| apiVersion: v1 |
| kind: Namespace |
| metadata: |
| labels: |
| cdi.kubevirt.io: "" |
| name: cdi |
| --- |
| apiVersion: apiextensions.k8s.io/v1 |
| kind: CustomResourceDefinition |
| metadata: |
| annotations: |
| controller-gen.kubebuilder.io/version: v0.14.0 |
| name: cdis.cdi.kubevirt.io |
| spec: |
| group: cdi.kubevirt.io |
| names: |
| kind: CDI |
| listKind: CDIList |
| plural: cdis |
| shortNames: |
| - cdi |
| - cdis |
| singular: cdi |
| scope: Cluster |
| versions: |
| - additionalPrinterColumns: |
| - jsonPath: .metadata.creationTimestamp |
| name: Age |
| type: date |
| - jsonPath: .status.phase |
| name: Phase |
| type: string |
| name: v1alpha1 |
| schema: |
| openAPIV3Schema: |
| description: CDI is the CDI Operator CRD |
| properties: |
| apiVersion: |
| description: |- |
| APIVersion defines the versioned schema of this representation of an object. |
| Servers should convert recognized schemas to the latest internal value, and |
| may reject unrecognized values. |
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
| type: string |
| kind: |
| description: |- |
| Kind is a string value representing the REST resource this object represents. |
| Servers may infer this from the endpoint the client submits requests to. |
| Cannot be updated. |
| In CamelCase. |
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
| type: string |
| metadata: |
| type: object |
| spec: |
| description: CDISpec defines our specification for the CDI installation |
| properties: |
| certConfig: |
| description: certificate configuration |
| properties: |
| ca: |
| description: |- |
| CA configuration |
| CA certs are kept in the CA bundle as long as they are valid |
| properties: |
| duration: |
| description: The requested 'duration' (i.e. lifetime) of the |
| Certificate. |
| type: string |
| renewBefore: |
| description: |- |
| The amount of time before the currently issued certificate's `notAfter` |
| time that we will begin to attempt to renew the certificate. |
| type: string |
| type: object |
| client: |
| description: |- |
| Client configuration |
| Certs are rotated and discarded |
| properties: |
| duration: |
| description: The requested 'duration' (i.e. lifetime) of the |
| Certificate. |
| type: string |
| renewBefore: |
| description: |- |
| The amount of time before the currently issued certificate's `notAfter` |
| time that we will begin to attempt to renew the certificate. |
| type: string |
| type: object |
| server: |
| description: |- |
| Server configuration |
| Certs are rotated and discarded |
| properties: |
| duration: |
| description: The requested 'duration' (i.e. lifetime) of the |
| Certificate. |
| type: string |
| renewBefore: |
| description: |- |
| The amount of time before the currently issued certificate's `notAfter` |
| time that we will begin to attempt to renew the certificate. |
| type: string |
| type: object |
| type: object |
| cloneStrategyOverride: |
| description: 'Clone strategy override: should we use a host-assisted |
| copy even if snapshots are available?' |
| enum: |
| - copy |
| - snapshot |
| - csi-clone |
| type: string |
| config: |
| description: CDIConfig at CDI level |
| properties: |
| dataVolumeTTLSeconds: |
| description: DataVolumeTTLSeconds is the time in seconds after |
| DataVolume completion it can be garbage collected. Disabled |
| by default. |
| format: int32 |
| type: integer |
| featureGates: |
| description: FeatureGates are a list of specific enabled feature |
| gates |
| items: |
| type: string |
| type: array |
| filesystemOverhead: |
| description: FilesystemOverhead describes the space reserved for |
| overhead when using Filesystem volumes. A value is between 0 |
| and 1, if not defined it is 0.055 (5.5% overhead) |
| properties: |
| global: |
| description: Global is how much space of a Filesystem volume |
| should be reserved for overhead. This value is used unless |
| overridden by a more specific value (per storageClass) |
| pattern: ^(0(?:\.\d{1,3})?|1)$ |
| type: string |
| storageClass: |
| additionalProperties: |
| description: |- |
| Percent is a string that can only be a value between [0,1) |
| (Note: we actually rely on reconcile to reject invalid values) |
| pattern: ^(0(?:\.\d{1,3})?|1)$ |
| type: string |
| description: StorageClass specifies how much space of a Filesystem |
| volume should be reserved for safety. The keys are the storageClass |
| and the values are the overhead. This value overrides the |
| global value |
| type: object |
| type: object |
| imagePullSecrets: |
| description: The imagePullSecrets used to pull the container images |
| items: |
| description: |- |
| LocalObjectReference contains enough information to let you locate the |
| referenced object inside the same namespace. |
| properties: |
| name: |
| default: "" |
| description: |- |
| Name of the referent. |
| This field is effectively required, but due to backwards compatibility is |
| allowed to be empty. Instances of this type with an empty value here are |
| almost certainly wrong. |
| TODO: Add other useful fields. apiVersion, kind, uid? |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. |
| type: string |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| importProxy: |
| description: ImportProxy contains importer pod proxy configuration. |
| properties: |
| HTTPProxy: |
| description: HTTPProxy is the URL http://<username>:<pswd>@<ip>:<port> |
| of the import proxy for HTTP requests. Empty means unset |
| and will not result in the import pod env var. |
| type: string |
| HTTPSProxy: |
| description: HTTPSProxy is the URL https://<username>:<pswd>@<ip>:<port> |
| of the import proxy for HTTPS requests. Empty means unset |
| and will not result in the import pod env var. |
| type: string |
| noProxy: |
| description: NoProxy is a comma-separated list of hostnames |
| and/or CIDRs for which the proxy should not be used. Empty |
| means unset and will not result in the import pod env var. |
| type: string |
| trustedCAProxy: |
| description: "TrustedCAProxy is the name of a ConfigMap in |
| the cdi namespace that contains a user-provided trusted |
| certificate authority (CA) bundle.\nThe TrustedCAProxy ConfigMap |
| is consumed by the DataImportCron controller for creating |
| cronjobs, and by the import controller referring a copy |
| of the ConfigMap in the import namespace.\nHere is an example |
| of the ConfigMap (in yaml):\n\n\napiVersion: v1\nkind: ConfigMap\nmetadata:\n |
| \ name: my-ca-proxy-cm\n namespace: cdi\ndata:\n ca.pem: |
| |\n -----BEGIN CERTIFICATE-----\n\t ... <base64 encoded |
| cert> ...\n\t -----END CERTIFICATE-----" |
| type: string |
| type: object |
| insecureRegistries: |
| description: InsecureRegistries is a list of TLS disabled registries |
| items: |
| type: string |
| type: array |
| logVerbosity: |
| description: LogVerbosity overrides the default verbosity level |
| used to initialize loggers |
| format: int32 |
| type: integer |
| podResourceRequirements: |
| description: ResourceRequirements describes the compute resource |
| requirements. |
| properties: |
| claims: |
| description: |- |
| Claims lists the names of resources, defined in spec.resourceClaims, |
| that are used by this container. |
| |
| |
| This is an alpha field and requires enabling the |
| DynamicResourceAllocation feature gate. |
| |
| |
| This field is immutable. It can only be set for containers. |
| items: |
| description: ResourceClaim references one entry in PodSpec.ResourceClaims. |
| properties: |
| name: |
| description: |- |
| Name must match the name of one entry in pod.spec.resourceClaims of |
| the Pod where this field is used. It makes that resource available |
| inside a container. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - name |
