| --- |
| apiVersion: v1 |
| kind: Namespace |
| metadata: |
| labels: |
| kubevirt.io: "" |
| pod-security.kubernetes.io/enforce: "privileged" |
| name: kubevirt |
| --- |
| apiVersion: apiextensions.k8s.io/v1 |
| kind: CustomResourceDefinition |
| metadata: |
| labels: |
| operator.kubevirt.io: "" |
| name: kubevirts.kubevirt.io |
| spec: |
| group: kubevirt.io |
| names: |
| categories: |
| - all |
| kind: KubeVirt |
| plural: kubevirts |
| shortNames: |
| - kv |
| - kvs |
| singular: kubevirt |
| scope: Namespaced |
| versions: |
| - additionalPrinterColumns: |
| - jsonPath: .metadata.creationTimestamp |
| name: Age |
| type: date |
| - jsonPath: .status.phase |
| name: Phase |
| type: string |
| name: v1 |
| schema: |
| openAPIV3Schema: |
| description: KubeVirt represents the object deploying all KubeVirt resources |
| properties: |
| apiVersion: |
| description: |- |
| APIVersion defines the versioned schema of this representation of an object. |
| Servers should convert recognized schemas to the latest internal value, and |
| may reject unrecognized values. |
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
| type: string |
| kind: |
| description: |- |
| Kind is a string value representing the REST resource this object represents. |
| Servers may infer this from the endpoint the client submits requests to. |
| Cannot be updated. |
| In CamelCase. |
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
| type: string |
| metadata: |
| type: object |
| spec: |
| properties: |
| certificateRotateStrategy: |
| properties: |
| selfSigned: |
| properties: |
| ca: |
| description: |- |
| CA configuration |
| CA certs are kept in the CA bundle as long as they are valid |
| properties: |
| duration: |
| description: The requested 'duration' (i.e. lifetime) |
| of the Certificate. |
| type: string |
| renewBefore: |
| description: |- |
| The amount of time before the currently issued certificate's "notAfter" |
| time that we will begin to attempt to renew the certificate. |
| type: string |
| type: object |
| caOverlapInterval: |
| description: Deprecated. Use CA.Duration and CA.RenewBefore |
| instead |
| type: string |
| caRotateInterval: |
| description: Deprecated. Use CA.Duration instead |
| type: string |
| certRotateInterval: |
| description: Deprecated. Use Server.Duration instead |
| type: string |
| server: |
| description: |- |
| Server configuration |
| Certs are rotated and discarded |
| properties: |
| duration: |
| description: The requested 'duration' (i.e. lifetime) |
| of the Certificate. |
| type: string |
| renewBefore: |
| description: |- |
| The amount of time before the currently issued certificate's "notAfter" |
| time that we will begin to attempt to renew the certificate. |
| type: string |
| type: object |
| type: object |
| type: object |
| configuration: |
| description: |- |
| holds kubevirt configurations. |
| same as the virt-configMap |
| properties: |
| additionalGuestMemoryOverheadRatio: |
| description: |- |
| AdditionalGuestMemoryOverheadRatio can be used to increase the virtualization infrastructure |
| overhead. This is useful, since the calculation of this overhead is not accurate and cannot |
| be entirely known in advance. The ratio that is being set determines by which factor to increase |
| the overhead calculated by Kubevirt. A higher ratio means that the VMs would be less compromised |
| by node pressures, but would mean that fewer VMs could be scheduled to a node. |
| If not set, the default is 1. |
| type: string |
| apiConfiguration: |
| description: |- |
| ReloadableComponentConfiguration holds all generic k8s configuration options which can |
| be reloaded by components without requiring a restart. |
| properties: |
| restClient: |
| description: RestClient can be used to tune certain aspects |
| of the k8s client in use. |
| properties: |
| rateLimiter: |
| description: RateLimiter allows selecting and configuring |
| different rate limiters for the k8s client. |
| properties: |
| tokenBucketRateLimiter: |
| properties: |
| burst: |
| description: |- |
| Maximum burst for throttle. |
| If it's zero, the component default will be used |
| type: integer |
| qps: |
| description: |- |
| QPS indicates the maximum QPS to the apiserver from this client. |
| If it's zero, the component default will be used |
| type: number |
| required: |
| - burst |
| - qps |
| type: object |
| type: object |
| type: object |
| type: object |
| architectureConfiguration: |
| properties: |
| amd64: |
| properties: |
| emulatedMachines: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| machineType: |
| type: string |
| ovmfPath: |
| type: string |
| type: object |
| arm64: |
| properties: |
| emulatedMachines: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| machineType: |
| type: string |
| ovmfPath: |
| type: string |
| type: object |
| defaultArchitecture: |
| type: string |
| ppc64le: |
| properties: |
| emulatedMachines: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| machineType: |
| type: string |
| ovmfPath: |
| type: string |
| type: object |
| type: object |
| autoCPULimitNamespaceLabelSelector: |
| description: |- |
| When set, AutoCPULimitNamespaceLabelSelector will set a CPU limit on virt-launcher for VMIs running inside |
| namespaces that match the label selector. |
| The CPU limit will equal the number of requested vCPUs. |
| This setting does not apply to VMIs with dedicated CPUs. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label selector |
| requirements. The requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| controllerConfiguration: |
| description: |- |
| ReloadableComponentConfiguration holds all generic k8s configuration options which can |
| be reloaded by components without requiring a restart. |
| properties: |
| restClient: |
| description: RestClient can be used to tune certain aspects |
| of the k8s client in use. |
| properties: |
| rateLimiter: |
| description: RateLimiter allows selecting and configuring |
| different rate limiters for the k8s client. |
| properties: |
| tokenBucketRateLimiter: |
| properties: |
| burst: |
| description: |- |
| Maximum burst for throttle. |
| If it's zero, the component default will be used |
| type: integer |
| qps: |
| description: |- |
| QPS indicates the maximum QPS to the apiserver from this client. |
| If it's zero, the component default will be used |
| type: number |
| required: |
| - burst |
| - qps |
| type: object |
| type: object |
| type: object |
| type: object |
| cpuModel: |
| type: string |
| cpuRequest: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| defaultRuntimeClass: |
| type: string |
| developerConfiguration: |
| description: DeveloperConfiguration holds developer options |
| properties: |
| cpuAllocationRatio: |
| description: |- |
| For each requested virtual CPU, CPUAllocationRatio defines how much physical CPU to request per VMI |
| from the hosting node. The value is in fraction of a CPU thread (or core on non-hyperthreaded nodes). |
| For example, a value of 1 means 1 physical CPU thread per VMI CPU thread. |
| A value of 100 would be 1% of a physical thread allocated for each requested VMI thread. |
| This option has no effect on VMIs that request dedicated CPUs. More information at: |
| https://kubevirt.io/user-guide/operations/node_overcommit/#node-cpu-allocation-ratio |
| Defaults to 10 |
| type: integer |
| diskVerification: |
| description: DiskVerification holds container disks verification |
| limits |
| properties: |
| memoryLimit: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| required: |
| - memoryLimit |
| type: object |
| featureGates: |
| description: FeatureGates is the list of experimental features |
| to enable. Defaults to none |
| items: |
| type: string |
| type: array |
| logVerbosity: |
| description: LogVerbosity sets log verbosity level of various |
| components |
| properties: |
| nodeVerbosity: |
| additionalProperties: |
| type: integer |
| description: NodeVerbosity represents a map of nodes with |
| a specific verbosity level |
| type: object |
| virtAPI: |
| type: integer |
| virtController: |
| type: integer |
| virtHandler: |
| type: integer |
| virtLauncher: |
| type: integer |
| virtOperator: |
| type: integer |
| type: object |
| memoryOvercommit: |
| description: |- |
| MemoryOvercommit is the percentage of memory we want to give VMIs compared to the amount |
| given to its parent pod (virt-launcher). For example, a value of 102 means the VMI will |
| "see" 2% more memory than its parent pod. Values under 100 are effectively "undercommits". |
| Overcommits can lead to memory exhaustion, which in turn can lead to crashes. Use carefully. |
| Defaults to 100 |
| type: integer |
| minimumClusterTSCFrequency: |
| description: |- |
| Allow overriding the automatically determined minimum TSC frequency of the cluster |
| and fixate the minimum to this frequency. |
| format: int64 |
| type: integer |
| minimumReservePVCBytes: |
| description: |- |
| MinimumReservePVCBytes is the amount of space, in bytes, to leave unused on disks. |
| Defaults to 131072 (128KiB) |
| format: int64 |
| type: integer |
| nodeSelectors: |
| additionalProperties: |
| type: string |
| description: |- |
| NodeSelectors allows restricting VMI creation to nodes that match a set of labels. |
| Defaults to none |
| type: object |
| pvcTolerateLessSpaceUpToPercent: |
| description: |- |
| LessPVCSpaceToleration determines how much smaller, in percentage, disk PVCs are |
| allowed to be compared to the requested size (to account for various overheads). |
| Defaults to 10 |
| type: integer |
| useEmulation: |
| description: |- |
| UseEmulation can be set to true to allow fallback to software emulation |
| in case hardware-assisted emulation is not available. Defaults to false |
| type: boolean |
| type: object |
| emulatedMachines: |
| description: Deprecated. Use architectureConfiguration instead. |
| items: |
| type: string |
| type: array |
| evictionStrategy: |
| description: |- |
| EvictionStrategy defines at the cluster level if the VirtualMachineInstance should be |
| migrated instead of shut-off in case of a node drain. If the VirtualMachineInstance specific |
| field is set it overrides the cluster level one. |
| type: string |
| handlerConfiguration: |
| description: |- |
| ReloadableComponentConfiguration holds all generic k8s configuration options which can |
| be reloaded by components without requiring a restart. |
| properties: |
| restClient: |
| description: RestClient can be used to tune certain aspects |
| of the k8s client in use. |
| properties: |
| rateLimiter: |
| description: RateLimiter allows selecting and configuring |
| different rate limiters for the k8s client. |
| properties: |
| tokenBucketRateLimiter: |
| properties: |
| burst: |
| description: |- |
| Maximum burst for throttle. |
| If it's zero, the component default will be used |
| type: integer |
| qps: |
| description: |- |
| QPS indicates the maximum QPS to the apiserver from this client. |
| If it's zero, the component default will be used |
| type: number |
| required: |
| - burst |
| - qps |
| type: object |
| type: object |
| type: object |
| type: object |
| imagePullPolicy: |
| description: PullPolicy describes a policy for if/when to pull |
| a container image |
| type: string |
| ksmConfiguration: |
| description: KSMConfiguration holds the information regarding |
| the enabling the KSM in the nodes (if available). |
| properties: |
| nodeLabelSelector: |
| description: |- |
| NodeLabelSelector is a selector that filters in which nodes the KSM will be enabled. |
| Empty NodeLabelSelector will enable ksm for every node. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label selector |
| requirements. The requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| liveUpdateConfiguration: |
| description: LiveUpdateConfiguration holds defaults for live update |
| features |
| properties: |
| maxCpuSockets: |
| description: MaxCpuSockets holds the maximum amount of sockets |
| that can be hotplugged |
| format: int32 |
| type: integer |
| maxGuest: |
| anyOf: |
| - type: integer |
| - type: string |
| description: |- |
| MaxGuest defines the maximum amount memory that can be allocated |
| to the guest using hotplug. |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| maxHotplugRatio: |
| description: |- |
| MaxHotplugRatio is the ratio used to define the max amount |
| of a hotplug resource that can be made available to a VM |
| when the specific Max* setting is not defined (MaxCpuSockets, MaxGuest) |
| Example: VM is configured with 512Mi of guest memory, if MaxGuest is not |
| defined and MaxHotplugRatio is 2 then MaxGuest = 1Gi |
| defaults to 4 |
| format: int32 |
| type: integer |
| type: object |
| machineType: |
| description: Deprecated. Use architectureConfiguration instead. |
| type: string |
| mediatedDevicesConfiguration: |
