName field.
- type: string
- gmsaCredentialSpecName:
- description: GMSACredentialSpecName is the name of the GMSA
- credential spec to use.
- type: string
- hostProcess:
- description: HostProcess determines if a container should
- be run as a 'Host Process' container. This field is alpha-level
- and will only be honored by components that enable the WindowsHostProcessContainers
- feature flag. Setting this field without the feature flag
- will result in errors when validating the Pod. All of a
- Pod's containers must have the same effective HostProcess
- value (it is not allowed to have a mix of HostProcess containers
- and non-HostProcess containers). In addition, if HostProcess
- is true then HostNetwork must also be set to true.
- type: boolean
- runAsUserName:
- description: The UserName in Windows to run the entrypoint
- of the container process. Defaults to the user specified
- in image metadata if unspecified. May also be set in PodSecurityContext.
- If set in both SecurityContext and PodSecurityContext, the
- value specified in SecurityContext takes precedence.
- type: string
- type: object
- type: object
- serviceAccountName:
- description: ServiceAccountName is the name of the ServiceAccount
- to use to run the Thanos Ruler Pods.
- type: string
- storage:
- description: Storage spec to specify how storage shall be used.
- properties:
- disableMountSubPath:
- description: 'Deprecated: subPath usage will be disabled by default
- in a future release, this option will become unnecessary. DisableMountSubPath
- allows to remove any subPath usage in volume mounts.'
- type: boolean
- emptyDir:
- description: 'EmptyDirVolumeSource to be used by the Prometheus
- StatefulSets. If specified, used in place of any volumeClaimTemplate.
- More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir'
- properties:
- medium:
- description: 'medium represents what type of storage medium
- should back this directory. The default is "" which means
- to use the node''s default medium. Must be an empty string
- (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'sizeLimit is the total amount of local storage
- required for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage on memory
- medium EmptyDir would be the minimum value between the SizeLimit
- specified here and the sum of memory limits of all containers
- in a pod. The default is nil which means that the limit
- is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: 'EphemeralVolumeSource to be used by the Prometheus
- StatefulSets. This is a beta field in k8s 1.21, for lower versions,
- starting with k8s 1.19, it requires enabling the GenericEphemeralVolume
- feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes'
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone PVC to
- provision the volume. The pod in which this EphemeralVolumeSource
- is embedded will be the owner of the PVC, i.e. the PVC will
- be deleted together with the pod. The name of the PVC will
- be `<pod name>-<volume name>` where `<volume name>` is the
- name from the `PodSpec.Volumes` array entry. Pod validation
- will reject the pod if the concatenated name is not valid
- for a PVC (for example, too long). \n An existing PVC with
- that name that is not owned by the pod will *not* be used
- for the pod to avoid using an unrelated volume by mistake.
- Starting the pod is then blocked until the unrelated PVC
- is removed. If such a pre-created PVC is meant to be used
- by the pod, the PVC has to updated with an owner reference
- to the pod once the pod exists. Normally this should not
- be necessary, but it may be useful when manually reconstructing
- a broken cluster. \n This field is read-only and no changes
- will be made by Kubernetes to the PVC after it has been
- created. \n Required, must not be nil."
- properties:
- metadata:
- description: May contain labels and annotations that will
- be copied into the PVC when creating it. No other fields
- are allowed and will be rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into the PVC
- that gets created from this template. The same fields
- as in a PersistentVolumeClaim are also valid here.
- properties:
- accessModes:
- description: 'accessModes contains the desired access
- modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'dataSource field can be used to specify
- either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim) If the
- provisioner or an external controller can support
- the specified data source, it will create a new
- volume based on the contents of the specified data
- source. If the AnyVolumeDataSource feature gate
- is enabled, this field will always have the same
- contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'dataSourceRef specifies the object from
- which to populate the volume with data, if a non-empty
- volume is desired. This may be any local object
- from a non-empty API group (non core object) or
- a PersistentVolumeClaim object. When this field
- is specified, volume binding will only succeed if
- the type of the specified object matches some installed
- volume populator or dynamic provisioner. This field
- will replace the functionality of the DataSource
- field and as such if both fields are non-empty,
- they must have the same value. For backwards compatibility,
- both fields (DataSource and DataSourceRef) will
- be set to the same value automatically if one of
- them is empty and the other is non-empty. There
- are two important differences between DataSource
- and DataSourceRef: * While DataSource only allows
- two specific types of objects, DataSourceRef allows
- any non-core object, as well as PersistentVolumeClaim
- objects. * While DataSource ignores disallowed values
- (dropping them), DataSourceRef preserves all values,
- and generates an error if a disallowed value is
- specified. (Beta) Using this field requires the
- AnyVolumeDataSource feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is
- required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'resources represents the minimum resources
- the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify
- resource requirements that are lower than previous
- value but must still be higher than capacity recorded
- in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is
- omitted for a container, it defaults to Limits
- if that is explicitly specified, otherwise to
- an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: selector is a label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement is
- a selector that contains values, a key, and
- an operator that relates the key and values.
- properties:
- key:
- description: key is the label key that the
- selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty. If
- the operator is Exists or DoesNotExist,
- the values array must be empty. This array
- is replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is "In",
- and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'storageClassName is the name of the
- StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume
- is required by the claim. Value of Filesystem is
- implied when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding reference to
- the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- volumeClaimTemplate:
- description: A PVC spec to be used by the Prometheus StatefulSets.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- description: EmbeddedMetadata contains metadata relevant to
- an EmbeddedResource.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value
- map stored with a resource that may be set by external
- tools to store and retrieve arbitrary metadata. They
- are not queryable and should be preserved when modifying
- objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be
- used to organize and categorize (scope and select) objects.
- May match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- name:
- description: 'Name must be unique within a namespace.
- Is required when creating resources, although some resources
- may allow a client to request the generation of an appropriate
- name automatically. Name is primarily intended for creation
- idempotence and configuration definition. Cannot be
- updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
- type: string
- type: object
- spec:
- description: 'Spec defines the desired characteristics of
- a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- accessModes:
- description: 'accessModes contains the desired access
- modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'dataSource field can be used to specify
- either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim) If the provisioner
- or an external controller can support the specified
- data source, it will create a new volume based on the
- contents of the specified data source. If the AnyVolumeDataSource
- feature gate is enabled, this field will always have
- the same contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource being referenced
- type: string
- name:
- description: Name is the name of resource being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'dataSourceRef specifies the object from
- which to populate the volume with data, if a non-empty
- volume is desired. This may be any local object from
- a non-empty API group (non core object) or a PersistentVolumeClaim
- object. When this field is specified, volume binding
- will only succeed if the type of the specified object
- matches some installed volume populator or dynamic provisioner.