| x-kubernetes-list-type: map |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Limits describes the maximum amount of compute resources allowed. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Requests describes the minimum amount of compute resources required. |
| If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, |
| otherwise to an implementation-defined value. Requests cannot exceed Limits. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| type: object |
| preallocation: |
| description: Preallocation controls whether storage for DataVolumes |
| should be allocated in advance. |
| type: boolean |
| scratchSpaceStorageClass: |
| description: 'Override the storage class to used for scratch space |
| during transfer operations. The scratch space storage class |
| is determined in the following order: 1. value of scratchSpaceStorageClass, |
| if that doesn''t exist, use the default storage class, if there |
| is no default storage class, use the storage class of the DataVolume, |
| if no storage class specified, use no storage class for scratch |
| space' |
| type: string |
| tlsSecurityProfile: |
| description: TLSSecurityProfile is used by operators to apply |
| cluster-wide TLS security settings to operands. |
| properties: |
| custom: |
| description: |- |
| custom is a user-defined TLS security profile. Be extremely careful using a custom |
| profile as invalid configurations can be catastrophic. An example custom profile |
| looks like this: |
| |
| |
| ciphers: |
| - ECDHE-ECDSA-CHACHA20-POLY1305 |
| - ECDHE-RSA-CHACHA20-POLY1305 |
| - ECDHE-RSA-AES128-GCM-SHA256 |
| - ECDHE-ECDSA-AES128-GCM-SHA256 |
| minTLSVersion: VersionTLS11 |
| nullable: true |
| properties: |
| ciphers: |
| description: |- |
| ciphers is used to specify the cipher algorithms that are negotiated |
| during the TLS handshake. Operators may remove entries their operands |
| do not support. For example, to use DES-CBC3-SHA (yaml): |
| |
| |
| ciphers: |
| - DES-CBC3-SHA |
| items: |
| type: string |
| type: array |
| minTLSVersion: |
| description: |- |
| minTLSVersion is used to specify the minimal version of the TLS protocol |
| that is negotiated during the TLS handshake. For example, to use TLS |
| versions 1.1, 1.2 and 1.3 (yaml): |
| |
| |
| minTLSVersion: VersionTLS11 |
| |
| |
| NOTE: currently the highest minTLSVersion allowed is VersionTLS12 |
| enum: |
| - VersionTLS10 |
| - VersionTLS11 |
| - VersionTLS12 |
| - VersionTLS13 |
| type: string |
| required: |
| - ciphers |
| - minTLSVersion |
| type: object |
| intermediate: |
| description: |- |
| intermediate is a TLS security profile based on: |
| |
| |
| https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 |
| |
| |
| and looks like this (yaml): |
| |
| |
| ciphers: |
| - TLS_AES_128_GCM_SHA256 |
| - TLS_AES_256_GCM_SHA384 |
| - TLS_CHACHA20_POLY1305_SHA256 |
| - ECDHE-ECDSA-AES128-GCM-SHA256 |
| - ECDHE-RSA-AES128-GCM-SHA256 |
| - ECDHE-ECDSA-AES256-GCM-SHA384 |
| - ECDHE-RSA-AES256-GCM-SHA384 |
| - ECDHE-ECDSA-CHACHA20-POLY1305 |
| - ECDHE-RSA-CHACHA20-POLY1305 |
| - DHE-RSA-AES128-GCM-SHA256 |
| - DHE-RSA-AES256-GCM-SHA384 |
| minTLSVersion: VersionTLS12 |
| nullable: true |
| type: object |
| modern: |
| description: |- |
| modern is a TLS security profile based on: |
| |
| |
| https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility |
| |
| |
| and looks like this (yaml): |
| |
| |
| ciphers: |
| - TLS_AES_128_GCM_SHA256 |
| - TLS_AES_256_GCM_SHA384 |
| - TLS_CHACHA20_POLY1305_SHA256 |
| minTLSVersion: VersionTLS13 |
| |
| |
| NOTE: Currently unsupported. |
| nullable: true |
| type: object |
| old: |
| description: |- |
| old is a TLS security profile based on: |
| |
| |
| https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility |
| |
| |
| and looks like this (yaml): |
| |
| |
| ciphers: |
| - TLS_AES_128_GCM_SHA256 |
| - TLS_AES_256_GCM_SHA384 |
| - TLS_CHACHA20_POLY1305_SHA256 |
| - ECDHE-ECDSA-AES128-GCM-SHA256 |
| - ECDHE-RSA-AES128-GCM-SHA256 |
| - ECDHE-ECDSA-AES256-GCM-SHA384 |
| - ECDHE-RSA-AES256-GCM-SHA384 |
| - ECDHE-ECDSA-CHACHA20-POLY1305 |
| - ECDHE-RSA-CHACHA20-POLY1305 |
| - DHE-RSA-AES128-GCM-SHA256 |
| - DHE-RSA-AES256-GCM-SHA384 |
| - DHE-RSA-CHACHA20-POLY1305 |
| - ECDHE-ECDSA-AES128-SHA256 |
| - ECDHE-RSA-AES128-SHA256 |
| - ECDHE-ECDSA-AES128-SHA |
| - ECDHE-RSA-AES128-SHA |
| - ECDHE-ECDSA-AES256-SHA384 |
| - ECDHE-RSA-AES256-SHA384 |
| - ECDHE-ECDSA-AES256-SHA |
| - ECDHE-RSA-AES256-SHA |
| - DHE-RSA-AES128-SHA256 |
| - DHE-RSA-AES256-SHA256 |
| - AES128-GCM-SHA256 |
| - AES256-GCM-SHA384 |
| - AES128-SHA256 |
| - AES256-SHA256 |
| - AES128-SHA |
| - AES256-SHA |
| - DES-CBC3-SHA |
| minTLSVersion: VersionTLS10 |
| nullable: true |
| type: object |
| type: |
| description: |- |
| type is one of Old, Intermediate, Modern or Custom. Custom provides |
| the ability to specify individual TLS security profile parameters. |
| Old, Intermediate and Modern are TLS security profiles based on: |
| |
| |
| https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations |
| |
| |
| The profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers |
| are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be |
| reduced. |
| |
| |
| Note that the Modern profile is currently not supported because it is not |
| yet well adopted by common software libraries. |
| enum: |
| - Old |
| - Intermediate |
| - Modern |
| - Custom |
| type: string |
| type: object |
| uploadProxyURLOverride: |
| description: Override the URL used when uploading to a DataVolume |
| type: string |
| type: object |
| customizeComponents: |
| description: CustomizeComponents defines patches for components deployed |
| by the CDI operator. |
| properties: |
| flags: |
| description: Configure the value used for deployment and daemonset |
| resources |
| properties: |
| api: |
| additionalProperties: |
| type: string |
| type: object |
| controller: |
| additionalProperties: |
| type: string |
| type: object |
| uploadProxy: |
| additionalProperties: |
| type: string |
| type: object |
| type: object |
| patches: |
| items: |
| description: CustomizeComponentsPatch defines a patch for some |
| resource. |
| properties: |
| patch: |
| type: string |
| resourceName: |
| minLength: 1 |
| type: string |
| resourceType: |
| minLength: 1 |
| type: string |
| type: |
| description: PatchType defines the patch type. |
| type: string |
| required: |
| - patch |
| - resourceName |
| - resourceType |
| - type |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| imagePullPolicy: |
| description: PullPolicy describes a policy for if/when to pull a container |
| image |
| enum: |
| - Always |
| - IfNotPresent |
| - Never |
| type: string |
| infra: |
| description: Selectors and tolerations that should apply to cdi infrastructure |
| components |
| properties: |
| affinity: |
| description: |- |
| affinity enables pod affinity/anti-affinity placement expanding the types of constraints |
| that can be expressed with nodeSelector. |
| affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector |
| See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity |
| properties: |
| nodeAffinity: |
| description: Describes node affinity scheduling rules for |
| the pod. |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node matches the corresponding matchExpressions; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: |- |
| An empty preferred scheduling term matches all objects with implicit weight 0 |
| (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). |
| properties: |
| preference: |
| description: A node selector term, associated with |
| the corresponding weight. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| weight: |