| description: MediatedDevicesConfiguration holds information about |
| MDEV types to be defined, if available |
| properties: |
| mediatedDeviceTypes: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mediatedDevicesTypes: |
| description: Deprecated. Use mediatedDeviceTypes instead. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| nodeMediatedDeviceTypes: |
| items: |
| description: NodeMediatedDeviceTypesConfig holds information |
| about MDEV types to be defined in a specific node that |
| matches the NodeSelector field. |
| properties: |
| mediatedDeviceTypes: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mediatedDevicesTypes: |
| description: Deprecated. Use mediatedDeviceTypes instead. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: |- |
| NodeSelector is a selector which must be true for the vmi to fit on a node. |
| Selector which must match a node's labels for the vmi to be scheduled on that node. |
| More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ |
| type: object |
| required: |
| - nodeSelector |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| memBalloonStatsPeriod: |
| format: int32 |
| type: integer |
| migrations: |
| description: |- |
| MigrationConfiguration holds migration options. |
| Can be overridden for specific groups of VMs though migration policies. |
| Visit https://kubevirt.io/user-guide/operations/migration_policies/ for more information. |
| properties: |
| allowAutoConverge: |
| description: |- |
| AllowAutoConverge allows the platform to compromise performance/availability of VMIs to |
| guarantee successful VMI live migrations. Defaults to false |
| type: boolean |
| allowPostCopy: |
| description: |- |
| AllowPostCopy enables post-copy live migrations. Such migrations allow even the busiest VMIs |
| to successfully live-migrate. However, events like a network failure can cause a VMI crash. |
| If set to true, migrations will still start in pre-copy, but switch to post-copy when |
| CompletionTimeoutPerGiB triggers. Defaults to false |
| type: boolean |
| bandwidthPerMigration: |
| anyOf: |
| - type: integer |
| - type: string |
| description: |- |
| BandwidthPerMigration limits the amount of network bandwidth live migrations are allowed to use. |
| The value is in quantity per second. Defaults to 0 (no limit) |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| completionTimeoutPerGiB: |
| description: |- |
| CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. |
| If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, |
| the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800 |
| format: int64 |
| type: integer |
| disableTLS: |
| description: |- |
| When set to true, DisableTLS will disable the additional layer of live migration encryption |
| provided by KubeVirt. This is usually a bad idea. Defaults to false |
| type: boolean |
| matchSELinuxLevelOnMigration: |
| description: |- |
| By default, the SELinux level of target virt-launcher pods is forced to the level of the source virt-launcher. |
| When set to true, MatchSELinuxLevelOnMigration lets the CRI auto-assign a random level to the target. |
| That will ensure the target virt-launcher doesn't share categories with another pod on the node. |
| However, migrations will fail when using RWX volumes that don't automatically deal with SELinux levels. |
| type: boolean |
| network: |
| description: |- |
| Network is the name of the CNI network to use for live migrations. By default, migrations go |
| through the pod network. |
| type: string |
| nodeDrainTaintKey: |
| description: |- |
| NodeDrainTaintKey defines the taint key that indicates a node should be drained. |
| Note: this option relies on the deprecated node taint feature. Default: kubevirt.io/drain |
| type: string |
| parallelMigrationsPerCluster: |
| description: |- |
| ParallelMigrationsPerCluster is the total number of concurrent live migrations |
| allowed cluster-wide. Defaults to 5 |
| format: int32 |
| type: integer |
| parallelOutboundMigrationsPerNode: |
| description: |- |
| ParallelOutboundMigrationsPerNode is the maximum number of concurrent outgoing live migrations |
| allowed per node. Defaults to 2 |
| format: int32 |
| type: integer |
| progressTimeout: |
| description: |- |
| ProgressTimeout is the maximum number of seconds a live migration is allowed to make no progress. |
| Hitting this timeout means a migration transferred 0 data for that many seconds. The migration is |
| then considered stuck and therefore cancelled. Defaults to 150 |
| format: int64 |
| type: integer |
| unsafeMigrationOverride: |
| description: |- |
| UnsafeMigrationOverride allows live migrations to occur even if the compatibility check |
| indicates the migration will be unsafe to the guest. Defaults to false |
| type: boolean |
| type: object |
| minCPUModel: |
| type: string |
| network: |
| description: NetworkConfiguration holds network options |
| properties: |
| binding: |
| additionalProperties: |
| properties: |
| computeResourceOverhead: |
| description: |- |
| ComputeResourceOverhead specifies the resource overhead that should be added to the compute container when using the binding. |
| version: v1alphav1 |
| properties: |
| claims: |
| description: |- |
| Claims lists the names of resources, defined in spec.resourceClaims, |
| that are used by this container. |
| |
| |
| This is an alpha field and requires enabling the |
| DynamicResourceAllocation feature gate. |
| |
| |
| This field is immutable. It can only be set for containers. |
| items: |
| description: ResourceClaim references one entry |
| in PodSpec.ResourceClaims. |
| properties: |
| name: |
| description: |- |
| Name must match the name of one entry in pod.spec.resourceClaims of |
| the Pod where this field is used. It makes that resource available |
| inside a container. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - name |
| x-kubernetes-list-type: map |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Limits describes the maximum amount of compute resources allowed. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Requests describes the minimum amount of compute resources required. |
| If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, |
| otherwise to an implementation-defined value. Requests cannot exceed Limits. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| type: object |
| domainAttachmentType: |
| description: |- |
| DomainAttachmentType is a standard domain network attachment method kubevirt supports. |
| Supported values: "tap". |
| The standard domain attachment can be used instead or in addition to the sidecarImage. |
| version: 1alphav1 |
| type: string |
| downwardAPI: |
| description: |- |
| DownwardAPI specifies what kind of data should be exposed to the binding plugin sidecar. |
| Supported values: "device-info" |
| version: v1alphav1 |
| type: string |
| migration: |
| description: |- |
| Migration means the VM using the plugin can be safely migrated |
| version: 1alphav1 |
| properties: |
| method: |
| description: |- |
| Method defines a pre-defined migration methodology |
| version: 1alphav1 |
| type: string |
| type: object |
| networkAttachmentDefinition: |
| description: |- |
| NetworkAttachmentDefinition references to a NetworkAttachmentDefinition CR object. |
| Format: <name>, <namespace>/<name>. |
| If namespace is not specified, VMI namespace is assumed. |
| version: 1alphav1 |
| type: string |
| sidecarImage: |
| description: |- |
| SidecarImage references a container image that runs in the virt-launcher pod. |
| The sidecar handles (libvirt) domain configuration and optional services. |
| version: 1alphav1 |
| type: string |
| type: object |
| type: object |
| defaultNetworkInterface: |
| type: string |
| permitBridgeInterfaceOnPodNetwork: |
| type: boolean |
| permitSlirpInterface: |
| description: |- |
| DeprecatedPermitSlirpInterface is an alias for the deprecated PermitSlirpInterface. |
| Deprecated: Removed in v1.3. |
| type: boolean |
| type: object |
| obsoleteCPUModels: |
| additionalProperties: |
| type: boolean |
| type: object |
| ovmfPath: |
| description: Deprecated. Use architectureConfiguration instead. |
| type: string |
| permittedHostDevices: |
| description: PermittedHostDevices holds information about devices |
| allowed for passthrough |
| properties: |
| mediatedDevices: |
| items: |
| description: MediatedHostDevice represents a host mediated |
| device allowed for passthrough |
| properties: |
| externalResourceProvider: |
| type: boolean |
| mdevNameSelector: |
| type: string |
| resourceName: |
| type: string |
| required: |
| - mdevNameSelector |
| - resourceName |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| pciHostDevices: |
| items: |
| description: PciHostDevice represents a host PCI device |
| allowed for passthrough |
| properties: |
| externalResourceProvider: |
| description: |- |
| If true, KubeVirt will leave the allocation and monitoring to an |
| external device plugin |
| type: boolean |
| pciVendorSelector: |
| description: The vendor_id:product_id tuple of the PCI |
| device |
| type: string |
| resourceName: |
| description: |- |
| The name of the resource that is representing the device. Exposed by |
| a device plugin and requested by VMs. Typically of the form |
| vendor.com/product_name |
| type: string |
| required: |
| - pciVendorSelector |
| - resourceName |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| usb: |
| items: |
| properties: |
| externalResourceProvider: |
| description: |- |
| If true, KubeVirt will leave the allocation and monitoring to an |
| external device plugin |
| type: boolean |
| resourceName: |
| description: |- |
| Identifies the list of USB host devices. |
| e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, etc |
| type: string |
| selectors: |
| items: |
| properties: |
| product: |
| type: string |
| vendor: |
| type: string |
| required: |
| - product |
| - vendor |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - resourceName |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| seccompConfiguration: |
| description: SeccompConfiguration holds Seccomp configuration |
| for Kubevirt components |
| properties: |
| virtualMachineInstanceProfile: |
| description: VirtualMachineInstanceProfile defines what profile |
| should be used with virt-launcher. Defaults to none |
| properties: |
| customProfile: |
| description: CustomProfile allows to request arbitrary |
| profile for virt-launcher |
| properties: |
| localhostProfile: |
| type: string |
| runtimeDefaultProfile: |
| type: boolean |
| type: object |
| type: object |
| type: object |
| selinuxLauncherType: |
| type: string |
| smbios: |
| properties: |
| family: |
| type: string |
| manufacturer: |
| type: string |
| product: |
| type: string |
| sku: |
| type: string |
| version: |
| type: string |
| type: object |
| supportContainerResources: |
| description: SupportContainerResources specifies the resource |
| requirements for various types of supporting containers such |
| as container disks/virtiofs/sidecars and hotplug attachment |
| pods. If omitted a sensible default will be supplied. |
| items: |
| description: SupportContainerResources are used to specify the |
| cpu/memory request and limits for the containers that support |
| various features of Virtual Machines. These containers are |
| usually idle and don't require a lot of memory or cpu. |
| properties: |
| resources: |
| description: ResourceRequirements describes the compute |
| resource requirements. |
| properties: |
| claims: |
| description: |- |
| Claims lists the names of resources, defined in spec.resourceClaims, |
| that are used by this container. |
| |
| |
| This is an alpha field and requires enabling the |
| DynamicResourceAllocation feature gate. |
| |
| |
| This field is immutable. It can only be set for containers. |
| items: |
| description: ResourceClaim references one entry in |
| PodSpec.ResourceClaims. |
| properties: |
| name: |
| description: |- |
| Name must match the name of one entry in pod.spec.resourceClaims of |
| the Pod where this field is used. It makes that resource available |
| inside a container. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - name |
| x-kubernetes-list-type: map |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Limits describes the maximum amount of compute resources allowed. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Requests describes the minimum amount of compute resources required. |
| If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, |
| otherwise to an implementation-defined value. Requests cannot exceed Limits. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| type: object |
| type: |
| type: string |
| required: |
| - resources |
| - type |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - type |
| x-kubernetes-list-type: map |
| supportedGuestAgentVersions: |