- This field will replace the functionality of the DataSource
- field and as such if both fields are non-empty, they
- must have the same value. For backwards compatibility,
- both fields (DataSource and DataSourceRef) will be set
- to the same value automatically if one of them is empty
- and the other is non-empty. There are two important
- differences between DataSource and DataSourceRef: *
- While DataSource only allows two specific types of objects,
- DataSourceRef allows any non-core object, as well as
- PersistentVolumeClaim objects. * While DataSource ignores
- disallowed values (dropping them), DataSourceRef preserves
- all values, and generates an error if a disallowed value
- is specified. (Beta) Using this field requires the AnyVolumeDataSource
- feature gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API group.
- For any other third-party types, APIGroup is required.
- type: string
- kind:
- description: Kind is the type of resource being referenced
- type: string
- name:
- description: Name is the name of resource being referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'resources represents the minimum resources
- the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify resource
- requirements that are lower than previous value but
- must still be higher than capacity recorded in the status
- field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum amount
- of compute resources required. If Requests is omitted
- for a container, it defaults to Limits if that is
- explicitly specified, otherwise to an implementation-defined
- value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: selector is a label query over volumes to
- consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector
- requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a selector
- that contains values, a key, and an operator that
- relates the key and values.
- properties:
- key:
- description: key is the label key that the selector
- applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are In,
- NotIn, Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values.
- If the operator is In or NotIn, the values
- array must be non-empty. If the operator is
- Exists or DoesNotExist, the values array must
- be empty. This array is replaced during a
- strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs.
- A single {key,value} in the matchLabels map is equivalent
- to an element of matchExpressions, whose key field
- is "key", the operator is "In", and the values array
- contains only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'storageClassName is the name of the StorageClass
- required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume is
- required by the claim. Value of Filesystem is implied
- when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding reference to the
- PersistentVolume backing this claim.
- type: string
- type: object
- status:
- description: 'Status represents the current information/status
- of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- accessModes:
- description: 'accessModes contains the actual access modes
- the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- allocatedResources:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: allocatedResources is the storage resource
- within AllocatedResources tracks the capacity allocated
- to a PVC. It may be larger than the actual capacity
- when a volume expansion operation is requested. For
- storage quota, the larger value from allocatedResources
- and PVC.spec.resources is used. If allocatedResources
- is not set, PVC.spec.resources alone is used for quota
- calculation. If a volume expansion capacity request
- is lowered, allocatedResources is only lowered if there
- are no expansion operations in progress and if the actual
- volume capacity is equal or lower than the requested
- capacity. This is an alpha field and requires enabling
- RecoverVolumeExpansionFailure feature.
- type: object
- capacity:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: capacity represents the actual resources
- of the underlying volume.
- type: object
- conditions:
- description: conditions is the current Condition of persistent
- volume claim. If underlying persistent volume is being
- resized then the Condition will be set to 'ResizeStarted'.
- items:
- description: PersistentVolumeClaimCondition contails
- details about state of pvc
- properties:
- lastProbeTime:
- description: lastProbeTime is the time we probed
- the condition.
- format: date-time
- type: string
- lastTransitionTime:
- description: lastTransitionTime is the time the
- condition transitioned from one status to another.
- format: date-time
- type: string
- message:
- description: message is the human-readable message
- indicating details about last transition.
- type: string
- reason:
- description: reason is a unique, this should be
- a short, machine understandable string that gives
- the reason for condition's last transition. If
- it reports "ResizeStarted" that means the underlying
- persistent volume is being resized.
- type: string
- status:
- type: string
- type:
- description: PersistentVolumeClaimConditionType
- is a valid value of PersistentVolumeClaimCondition.Type
- type: string
- required:
- - status
- - type
- type: object
- type: array
- phase:
- description: phase represents the current phase of PersistentVolumeClaim.
- type: string
- resizeStatus:
- description: resizeStatus stores status of resize operation.
- ResizeStatus is not set by default but when expansion
- is complete resizeStatus is set to empty string by resize
- controller or kubelet. This is an alpha field and requires
- enabling RecoverVolumeExpansionFailure feature.
- type: string
- type: object
- type: object
- type: object
- tolerations:
- description: If specified, the pod's tolerations.
- items:
- description: The pod this Toleration is attached to tolerates any
- taint that matches the triple <key,value,effect> using the matching
- operator <operator>.
- properties:
- effect:
- description: Effect indicates the taint effect to match. Empty
- means match all taint effects. When specified, allowed values
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Key is the taint key that the toleration applies
- to. Empty means match all taint keys. If the key is empty,
- operator must be Exists; this combination means to match all
- values and all keys.
- type: string
- operator:
- description: Operator represents a key's relationship to the
- value. Valid operators are Exists and Equal. Defaults to Equal.
- Exists is equivalent to wildcard for value, so that a pod
- can tolerate all taints of a particular category.
- type: string
- tolerationSeconds:
- description: TolerationSeconds represents the period of time
- the toleration (which must be of effect NoExecute, otherwise
- this field is ignored) tolerates the taint. By default, it
- is not set, which means tolerate the taint forever (do not
- evict). Zero and negative values will be treated as 0 (evict
- immediately) by the system.
- format: int64
- type: integer
- value:
- description: Value is the taint value the toleration matches
- to. If the operator is Exists, the value should be empty,
- otherwise just a regular string.
- type: string
- type: object
- type: array
- topologySpreadConstraints:
- description: If specified, the pod's topology spread constraints.
- items:
- description: TopologySpreadConstraint specifies how to spread matching
- pods among the given topology.
- properties:
- labelSelector:
- description: LabelSelector is used to find matching pods. Pods
- that match this label selector are counted to determine the
- number of pods in their corresponding topology domain.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector
- requirements. The requirements are ANDed.
- items:
- description: A label selector requirement is a selector
- that contains values, a key, and an operator that relates
- the key and values.
- properties:
- key:
- description: key is the label key that the selector
- applies to.
- type: string
- operator:
- description: operator represents a key's relationship
- to a set of values. Valid operators are In, NotIn,
- Exists and DoesNotExist.
- type: string
- values:
- description: values is an array of string values.
- If the operator is In or NotIn, the values array
- must be non-empty. If the operator is Exists or
- DoesNotExist, the values array must be empty. This
- array is replaced during a strategic merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs.
- A single {key,value} in the matchLabels map is equivalent
- to an element of matchExpressions, whose key field is
- "key", the operator is "In", and the values array contains
- only "value". The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- maxSkew:
- description: 'MaxSkew describes the degree to which pods may
- be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`,
- it is the maximum permitted difference between the number
- of matching pods in the target topology and the global minimum.
- The global minimum is the minimum number of matching pods
- in an eligible domain or zero if the number of eligible domains
- is less than MinDomains. For example, in a 3-zone cluster,
- MaxSkew is set to 1, and pods with the same labelSelector
- spread as 2/2/1: In this case, the global minimum is 1. |
- zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew
- is 1, incoming pod can only be scheduled to zone3 to become
- 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1)
- on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming
- pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`,
- it is used to give higher precedence to topologies that satisfy
- it. It''s a required field. Default value is 1 and 0 is not
- allowed.'