| description: Weight associated with matching the |
| corresponding nodeSelectorTerm, in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - preference |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to an update), the system |
| may or may not try to eventually evict the pod from its node. |
| properties: |
| nodeSelectorTerms: |
| description: Required. A list of node selector terms. |
| The terms are ORed. |
| items: |
| description: |- |
| A null or empty node selector term matches no objects. The requirements of |
| them are ANDed. |
| The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - nodeSelectorTerms |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| podAffinity: |
| description: Describes pod affinity scheduling rules (e.g. |
| co-locate this pod in the same node, zone, etc. as some |
| other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, associated |
| with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| podAntiAffinity: |
| description: Describes pod anti-affinity scheduling rules |
| (e.g. avoid putting this pod in the same node, zone, etc. |
| as some other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the anti-affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling anti-affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, associated |
| with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the anti-affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the anti-affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| type: object |
| apiServerReplicas: |
| description: ApiserverReplicas set Replicas for cdi-apiserver |
| format: int32 |
| type: integer |
| deploymentReplicas: |
| description: DeploymentReplicas set Replicas for cdi-deployment |
| format: int32 |
| type: integer |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: |- |
| nodeSelector is the node selector applied to the relevant kind of pods |
| It specifies a map of key-value pairs: for the pod to be eligible to run on a node, |
| the node must have each of the indicated key-value pairs as labels |
| (it can have additional labels as well). |
| See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector |
| type: object |
| tolerations: |
| description: |- |
| tolerations is a list of tolerations applied to the relevant kind of pods |
| See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. |
| These are additional tolerations other than default ones. |
| items: |
| description: |- |
| The pod this Toleration is attached to tolerates any taint that matches |
| the triple <key,value,effect> using the matching operator <operator>. |
| properties: |
| effect: |
| description: |- |
| Effect indicates the taint effect to match. Empty means match all taint effects. |
| When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. |
| type: string |
| key: |
| description: |- |
| Key is the taint key that the toleration applies to. Empty means match all taint keys. |
| If the key is empty, operator must be Exists; this combination means to match all values and all keys. |
| type: string |
| operator: |
| description: |- |
| Operator represents a key's relationship to the value. |
| Valid operators are Exists and Equal. Defaults to Equal. |
| Exists is equivalent to wildcard for value, so that a pod can |
| tolerate all taints of a particular category. |
| type: string |
| tolerationSeconds: |
| description: |- |
| TolerationSeconds represents the period of time the toleration (which must be |
| of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, |
| it is not set, which means tolerate the taint forever (do not evict). Zero and |
| negative values will be treated as 0 (evict immediately) by the system. |
| format: int64 |
| type: integer |
| value: |
| description: |- |
| Value is the taint value the toleration matches to. |
| If the operator is Exists, the value should be empty, otherwise just a regular string. |
| type: string |
| type: object |
| type: array |
| uploadProxyReplicas: |
| description: UploadproxyReplicas set Replicas for cdi-uploadproxy |
| format: int32 |
| type: integer |
| type: object |
| priorityClass: |
| description: PriorityClass of the CDI control plane |
| type: string |
| uninstallStrategy: |
| description: CDIUninstallStrategy defines the state to leave CDI on |
| uninstall |
| enum: |
| - RemoveWorkloads |
| - BlockUninstallIfWorkloadsExist |
| type: string |
| workload: |
| description: Restrict on which nodes CDI workload pods will be scheduled |
| properties: |
| affinity: |
| description: |- |
| affinity enables pod affinity/anti-affinity placement expanding the types of constraints |
| that can be expressed with nodeSelector. |
| affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector |
| See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity |
| properties: |
| nodeAffinity: |
| description: Describes node affinity scheduling rules for |
| the pod. |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node matches the corresponding matchExpressions; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: |- |
| An empty preferred scheduling term matches all objects with implicit weight 0 |
| (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). |
| properties: |
| preference: |
| description: A node selector term, associated with |
| the corresponding weight. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| weight: |
| description: Weight associated with matching the |
| corresponding nodeSelectorTerm, in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - preference |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to an update), the system |
| may or may not try to eventually evict the pod from its node. |
| properties: |
| nodeSelectorTerms: |
| description: Required. A list of node selector terms. |
| The terms are ORed. |
| items: |
| description: |- |
| A null or empty node selector term matches no objects. The requirements of |
| them are ANDed. |
| The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - nodeSelectorTerms |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| podAffinity: |
| description: Describes pod affinity scheduling rules (e.g. |
| co-locate this pod in the same node, zone, etc. as some |
| other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, associated |
| with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| podAntiAffinity: |
| description: Describes pod anti-affinity scheduling rules |
| (e.g. avoid putting this pod in the same node, zone, etc. |
| as some other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the anti-affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling anti-affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, associated |
| with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the anti-affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the anti-affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| type: object |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: |- |
| nodeSelector is the node selector applied to the relevant kind of pods |
| It specifies a map of key-value pairs: for the pod to be eligible to run on a node, |
| the node must have each of the indicated key-value pairs as labels |
| (it can have additional labels as well). |
| See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector |
| type: object |
| tolerations: |
| description: |- |
| tolerations is a list of tolerations applied to the relevant kind of pods |
| See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. |
| These are additional tolerations other than default ones. |
| items: |
| description: |- |
| The pod this Toleration is attached to tolerates any taint that matches |
| the triple <key,value,effect> using the matching operator <operator>. |