| description: deprecated |
| items: |
| type: string |
| type: array |
| tlsConfiguration: |
| description: TLSConfiguration holds TLS options |
| properties: |
| ciphers: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: set |
| minTLSVersion: |
| description: |- |
| MinTLSVersion is a way to specify the minimum protocol version that is acceptable for TLS connections. |
| Protocol versions are based on the following most common TLS configurations: |
| |
| |
| https://ssl-config.mozilla.org/ |
| |
| |
| Note that SSLv3.0 is not a supported protocol version due to well known |
| vulnerabilities such as POODLE: https://en.wikipedia.org/wiki/POODLE |
| enum: |
| - VersionTLS10 |
| - VersionTLS11 |
| - VersionTLS12 |
| - VersionTLS13 |
| type: string |
| type: object |
| virtualMachineInstancesPerNode: |
| type: integer |
| virtualMachineOptions: |
| description: VirtualMachineOptions holds the cluster level information |
| regarding the virtual machine. |
| properties: |
| disableFreePageReporting: |
| description: |- |
| DisableFreePageReporting disable the free page reporting of |
| memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. |
| This will have effect only if AutoattachMemBalloon is not false and the vmi is not |
| requesting any high performance feature (dedicatedCPU/realtime/hugePages), in which free page reporting is always disabled. |
| type: object |
| disableSerialConsoleLog: |
| description: |- |
| DisableSerialConsoleLog disables logging the auto-attached default serial console. |
| If not set, serial console logs will be written to a file and then streamed from a container named 'guest-console-log'. |
| The value can be individually overridden for each VM, not relevant if AutoattachSerialConsole is disabled. |
| type: object |
| type: object |
| vmRolloutStrategy: |
| description: VMRolloutStrategy defines how changes to a VM object |
| propagate to its VMI |
| enum: |
| - Stage |
| - LiveUpdate |
| nullable: true |
| type: string |
| vmStateStorageClass: |
| description: |- |
| VMStateStorageClass is the name of the storage class to use for the PVCs created to preserve VM state, like TPM. |
| The storage class must support RWX in filesystem mode. |
| type: string |
| webhookConfiguration: |
| description: |- |
| ReloadableComponentConfiguration holds all generic k8s configuration options which can |
| be reloaded by components without requiring a restart. |
| properties: |
| restClient: |
| description: RestClient can be used to tune certain aspects |
| of the k8s client in use. |
| properties: |
| rateLimiter: |
| description: RateLimiter allows selecting and configuring |
| different rate limiters for the k8s client. |
| properties: |
| tokenBucketRateLimiter: |
| properties: |
| burst: |
| description: |- |
| Maximum burst for throttle. |
| If it's zero, the component default will be used |
| type: integer |
| qps: |
| description: |- |
| QPS indicates the maximum QPS to the apiserver from this client. |
| If it's zero, the component default will be used |
| type: number |
| required: |
| - burst |
| - qps |
| type: object |
| type: object |
| type: object |
| type: object |
| type: object |
| customizeComponents: |
| properties: |
| flags: |
| description: Configure the value used for deployment and daemonset |
| resources |
| properties: |
| api: |
| additionalProperties: |
| type: string |
| type: object |
| controller: |
| additionalProperties: |
| type: string |
| type: object |
| handler: |
| additionalProperties: |
| type: string |
| type: object |
| type: object |
| patches: |
| items: |
| properties: |
| patch: |
| type: string |
| resourceName: |
| minLength: 1 |
| type: string |
| resourceType: |
| minLength: 1 |
| type: string |
| type: |
| type: string |
| required: |
| - patch |
| - resourceName |
| - resourceType |
| - type |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| imagePullPolicy: |
| description: The ImagePullPolicy to use. |
| type: string |
| imagePullSecrets: |
| description: |- |
| The imagePullSecrets to pull the container images from |
| Defaults to none |
| items: |
| description: |- |
| LocalObjectReference contains enough information to let you locate the |
| referenced object inside the same namespace. |
| properties: |
| name: |
| description: |- |
| Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, kind, uid? |
| type: string |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| x-kubernetes-list-type: atomic |
| imageRegistry: |
| description: |- |
| The image registry to pull the container images from |
| Defaults to the same registry the operator's container image is pulled from. |
| type: string |
| imageTag: |
| description: |- |
| The image tag to use for the continer images installed. |
| Defaults to the same tag as the operator's container image. |
| type: string |
| infra: |
| description: selectors and tolerations that should apply to KubeVirt |
| infrastructure components |
| properties: |
| nodePlacement: |
| description: |- |
| nodePlacement describes scheduling configuration for specific |
| KubeVirt components |
| properties: |
| affinity: |
| description: |- |
| affinity enables pod affinity/anti-affinity placement expanding the types of constraints |
| that can be expressed with nodeSelector. |
| affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector |
| See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity |
| properties: |
| nodeAffinity: |
| description: Describes node affinity scheduling rules |
| for the pod. |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node matches the corresponding matchExpressions; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: |- |
| An empty preferred scheduling term matches all objects with implicit weight 0 |
| (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). |
| properties: |
| preference: |
| description: A node selector term, associated |
| with the corresponding weight. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| weight: |
| description: Weight associated with matching |
| the corresponding nodeSelectorTerm, in the |
| range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - preference |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to an update), the system |
| may or may not try to eventually evict the pod from its node. |
| properties: |
| nodeSelectorTerms: |
| description: Required. A list of node selector |
| terms. The terms are ORed. |
| items: |
| description: |- |
| A null or empty node selector term matches no objects. The requirements of |
| them are ANDed. |
| The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - nodeSelectorTerms |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| podAffinity: |
| description: Describes pod affinity scheduling rules (e.g. |
| co-locate this pod in the same node, zone, etc. as some |
| other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, |
| associated with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| podAntiAffinity: |
| description: Describes pod anti-affinity scheduling rules |
| (e.g. avoid putting this pod in the same node, zone, |
| etc. as some other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the anti-affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling anti-affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, |
| associated with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the anti-affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the anti-affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| type: object |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: |- |
| nodeSelector is the node selector applied to the relevant kind of pods |
| It specifies a map of key-value pairs: for the pod to be eligible to run on a node, |
| the node must have each of the indicated key-value pairs as labels |
| (it can have additional labels as well). |
| See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector |
| type: object |
| tolerations: |
| description: |- |
| tolerations is a list of tolerations applied to the relevant kind of pods |
| See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. |
| These are additional tolerations other than default ones. |
| items: |
| description: |- |
| The pod this Toleration is attached to tolerates any taint that matches |
| the triple <key,value,effect> using the matching operator <operator>. |
| properties: |
| effect: |
| description: |- |
| Effect indicates the taint effect to match. Empty means match all taint effects. |
| When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. |
| type: string |
| key: |
| description: |- |
| Key is the taint key that the toleration applies to. Empty means match all taint keys. |
| If the key is empty, operator must be Exists; this combination means to match all values and all keys. |
| type: string |
| operator: |
| description: |- |
| Operator represents a key's relationship to the value. |
| Valid operators are Exists and Equal. Defaults to Equal. |
| Exists is equivalent to wildcard for value, so that a pod can |
| tolerate all taints of a particular category. |
| type: string |
| tolerationSeconds: |
| description: |- |
| TolerationSeconds represents the period of time the toleration (which must be |
| of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, |
| it is not set, which means tolerate the taint forever (do not evict). Zero and |
| negative values will be treated as 0 (evict immediately) by the system. |
| format: int64 |
| type: integer |
| value: |
| description: |- |
| Value is the taint value the toleration matches to. |
| If the operator is Exists, the value should be empty, otherwise just a regular string. |
| type: string |
| type: object |
| type: array |
| type: object |
| replicas: |
| description: |- |
| replicas indicates how many replicas should be created for each KubeVirt infrastructure |
| component (like virt-api or virt-controller). Defaults to 2. |
| WARNING: this is an advanced feature that prevents auto-scaling for core kubevirt components. Please use with caution! |
| type: integer |
| type: object |
| monitorAccount: |
| description: |- |
| The name of the Prometheus service account that needs read-access to KubeVirt endpoints |
| Defaults to prometheus-k8s |
| type: string |
| monitorNamespace: |
| description: |- |
| The namespace Prometheus is deployed in |
| Defaults to openshift-monitor |
| type: string |
| productComponent: |
| description: |- |
| Designate the apps.kubevirt.io/component label for KubeVirt components. |
| Useful if KubeVirt is included as part of a product. |
| If ProductComponent is not specified, the component label default value is kubevirt. |
| type: string |
| productName: |
| description: |- |
| Designate the apps.kubevirt.io/part-of label for KubeVirt components. |
| Useful if KubeVirt is included as part of a product. |
| If ProductName is not specified, the part-of label will be omitted. |
| type: string |
| productVersion: |
| description: |- |
| Designate the apps.kubevirt.io/version label for KubeVirt components. |
| Useful if KubeVirt is included as part of a product. |
| If ProductVersion is not specified, KubeVirt's version will be used. |
| type: string |
| serviceMonitorNamespace: |
| description: |- |
| The namespace the service monitor will be deployed |
| When ServiceMonitorNamespace is set, then we'll install the service monitor object in that namespace |
| otherwise we will use the monitoring namespace. |
| type: string |
| uninstallStrategy: |
| description: |- |
| Specifies if kubevirt can be deleted if workloads are still present. |
| This is mainly a precaution to avoid accidental data loss |
| type: string |
| workloadUpdateStrategy: |
| description: |- |
| WorkloadUpdateStrategy defines at the cluster level how to handle |
| automated workload updates |
| properties: |
| batchEvictionInterval: |
| description: |- |
| BatchEvictionInterval Represents the interval to wait before issuing the next |
| batch of shutdowns |
| |
| |
| Defaults to 1 minute |
| type: string |
| batchEvictionSize: |
| description: |- |
| BatchEvictionSize Represents the number of VMIs that can be forced updated per |
| the BatchShutdownInteral interval |
| |
| |
| Defaults to 10 |
| type: integer |
| workloadUpdateMethods: |
| description: |- |
| WorkloadUpdateMethods defines the methods that can be used to disrupt workloads |
| during automated workload updates. |
| When multiple methods are present, the least disruptive method takes |
| precedence over more disruptive methods. For example if both LiveMigrate and Shutdown |
| methods are listed, only VMs which are not live migratable will be restarted/shutdown |
| |
| |
| An empty list defaults to no automated workload updating |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| workloads: |
| description: selectors and tolerations that should apply to KubeVirt |
| workloads |
| properties: |