- format: int32
- type: integer
- minDomains:
- description: "MinDomains indicates a minimum number of eligible
- domains. When the number of eligible domains with matching
- topology keys is less than minDomains, Pod Topology Spread
- treats \"global minimum\" as 0, and then the calculation of
- Skew is performed. And when the number of eligible domains
- with matching topology keys equals or greater than minDomains,
- this value has no effect on scheduling. As a result, when
- the number of eligible domains is less than minDomains, scheduler
- won't schedule more than maxSkew Pods to those domains. If
- value is nil, the constraint behaves as if MinDomains is equal
- to 1. Valid values are integers greater than 0. When value
- is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For
- example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains
- is set to 5 and pods with the same labelSelector spread as
- 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P |
- The number of domains is less than 5(MinDomains), so \"global
- minimum\" is treated as 0. In this situation, new pod with
- the same labelSelector cannot be scheduled, because computed
- skew will be 3(3 - 0) if new Pod is scheduled to any of the
- three zones, it will violate MaxSkew. \n This is an alpha
- field and requires enabling MinDomainsInPodTopologySpread
- feature gate."
- format: int32
- type: integer
- topologyKey:
- description: TopologyKey is the key of node labels. Nodes that
- have a label with this key and identical values are considered
- to be in the same topology. We consider each <key, value>
- as a "bucket", and try to put balanced number of pods into
- each bucket. We define a domain as a particular instance of
- a topology. Also, we define an eligible domain as a domain
- whose nodes match the node selector. e.g. If TopologyKey is
- "kubernetes.io/hostname", each Node is a domain of that topology.
- And, if TopologyKey is "topology.kubernetes.io/zone", each
- zone is a domain of that topology. It's a required field.
- type: string
- whenUnsatisfiable:
- description: 'WhenUnsatisfiable indicates how to deal with a
- pod if it doesn''t satisfy the spread constraint. - DoNotSchedule
- (default) tells the scheduler not to schedule it. - ScheduleAnyway
- tells the scheduler to schedule the pod in any location, but
- giving higher precedence to topologies that would help reduce
- the skew. A constraint is considered "Unsatisfiable" for an
- incoming pod if and only if every possible node assignment
- for that pod would violate "MaxSkew" on some topology. For
- example, in a 3-zone cluster, MaxSkew is set to 1, and pods
- with the same labelSelector spread as 3/1/1: | zone1 | zone2
- | zone3 | | P P P | P | P | If WhenUnsatisfiable is
- set to DoNotSchedule, incoming pod can only be scheduled to
- zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on
- zone2(zone3) satisfies MaxSkew(1). In other words, the cluster
- can still be imbalanced, but scheduler won''t make it *more*
- imbalanced. It''s a required field.'
- type: string
- required:
- - maxSkew
- - topologyKey
- - whenUnsatisfiable
- type: object
- type: array
- tracingConfig:
- description: TracingConfig configures tracing in Thanos. This is an
- experimental feature, it may change in any upcoming release in a
- breaking way.
- properties:
- key:
- description: The key of the secret to select from. Must be a
- valid secret key.
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: Specify whether the Secret or its key must be defined
- type: boolean
- required:
- - key
- type: object
- x-kubernetes-map-type: atomic
- tracingConfigFile:
- description: TracingConfig specifies the path of the tracing configuration
- file. When used alongside with TracingConfig, TracingConfigFile
- takes precedence.
- type: string
- volumes:
- description: Volumes allows configuration of additional volumes on
- the output StatefulSet definition. Volumes specified will be appended
- to other volumes that are generated as a result of StorageSpec objects.
- items:
- description: Volume represents a named volume in a pod that may
- be accessed by any container in the pod.
- properties:
- awsElasticBlockStore:
- description: 'awsElasticBlockStore represents an AWS Disk resource
- that is attached to a kubelet''s host machine and then exposed
- to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- properties:
- fsType:
- description: 'fsType is the filesystem type of the volume
- that you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- partition:
- description: 'partition is the partition in the volume that
- you want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1, you specify
- the partition as "1". Similarly, the volume partition
- for /dev/sda is "0" (or you can leave the property empty).'
- format: int32
- type: integer
- readOnly:
- description: 'readOnly value true will force the readOnly
- setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: boolean
- volumeID:
- description: 'volumeID is unique ID of the persistent disk
- resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore'
- type: string
- required:
- - volumeID
- type: object
- azureDisk:
- description: azureDisk represents an Azure Data Disk mount on
- the host and bind mount to the pod.
- properties:
- cachingMode:
- description: 'cachingMode is the Host Caching mode: None,
- Read Only, Read Write.'
- type: string
- diskName:
- description: diskName is the Name of the data disk in the
- blob storage
- type: string
- diskURI:
- description: diskURI is the URI of data disk in the blob
- storage
- type: string
- fsType:
- description: fsType is Filesystem type to mount. Must be
- a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- kind:
- description: 'kind expected values are Shared: multiple
- blob disks per storage account Dedicated: single blob
- disk per storage account Managed: azure managed data
- disk (only in managed availability set). defaults to shared'
- type: string
- readOnly:
- description: readOnly Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- required:
- - diskName
- - diskURI
- type: object
- azureFile:
- description: azureFile represents an Azure File Service mount
- on the host and bind mount to the pod.
- properties:
- readOnly:
- description: readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretName:
- description: secretName is the name of secret that contains
- Azure Storage Account Name and Key
- type: string
- shareName:
- description: shareName is the azure share Name
- type: string
- required:
- - secretName
- - shareName
- type: object
- cephfs:
- description: cephFS represents a Ceph FS mount on the host that
- shares a pod's lifetime
- properties:
- monitors:
- description: 'monitors is Required: Monitors is a collection
- of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- items:
- type: string
- type: array
- path:
- description: 'path is Optional: Used as the mounted root,
- rather than the full Ceph tree, default is /'
- type: string
- readOnly:
- description: 'readOnly is Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in VolumeMounts.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: boolean
- secretFile:
- description: 'secretFile is Optional: SecretFile is the
- path to key ring for User, default is /etc/ceph/user.secret
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- secretRef:
- description: 'secretRef is Optional: SecretRef is reference
- to the authentication secret for User, default is empty.
- More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'user is optional: User is the rados user name,
- default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it'
- type: string
- required:
- - monitors
- type: object
- cinder:
- description: 'cinder represents a cinder volume attached and
- mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- properties:
- fsType:
- description: 'fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Examples: "ext4", "xfs", "ntfs". Implicitly inferred to
- be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- readOnly:
- description: 'readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: boolean
- secretRef:
- description: 'secretRef is optional: points to a secret
- object containing parameters used to connect to OpenStack.'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeID:
- description: 'volumeID used to identify the volume in cinder.