| properties: |
| effect: |
| description: |- |
| Effect indicates the taint effect to match. Empty means match all taint effects. |
| When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. |
| type: string |
| key: |
| description: |- |
| Key is the taint key that the toleration applies to. Empty means match all taint keys. |
| If the key is empty, operator must be Exists; this combination means to match all values and all keys. |
| type: string |
| operator: |
| description: |- |
| Operator represents a key's relationship to the value. |
| Valid operators are Exists and Equal. Defaults to Equal. |
| Exists is equivalent to wildcard for value, so that a pod can |
| tolerate all taints of a particular category. |
| type: string |
| tolerationSeconds: |
| description: |- |
| TolerationSeconds represents the period of time the toleration (which must be |
| of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, |
| it is not set, which means tolerate the taint forever (do not evict). Zero and |
| negative values will be treated as 0 (evict immediately) by the system. |
| format: int64 |
| type: integer |
| value: |
| description: |- |
| Value is the taint value the toleration matches to. |
| If the operator is Exists, the value should be empty, otherwise just a regular string. |
| type: string |
| type: object |
| type: array |
| type: object |
| type: object |
| status: |
| description: CDIStatus defines the status of the installation |
| properties: |
| conditions: |
| description: A list of current conditions of the resource |
| items: |
| description: |- |
| Condition represents the state of the operator's |
| reconciliation functionality. |
| properties: |
| lastHeartbeatTime: |
| format: date-time |
| type: string |
| lastTransitionTime: |
| format: date-time |
| type: string |
| message: |
| type: string |
| reason: |
| type: string |
| status: |
| type: string |
| type: |
| description: ConditionType is the state of the operator's reconciliation |
| functionality. |
| type: string |
| required: |
| - status |
| - type |
| type: object |
| type: array |
| observedVersion: |
| description: The observed version of the resource |
| type: string |
| operatorVersion: |
| description: The version of the resource as defined by the operator |
| type: string |
| phase: |
| description: Phase is the current phase of the deployment |
| type: string |
| targetVersion: |
| description: The desired version of the resource |
| type: string |
| type: object |
| required: |
| - spec |
| type: object |
| served: true |
| storage: false |
| subresources: {} |
| - additionalPrinterColumns: |
| - jsonPath: .metadata.creationTimestamp |
| name: Age |
| type: date |
| - jsonPath: .status.phase |
| name: Phase |
| type: string |
| name: v1beta1 |
| schema: |
| openAPIV3Schema: |
| description: CDI is the CDI Operator CRD |
| properties: |
| apiVersion: |
| description: |- |
| APIVersion defines the versioned schema of this representation of an object. |
| Servers should convert recognized schemas to the latest internal value, and |
| may reject unrecognized values. |
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
| type: string |
| kind: |
| description: |- |
| Kind is a string value representing the REST resource this object represents. |
| Servers may infer this from the endpoint the client submits requests to. |
| Cannot be updated. |
| In CamelCase. |
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
| type: string |
| metadata: |
| type: object |
| spec: |
| description: CDISpec defines our specification for the CDI installation |
| properties: |
| certConfig: |
| description: certificate configuration |
| properties: |
| ca: |
| description: |- |
| CA configuration |
| CA certs are kept in the CA bundle as long as they are valid |
| properties: |
| duration: |
| description: The requested 'duration' (i.e. lifetime) of the |
| Certificate. |
| type: string |
| renewBefore: |
| description: |- |
| The amount of time before the currently issued certificate's `notAfter` |
| time that we will begin to attempt to renew the certificate. |
| type: string |
| type: object |
| client: |
| description: |- |
| Client configuration |
| Certs are rotated and discarded |
| properties: |
| duration: |
| description: The requested 'duration' (i.e. lifetime) of the |
| Certificate. |
| type: string |
| renewBefore: |
| description: |- |
| The amount of time before the currently issued certificate's `notAfter` |
| time that we will begin to attempt to renew the certificate. |
| type: string |
| type: object |
| server: |
| description: |- |
| Server configuration |
| Certs are rotated and discarded |
| properties: |
| duration: |
| description: The requested 'duration' (i.e. lifetime) of the |
| Certificate. |
| type: string |
| renewBefore: |
| description: |- |
| The amount of time before the currently issued certificate's `notAfter` |
| time that we will begin to attempt to renew the certificate. |
| type: string |
| type: object |
| type: object |
| cloneStrategyOverride: |
| description: 'Clone strategy override: should we use a host-assisted |
| copy even if snapshots are available?' |
| enum: |
| - copy |
| - snapshot |
| - csi-clone |
| type: string |
| config: |
| description: CDIConfig at CDI level |
| properties: |
| dataVolumeTTLSeconds: |
| description: DataVolumeTTLSeconds is the time in seconds after |
| DataVolume completion it can be garbage collected. Disabled |
| by default. |
| format: int32 |
| type: integer |
| featureGates: |
| description: FeatureGates are a list of specific enabled feature |
| gates |
| items: |
| type: string |
| type: array |
| filesystemOverhead: |
| description: FilesystemOverhead describes the space reserved for |
| overhead when using Filesystem volumes. A value is between 0 |
| and 1, if not defined it is 0.055 (5.5% overhead) |
| properties: |
| global: |
| description: Global is how much space of a Filesystem volume |
| should be reserved for overhead. This value is used unless |
| overridden by a more specific value (per storageClass) |
| pattern: ^(0(?:\.\d{1,3})?|1)$ |
| type: string |
| storageClass: |
| additionalProperties: |
| description: |- |
| Percent is a string that can only be a value between [0,1) |
| (Note: we actually rely on reconcile to reject invalid values) |
| pattern: ^(0(?:\.\d{1,3})?|1)$ |
| type: string |
| description: StorageClass specifies how much space of a Filesystem |
| volume should be reserved for safety. The keys are the storageClass |
| and the values are the overhead. This value overrides the |
| global value |
| type: object |
| type: object |
| imagePullSecrets: |
| description: The imagePullSecrets used to pull the container images |
| items: |
| description: |- |
| LocalObjectReference contains enough information to let you locate the |
| referenced object inside the same namespace. |
| properties: |
| name: |
| default: "" |
| description: |- |
| Name of the referent. |
| This field is effectively required, but due to backwards compatibility is |
| allowed to be empty. Instances of this type with an empty value here are |
| almost certainly wrong. |
| TODO: Add other useful fields. apiVersion, kind, uid? |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. |
| type: string |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| importProxy: |
| description: ImportProxy contains importer pod proxy configuration. |
| properties: |
| HTTPProxy: |
| description: HTTPProxy is the URL http://<username>:<pswd>@<ip>:<port> |
| of the import proxy for HTTP requests. Empty means unset |
| and will not result in the import pod env var. |
| type: string |
| HTTPSProxy: |
| description: HTTPSProxy is the URL https://<username>:<pswd>@<ip>:<port> |