| nodePlacement: |
| description: |- |
| nodePlacement describes scheduling configuration for specific |
| KubeVirt components |
| properties: |
| affinity: |
| description: |- |
| affinity enables pod affinity/anti-affinity placement expanding the types of constraints |
| that can be expressed with nodeSelector. |
| affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector |
| See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity |
| properties: |
| nodeAffinity: |
| description: Describes node affinity scheduling rules |
| for the pod. |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node matches the corresponding matchExpressions; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: |- |
| An empty preferred scheduling term matches all objects with implicit weight 0 |
| (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). |
| properties: |
| preference: |
| description: A node selector term, associated |
| with the corresponding weight. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| weight: |
| description: Weight associated with matching |
| the corresponding nodeSelectorTerm, in the |
| range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - preference |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to an update), the system |
| may or may not try to eventually evict the pod from its node. |
| properties: |
| nodeSelectorTerms: |
| description: Required. A list of node selector |
| terms. The terms are ORed. |
| items: |
| description: |- |
| A null or empty node selector term matches no objects. The requirements of |
| them are ANDed. |
| The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - nodeSelectorTerms |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| podAffinity: |
| description: Describes pod affinity scheduling rules (e.g. |
| co-locate this pod in the same node, zone, etc. as some |
| other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, |
| associated with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| podAntiAffinity: |
| description: Describes pod anti-affinity scheduling rules |
| (e.g. avoid putting this pod in the same node, zone, |
| etc. as some other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the anti-affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling anti-affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, |
| associated with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the anti-affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the anti-affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| type: object |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: |- |
| nodeSelector is the node selector applied to the relevant kind of pods |
| It specifies a map of key-value pairs: for the pod to be eligible to run on a node, |
| the node must have each of the indicated key-value pairs as labels |
| (it can have additional labels as well). |
| See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector |
| type: object |
| tolerations: |
| description: |- |
| tolerations is a list of tolerations applied to the relevant kind of pods |
| See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. |
| These are additional tolerations other than default ones. |
| items: |
| description: |- |
| The pod this Toleration is attached to tolerates any taint that matches |
| the triple <key,value,effect> using the matching operator <operator>. |
| properties: |
| effect: |
| description: |- |
| Effect indicates the taint effect to match. Empty means match all taint effects. |
| When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. |
| type: string |
| key: |
| description: |- |
| Key is the taint key that the toleration applies to. Empty means match all taint keys. |
| If the key is empty, operator must be Exists; this combination means to match all values and all keys. |
| type: string |
| operator: |
| description: |- |
| Operator represents a key's relationship to the value. |
| Valid operators are Exists and Equal. Defaults to Equal. |
| Exists is equivalent to wildcard for value, so that a pod can |
| tolerate all taints of a particular category. |
| type: string |
| tolerationSeconds: |
| description: |- |
| TolerationSeconds represents the period of time the toleration (which must be |
| of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, |
| it is not set, which means tolerate the taint forever (do not evict). Zero and |
| negative values will be treated as 0 (evict immediately) by the system. |
| format: int64 |
| type: integer |
| value: |
| description: |- |
| Value is the taint value the toleration matches to. |
| If the operator is Exists, the value should be empty, otherwise just a regular string. |
| type: string |
| type: object |
| type: array |
| type: object |
| replicas: |
| description: |- |
| replicas indicates how many replicas should be created for each KubeVirt infrastructure |
| component (like virt-api or virt-controller). Defaults to 2. |
| WARNING: this is an advanced feature that prevents auto-scaling for core kubevirt components. Please use with caution! |
| type: integer |
| type: object |
| type: object |
| status: |
| description: KubeVirtStatus represents information pertaining to a KubeVirt |
| deployment. |
| properties: |
| conditions: |
| items: |
| description: KubeVirtCondition represents a condition of a KubeVirt |
| deployment |
| properties: |
| lastProbeTime: |
| format: date-time |
| nullable: true |
| type: string |
| lastTransitionTime: |
| format: date-time |
| nullable: true |
| type: string |
| message: |
| type: string |
| reason: |
| type: string |
| status: |
| type: string |
| type: |
| type: string |
| required: |
| - status |
| - type |
| type: object |
| type: array |
| defaultArchitecture: |
| type: string |
| generations: |
| items: |
| description: GenerationStatus keeps track of the generation for |
| a given resource so that decisions about forced updates can be |
| made. |
| properties: |
| group: |
| description: group is the group of the thing you're tracking |
| type: string |
| hash: |
| description: hash is an optional field set for resources without |
| generation that are content sensitive like secrets and configmaps |
| type: string |
| lastGeneration: |
| description: lastGeneration is the last generation of the workload |
| controller involved |
| format: int64 |
| type: integer |
| name: |
| description: name is the name of the thing you're tracking |
| type: string |
| namespace: |
| description: namespace is where the thing you're tracking is |
| type: string |
| resource: |
| description: resource is the resource type of the thing you're |
| tracking |
| type: string |
| required: |
| - group |
| - lastGeneration |
| - name |
| - resource |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| observedDeploymentConfig: |
| type: string |
| observedDeploymentID: |
| type: string |
| observedGeneration: |
| format: int64 |
| type: integer |
| observedKubeVirtRegistry: |
| type: string |
| observedKubeVirtVersion: |
| type: string |
| operatorVersion: |
| type: string |
| outdatedVirtualMachineInstanceWorkloads: |
| type: integer |
| phase: |
| description: KubeVirtPhase is a label for the phase of a KubeVirt |
| deployment at the current time. |
| type: string |
| targetDeploymentConfig: |
| type: string |
| targetDeploymentID: |
| type: string |
| targetKubeVirtRegistry: |
| type: string |
| targetKubeVirtVersion: |
| type: string |
| type: object |
| required: |
| - spec |
| type: object |
| served: true |
| storage: true |
| subresources: |
| status: {} |
| - additionalPrinterColumns: |
| - jsonPath: .metadata.creationTimestamp |
| name: Age |
| type: date |
| - jsonPath: .status.phase |
| name: Phase |
| type: string |
| deprecated: true |
| deprecationWarning: kubevirt.io/v1alpha3 is now deprecated and will be removed |
| in a future release. |
| name: v1alpha3 |
| schema: |
| openAPIV3Schema: |
| description: KubeVirt represents the object deploying all KubeVirt resources |
| properties: |
| apiVersion: |
| description: |- |
| APIVersion defines the versioned schema of this representation of an object. |
| Servers should convert recognized schemas to the latest internal value, and |
| may reject unrecognized values. |
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
| type: string |
| kind: |
| description: |- |
| Kind is a string value representing the REST resource this object represents. |
| Servers may infer this from the endpoint the client submits requests to. |
| Cannot be updated. |
| In CamelCase. |
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
| type: string |
| metadata: |
| type: object |
| spec: |
| properties: |
| certificateRotateStrategy: |
| properties: |
| selfSigned: |
| properties: |
| ca: |
| description: |- |
| CA configuration |
| CA certs are kept in the CA bundle as long as they are valid |
| properties: |
| duration: |
| description: The requested 'duration' (i.e. lifetime) |
| of the Certificate. |
| type: string |
| renewBefore: |
| description: |- |
| The amount of time before the currently issued certificate's "notAfter" |
| time that we will begin to attempt to renew the certificate. |
| type: string |
| type: object |
| caOverlapInterval: |
| description: Deprecated. Use CA.Duration and CA.RenewBefore |
| instead |
| type: string |
| caRotateInterval: |
| description: Deprecated. Use CA.Duration instead |
| type: string |
| certRotateInterval: |
| description: Deprecated. Use Server.Duration instead |
| type: string |
| server: |
| description: |- |
| Server configuration |
| Certs are rotated and discarded |
| properties: |
| duration: |
| description: The requested 'duration' (i.e. lifetime) |
| of the Certificate. |
| type: string |
| renewBefore: |
| description: |- |
| The amount of time before the currently issued certificate's "notAfter" |
| time that we will begin to attempt to renew the certificate. |
| type: string |
| type: object |
| type: object |
| type: object |
| configuration: |
| description: |- |
| holds kubevirt configurations. |
| same as the virt-configMap |
| properties: |
| additionalGuestMemoryOverheadRatio: |
| description: |- |
| AdditionalGuestMemoryOverheadRatio can be used to increase the virtualization infrastructure |
| overhead. This is useful, since the calculation of this overhead is not accurate and cannot |
| be entirely known in advance. The ratio that is being set determines by which factor to increase |
| the overhead calculated by Kubevirt. A higher ratio means that the VMs would be less compromised |
| by node pressures, but would mean that fewer VMs could be scheduled to a node. |
| If not set, the default is 1. |
| type: string |
| apiConfiguration: |
| description: |- |
| ReloadableComponentConfiguration holds all generic k8s configuration options which can |
| be reloaded by components without requiring a restart. |
| properties: |
| restClient: |
| description: RestClient can be used to tune certain aspects |
| of the k8s client in use. |
| properties: |
| rateLimiter: |
| description: RateLimiter allows selecting and configuring |
| different rate limiters for the k8s client. |
| properties: |
| tokenBucketRateLimiter: |
| properties: |
| burst: |
| description: |- |
| Maximum burst for throttle. |
| If it's zero, the component default will be used |
| type: integer |
| qps: |
| description: |- |
| QPS indicates the maximum QPS to the apiserver from this client. |
| If it's zero, the component default will be used |
| type: number |
| required: |
| - burst |
| - qps |
| type: object |
| type: object |
| type: object |
| type: object |
| architectureConfiguration: |
| properties: |
| amd64: |
| properties: |
| emulatedMachines: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| machineType: |
| type: string |
| ovmfPath: |
| type: string |
| type: object |
| arm64: |
| properties: |
| emulatedMachines: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| machineType: |
| type: string |
| ovmfPath: |
| type: string |
| type: object |
| defaultArchitecture: |
| type: string |
| ppc64le: |
| properties: |
| emulatedMachines: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| machineType: |
| type: string |
| ovmfPath: |
| type: string |
| type: object |
| type: object |
| autoCPULimitNamespaceLabelSelector: |
| description: |- |
| When set, AutoCPULimitNamespaceLabelSelector will set a CPU limit on virt-launcher for VMIs running inside |
| namespaces that match the label selector. |
| The CPU limit will equal the number of requested vCPUs. |
| This setting does not apply to VMIs with dedicated CPUs. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label selector |
| requirements. The requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| controllerConfiguration: |
| description: |- |
| ReloadableComponentConfiguration holds all generic k8s configuration options which can |