- More info: https://examples.k8s.io/mysql-cinder-pd/README.md'
- type: string
- required:
- - volumeID
- type: object
- configMap:
- description: configMap represents a configMap that should populate
- this volume
- properties:
- defaultMode:
- description: 'defaultMode is optional: mode bits used to
- set permissions on created files by default. Must be an
- octal value between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults to
- 0644. Directories within the path are not affected by
- this setting. This might be in conflict with other options
- that affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: items if unspecified, each key-value pair in
- the Data field of the referenced ConfigMap will be projected
- into the volume as a file whose name is the key and content
- is the value. If specified, the listed keys will be projected
- into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in
- the ConfigMap, the volume setup will error unless it is
- marked optional. Paths must be relative and may not contain
- the '..' path or start with '..'.
- items:
- description: Maps a string key to a path within a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits used to
- set permissions on this file. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. If not
- specified, the volume defaultMode will be used.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of the file
- to map the key to. May not be an absolute path.
- May not contain the path element '..'. May not start
- with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- optional:
- description: optional specify whether the ConfigMap or its
- keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- csi:
- description: csi (Container Storage Interface) represents ephemeral
- storage that is handled by certain external CSI drivers (Beta
- feature).
- properties:
- driver:
- description: driver is the name of the CSI driver that handles
- this volume. Consult with your admin for the correct name
- as registered in the cluster.
- type: string
- fsType:
- description: fsType to mount. Ex. "ext4", "xfs", "ntfs".
- If not provided, the empty value is passed to the associated
- CSI driver which will determine the default filesystem
- to apply.
- type: string
- nodePublishSecretRef:
- description: nodePublishSecretRef is a reference to the
- secret object containing sensitive information to pass
- to the CSI driver to complete the CSI NodePublishVolume
- and NodeUnpublishVolume calls. This field is optional,
- and may be empty if no secret is required. If the secret
- object contains more than one secret, all secret references
- are passed.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- readOnly:
- description: readOnly specifies a read-only configuration
- for the volume. Defaults to false (read/write).
- type: boolean
- volumeAttributes:
- additionalProperties:
- type: string
- description: volumeAttributes stores driver-specific properties
- that are passed to the CSI driver. Consult your driver's
- documentation for supported values.
- type: object
- required:
- - driver
- type: object
- downwardAPI:
- description: downwardAPI represents downward API about the pod
- that should populate this volume
- properties:
- defaultMode:
- description: 'Optional: mode bits to use on created files
- by default. Must be a Optional: mode bits used to set
- permissions on created files by default. Must be an octal
- value between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults to
- 0644. Directories within the path are not affected by
- this setting. This might be in conflict with other options
- that affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: Items is a list of downward API volume file
- items:
- description: DownwardAPIVolumeFile represents information
- to create the file containing the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field of the pod:
- only annotations, labels, name and namespace are
- supported.'
- properties:
- apiVersion:
- description: Version of the schema the FieldPath
- is written in terms of, defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select in the
- specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to set permissions
- on this file, must be an octal value between 0000
- and 0777 or a decimal value between 0 and 511. YAML
- accepts both octal and decimal values, JSON requires
- decimal values for mode bits. If not specified,
- the volume defaultMode will be used. This might
- be in conflict with other options that affect the
- file mode, like fsGroup, and the result can be other
- mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative path
- name of the file to be created. Must not be absolute
- or contain the ''..'' path. Must be utf-8 encoded.
- The first item of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the container:
- only resources limits and requests (limits.cpu,
- limits.memory, requests.cpu and requests.memory)
- are currently supported.'
- properties:
- containerName:
- description: 'Container name: required for volumes,
- optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format of the
- exposed resources, defaults to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- emptyDir:
- description: 'emptyDir represents a temporary directory that
- shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- properties:
- medium:
- description: 'medium represents what type of storage medium
- should back this directory. The default is "" which means
- to use the node''s default medium. Must be an empty string
- (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir'
- type: string
- sizeLimit:
- anyOf:
- - type: integer
- - type: string
- description: 'sizeLimit is the total amount of local storage
- required for this EmptyDir volume. The size limit is also
- applicable for memory medium. The maximum usage on memory
- medium EmptyDir would be the minimum value between the
- SizeLimit specified here and the sum of memory limits
- of all containers in a pod. The default is nil which means
- that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir'
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- ephemeral:
- description: "ephemeral represents a volume that is handled
- by a cluster storage driver. The volume's lifecycle is tied
- to the pod that defines it - it will be created before the
- pod starts, and deleted when the pod is removed. \n Use this
- if: a) the volume is only needed while the pod runs, b) features
- of normal volumes like restoring from snapshot or capacity
- tracking are needed, c) the storage driver is specified through
- a storage class, and d) the storage driver supports dynamic
- volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource
- for more information on the connection between this volume
- type and PersistentVolumeClaim). \n Use PersistentVolumeClaim
- or one of the vendor-specific APIs for volumes that persist
- for longer than the lifecycle of an individual pod. \n Use
- CSI for light-weight local ephemeral volumes if the CSI driver
- is meant to be used that way - see the documentation of the
- driver for more information. \n A pod can use both types of
- ephemeral volumes and persistent volumes at the same time."
- properties:
- volumeClaimTemplate:
- description: "Will be used to create a stand-alone PVC to
- provision the volume. The pod in which this EphemeralVolumeSource
- is embedded will be the owner of the PVC, i.e. the PVC
- will be deleted together with the pod. The name of the
- PVC will be `<pod name>-<volume name>` where `<volume
- name>` is the name from the `PodSpec.Volumes` array entry.
- Pod validation will reject the pod if the concatenated
- name is not valid for a PVC (for example, too long). \n
- An existing PVC with that name that is not owned by the
- pod will *not* be used for the pod to avoid using an unrelated
- volume by mistake. Starting the pod is then blocked until
- the unrelated PVC is removed. If such a pre-created PVC
- is meant to be used by the pod, the PVC has to updated
- with an owner reference to the pod once the pod exists.
- Normally this should not be necessary, but it may be useful
- when manually reconstructing a broken cluster. \n This
- field is read-only and no changes will be made by Kubernetes
- to the PVC after it has been created. \n Required, must
- not be nil."
- properties:
- metadata:
- description: May contain labels and annotations that
- will be copied into the PVC when creating it. No other
- fields are allowed and will be rejected during validation.
- type: object
- spec:
- description: The specification for the PersistentVolumeClaim.
- The entire content is copied unchanged into the PVC
- that gets created from this template. The same fields
- as in a PersistentVolumeClaim are also valid here.
- properties:
- accessModes:
- description: 'accessModes contains the desired access
- modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
- items:
- type: string
- type: array
- dataSource:
- description: 'dataSource field can be used to specify
- either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
- * An existing PVC (PersistentVolumeClaim) If the
- provisioner or an external controller can support
- the specified data source, it will create a new
- volume based on the contents of the specified
- data source. If the AnyVolumeDataSource feature
- gate is enabled, this field will always have the
- same contents as the DataSourceRef field.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API
- group. For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- dataSourceRef:
- description: 'dataSourceRef specifies the object
- from which to populate the volume with data, if
- a non-empty volume is desired. This may be any
- local object from a non-empty API group (non core
- object) or a PersistentVolumeClaim object. When
- this field is specified, volume binding will only
- succeed if the type of the specified object matches
- some installed volume populator or dynamic provisioner.