| of the import proxy for HTTPS requests. Empty means unset |
| and will not result in the import pod env var. |
| type: string |
| noProxy: |
| description: NoProxy is a comma-separated list of hostnames |
| and/or CIDRs for which the proxy should not be used. Empty |
| means unset and will not result in the import pod env var. |
| type: string |
| trustedCAProxy: |
| description: "TrustedCAProxy is the name of a ConfigMap in |
| the cdi namespace that contains a user-provided trusted |
| certificate authority (CA) bundle.\nThe TrustedCAProxy ConfigMap |
| is consumed by the DataImportCron controller for creating |
| cronjobs, and by the import controller referring a copy |
| of the ConfigMap in the import namespace.\nHere is an example |
| of the ConfigMap (in yaml):\n\n\napiVersion: v1\nkind: ConfigMap\nmetadata:\n |
| \ name: my-ca-proxy-cm\n namespace: cdi\ndata:\n ca.pem: |
| |\n -----BEGIN CERTIFICATE-----\n\t ... <base64 encoded |
| cert> ...\n\t -----END CERTIFICATE-----" |
| type: string |
| type: object |
| insecureRegistries: |
| description: InsecureRegistries is a list of TLS disabled registries |
| items: |
| type: string |
| type: array |
| logVerbosity: |
| description: LogVerbosity overrides the default verbosity level |
| used to initialize loggers |
| format: int32 |
| type: integer |
| podResourceRequirements: |
| description: ResourceRequirements describes the compute resource |
| requirements. |
| properties: |
| claims: |
| description: |- |
| Claims lists the names of resources, defined in spec.resourceClaims, |
| that are used by this container. |
| |
| |
| This is an alpha field and requires enabling the |
| DynamicResourceAllocation feature gate. |
| |
| |
| This field is immutable. It can only be set for containers. |
| items: |
| description: ResourceClaim references one entry in PodSpec.ResourceClaims. |
| properties: |
| name: |
| description: |- |
| Name must match the name of one entry in pod.spec.resourceClaims of |
| the Pod where this field is used. It makes that resource available |
| inside a container. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - name |
| x-kubernetes-list-type: map |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Limits describes the maximum amount of compute resources allowed. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Requests describes the minimum amount of compute resources required. |
| If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, |
| otherwise to an implementation-defined value. Requests cannot exceed Limits. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| type: object |
| preallocation: |
| description: Preallocation controls whether storage for DataVolumes |
| should be allocated in advance. |
| type: boolean |
| scratchSpaceStorageClass: |
| description: 'Override the storage class to used for scratch space |
| during transfer operations. The scratch space storage class |
| is determined in the following order: 1. value of scratchSpaceStorageClass, |
| if that doesn''t exist, use the default storage class, if there |
| is no default storage class, use the storage class of the DataVolume, |
| if no storage class specified, use no storage class for scratch |
| space' |
| type: string |
| tlsSecurityProfile: |
| description: TLSSecurityProfile is used by operators to apply |
| cluster-wide TLS security settings to operands. |
| properties: |
| custom: |
| description: |- |
| custom is a user-defined TLS security profile. Be extremely careful using a custom |
| profile as invalid configurations can be catastrophic. An example custom profile |
| looks like this: |
| |
| |
| ciphers: |
| - ECDHE-ECDSA-CHACHA20-POLY1305 |
| - ECDHE-RSA-CHACHA20-POLY1305 |
| - ECDHE-RSA-AES128-GCM-SHA256 |
| - ECDHE-ECDSA-AES128-GCM-SHA256 |
| minTLSVersion: VersionTLS11 |
| nullable: true |
| properties: |
| ciphers: |
| description: |- |
| ciphers is used to specify the cipher algorithms that are negotiated |
| during the TLS handshake. Operators may remove entries their operands |
| do not support. For example, to use DES-CBC3-SHA (yaml): |
| |
| |
| ciphers: |
| - DES-CBC3-SHA |
| items: |
| type: string |
| type: array |
| minTLSVersion: |
| description: |- |
| minTLSVersion is used to specify the minimal version of the TLS protocol |
| that is negotiated during the TLS handshake. For example, to use TLS |
| versions 1.1, 1.2 and 1.3 (yaml): |
| |
| |
| minTLSVersion: VersionTLS11 |
| |
| |
| NOTE: currently the highest minTLSVersion allowed is VersionTLS12 |
| enum: |
| - VersionTLS10 |
| - VersionTLS11 |
| - VersionTLS12 |
| - VersionTLS13 |
| type: string |
| required: |
| - ciphers |
| - minTLSVersion |
| type: object |
| intermediate: |
| description: |- |
| intermediate is a TLS security profile based on: |
| |
| |
| https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 |
| |
| |
| and looks like this (yaml): |
| |
| |
| ciphers: |
| - TLS_AES_128_GCM_SHA256 |
| - TLS_AES_256_GCM_SHA384 |
| - TLS_CHACHA20_POLY1305_SHA256 |
| - ECDHE-ECDSA-AES128-GCM-SHA256 |
| - ECDHE-RSA-AES128-GCM-SHA256 |
| - ECDHE-ECDSA-AES256-GCM-SHA384 |
| - ECDHE-RSA-AES256-GCM-SHA384 |
| - ECDHE-ECDSA-CHACHA20-POLY1305 |
| - ECDHE-RSA-CHACHA20-POLY1305 |
| - DHE-RSA-AES128-GCM-SHA256 |
| - DHE-RSA-AES256-GCM-SHA384 |
| minTLSVersion: VersionTLS12 |
| nullable: true |
| type: object |
| modern: |
| description: |- |
| modern is a TLS security profile based on: |
| |
| |
| https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility |
| |
| |
| and looks like this (yaml): |
| |
| |
| ciphers: |
| - TLS_AES_128_GCM_SHA256 |
| - TLS_AES_256_GCM_SHA384 |
| - TLS_CHACHA20_POLY1305_SHA256 |
| minTLSVersion: VersionTLS13 |
| |
| |
| NOTE: Currently unsupported. |
| nullable: true |
| type: object |
| old: |
| description: |- |
| old is a TLS security profile based on: |
| |
| |
| https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility |
| |
| |
| and looks like this (yaml): |
| |
| |
| ciphers: |
| - TLS_AES_128_GCM_SHA256 |
| - TLS_AES_256_GCM_SHA384 |
| - TLS_CHACHA20_POLY1305_SHA256 |
| - ECDHE-ECDSA-AES128-GCM-SHA256 |
| - ECDHE-RSA-AES128-GCM-SHA256 |
| - ECDHE-ECDSA-AES256-GCM-SHA384 |
| - ECDHE-RSA-AES256-GCM-SHA384 |
| - ECDHE-ECDSA-CHACHA20-POLY1305 |
| - ECDHE-RSA-CHACHA20-POLY1305 |
| - DHE-RSA-AES128-GCM-SHA256 |
| - DHE-RSA-AES256-GCM-SHA384 |
| - DHE-RSA-CHACHA20-POLY1305 |
| - ECDHE-ECDSA-AES128-SHA256 |
| - ECDHE-RSA-AES128-SHA256 |
| - ECDHE-ECDSA-AES128-SHA |
| - ECDHE-RSA-AES128-SHA |
| - ECDHE-ECDSA-AES256-SHA384 |
| - ECDHE-RSA-AES256-SHA384 |
| - ECDHE-ECDSA-AES256-SHA |
| - ECDHE-RSA-AES256-SHA |
| - DHE-RSA-AES128-SHA256 |
| - DHE-RSA-AES256-SHA256 |
| - AES128-GCM-SHA256 |
| - AES256-GCM-SHA384 |
| - AES128-SHA256 |
| - AES256-SHA256 |
| - AES128-SHA |
| - AES256-SHA |
| - DES-CBC3-SHA |
| minTLSVersion: VersionTLS10 |
| nullable: true |
| type: object |
| type: |
| description: |- |
| type is one of Old, Intermediate, Modern or Custom. Custom provides |
| the ability to specify individual TLS security profile parameters. |
| Old, Intermediate and Modern are TLS security profiles based on: |
| |
| |
| https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations |
| |
| |
| The profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers |
| are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be |
| reduced. |
| |
| |
| Note that the Modern profile is currently not supported because it is not |
| yet well adopted by common software libraries. |
| enum: |
| - Old |
| - Intermediate |
| - Modern |
| - Custom |
| type: string |
| type: object |
| uploadProxyURLOverride: |
| description: Override the URL used when uploading to a DataVolume |
| type: string |
| type: object |
| customizeComponents: |