| be reloaded by components without requiring a restart. |
| properties: |
| restClient: |
| description: RestClient can be used to tune certain aspects |
| of the k8s client in use. |
| properties: |
| rateLimiter: |
| description: RateLimiter allows selecting and configuring |
| different rate limiters for the k8s client. |
| properties: |
| tokenBucketRateLimiter: |
| properties: |
| burst: |
| description: |- |
| Maximum burst for throttle. |
| If it's zero, the component default will be used |
| type: integer |
| qps: |
| description: |- |
| QPS indicates the maximum QPS to the apiserver from this client. |
| If it's zero, the component default will be used |
| type: number |
| required: |
| - burst |
| - qps |
| type: object |
| type: object |
| type: object |
| type: object |
| cpuModel: |
| type: string |
| cpuRequest: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| defaultRuntimeClass: |
| type: string |
| developerConfiguration: |
| description: DeveloperConfiguration holds developer options |
| properties: |
| cpuAllocationRatio: |
| description: |- |
| For each requested virtual CPU, CPUAllocationRatio defines how much physical CPU to request per VMI |
| from the hosting node. The value is in fraction of a CPU thread (or core on non-hyperthreaded nodes). |
| For example, a value of 1 means 1 physical CPU thread per VMI CPU thread. |
| A value of 100 would be 1% of a physical thread allocated for each requested VMI thread. |
| This option has no effect on VMIs that request dedicated CPUs. More information at: |
| https://kubevirt.io/user-guide/operations/node_overcommit/#node-cpu-allocation-ratio |
| Defaults to 10 |
| type: integer |
| diskVerification: |
| description: DiskVerification holds container disks verification |
| limits |
| properties: |
| memoryLimit: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| required: |
| - memoryLimit |
| type: object |
| featureGates: |
| description: FeatureGates is the list of experimental features |
| to enable. Defaults to none |
| items: |
| type: string |
| type: array |
| logVerbosity: |
| description: LogVerbosity sets log verbosity level of various |
| components |
| properties: |
| nodeVerbosity: |
| additionalProperties: |
| type: integer |
| description: NodeVerbosity represents a map of nodes with |
| a specific verbosity level |
| type: object |
| virtAPI: |
| type: integer |
| virtController: |
| type: integer |
| virtHandler: |
| type: integer |
| virtLauncher: |
| type: integer |
| virtOperator: |
| type: integer |
| type: object |
| memoryOvercommit: |
| description: |- |
| MemoryOvercommit is the percentage of memory we want to give VMIs compared to the amount |
| given to its parent pod (virt-launcher). For example, a value of 102 means the VMI will |
| "see" 2% more memory than its parent pod. Values under 100 are effectively "undercommits". |
| Overcommits can lead to memory exhaustion, which in turn can lead to crashes. Use carefully. |
| Defaults to 100 |
| type: integer |
| minimumClusterTSCFrequency: |
| description: |- |
| Allow overriding the automatically determined minimum TSC frequency of the cluster |
| and fixate the minimum to this frequency. |
| format: int64 |
| type: integer |
| minimumReservePVCBytes: |
| description: |- |
| MinimumReservePVCBytes is the amount of space, in bytes, to leave unused on disks. |
| Defaults to 131072 (128KiB) |
| format: int64 |
| type: integer |
| nodeSelectors: |
| additionalProperties: |
| type: string |
| description: |- |
| NodeSelectors allows restricting VMI creation to nodes that match a set of labels. |
| Defaults to none |
| type: object |
| pvcTolerateLessSpaceUpToPercent: |
| description: |- |
| LessPVCSpaceToleration determines how much smaller, in percentage, disk PVCs are |
| allowed to be compared to the requested size (to account for various overheads). |
| Defaults to 10 |
| type: integer |
| useEmulation: |
| description: |- |
| UseEmulation can be set to true to allow fallback to software emulation |
| in case hardware-assisted emulation is not available. Defaults to false |
| type: boolean |
| type: object |
| emulatedMachines: |
| description: Deprecated. Use architectureConfiguration instead. |
| items: |
| type: string |
| type: array |
| evictionStrategy: |
| description: |- |
| EvictionStrategy defines at the cluster level if the VirtualMachineInstance should be |
| migrated instead of shut-off in case of a node drain. If the VirtualMachineInstance specific |
| field is set it overrides the cluster level one. |
| type: string |
| handlerConfiguration: |
| description: |- |
| ReloadableComponentConfiguration holds all generic k8s configuration options which can |
| be reloaded by components without requiring a restart. |
| properties: |
| restClient: |
| description: RestClient can be used to tune certain aspects |
| of the k8s client in use. |
| properties: |
| rateLimiter: |
| description: RateLimiter allows selecting and configuring |
| different rate limiters for the k8s client. |
| properties: |
| tokenBucketRateLimiter: |
| properties: |
| burst: |
| description: |- |
| Maximum burst for throttle. |
| If it's zero, the component default will be used |
| type: integer |
| qps: |
| description: |- |
| QPS indicates the maximum QPS to the apiserver from this client. |
| If it's zero, the component default will be used |
| type: number |
| required: |
| - burst |
| - qps |
| type: object |
| type: object |
| type: object |
| type: object |
| imagePullPolicy: |
| description: PullPolicy describes a policy for if/when to pull |
| a container image |
| type: string |
| ksmConfiguration: |
| description: KSMConfiguration holds the information regarding |
| the enabling the KSM in the nodes (if available). |
| properties: |
| nodeLabelSelector: |
| description: |- |
| NodeLabelSelector is a selector that filters in which nodes the KSM will be enabled. |
| Empty NodeLabelSelector will enable ksm for every node. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list of label selector |
| requirements. The requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key that the selector |
| applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| liveUpdateConfiguration: |
| description: LiveUpdateConfiguration holds defaults for live update |
| features |
| properties: |
| maxCpuSockets: |
| description: MaxCpuSockets holds the maximum amount of sockets |
| that can be hotplugged |
| format: int32 |
| type: integer |
| maxGuest: |
| anyOf: |
| - type: integer |
| - type: string |
| description: |- |
| MaxGuest defines the maximum amount memory that can be allocated |
| to the guest using hotplug. |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| maxHotplugRatio: |
| description: |- |
| MaxHotplugRatio is the ratio used to define the max amount |
| of a hotplug resource that can be made available to a VM |
| when the specific Max* setting is not defined (MaxCpuSockets, MaxGuest) |
| Example: VM is configured with 512Mi of guest memory, if MaxGuest is not |
| defined and MaxHotplugRatio is 2 then MaxGuest = 1Gi |
| defaults to 4 |
| format: int32 |
| type: integer |
| type: object |
| machineType: |
| description: Deprecated. Use architectureConfiguration instead. |
| type: string |
| mediatedDevicesConfiguration: |
| description: MediatedDevicesConfiguration holds information about |
| MDEV types to be defined, if available |
| properties: |
| mediatedDeviceTypes: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mediatedDevicesTypes: |
| description: Deprecated. Use mediatedDeviceTypes instead. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| nodeMediatedDeviceTypes: |
| items: |
| description: NodeMediatedDeviceTypesConfig holds information |
| about MDEV types to be defined in a specific node that |
| matches the NodeSelector field. |
| properties: |
| mediatedDeviceTypes: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mediatedDevicesTypes: |
| description: Deprecated. Use mediatedDeviceTypes instead. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: |- |
| NodeSelector is a selector which must be true for the vmi to fit on a node. |
| Selector which must match a node's labels for the vmi to be scheduled on that node. |
| More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ |
| type: object |
| required: |
| - nodeSelector |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| memBalloonStatsPeriod: |
| format: int32 |
| type: integer |
| migrations: |
| description: |- |
| MigrationConfiguration holds migration options. |
| Can be overridden for specific groups of VMs though migration policies. |
| Visit https://kubevirt.io/user-guide/operations/migration_policies/ for more information. |
| properties: |
| allowAutoConverge: |
| description: |- |
| AllowAutoConverge allows the platform to compromise performance/availability of VMIs to |
| guarantee successful VMI live migrations. Defaults to false |
| type: boolean |
| allowPostCopy: |
| description: |- |
| AllowPostCopy enables post-copy live migrations. Such migrations allow even the busiest VMIs |
| to successfully live-migrate. However, events like a network failure can cause a VMI crash. |
| If set to true, migrations will still start in pre-copy, but switch to post-copy when |
| CompletionTimeoutPerGiB triggers. Defaults to false |
| type: boolean |
| bandwidthPerMigration: |
| anyOf: |
| - type: integer |
| - type: string |
| description: |- |
| BandwidthPerMigration limits the amount of network bandwidth live migrations are allowed to use. |
| The value is in quantity per second. Defaults to 0 (no limit) |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| completionTimeoutPerGiB: |
| description: |- |
| CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. |
| If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, |
| the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800 |
| format: int64 |
| type: integer |
| disableTLS: |
| description: |- |
| When set to true, DisableTLS will disable the additional layer of live migration encryption |
| provided by KubeVirt. This is usually a bad idea. Defaults to false |
| type: boolean |
| matchSELinuxLevelOnMigration: |
| description: |- |
| By default, the SELinux level of target virt-launcher pods is forced to the level of the source virt-launcher. |
| When set to true, MatchSELinuxLevelOnMigration lets the CRI auto-assign a random level to the target. |
| That will ensure the target virt-launcher doesn't share categories with another pod on the node. |
| However, migrations will fail when using RWX volumes that don't automatically deal with SELinux levels. |
| type: boolean |
| network: |
| description: |- |
| Network is the name of the CNI network to use for live migrations. By default, migrations go |
| through the pod network. |
| type: string |
| nodeDrainTaintKey: |
| description: |- |
| NodeDrainTaintKey defines the taint key that indicates a node should be drained. |
| Note: this option relies on the deprecated node taint feature. Default: kubevirt.io/drain |
| type: string |
| parallelMigrationsPerCluster: |
| description: |- |
| ParallelMigrationsPerCluster is the total number of concurrent live migrations |
| allowed cluster-wide. Defaults to 5 |
| format: int32 |
| type: integer |
| parallelOutboundMigrationsPerNode: |
| description: |- |
| ParallelOutboundMigrationsPerNode is the maximum number of concurrent outgoing live migrations |
| allowed per node. Defaults to 2 |
| format: int32 |
| type: integer |
| progressTimeout: |
| description: |- |
| ProgressTimeout is the maximum number of seconds a live migration is allowed to make no progress. |
| Hitting this timeout means a migration transferred 0 data for that many seconds. The migration is |
| then considered stuck and therefore cancelled. Defaults to 150 |
| format: int64 |
| type: integer |
| unsafeMigrationOverride: |
| description: |- |
| UnsafeMigrationOverride allows live migrations to occur even if the compatibility check |
| indicates the migration will be unsafe to the guest. Defaults to false |
| type: boolean |
| type: object |
| minCPUModel: |
| type: string |
| network: |
| description: NetworkConfiguration holds network options |
| properties: |
| binding: |
| additionalProperties: |
| properties: |
| computeResourceOverhead: |
| description: |- |
| ComputeResourceOverhead specifies the resource overhead that should be added to the compute container when using the binding. |
| version: v1alphav1 |
| properties: |
| claims: |
| description: |- |
| Claims lists the names of resources, defined in spec.resourceClaims, |
| that are used by this container. |
| |
| |
| This is an alpha field and requires enabling the |
| DynamicResourceAllocation feature gate. |
| |
| |
| This field is immutable. It can only be set for containers. |
| items: |
| description: ResourceClaim references one entry |
| in PodSpec.ResourceClaims. |
| properties: |
| name: |