- This field will replace the functionality of the
- DataSource field and as such if both fields are
- non-empty, they must have the same value. For
- backwards compatibility, both fields (DataSource
- and DataSourceRef) will be set to the same value
- automatically if one of them is empty and the
- other is non-empty. There are two important differences
- between DataSource and DataSourceRef: * While
- DataSource only allows two specific types of objects,
- DataSourceRef allows any non-core object, as well
- as PersistentVolumeClaim objects. * While DataSource
- ignores disallowed values (dropping them), DataSourceRef
- preserves all values, and generates an error if
- a disallowed value is specified. (Beta) Using
- this field requires the AnyVolumeDataSource feature
- gate to be enabled.'
- properties:
- apiGroup:
- description: APIGroup is the group for the resource
- being referenced. If APIGroup is not specified,
- the specified Kind must be in the core API
- group. For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource being
- referenced
- type: string
- name:
- description: Name is the name of resource being
- referenced
- type: string
- required:
- - kind
- - name
- type: object
- x-kubernetes-map-type: atomic
- resources:
- description: 'resources represents the minimum resources
- the volume should have. If RecoverVolumeExpansionFailure
- feature is enabled users are allowed to specify
- resource requirements that are lower than previous
- value but must still be higher than capacity recorded
- in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
- properties:
- limits:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Limits describes the maximum amount
- of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- requests:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: 'Requests describes the minimum
- amount of compute resources required. If Requests
- is omitted for a container, it defaults to
- Limits if that is explicitly specified, otherwise
- to an implementation-defined value. More info:
- https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
- type: object
- type: object
- selector:
- description: selector is a label query over volumes
- to consider for binding.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label
- selector requirements. The requirements are
- ANDed.
- items:
- description: A label selector requirement
- is a selector that contains values, a key,
- and an operator that relates the key and
- values.
- properties:
- key:
- description: key is the label key that
- the selector applies to.
- type: string
- operator:
- description: operator represents a key's
- relationship to a set of values. Valid
- operators are In, NotIn, Exists and
- DoesNotExist.
- type: string
- values:
- description: values is an array of string
- values. If the operator is In or NotIn,
- the values array must be non-empty.
- If the operator is Exists or DoesNotExist,
- the values array must be empty. This
- array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value}
- pairs. A single {key,value} in the matchLabels
- map is equivalent to an element of matchExpressions,
- whose key field is "key", the operator is
- "In", and the values array contains only "value".
- The requirements are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- storageClassName:
- description: 'storageClassName is the name of the
- StorageClass required by the claim. More info:
- https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
- type: string
- volumeMode:
- description: volumeMode defines what type of volume
- is required by the claim. Value of Filesystem
- is implied when not included in claim spec.
- type: string
- volumeName:
- description: volumeName is the binding reference
- to the PersistentVolume backing this claim.
- type: string
- type: object
- required:
- - spec
- type: object
- type: object
- fc:
- description: fc represents a Fibre Channel resource that is
- attached to a kubelet's host machine and then exposed to the
- pod.
- properties:
- fsType:
- description: 'fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. TODO: how do we prevent errors in the
- filesystem from compromising the machine'
- type: string
- lun:
- description: 'lun is Optional: FC target lun number'
- format: int32
- type: integer
- readOnly:
- description: 'readOnly is Optional: Defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in VolumeMounts.'
- type: boolean
- targetWWNs:
- description: 'targetWWNs is Optional: FC target worldwide
- names (WWNs)'
- items:
- type: string
- type: array
- wwids:
- description: 'wwids Optional: FC volume world wide identifiers
- (wwids) Either wwids or combination of targetWWNs and
- lun must be set, but not both simultaneously.'
- items:
- type: string
- type: array
- type: object
- flexVolume:
- description: flexVolume represents a generic volume resource
- that is provisioned/attached using an exec based plugin.
- properties:
- driver:
- description: driver is the name of the driver to use for
- this volume.
- type: string
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". The default filesystem depends
- on FlexVolume script.
- type: string
- options:
- additionalProperties:
- type: string
- description: 'options is Optional: this field holds extra
- command options if any.'
- type: object
- readOnly:
- description: 'readOnly is Optional: defaults to false (read/write).
- ReadOnly here will force the ReadOnly setting in VolumeMounts.'
- type: boolean
- secretRef:
- description: 'secretRef is Optional: secretRef is reference
- to the secret object containing sensitive information
- to pass to the plugin scripts. This may be empty if no
- secret object is specified. If the secret object contains
- more than one secret, all secrets are passed to the plugin
- scripts.'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - driver
- type: object
- flocker:
- description: flocker represents a Flocker volume attached to
- a kubelet's host machine. This depends on the Flocker control
- service being running
- properties:
- datasetName:
- description: datasetName is Name of the dataset stored as
- metadata -> name on the dataset for Flocker should be
- considered as deprecated
- type: string
- datasetUUID:
- description: datasetUUID is the UUID of the dataset. This
- is unique identifier of a Flocker dataset
- type: string
- type: object
- gcePersistentDisk:
- description: 'gcePersistentDisk represents a GCE Disk resource
- that is attached to a kubelet''s host machine and then exposed
- to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- properties:
- fsType:
- description: 'fsType is filesystem type of the volume that
- you want to mount. Tip: Ensure that the filesystem type
- is supported by the host operating system. Examples: "ext4",
- "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- partition:
- description: 'partition is the partition in the volume that
- you want to mount. If omitted, the default is to mount
- by volume name. Examples: For volume /dev/sda1, you specify
- the partition as "1". Similarly, the volume partition
- for /dev/sda is "0" (or you can leave the property empty).
- More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- format: int32
- type: integer
- pdName:
- description: 'pdName is unique name of the PD resource in
- GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: string
- readOnly:
- description: 'readOnly here will force the ReadOnly setting
- in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk'
- type: boolean
- required:
- - pdName
- type: object
- gitRepo:
- description: 'gitRepo represents a git repository at a particular
- revision. DEPRECATED: GitRepo is deprecated. To provision
- a container with a git repo, mount an EmptyDir into an InitContainer
- that clones the repo using git, then mount the EmptyDir into
- the Pod''s container.'
- properties:
- directory:
- description: directory is the target directory name. Must
- not contain or start with '..'. If '.' is supplied, the
- volume directory will be the git repository. Otherwise,
- if specified, the volume will contain the git repository
- in the subdirectory with the given name.
- type: string
- repository:
- description: repository is the URL
- type: string
- revision:
- description: revision is the commit hash for the specified
- revision.