| description: CustomizeComponents defines patches for components deployed |
| by the CDI operator. |
| properties: |
| flags: |
| description: Configure the value used for deployment and daemonset |
| resources |
| properties: |
| api: |
| additionalProperties: |
| type: string |
| type: object |
| controller: |
| additionalProperties: |
| type: string |
| type: object |
| uploadProxy: |
| additionalProperties: |
| type: string |
| type: object |
| type: object |
| patches: |
| items: |
| description: CustomizeComponentsPatch defines a patch for some |
| resource. |
| properties: |
| patch: |
| type: string |
| resourceName: |
| minLength: 1 |
| type: string |
| resourceType: |
| minLength: 1 |
| type: string |
| type: |
| description: PatchType defines the patch type. |
| type: string |
| required: |
| - patch |
| - resourceName |
| - resourceType |
| - type |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| imagePullPolicy: |
| description: PullPolicy describes a policy for if/when to pull a container |
| image |
| enum: |
| - Always |
| - IfNotPresent |
| - Never |
| type: string |
| infra: |
| description: Selectors and tolerations that should apply to cdi infrastructure |
| components |
| properties: |
| affinity: |
| description: |- |
| affinity enables pod affinity/anti-affinity placement expanding the types of constraints |
| that can be expressed with nodeSelector. |
| affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector |
| See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity |
| properties: |
| nodeAffinity: |
| description: Describes node affinity scheduling rules for |
| the pod. |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node matches the corresponding matchExpressions; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: |- |
| An empty preferred scheduling term matches all objects with implicit weight 0 |
| (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). |
| properties: |
| preference: |
| description: A node selector term, associated with |
| the corresponding weight. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| weight: |
| description: Weight associated with matching the |
| corresponding nodeSelectorTerm, in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - preference |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to an update), the system |
| may or may not try to eventually evict the pod from its node. |
| properties: |
| nodeSelectorTerms: |
| description: Required. A list of node selector terms. |
| The terms are ORed. |
| items: |
| description: |- |
| A null or empty node selector term matches no objects. The requirements of |
| them are ANDed. |
| The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - nodeSelectorTerms |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| podAffinity: |
| description: Describes pod affinity scheduling rules (e.g. |
| co-locate this pod in the same node, zone, etc. as some |
| other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, associated |
| with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| podAntiAffinity: |
| description: Describes pod anti-affinity scheduling rules |
| (e.g. avoid putting this pod in the same node, zone, etc. |
| as some other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the anti-affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling anti-affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, associated |
| with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the anti-affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the anti-affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| type: object |
| apiServerReplicas: |
| description: ApiserverReplicas set Replicas for cdi-apiserver |
| format: int32 |
| type: integer |
| deploymentReplicas: |
| description: DeploymentReplicas set Replicas for cdi-deployment |
| format: int32 |
| type: integer |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: |- |
| nodeSelector is the node selector applied to the relevant kind of pods |
| It specifies a map of key-value pairs: for the pod to be eligible to run on a node, |
| the node must have each of the indicated key-value pairs as labels |
| (it can have additional labels as well). |
| See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector |
| type: object |
| tolerations: |
| description: |- |
| tolerations is a list of tolerations applied to the relevant kind of pods |
| See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. |
| These are additional tolerations other than default ones. |
| items: |
| description: |- |
| The pod this Toleration is attached to tolerates any taint that matches |
| the triple <key,value,effect> using the matching operator <operator>. |
| properties: |
| effect: |
| description: |- |
| Effect indicates the taint effect to match. Empty means match all taint effects. |
| When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. |
| type: string |
| key: |
| description: |- |
| Key is the taint key that the toleration applies to. Empty means match all taint keys. |
| If the key is empty, operator must be Exists; this combination means to match all values and all keys. |
| type: string |
| operator: |
| description: |- |
| Operator represents a key's relationship to the value. |
| Valid operators are Exists and Equal. Defaults to Equal. |
| Exists is equivalent to wildcard for value, so that a pod can |
| tolerate all taints of a particular category. |
| type: string |
| tolerationSeconds: |
| description: |- |
| TolerationSeconds represents the period of time the toleration (which must be |
| of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, |
| it is not set, which means tolerate the taint forever (do not evict). Zero and |
| negative values will be treated as 0 (evict immediately) by the system. |
| format: int64 |
| type: integer |
| value: |
| description: |- |
| Value is the taint value the toleration matches to. |
| If the operator is Exists, the value should be empty, otherwise just a regular string. |
| type: string |
| type: object |
| type: array |
| uploadProxyReplicas: |
| description: UploadproxyReplicas set Replicas for cdi-uploadproxy |
| format: int32 |
| type: integer |
| type: object |
| priorityClass: |
| description: PriorityClass of the CDI control plane |
| type: string |
| uninstallStrategy: |
| description: CDIUninstallStrategy defines the state to leave CDI on |
| uninstall |
| enum: |
| - RemoveWorkloads |
| - BlockUninstallIfWorkloadsExist |
| type: string |
| workload: |
| description: Restrict on which nodes CDI workload pods will be scheduled |
| properties: |
| affinity: |
| description: |- |
| affinity enables pod affinity/anti-affinity placement expanding the types of constraints |
| that can be expressed with nodeSelector. |
| affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector |
| See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity |
| properties: |
| nodeAffinity: |
| description: Describes node affinity scheduling rules for |
| the pod. |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node matches the corresponding matchExpressions; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: |- |
| An empty preferred scheduling term matches all objects with implicit weight 0 |
| (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). |
| properties: |
| preference: |
| description: A node selector term, associated with |
| the corresponding weight. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| weight: |
| description: Weight associated with matching the |
| corresponding nodeSelectorTerm, in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - preference |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to an update), the system |