| description: |- |
| Name must match the name of one entry in pod.spec.resourceClaims of |
| the Pod where this field is used. It makes that resource available |
| inside a container. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - name |
| x-kubernetes-list-type: map |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Limits describes the maximum amount of compute resources allowed. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Requests describes the minimum amount of compute resources required. |
| If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, |
| otherwise to an implementation-defined value. Requests cannot exceed Limits. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| type: object |
| domainAttachmentType: |
| description: |- |
| DomainAttachmentType is a standard domain network attachment method kubevirt supports. |
| Supported values: "tap". |
| The standard domain attachment can be used instead or in addition to the sidecarImage. |
| version: 1alphav1 |
| type: string |
| downwardAPI: |
| description: |- |
| DownwardAPI specifies what kind of data should be exposed to the binding plugin sidecar. |
| Supported values: "device-info" |
| version: v1alphav1 |
| type: string |
| migration: |
| description: |- |
| Migration means the VM using the plugin can be safely migrated |
| version: 1alphav1 |
| properties: |
| method: |
| description: |- |
| Method defines a pre-defined migration methodology |
| version: 1alphav1 |
| type: string |
| type: object |
| networkAttachmentDefinition: |
| description: |- |
| NetworkAttachmentDefinition references to a NetworkAttachmentDefinition CR object. |
| Format: <name>, <namespace>/<name>. |
| If namespace is not specified, VMI namespace is assumed. |
| version: 1alphav1 |
| type: string |
| sidecarImage: |
| description: |- |
| SidecarImage references a container image that runs in the virt-launcher pod. |
| The sidecar handles (libvirt) domain configuration and optional services. |
| version: 1alphav1 |
| type: string |
| type: object |
| type: object |
| defaultNetworkInterface: |
| type: string |
| permitBridgeInterfaceOnPodNetwork: |
| type: boolean |
| permitSlirpInterface: |
| description: |- |
| DeprecatedPermitSlirpInterface is an alias for the deprecated PermitSlirpInterface. |
| Deprecated: Removed in v1.3. |
| type: boolean |
| type: object |
| obsoleteCPUModels: |
| additionalProperties: |
| type: boolean |
| type: object |
| ovmfPath: |
| description: Deprecated. Use architectureConfiguration instead. |
| type: string |
| permittedHostDevices: |
| description: PermittedHostDevices holds information about devices |
| allowed for passthrough |
| properties: |
| mediatedDevices: |
| items: |
| description: MediatedHostDevice represents a host mediated |
| device allowed for passthrough |
| properties: |
| externalResourceProvider: |
| type: boolean |
| mdevNameSelector: |
| type: string |
| resourceName: |
| type: string |
| required: |
| - mdevNameSelector |
| - resourceName |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| pciHostDevices: |
| items: |
| description: PciHostDevice represents a host PCI device |
| allowed for passthrough |
| properties: |
| externalResourceProvider: |
| description: |- |
| If true, KubeVirt will leave the allocation and monitoring to an |
| external device plugin |
| type: boolean |
| pciVendorSelector: |
| description: The vendor_id:product_id tuple of the PCI |
| device |
| type: string |
| resourceName: |
| description: |- |
| The name of the resource that is representing the device. Exposed by |
| a device plugin and requested by VMs. Typically of the form |
| vendor.com/product_name |
| type: string |
| required: |
| - pciVendorSelector |
| - resourceName |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| usb: |
| items: |
| properties: |
| externalResourceProvider: |
| description: |- |
| If true, KubeVirt will leave the allocation and monitoring to an |
| external device plugin |
| type: boolean |
| resourceName: |
| description: |- |
| Identifies the list of USB host devices. |
| e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, etc |
| type: string |
| selectors: |
| items: |
| properties: |
| product: |
| type: string |
| vendor: |
| type: string |
| required: |
| - product |
| - vendor |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - resourceName |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| seccompConfiguration: |
| description: SeccompConfiguration holds Seccomp configuration |
| for Kubevirt components |
| properties: |
| virtualMachineInstanceProfile: |
| description: VirtualMachineInstanceProfile defines what profile |
| should be used with virt-launcher. Defaults to none |
| properties: |
| customProfile: |
| description: CustomProfile allows to request arbitrary |
| profile for virt-launcher |
| properties: |
| localhostProfile: |
| type: string |
| runtimeDefaultProfile: |
| type: boolean |
| type: object |
| type: object |
| type: object |
| selinuxLauncherType: |
| type: string |
| smbios: |
| properties: |
| family: |
| type: string |
| manufacturer: |
| type: string |
| product: |
| type: string |
| sku: |
| type: string |
| version: |
| type: string |
| type: object |
| supportContainerResources: |
| description: SupportContainerResources specifies the resource |
| requirements for various types of supporting containers such |
| as container disks/virtiofs/sidecars and hotplug attachment |
| pods. If omitted a sensible default will be supplied. |
| items: |
| description: SupportContainerResources are used to specify the |
| cpu/memory request and limits for the containers that support |
| various features of Virtual Machines. These containers are |
| usually idle and don't require a lot of memory or cpu. |
| properties: |
| resources: |
| description: ResourceRequirements describes the compute |
| resource requirements. |
| properties: |
| claims: |
| description: |- |
| Claims lists the names of resources, defined in spec.resourceClaims, |
| that are used by this container. |
| |
| |
| This is an alpha field and requires enabling the |
| DynamicResourceAllocation feature gate. |
| |
| |
| This field is immutable. It can only be set for containers. |
| items: |
| description: ResourceClaim references one entry in |
| PodSpec.ResourceClaims. |
| properties: |
| name: |
| description: |- |
| Name must match the name of one entry in pod.spec.resourceClaims of |
| the Pod where this field is used. It makes that resource available |
| inside a container. |
| type: string |
| required: |
| - name |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - name |
| x-kubernetes-list-type: map |
| limits: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Limits describes the maximum amount of compute resources allowed. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| requests: |
| additionalProperties: |
| anyOf: |
| - type: integer |
| - type: string |
| pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ |
| x-kubernetes-int-or-string: true |
| description: |- |
| Requests describes the minimum amount of compute resources required. |
| If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, |
| otherwise to an implementation-defined value. Requests cannot exceed Limits. |
| More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
| type: object |
| type: object |
| type: |
| type: string |
| required: |
| - resources |
| - type |
| type: object |
| type: array |
| x-kubernetes-list-map-keys: |
| - type |
| x-kubernetes-list-type: map |
| supportedGuestAgentVersions: |
| description: deprecated |
| items: |
| type: string |
| type: array |
| tlsConfiguration: |
| description: TLSConfiguration holds TLS options |
| properties: |
| ciphers: |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: set |
| minTLSVersion: |
| description: |- |
| MinTLSVersion is a way to specify the minimum protocol version that is acceptable for TLS connections. |
| Protocol versions are based on the following most common TLS configurations: |
| |
| |
| https://ssl-config.mozilla.org/ |
| |
| |
| Note that SSLv3.0 is not a supported protocol version due to well known |
| vulnerabilities such as POODLE: https://en.wikipedia.org/wiki/POODLE |
| enum: |
| - VersionTLS10 |
| - VersionTLS11 |
| - VersionTLS12 |
| - VersionTLS13 |
| type: string |
| type: object |
| virtualMachineInstancesPerNode: |
| type: integer |
| virtualMachineOptions: |
| description: VirtualMachineOptions holds the cluster level information |
| regarding the virtual machine. |
| properties: |
| disableFreePageReporting: |
| description: |- |
| DisableFreePageReporting disable the free page reporting of |
| memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. |
| This will have effect only if AutoattachMemBalloon is not false and the vmi is not |
| requesting any high performance feature (dedicatedCPU/realtime/hugePages), in which free page reporting is always disabled. |
| type: object |
| disableSerialConsoleLog: |
| description: |- |
| DisableSerialConsoleLog disables logging the auto-attached default serial console. |
| If not set, serial console logs will be written to a file and then streamed from a container named 'guest-console-log'. |
| The value can be individually overridden for each VM, not relevant if AutoattachSerialConsole is disabled. |
| type: object |
| type: object |
| vmRolloutStrategy: |
| description: VMRolloutStrategy defines how changes to a VM object |
| propagate to its VMI |
| enum: |
| - Stage |
| - LiveUpdate |
| nullable: true |
| type: string |
| vmStateStorageClass: |
| description: |- |
| VMStateStorageClass is the name of the storage class to use for the PVCs created to preserve VM state, like TPM. |
| The storage class must support RWX in filesystem mode. |
| type: string |
| webhookConfiguration: |
| description: |- |
| ReloadableComponentConfiguration holds all generic k8s configuration options which can |
| be reloaded by components without requiring a restart. |
| properties: |
| restClient: |
| description: RestClient can be used to tune certain aspects |
| of the k8s client in use. |
| properties: |
| rateLimiter: |
| description: RateLimiter allows selecting and configuring |
| different rate limiters for the k8s client. |
| properties: |
| tokenBucketRateLimiter: |
| properties: |
| burst: |
| description: |- |
| Maximum burst for throttle. |
| If it's zero, the component default will be used |
| type: integer |
| qps: |
| description: |- |
| QPS indicates the maximum QPS to the apiserver from this client. |
| If it's zero, the component default will be used |
| type: number |
| required: |
| - burst |
| - qps |
| type: object |
| type: object |
| type: object |
| type: object |
| type: object |
| customizeComponents: |
| properties: |
| flags: |
| description: Configure the value used for deployment and daemonset |
| resources |
| properties: |
| api: |
| additionalProperties: |
| type: string |
| type: object |
| controller: |
| additionalProperties: |
| type: string |
| type: object |
| handler: |
| additionalProperties: |
| type: string |
| type: object |
| type: object |
| patches: |
| items: |
| properties: |
| patch: |
| type: string |
| resourceName: |
| minLength: 1 |
| type: string |
| resourceType: |
| minLength: 1 |
| type: string |
| type: |
| type: string |
| required: |
| - patch |
| - resourceName |
| - resourceType |
| - type |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| imagePullPolicy: |
| description: The ImagePullPolicy to use. |
| type: string |
| imagePullSecrets: |
| description: |- |
| The imagePullSecrets to pull the container images from |
| Defaults to none |
| items: |
| description: |- |
| LocalObjectReference contains enough information to let you locate the |
| referenced object inside the same namespace. |
| properties: |
| name: |
| description: |- |
| Name of the referent. |
| More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
| TODO: Add other useful fields. apiVersion, kind, uid? |
| type: string |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| x-kubernetes-list-type: atomic |
| imageRegistry: |
| description: |- |
| The image registry to pull the container images from |
| Defaults to the same registry the operator's container image is pulled from. |
| type: string |
| imageTag: |
| description: |- |
| The image tag to use for the continer images installed. |
| Defaults to the same tag as the operator's container image. |
| type: string |
| infra: |
| description: selectors and tolerations that should apply to KubeVirt |
| infrastructure components |
| properties: |
| nodePlacement: |
| description: |- |
| nodePlacement describes scheduling configuration for specific |
| KubeVirt components |
| properties: |
| affinity: |
| description: |- |
| affinity enables pod affinity/anti-affinity placement expanding the types of constraints |
| that can be expressed with nodeSelector. |
| affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector |
| See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity |
| properties: |
| nodeAffinity: |
| description: Describes node affinity scheduling rules |
| for the pod. |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node matches the corresponding matchExpressions; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: |- |
| An empty preferred scheduling term matches all objects with implicit weight 0 |
| (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). |
| properties: |
| preference: |
| description: A node selector term, associated |
| with the corresponding weight. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| weight: |
| description: Weight associated with matching |
| the corresponding nodeSelectorTerm, in the |
| range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - preference |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to an update), the system |
| may or may not try to eventually evict the pod from its node. |
| properties: |
| nodeSelectorTerms: |
| description: Required. A list of node selector |
| terms. The terms are ORed. |
| items: |
| description: |- |
| A null or empty node selector term matches no objects. The requirements of |
| them are ANDed. |
| The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - nodeSelectorTerms |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| podAffinity: |
| description: Describes pod affinity scheduling rules (e.g. |
| co-locate this pod in the same node, zone, etc. as some |
| other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, |
| associated with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| podAntiAffinity: |
| description: Describes pod anti-affinity scheduling rules |
| (e.g. avoid putting this pod in the same node, zone, |
| etc. as some other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the anti-affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling anti-affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, |
| associated with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the anti-affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the anti-affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| type: object |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: |- |
| nodeSelector is the node selector applied to the relevant kind of pods |
| It specifies a map of key-value pairs: for the pod to be eligible to run on a node, |
| the node must have each of the indicated key-value pairs as labels |
| (it can have additional labels as well). |
| See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector |
| type: object |
| tolerations: |
| description: |- |
| tolerations is a list of tolerations applied to the relevant kind of pods |
| See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. |
| These are additional tolerations other than default ones. |
| items: |
| description: |- |
| The pod this Toleration is attached to tolerates any taint that matches |
| the triple <key,value,effect> using the matching operator <operator>. |
| properties: |
| effect: |
| description: |- |
| Effect indicates the taint effect to match. Empty means match all taint effects. |
| When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. |
| type: string |
| key: |
| description: |- |
| Key is the taint key that the toleration applies to. Empty means match all taint keys. |
| If the key is empty, operator must be Exists; this combination means to match all values and all keys. |
| type: string |
| operator: |
| description: |- |
| Operator represents a key's relationship to the value. |
| Valid operators are Exists and Equal. Defaults to Equal. |
| Exists is equivalent to wildcard for value, so that a pod can |
| tolerate all taints of a particular category. |
| type: string |
| tolerationSeconds: |
| description: |- |
| TolerationSeconds represents the period of time the toleration (which must be |
| of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, |
| it is not set, which means tolerate the taint forever (do not evict). Zero and |
| negative values will be treated as 0 (evict immediately) by the system. |
| format: int64 |
| type: integer |
| value: |
| description: |- |
| Value is the taint value the toleration matches to. |
| If the operator is Exists, the value should be empty, otherwise just a regular string. |
| type: string |
| type: object |
| type: array |
| type: object |
| replicas: |
| description: |- |
| replicas indicates how many replicas should be created for each KubeVirt infrastructure |
| component (like virt-api or virt-controller). Defaults to 2. |
| WARNING: this is an advanced feature that prevents auto-scaling for core kubevirt components. Please use with caution! |
| type: integer |
| type: object |
| monitorAccount: |
| description: |- |
| The name of the Prometheus service account that needs read-access to KubeVirt endpoints |
| Defaults to prometheus-k8s |
| type: string |
| monitorNamespace: |
| description: |- |
| The namespace Prometheus is deployed in |
| Defaults to openshift-monitor |
| type: string |
| productComponent: |
| description: |- |
| Designate the apps.kubevirt.io/component label for KubeVirt components. |
| Useful if KubeVirt is included as part of a product. |
| If ProductComponent is not specified, the component label default value is kubevirt. |
| type: string |
| productName: |
| description: |- |
| Designate the apps.kubevirt.io/part-of label for KubeVirt components. |
| Useful if KubeVirt is included as part of a product. |
| If ProductName is not specified, the part-of label will be omitted. |
| type: string |
| productVersion: |
| description: |- |
| Designate the apps.kubevirt.io/version label for KubeVirt components. |
| Useful if KubeVirt is included as part of a product. |
| If ProductVersion is not specified, KubeVirt's version will be used. |
| type: string |
| serviceMonitorNamespace: |
| description: |- |
| The namespace the service monitor will be deployed |
| When ServiceMonitorNamespace is set, then we'll install the service monitor object in that namespace |
| otherwise we will use the monitoring namespace. |
| type: string |
| uninstallStrategy: |
| description: |- |
| Specifies if kubevirt can be deleted if workloads are still present. |
| This is mainly a precaution to avoid accidental data loss |
| type: string |
| workloadUpdateStrategy: |
| description: |- |
| WorkloadUpdateStrategy defines at the cluster level how to handle |
| automated workload updates |
| properties: |
| batchEvictionInterval: |
| description: |- |
| BatchEvictionInterval Represents the interval to wait before issuing the next |
| batch of shutdowns |
| |
| |
| Defaults to 1 minute |
| type: string |
| batchEvictionSize: |
| description: |- |
| BatchEvictionSize Represents the number of VMIs that can be forced updated per |
| the BatchShutdownInteral interval |
| |
| |
| Defaults to 10 |
| type: integer |
| workloadUpdateMethods: |
| description: |- |
| WorkloadUpdateMethods defines the methods that can be used to disrupt workloads |
| during automated workload updates. |
| When multiple methods are present, the least disruptive method takes |
| precedence over more disruptive methods. For example if both LiveMigrate and Shutdown |
| methods are listed, only VMs which are not live migratable will be restarted/shutdown |
| |
| |
| An empty list defaults to no automated workload updating |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| workloads: |
| description: selectors and tolerations that should apply to KubeVirt |
| workloads |
| properties: |
| nodePlacement: |
| description: |- |
| nodePlacement describes scheduling configuration for specific |
| KubeVirt components |
| properties: |
| affinity: |
| description: |- |
| affinity enables pod affinity/anti-affinity placement expanding the types of constraints |
| that can be expressed with nodeSelector. |
| affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector |
| See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity |
| properties: |
| nodeAffinity: |
| description: Describes node affinity scheduling rules |
| for the pod. |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node matches the corresponding matchExpressions; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: |- |
| An empty preferred scheduling term matches all objects with implicit weight 0 |
| (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). |
| properties: |
| preference: |
| description: A node selector term, associated |
| with the corresponding weight. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| weight: |
| description: Weight associated with matching |
| the corresponding nodeSelectorTerm, in the |
| range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - preference |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to an update), the system |
| may or may not try to eventually evict the pod from its node. |
| properties: |
| nodeSelectorTerms: |
| description: Required. A list of node selector |
| terms. The terms are ORed. |
| items: |
| description: |- |
| A null or empty node selector term matches no objects. The requirements of |
| them are ANDed. |
| The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. |
| properties: |
| matchExpressions: |
| description: A list of node selector requirements |
| by node's labels. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchFields: |
| description: A list of node selector requirements |
| by node's fields. |
| items: |
| description: |- |
| A node selector requirement is a selector that contains values, a key, and an operator |
| that relates the key and values. |
| properties: |
| key: |
| description: The label key that the |
| selector applies to. |
| type: string |
| operator: |
| description: |- |
| Represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. |
| type: string |
| values: |
| description: |- |
| An array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. If the operator is Gt or Lt, the values |
| array must have a single element, which will be interpreted as an integer. |
| This array is replaced during a strategic merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| x-kubernetes-map-type: atomic |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - nodeSelectorTerms |
| type: object |
| x-kubernetes-map-type: atomic |
| type: object |
| podAffinity: |
| description: Describes pod affinity scheduling rules (e.g. |
| co-locate this pod in the same node, zone, etc. as some |
| other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, |
| associated with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| podAntiAffinity: |
| description: Describes pod anti-affinity scheduling rules |
| (e.g. avoid putting this pod in the same node, zone, |
| etc. as some other pod(s)). |
| properties: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| The scheduler will prefer to schedule pods to nodes that satisfy |
| the anti-affinity expressions specified by this field, but it may choose |
| a node that violates one or more of the expressions. The node that is |
| most preferred is the one with the greatest sum of weights, i.e. |
| for each node that meets all of the scheduling requirements (resource |
| request, requiredDuringScheduling anti-affinity expressions, etc.), |
| compute a sum by iterating through the elements of this field and adding |
| "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the |
| node(s) with the highest sum are the most preferred. |
| items: |
| description: The weights of all of the matched WeightedPodAffinityTerm |
| fields are added per-node to find the most preferred |
| node(s) |
| properties: |
| podAffinityTerm: |
| description: Required. A pod affinity term, |
| associated with the corresponding weight. |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The |
| requirements are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label |
| key that the selector applies |
| to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| weight: |
| description: |- |
| weight associated with matching the corresponding podAffinityTerm, |
| in the range 1-100. |
| format: int32 |
| type: integer |
| required: |
| - podAffinityTerm |
| - weight |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| requiredDuringSchedulingIgnoredDuringExecution: |
| description: |- |
| If the anti-affinity requirements specified by this field are not met at |
| scheduling time, the pod will not be scheduled onto the node. |
| If the anti-affinity requirements specified by this field cease to be met |
| at some point during pod execution (e.g. due to a pod label update), the |
| system may or may not try to eventually evict the pod from its node. |
| When there are multiple elements, the lists of nodes corresponding to each |
| podAffinityTerm are intersected, i.e. all terms must be satisfied. |