- type: string
- required:
- - repository
- type: object
- glusterfs:
- description: 'glusterfs represents a Glusterfs mount on the
- host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md'
- properties:
- endpoints:
- description: 'endpoints is the endpoint name that details
- Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- path:
- description: 'path is the Glusterfs volume path. More info:
- https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: string
- readOnly:
- description: 'readOnly here will force the Glusterfs volume
- to be mounted with read-only permissions. Defaults to
- false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod'
- type: boolean
- required:
- - endpoints
- - path
- type: object
- hostPath:
- description: 'hostPath represents a pre-existing file or directory
- on the host machine that is directly exposed to the container.
- This is generally used for system agents or other privileged
- things that are allowed to see the host machine. Most containers
- will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
- --- TODO(jonesdl) We need to restrict who can use host directory
- mounts and who can/can not mount host directories as read/write.'
- properties:
- path:
- description: 'path of the directory on the host. If the
- path is a symlink, it will follow the link to the real
- path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- type:
- description: 'type for HostPath Volume Defaults to "" More
- info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath'
- type: string
- required:
- - path
- type: object
- iscsi:
- description: 'iscsi represents an ISCSI Disk resource that is
- attached to a kubelet''s host machine and then exposed to
- the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md'
- properties:
- chapAuthDiscovery:
- description: chapAuthDiscovery defines whether support iSCSI
- Discovery CHAP authentication
- type: boolean
- chapAuthSession:
- description: chapAuthSession defines whether support iSCSI
- Session CHAP authentication
- type: boolean
- fsType:
- description: 'fsType is the filesystem type of the volume
- that you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- initiatorName:
- description: initiatorName is the custom iSCSI Initiator
- Name. If initiatorName is specified with iscsiInterface
- simultaneously, new iSCSI interface <target portal>:<volume
- name> will be created for the connection.
- type: string
- iqn:
- description: iqn is the target iSCSI Qualified Name.
- type: string
- iscsiInterface:
- description: iscsiInterface is the interface Name that uses
- an iSCSI transport. Defaults to 'default' (tcp).
- type: string
- lun:
- description: lun represents iSCSI Target Lun number.
- format: int32
- type: integer
- portals:
- description: portals is the iSCSI Target Portal List. The
- portal is either an IP or ip_addr:port if the port is
- other than default (typically TCP ports 860 and 3260).
- items:
- type: string
- type: array
- readOnly:
- description: readOnly here will force the ReadOnly setting
- in VolumeMounts. Defaults to false.
- type: boolean
- secretRef:
- description: secretRef is the CHAP Secret for iSCSI target
- and initiator authentication
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- targetPortal:
- description: targetPortal is iSCSI Target Portal. The Portal
- is either an IP or ip_addr:port if the port is other than
- default (typically TCP ports 860 and 3260).
- type: string
- required:
- - iqn
- - lun
- - targetPortal
- type: object
- name:
- description: 'name of the volume. Must be a DNS_LABEL and unique
- within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- nfs:
- description: 'nfs represents an NFS mount on the host that shares
- a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- properties:
- path:
- description: 'path that is exported by the NFS server. More
- info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- readOnly:
- description: 'readOnly here will force the NFS export to
- be mounted with read-only permissions. Defaults to false.
- More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: boolean
- server:
- description: 'server is the hostname or IP address of the
- NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs'
- type: string
- required:
- - path
- - server
- type: object
- persistentVolumeClaim:
- description: 'persistentVolumeClaimVolumeSource represents a
- reference to a PersistentVolumeClaim in the same namespace.
- More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- properties:
- claimName:
- description: 'claimName is the name of a PersistentVolumeClaim
- in the same namespace as the pod using this volume. More
- info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
- type: string
- readOnly:
- description: readOnly Will force the ReadOnly setting in
- VolumeMounts. Default false.
- type: boolean
- required:
- - claimName
- type: object
- photonPersistentDisk:
- description: photonPersistentDisk represents a PhotonController
- persistent disk attached and mounted on kubelets host machine
- properties:
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- pdID:
- description: pdID is the ID that identifies Photon Controller
- persistent disk
- type: string
- required:
- - pdID
- type: object
- portworxVolume:
- description: portworxVolume represents a portworx volume attached
- and mounted on kubelets host machine
- properties:
- fsType:
- description: fSType represents the filesystem type to mount
- Must be a filesystem type supported by the host operating
- system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- readOnly:
- description: readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- volumeID:
- description: volumeID uniquely identifies a Portworx volume
- type: string
- required:
- - volumeID
- type: object
- projected:
- description: projected items for all in one resources secrets,
- configmaps, and downward API
- properties:
- defaultMode:
- description: defaultMode are the mode bits used to set permissions
- on created files by default. Must be an octal value between
- 0000 and 0777 or a decimal value between 0 and 511. YAML
- accepts both octal and decimal values, JSON requires decimal
- values for mode bits. Directories within the path are
- not affected by this setting. This might be in conflict
- with other options that affect the file mode, like fsGroup,
- and the result can be other mode bits set.
- format: int32
- type: integer
- sources:
- description: sources is the list of volume projections
- items:
- description: Projection that may be projected along with
- other supported volume types
- properties:
- configMap:
- description: configMap information about the configMap
- data to project
- properties:
- items:
- description: items if unspecified, each key-value
- pair in the Data field of the referenced ConfigMap
- will be projected into the volume as a file
- whose name is the key and content is the value.
- If specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the ConfigMap, the volume
- setup will error unless it is marked optional.
- Paths must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits
- used to set permissions on this file.
- Must be an octal value between 0000 and
- 0777 or a decimal value between 0 and
- 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for
- mode bits. If not specified, the volume
- defaultMode will be used. This might be
- in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of
- the file to map the key to. May not be
- an absolute path. May not contain the
- path element '..'. May not start with
- the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: optional specify whether the ConfigMap
- or its keys must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- downwardAPI:
- description: downwardAPI information about the downwardAPI
- data to project
- properties:
- items:
- description: Items is a list of DownwardAPIVolume
- file
- items:
- description: DownwardAPIVolumeFile represents
- information to create the file containing
- the pod field
- properties:
- fieldRef:
- description: 'Required: Selects a field
- of the pod: only annotations, labels,
- name and namespace are supported.'
- properties:
- apiVersion:
- description: Version of the schema the
- FieldPath is written in terms of,
- defaults to "v1".
- type: string
- fieldPath:
- description: Path of the field to select
- in the specified API version.
- type: string
- required:
- - fieldPath
- type: object
- x-kubernetes-map-type: atomic
- mode:
- description: 'Optional: mode bits used to
- set permissions on this file, must be
- an octal value between 0000 and 0777 or
- a decimal value between 0 and 511. YAML
- accepts both octal and decimal values,
- JSON requires decimal values for mode
- bits. If not specified, the volume defaultMode
- will be used. This might be in conflict
- with other options that affect the file
- mode, like fsGroup, and the result can
- be other mode bits set.'
- format: int32
- type: integer
- path:
- description: 'Required: Path is the relative
- path name of the file to be created. Must
- not be absolute or contain the ''..''
- path. Must be utf-8 encoded. The first
- item of the relative path must not start
- with ''..'''