| may or may not try to eventually evict the pod from its node. |
| properties: |
| nodeSelectorTerms: |
| description: Required. A list of node selector terms. |
| The terms are ORed. |
| items: |
| description: |- |
| A null or empty node selector term matches no objects. The requirements of |
| them are ANDed. |
| The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - nodeSelectorTerms |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| podAffinity: |
| description: Describes pod affinity scheduling rules (e.g. |
| co-locate this pod in the same node, zone, etc. as some |
| other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, associated |
| with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| podAntiAffinity: |
| description: Describes pod anti-affinity scheduling rules |
| (e.g. avoid putting this pod in the same node, zone, etc. |
| as some other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the anti-affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling anti-affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, associated |
| with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the anti-affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the anti-affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label |
| selector requirements. The requirements are |
| ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that |
| the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| type: object |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: |- |
| nodeSelector is the node selector applied to the relevant kind of pods |
| It specifies a map of key-value pairs: for the pod to be eligible to run on a node, |
| the node must have each of the indicated key-value pairs as labels |
| (it can have additional labels as well). |
| See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector |
| type: object |
| tolerations: |
| description: |- |
| tolerations is a list of tolerations applied to the relevant kind of pods |
| See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. |
| These are additional tolerations other than default ones. |
| items: |
| description: |- |
| The pod this Toleration is attached to tolerates any taint that matches |
| the triple <key,value,effect> using the matching operator <operator>. |
| properties: |
| effect: |
| description: |- |
| Effect indicates the taint effect to match. Empty means match all taint effects. |
| When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. |
| type: string |
| key: |
| description: |- |
| Key is the taint key that the toleration applies to. Empty means match all taint keys. |
| If the key is empty, operator must be Exists; this combination means to match all values and all keys. |
| type: string |
| operator: |
| description: |- |
| Operator represents a key's relationship to the value. |
| Valid operators are Exists and Equal. Defaults to Equal. |
| Exists is equivalent to wildcard for value, so that a pod can |
| tolerate all taints of a particular category. |
| type: string |
| tolerationSeconds: |
| description: |- |
| TolerationSeconds represents the period of time the toleration (which must be |
| of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, |
| it is not set, which means tolerate the taint forever (do not evict). Zero and |
| negative values will be treated as 0 (evict immediately) by the system. |
| format: int64 |
| type: integer |
| value: |
| description: |- |
| Value is the taint value the toleration matches to. |
| If the operator is Exists, the value should be empty, otherwise just a regular string. |
| type: string |
| type: object |
| type: array |
| type: object |
| type: object |
| status: |
| description: CDIStatus defines the status of the installation |
| properties: |
| conditions: |
| description: A list of current conditions of the resource |
| items: |
| description: |- |
| Condition represents the state of the operator's |
| reconciliation functionality. |
| properties: |
| lastHeartbeatTime: |
| format: date-time |
| type: string |
| lastTransitionTime: |
| format: date-time |
| type: string |
| message: |
| type: string |
| reason: |
| type: string |
| status: |
| type: string |
| type: |
| description: ConditionType is the state of the operator's reconciliation |
| functionality. |
| type: string |
| required: |
| - status |
| - type |
| type: object |
| type: array |
| observedVersion: |
| description: The observed version of the resource |
| type: string |
| operatorVersion: |
| description: The version of the resource as defined by the operator |
| type: string |
| phase: |
| description: Phase is the current phase of the deployment |
| type: string |
| targetVersion: |
| description: The desired version of the resource |
| type: string |
| type: object |
| required: |
| - spec |
| type: object |
| served: true |
| storage: true |
| subresources: {} |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: ClusterRole |
| metadata: |
| labels: |
| operator.cdi.kubevirt.io: "" |
| name: cdi-operator-cluster |
| rules: |
| - apiGroups: |
| - rbac.authorization.k8s.io |
| resources: |
| - clusterrolebindings |
| - clusterroles |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - delete |
| - apiGroups: |
| - security.openshift.io |
| resources: |
| - securitycontextconstraints |
| verbs: |
| - get |
| - list |
| - watch |
| - update |
| - create |
| - apiGroups: |
| - apiextensions.k8s.io |
| resources: |
| - customresourcedefinitions |
| - customresourcedefinitions/status |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - delete |
| - apiGroups: |
| - cdi.kubevirt.io |
| - upload.cdi.kubevirt.io |
| resources: |
| - '*' |
| verbs: |
| - '*' |
| - apiGroups: |
| - admissionregistration.k8s.io |
| resources: |
| - validatingwebhookconfigurations |
| - mutatingwebhookconfigurations |
| verbs: |
| - create |
| - list |
| - watch |
| - apiGroups: |
| - admissionregistration.k8s.io |
| resourceNames: |
| - cdi-api-dataimportcron-validate |
| - cdi-api-populator-validate |
| - cdi-api-datavolume-validate |
| - cdi-api-validate |
| - objecttransfer-api-validate |
| resources: |
| - validatingwebhookconfigurations |
| verbs: |
| - get |
| - update |
| - delete |
| - apiGroups: |
| - admissionregistration.k8s.io |
| resourceNames: |
| - cdi-api-datavolume-mutate |
| - cdi-api-pvc-mutate |
| resources: |
| - mutatingwebhookconfigurations |
| verbs: |
| - get |
| - update |
| - delete |
| - apiGroups: |
| - apiregistration.k8s.io |
| resources: |
| - apiservices |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - delete |
| - apiGroups: |
| - authorization.k8s.io |
| resources: |
| - subjectaccessreviews |
| verbs: |
| - create |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - persistentvolumeclaims |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - persistentvolumes |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - storage.k8s.io |
| resources: |
| - storageclasses |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - namespaces |
| verbs: |
| - get |
| - apiGroups: |
| - snapshot.storage.k8s.io |
| resources: |
| - volumesnapshots |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - datavolumes |
| verbs: |
| - list |
| - get |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - datasources |
| verbs: |
| - get |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - volumeclonesources |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - storageprofiles |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - cdis |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - cdiconfigs |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - cdis/finalizers |
| verbs: |
| - update |
| - apiGroups: |
| - "" |
| resources: |
| - events |
| verbs: |
| - create |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - persistentvolumeclaims |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - delete |
| - deletecollection |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - persistentvolumes |
| verbs: |
| - get |
| - list |
| - watch |
| - update |
| - apiGroups: |
| - "" |
| resources: |
| - persistentvolumeclaims/finalizers |
| - pods/finalizers |
| verbs: |
| - update |
| - apiGroups: |
| - "" |
| resources: |
| - pods |
| - services |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - delete |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - create |
| - apiGroups: |
| - storage.k8s.io |
| resources: |
| - storageclasses |
| - csidrivers |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - config.openshift.io |
| resources: |
| - proxies |
| - infrastructures |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - config.openshift.io |
| resources: |
| - clusterversions |
| verbs: |
| - get |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - '*' |
| verbs: |
| - '*' |
| - apiGroups: |
| - snapshot.storage.k8s.io |
| resources: |
| - volumesnapshots |
| - volumesnapshotclasses |
| - volumesnapshotcontents |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - delete |
| - apiGroups: |
| - snapshot.storage.k8s.io |
| resources: |
| - volumesnapshots |
| verbs: |
| - update |
| - deletecollection |
| - apiGroups: |
| - apiextensions.k8s.io |
| resources: |
| - customresourcedefinitions |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - scheduling.k8s.io |
| resources: |
| - priorityclasses |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - image.openshift.io |
| resources: |
| - imagestreams |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - secrets |
| verbs: |
| - create |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - virtualmachines/finalizers |
| verbs: |
| - update |
| - apiGroups: |
| - forklift.cdi.kubevirt.io |
| resources: |
| - ovirtvolumepopulators |
| - openstackvolumepopulators |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - persistentvolumeclaims |
| verbs: |
| - get |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - dataimportcrons |
| verbs: |
| - get |
| - list |
| - update |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: ClusterRoleBinding |
| metadata: |
| labels: |
| operator.cdi.kubevirt.io: "" |
| name: cdi-operator |
| roleRef: |
| apiGroup: rbac.authorization.k8s.io |
| kind: ClusterRole |
| name: cdi-operator-cluster |
| subjects: |
| - kind: ServiceAccount |
| name: cdi-operator |
| namespace: cdi |
| --- |
| apiVersion: v1 |
| kind: ServiceAccount |
| metadata: |
| labels: |
| operator.cdi.kubevirt.io: "" |
| name: cdi-operator |
| namespace: cdi |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: Role |
| metadata: |
| labels: |
| app: containerized-data-importer |
| app.kubernetes.io/component: storage |
| app.kubernetes.io/managed-by: cdi-operator |
| cdi.kubevirt.io: "" |
| name: cdi-operator |
| namespace: cdi |
| rules: |
| - apiGroups: |
| - rbac.authorization.k8s.io |
| resources: |
| - rolebindings |
| - roles |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - delete |
| - apiGroups: |
| - "" |
| resources: |
| - serviceaccounts |
| - configmaps |
| - events |
| - secrets |
| - services |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - patch |
| - delete |
| - apiGroups: |
| - apps |
| resources: |
| - deployments |
| - deployments/finalizers |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - delete |
| - apiGroups: |
| - route.openshift.io |
| resources: |
| - routes |
| - routes/custom-host |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - apiGroups: |
| - config.openshift.io |
| resources: |
| - proxies |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - monitoring.coreos.com |
| resources: |
| - servicemonitors |
| - prometheusrules |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - delete |
| - update |
| - patch |
| - apiGroups: |
| - coordination.k8s.io |
| resources: |
| - leases |
| verbs: |
| - get |
| - create |
| - update |
| - apiGroups: |
| - "" |
| resources: |
| - secrets |
| - configmaps |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - delete |
| - apiGroups: |
| - "" |
| resources: |
| - secrets |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - batch |
| resources: |
| - cronjobs |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - deletecollection |
| - apiGroups: |
| - batch |
| resources: |
| - jobs |
| verbs: |
| - create |
| - deletecollection |
| - list |
| - watch |
| - apiGroups: |
| - coordination.k8s.io |
| resources: |
| - leases |
| verbs: |
| - get |
| - create |
| - update |
| - apiGroups: |
| - networking.k8s.io |
| resources: |
| - ingresses |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - route.openshift.io |
| resources: |
| - routes |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - apiGroups: |
| - "" |
| resources: |
| - services |
| - endpoints |
| - pods |
| verbs: |
| - get |
| - list |
| - watch |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: RoleBinding |
| metadata: |
| labels: |
| app: containerized-data-importer |
| app.kubernetes.io/component: storage |
| app.kubernetes.io/managed-by: cdi-operator |
| cdi.kubevirt.io: "" |
| name: cdi-operator |
| namespace: cdi |
| roleRef: |
| apiGroup: rbac.authorization.k8s.io |
| kind: Role |
| name: cdi-operator |
| subjects: |
| - kind: ServiceAccount |
| name: cdi-operator |
| namespace: cdi |
| --- |
| apiVersion: apps/v1 |
| kind: Deployment |
| metadata: |
| labels: |
| cdi.kubevirt.io: cdi-operator |
| name: cdi-operator |
| operator.cdi.kubevirt.io: "" |
| prometheus.cdi.kubevirt.io: "true" |
| name: cdi-operator |
| namespace: cdi |
| spec: |
| replicas: 1 |
| selector: |
| matchLabels: |
| name: cdi-operator |
| operator.cdi.kubevirt.io: "" |
| strategy: {} |
| template: |
| metadata: |
| labels: |
| cdi.kubevirt.io: cdi-operator |
| name: cdi-operator |
| operator.cdi.kubevirt.io: "" |
| prometheus.cdi.kubevirt.io: "true" |
| spec: |
| affinity: |
| podAffinity: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| - podAffinityTerm: |
| labelSelector: |
| matchExpressions: |
| - key: cdi.kubevirt.io |
| operator: In |
| values: |
| - cdi-operator |
| topologyKey: kubernetes.io/hostname |
| weight: 1 |
| containers: |
| - env: |
| - name: DEPLOY_CLUSTER_RESOURCES |
| value: "true" |
| - name: OPERATOR_VERSION |
| value: v1.60.2 |
| - name: CONTROLLER_IMAGE |
| value: quay.io/kubevirt/cdi-controller:v1.60.2 |
| - name: IMPORTER_IMAGE |
| value: quay.io/kubevirt/cdi-importer:v1.60.2 |
| - name: CLONER_IMAGE |
| value: quay.io/kubevirt/cdi-cloner:v1.60.2 |
| - name: OVIRT_POPULATOR_IMAGE |
| value: quay.io/kubevirt/cdi-importer:v1.60.2 |
| - name: APISERVER_IMAGE |
| value: quay.io/kubevirt/cdi-apiserver:v1.60.2 |
| - name: UPLOAD_SERVER_IMAGE |
| value: quay.io/kubevirt/cdi-uploadserver:v1.60.2 |
| - name: UPLOAD_PROXY_IMAGE |
| value: quay.io/kubevirt/cdi-uploadproxy:v1.60.2 |
| - name: VERBOSITY |
| value: "1" |
| - name: PULL_POLICY |
| value: IfNotPresent |
| - name: MONITORING_NAMESPACE |
| image: quay.io/kubevirt/cdi-operator:v1.60.2 |
| imagePullPolicy: IfNotPresent |
| name: cdi-operator |
| ports: |
| - containerPort: 8080 |
| name: metrics |
| protocol: TCP |
| resources: |
| requests: |
| cpu: 100m |
| memory: 150Mi |
| securityContext: |
| allowPrivilegeEscalation: false |
| capabilities: |
| drop: |
| - ALL |
| runAsNonRoot: true |
| seccompProfile: |
| type: RuntimeDefault |
| nodeSelector: |
| kubernetes.io/os: linux |
| securityContext: |
| runAsNonRoot: true |
| serviceAccountName: cdi-operator |
| tolerations: |
| - key: CriticalAddonsOnly |
| operator: Exists |