- type: string
- resourceFieldRef:
- description: 'Selects a resource of the
- container: only resources limits and requests
- (limits.cpu, limits.memory, requests.cpu
- and requests.memory) are currently supported.'
- properties:
- containerName:
- description: 'Container name: required
- for volumes, optional for env vars'
- type: string
- divisor:
- anyOf:
- - type: integer
- - type: string
- description: Specifies the output format
- of the exposed resources, defaults
- to "1"
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- resource:
- description: 'Required: resource to
- select'
- type: string
- required:
- - resource
- type: object
- x-kubernetes-map-type: atomic
- required:
- - path
- type: object
- type: array
- type: object
- secret:
- description: secret information about the secret data
- to project
- properties:
- items:
- description: items if unspecified, each key-value
- pair in the Data field of the referenced Secret
- will be projected into the volume as a file
- whose name is the key and content is the value.
- If specified, the listed keys will be projected
- into the specified paths, and unlisted keys
- will not be present. If a key is specified which
- is not present in the Secret, the volume setup
- will error unless it is marked optional. Paths
- must be relative and may not contain the '..'
- path or start with '..'.
- items:
- description: Maps a string key to a path within
- a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits
- used to set permissions on this file.
- Must be an octal value between 0000 and
- 0777 or a decimal value between 0 and
- 511. YAML accepts both octal and decimal
- values, JSON requires decimal values for
- mode bits. If not specified, the volume
- defaultMode will be used. This might be
- in conflict with other options that affect
- the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of
- the file to map the key to. May not be
- an absolute path. May not contain the
- path element '..'. May not start with
- the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind,
- uid?'
- type: string
- optional:
- description: optional field specify whether the
- Secret or its key must be defined
- type: boolean
- type: object
- x-kubernetes-map-type: atomic
- serviceAccountToken:
- description: serviceAccountToken is information about
- the serviceAccountToken data to project
- properties:
- audience:
- description: audience is the intended audience
- of the token. A recipient of a token must identify
- itself with an identifier specified in the audience
- of the token, and otherwise should reject the
- token. The audience defaults to the identifier
- of the apiserver.
- type: string
- expirationSeconds:
- description: expirationSeconds is the requested
- duration of validity of the service account
- token. As the token approaches expiration, the
- kubelet volume plugin will proactively rotate
- the service account token. The kubelet will
- start trying to rotate the token if the token
- is older than 80 percent of its time to live
- or if the token is older than 24 hours.Defaults
- to 1 hour and must be at least 10 minutes.
- format: int64
- type: integer
- path:
- description: path is the path relative to the
- mount point of the file to project the token
- into.
- type: string
- required:
- - path
- type: object
- type: object
- type: array
- type: object
- quobyte:
- description: quobyte represents a Quobyte mount on the host
- that shares a pod's lifetime
- properties:
- group:
- description: group to map volume access to Default is no
- group
- type: string
- readOnly:
- description: readOnly here will force the Quobyte volume
- to be mounted with read-only permissions. Defaults to
- false.
- type: boolean
- registry:
- description: registry represents a single or multiple Quobyte
- Registry services specified as a string as host:port pair
- (multiple entries are separated with commas) which acts
- as the central registry for volumes
- type: string
- tenant:
- description: tenant owning the given Quobyte volume in the
- Backend Used with dynamically provisioned Quobyte volumes,
- value is set by the plugin
- type: string
- user:
- description: user to map volume access to Defaults to serivceaccount
- user
- type: string
- volume:
- description: volume is a string that references an already
- created Quobyte volume by name.
- type: string
- required:
- - registry
- - volume
- type: object
- rbd:
- description: 'rbd represents a Rados Block Device mount on the
- host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md'
- properties:
- fsType:
- description: 'fsType is the filesystem type of the volume
- that you want to mount. Tip: Ensure that the filesystem
- type is supported by the host operating system. Examples:
- "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- TODO: how do we prevent errors in the filesystem from
- compromising the machine'
- type: string
- image:
- description: 'image is the rados image name. More info:
- https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- keyring:
- description: 'keyring is the path to key ring for RBDUser.
- Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- monitors:
- description: 'monitors is a collection of Ceph monitors.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- items:
- type: string
- type: array
- pool:
- description: 'pool is the rados pool name. Default is rbd.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- readOnly:
- description: 'readOnly here will force the ReadOnly setting
- in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: boolean
- secretRef:
- description: 'secretRef is name of the authentication secret
- for RBDUser. If provided overrides keyring. Default is
- nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- user:
- description: 'user is the rados user name. Default is admin.
- More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it'
- type: string
- required:
- - image
- - monitors
- type: object
- scaleIO:
- description: scaleIO represents a ScaleIO persistent volume
- attached and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Default is "xfs".
- type: string
- gateway:
- description: gateway is the host address of the ScaleIO
- API Gateway.
- type: string
- protectionDomain:
- description: protectionDomain is the name of the ScaleIO
- Protection Domain for the configured storage.
- type: string
- readOnly:
- description: readOnly Defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: secretRef references to the secret for ScaleIO
- user and other sensitive information. If this is not provided,
- Login operation will fail.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- sslEnabled:
- description: sslEnabled Flag enable/disable SSL communication
- with Gateway, default false
- type: boolean
- storageMode:
- description: storageMode indicates whether the storage for
- a volume should be ThickProvisioned or ThinProvisioned.
- Default is ThinProvisioned.
- type: string
- storagePool:
- description: storagePool is the ScaleIO Storage Pool associated
- with the protection domain.
- type: string
- system:
- description: system is the name of the storage system as
- configured in ScaleIO.
- type: string
- volumeName:
- description: volumeName is the name of a volume already
- created in the ScaleIO system that is associated with
- this volume source.
- type: string
- required:
- - gateway
- - secretRef
- - system
- type: object
- secret:
- description: 'secret represents a secret that should populate
- this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- properties:
- defaultMode:
- description: 'defaultMode is Optional: mode bits used to
- set permissions on created files by default. Must be an
- octal value between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. Defaults to
- 0644. Directories within the path are not affected by
- this setting. This might be in conflict with other options
- that affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- items:
- description: items If unspecified, each key-value pair in
- the Data field of the referenced Secret will be projected
- into the volume as a file whose name is the key and content
- is the value. If specified, the listed keys will be projected
- into the specified paths, and unlisted keys will not be
- present. If a key is specified which is not present in
- the Secret, the volume setup will error unless it is marked
- optional. Paths must be relative and may not contain the
- '..' path or start with '..'.
- items:
- description: Maps a string key to a path within a volume.
- properties:
- key:
- description: key is the key to project.
- type: string
- mode:
- description: 'mode is Optional: mode bits used to
- set permissions on this file. Must be an octal value
- between 0000 and 0777 or a decimal value between
- 0 and 511. YAML accepts both octal and decimal values,
- JSON requires decimal values for mode bits. If not
- specified, the volume defaultMode will be used.
- This might be in conflict with other options that
- affect the file mode, like fsGroup, and the result
- can be other mode bits set.'
- format: int32
- type: integer
- path:
- description: path is the relative path of the file
- to map the key to. May not be an absolute path.
- May not contain the path element '..'. May not start
- with the string '..'.
- type: string
- required:
- - key
- - path
- type: object
- type: array
- optional:
- description: optional field specify whether the Secret or
- its keys must be defined
- type: boolean
- secretName:
- description: 'secretName is the name of the secret in the
- pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
- type: string
- type: object
- storageos:
- description: storageOS represents a StorageOS volume attached
- and mounted on Kubernetes nodes.
- properties:
- fsType:
- description: fsType is the filesystem type to mount. Must
- be a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- readOnly:
- description: readOnly defaults to false (read/write). ReadOnly
- here will force the ReadOnly setting in VolumeMounts.
- type: boolean
- secretRef:
- description: secretRef specifies the secret to use for obtaining
- the StorageOS API credentials. If not specified, default
- values will be attempted.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- volumeName:
- description: volumeName is the human-readable name of the
- StorageOS volume. Volume names are only unique within
- a namespace.
- type: string
- volumeNamespace:
- description: volumeNamespace specifies the scope of the
- volume within StorageOS. If no namespace is specified
- then the Pod's namespace will be used. This allows the
- Kubernetes name scoping to be mirrored within StorageOS
- for tighter integration. Set VolumeName to any name to
- override the default behaviour. Set to "default" if you
- are not using namespaces within StorageOS. Namespaces
- that do not pre-exist within StorageOS will be created.
- type: string
- type: object
- vsphereVolume:
- description: vsphereVolume represents a vSphere volume attached
- and mounted on kubelets host machine
- properties:
- fsType:
- description: fsType is filesystem type to mount. Must be
- a filesystem type supported by the host operating system.
- Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4"
- if unspecified.
- type: string
- storagePolicyID:
- description: storagePolicyID is the storage Policy Based
- Management (SPBM) profile ID associated with the StoragePolicyName.
- type: string
- storagePolicyName:
- description: storagePolicyName is the storage Policy Based
- Management (SPBM) profile name.
- type: string
- volumePath:
- description: volumePath is the path that identifies vSphere
- volume vmdk
- type: string
- required:
- - volumePath
- type: object
- required:
- - name
- type: object
- type: array
- type: object
- status:
- description: 'Most recent observed status of the ThanosRuler cluster.
- Read-only. Not included when requesting from the apiserver, only from
- the ThanosRuler Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- availableReplicas:
- description: Total number of available pods (ready for at least minReadySeconds)
- targeted by this ThanosRuler deployment.
- format: int32
- type: integer
- paused:
- description: Represents whether any actions on the underlying managed
- objects are being performed. Only delete actions will be performed.
- type: boolean
- replicas:
- description: Total number of non-terminated pods targeted by this
- ThanosRuler deployment (their labels match the selector).
- format: int32
- type: integer
- unavailableReplicas:
- description: Total number of unavailable pods targeted by this ThanosRuler
- deployment.
- format: int32
- type: integer
- updatedReplicas:
- description: Total number of non-terminated pods targeted by this
- ThanosRuler deployment that have the desired version spec.
- format: int32
- type: integer
- required:
- - availableReplicas
- - paused
- - replicas
- - unavailableReplicas
- - updatedReplicas
- type: object
- required:
- - spec
- type: object
- served: true
- storage: true
- subresources: {}
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- labels:
- app.kubernetes.io/component: controller
- app.kubernetes.io/name: prometheus-operator
- app.kubernetes.io/version: 0.58.0
- name: prometheus-operator
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: prometheus-operator
- subjects:
- - kind: ServiceAccount
- name: prometheus-operator
- namespace: monitoring
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRole
- metadata:
- labels:
- app.kubernetes.io/component: controller
- app.kubernetes.io/name: prometheus-operator
- app.kubernetes.io/version: 0.58.0
- name: prometheus-operator
- rules:
- - apiGroups:
- - monitoring.coreos.com
- resources:
- - alertmanagers
- - alertmanagers/finalizers
- - alertmanagerconfigs
- - prometheuses
- - prometheuses/finalizers
- - prometheuses/status
- - thanosrulers
- - thanosrulers/finalizers
- - servicemonitors
- - podmonitors
- - probes
- - prometheusrules
- verbs:
- - '*'
- - apiGroups:
- - apps
- resources:
- - statefulsets
- verbs:
- - '*'
- - apiGroups:
- - ""
- resources:
- - configmaps
- - secrets
- verbs:
- - '*'
- - apiGroups:
- - ""
- resources:
- - pods
- verbs:
- - list
- - delete
- - apiGroups:
- - ""
- resources:
- - services
- - services/finalizers
- - endpoints
- verbs:
- - get
- - create
- - update
- - delete
- - apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- - namespaces
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - networking.k8s.io
- resources:
- - ingresses
- verbs:
- - get
- - list
- - watch
- ---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- labels:
- app.kubernetes.io/component: controller
- app.kubernetes.io/name: prometheus-operator
- app.kubernetes.io/version: 0.58.0
- name: prometheus-operator
- namespace: monitoring
- spec:
- replicas: 1
- selector:
- matchLabels:
- app.kubernetes.io/component: controller
- app.kubernetes.io/name: prometheus-operator
- template:
- metadata:
- annotations:
- kubectl.kubernetes.io/default-container: prometheus-operator
- labels:
- app.kubernetes.io/component: controller
- app.kubernetes.io/name: prometheus-operator
- app.kubernetes.io/version: 0.58.0
- spec:
- automountServiceAccountToken: true
- containers:
- - args:
- - --kubelet-service=kube-system/kubelet
- - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.58.0
- image: quay.io/prometheus-operator/prometheus-operator:v0.58.0
- name: prometheus-operator
- ports:
- - containerPort: 8080
- name: http
- resources:
- limits:
- cpu: 200m
- memory: 200Mi
- requests:
- cpu: 100m
- memory: 100Mi
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- readOnlyRootFilesystem: true
- nodeSelector:
- kubernetes.io/os: linux
- securityContext:
- runAsNonRoot: true
- runAsUser: 65534
- serviceAccountName: prometheus-operator
- ---
- apiVersion: v1
- automountServiceAccountToken: false
- kind: ServiceAccount
- metadata:
- labels:
- app.kubernetes.io/component: controller
- app.kubernetes.io/name: prometheus-operator
- app.kubernetes.io/version: 0.58.0
- name: prometheus-operator
- namespace: monitoring
- ---
- apiVersion: v1
- kind: Service
- metadata:
- labels:
- app.kubernetes.io/component: controller
- app.kubernetes.io/name: prometheus-operator
- app.kubernetes.io/version: 0.58.0
- name: prometheus-operator
- namespace: monitoring
- spec:
- clusterIP: None
- ports:
- - name: http
- port: 8080
- targetPort: http
- selector:
- app.kubernetes.io/component: controller
- app.kubernetes.io/name: prometheus-operator
|