| items: |
| description: |- |
| Defines a set of pods (namely those matching the labelSelector |
| relative to the given namespace(s)) that this pod should be |
| co-located (affinity) or not co-located (anti-affinity) with, |
| where co-located is defined as running on a node whose value of |
| the label with key <topologyKey> matches that of any node on which |
| a pod of the set of pods is running |
| properties: |
| labelSelector: |
| description: |- |
| A label query over a set of resources, in this case pods. |
| If it's null, this PodAffinityTerm matches with no Pods. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| matchLabelKeys: |
| description: |- |
| MatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both matchLabelKeys and labelSelector. |
| Also, matchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| mismatchLabelKeys: |
| description: |- |
| MismatchLabelKeys is a set of pod label keys to select which pods will |
| be taken into consideration. The keys are used to lookup values from the |
| incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' |
| to select the group of existing pods which pods will be taken into consideration |
| for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming |
| pod labels will be ignored. The default value is empty. |
| The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. |
| Also, mismatchLabelKeys cannot be set when labelSelector isn't set. |
| This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| namespaceSelector: |
| description: |- |
| A label query over the set of namespaces that the term applies to. |
| The term is applied to the union of the namespaces selected by this field |
| and the ones listed in the namespaces field. |
| null selector and null or empty namespaces list means "this pod's namespace". |
| An empty selector ({}) matches all namespaces. |
| properties: |
| matchExpressions: |
| description: matchExpressions is a list |
| of label selector requirements. The requirements |
| are ANDed. |
| items: |
| description: |- |
| A label selector requirement is a selector that contains values, a key, and an operator that |
| relates the key and values. |
| properties: |
| key: |
| description: key is the label key |
| that the selector applies to. |
| type: string |
| operator: |
| description: |- |
| operator represents a key's relationship to a set of values. |
| Valid operators are In, NotIn, Exists and DoesNotExist. |
| type: string |
| values: |
| description: |- |
| values is an array of string values. If the operator is In or NotIn, |
| the values array must be non-empty. If the operator is Exists or DoesNotExist, |
| the values array must be empty. This array is replaced during a strategic |
| merge patch. |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| required: |
| - key |
| - operator |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| matchLabels: |
| additionalProperties: |
| type: string |
| description: |- |
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels |
| map is equivalent to an element of matchExpressions, whose key field is "key", the |
| operator is "In", and the values array contains only "value". The requirements are ANDed. |
| type: object |
| type: object |
| x-kubernetes-map-type: atomic |
| namespaces: |
| description: |- |
| namespaces specifies a static list of namespace names that the term applies to. |
| The term is applied to the union of the namespaces listed in this field |
| and the ones selected by namespaceSelector. |
| null or empty namespaces list and null namespaceSelector means "this pod's namespace". |
| items: |
| type: string |
| type: array |
| x-kubernetes-list-type: atomic |
| topologyKey: |
| description: |- |
| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching |
| the labelSelector in the specified namespaces, where co-located is defined as running on a node |
| whose value of the label with key topologyKey matches that of any node on which any of the |
| selected pods is running. |
| Empty topologyKey is not allowed. |
| type: string |
| required: |
| - topologyKey |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| type: object |
| type: object |
| nodeSelector: |
| additionalProperties: |
| type: string |
| description: |- |
| nodeSelector is the node selector applied to the relevant kind of pods |
| It specifies a map of key-value pairs: for the pod to be eligible to run on a node, |
| the node must have each of the indicated key-value pairs as labels |
| (it can have additional labels as well). |
| See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector |
| type: object |
| tolerations: |
| description: |- |
| tolerations is a list of tolerations applied to the relevant kind of pods |
| See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. |
| These are additional tolerations other than default ones. |
| items: |
| description: |- |
| The pod this Toleration is attached to tolerates any taint that matches |
| the triple <key,value,effect> using the matching operator <operator>. |
| properties: |
| effect: |
| description: |- |
| Effect indicates the taint effect to match. Empty means match all taint effects. |
| When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. |
| type: string |
| key: |
| description: |- |
| Key is the taint key that the toleration applies to. Empty means match all taint keys. |
| If the key is empty, operator must be Exists; this combination means to match all values and all keys. |
| type: string |
| operator: |
| description: |- |
| Operator represents a key's relationship to the value. |
| Valid operators are Exists and Equal. Defaults to Equal. |
| Exists is equivalent to wildcard for value, so that a pod can |
| tolerate all taints of a particular category. |
| type: string |
| tolerationSeconds: |
| description: |- |
| TolerationSeconds represents the period of time the toleration (which must be |
| of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, |
| it is not set, which means tolerate the taint forever (do not evict). Zero and |
| negative values will be treated as 0 (evict immediately) by the system. |
| format: int64 |
| type: integer |
| value: |
| description: |- |
| Value is the taint value the toleration matches to. |
| If the operator is Exists, the value should be empty, otherwise just a regular string. |
| type: string |
| type: object |
| type: array |
| type: object |
| replicas: |
| description: |- |
| replicas indicates how many replicas should be created for each KubeVirt infrastructure |
| component (like virt-api or virt-controller). Defaults to 2. |
| WARNING: this is an advanced feature that prevents auto-scaling for core kubevirt components. Please use with caution! |
| type: integer |
| type: object |
| type: object |
| status: |
| description: KubeVirtStatus represents information pertaining to a KubeVirt |
| deployment. |
| properties: |
| conditions: |
| items: |
| description: KubeVirtCondition represents a condition of a KubeVirt |
| deployment |
| properties: |
| lastProbeTime: |
| format: date-time |
| nullable: true |
| type: string |
| lastTransitionTime: |
| format: date-time |
| nullable: true |
| type: string |
| message: |
| type: string |
| reason: |
| type: string |
| status: |
| type: string |
| type: |
| type: string |
| required: |
| - status |
| - type |
| type: object |
| type: array |
| defaultArchitecture: |
| type: string |
| generations: |
| items: |
| description: GenerationStatus keeps track of the generation for |
| a given resource so that decisions about forced updates can be |
| made. |
| properties: |
| group: |
| description: group is the group of the thing you're tracking |
| type: string |
| hash: |
| description: hash is an optional field set for resources without |
| generation that are content sensitive like secrets and configmaps |
| type: string |
| lastGeneration: |
| description: lastGeneration is the last generation of the workload |
| controller involved |
| format: int64 |
| type: integer |
| name: |
| description: name is the name of the thing you're tracking |
| type: string |
| namespace: |
| description: namespace is where the thing you're tracking is |
| type: string |
| resource: |
| description: resource is the resource type of the thing you're |
| tracking |
| type: string |
| required: |
| - group |
| - lastGeneration |
| - name |
| - resource |
| type: object |
| type: array |
| x-kubernetes-list-type: atomic |
| observedDeploymentConfig: |
| type: string |
| observedDeploymentID: |
| type: string |
| observedGeneration: |
| format: int64 |
| type: integer |
| observedKubeVirtRegistry: |
| type: string |
| observedKubeVirtVersion: |
| type: string |
| operatorVersion: |
| type: string |
| outdatedVirtualMachineInstanceWorkloads: |
| type: integer |
| phase: |
| description: KubeVirtPhase is a label for the phase of a KubeVirt |
| deployment at the current time. |
| type: string |
| targetDeploymentConfig: |
| type: string |
| targetDeploymentID: |
| type: string |
| targetKubeVirtRegistry: |
| type: string |
| targetKubeVirtVersion: |
| type: string |
| type: object |
| required: |
| - spec |
| type: object |
| served: true |
| storage: false |
| subresources: |
| status: {} |
| |
| --- |
| apiVersion: scheduling.k8s.io/v1 |
| kind: PriorityClass |
| metadata: |
| name: kubevirt-cluster-critical |
| value: 1000000000 |
| globalDefault: false |
| description: "This priority class should be used for core kubevirt components only." |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: ClusterRole |
| metadata: |
| name: kubevirt.io:operator |
| labels: |
| operator.kubevirt.io: "" |
| rbac.authorization.k8s.io/aggregate-to-admin: "true" |
| rules: |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - kubevirts |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - deletecollection |
| --- |
| apiVersion: v1 |
| kind: ServiceAccount |
| metadata: |
| labels: |
| kubevirt.io: "" |
| name: kubevirt-operator |
| namespace: kubevirt |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: Role |
| metadata: |
| labels: |
| kubevirt.io: "" |
| name: kubevirt-operator |
| namespace: kubevirt |
| rules: |
| - apiGroups: |
| - "" |
| resourceNames: |
| - kubevirt-ca |
| - kubevirt-export-ca |
| - kubevirt-virt-handler-certs |
| - kubevirt-virt-handler-server-certs |
| - kubevirt-operator-certs |
| - kubevirt-virt-api-certs |
| - kubevirt-controller-certs |
| - kubevirt-exportproxy-certs |
| resources: |
| - secrets |
| verbs: |
| - create |
| - get |
| - list |
| - watch |
| - patch |
| - delete |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - create |
| - get |
| - list |
| - watch |
| - patch |
| - delete |
| - apiGroups: |
| - route.openshift.io |
| resources: |
| - routes |
| verbs: |
| - create |
| - get |
| - list |
| - watch |
| - patch |
| - delete |
| - apiGroups: |
| - route.openshift.io |
| resources: |
| - routes/custom-host |
| verbs: |
| - create |
| - apiGroups: |
| - coordination.k8s.io |
| resources: |
| - leases |
| verbs: |
| - get |
| - list |
| - watch |
| - delete |
| - update |
| - create |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - route.openshift.io |
| resources: |
| - routes |
| verbs: |
| - list |
| - get |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - secrets |
| verbs: |
| - list |
| - get |
| - watch |
| - apiGroups: |
| - networking.k8s.io |
| resources: |
| - ingresses |
| verbs: |
| - list |
| - get |
| - watch |
| - apiGroups: |
| - coordination.k8s.io |
| resources: |
| - leases |
| verbs: |
| - get |
| - list |
| - watch |
| - delete |
| - update |
| - create |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resourceNames: |
| - kubevirt-export-ca |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - list |
| - watch |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: RoleBinding |
| metadata: |
| labels: |
| kubevirt.io: "" |
| name: kubevirt-operator-rolebinding |
| namespace: kubevirt |
| roleRef: |
| apiGroup: rbac.authorization.k8s.io |
| kind: Role |
| name: kubevirt-operator |
| subjects: |
| - kind: ServiceAccount |
| name: kubevirt-operator |
| namespace: kubevirt |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: ClusterRole |
| metadata: |
| labels: |
| kubevirt.io: "" |
| name: kubevirt-operator |
| rules: |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - kubevirts |
| verbs: |
| - get |
| - list |
| - watch |
| - patch |
| - update |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - serviceaccounts |
| - services |
| - endpoints |
| - pods/exec |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - delete |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - patch |
| - delete |
| - apiGroups: |
| - batch |
| resources: |
| - jobs |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - delete |
| - patch |
| - apiGroups: |
| - apps |
| resources: |
| - controllerrevisions |
| verbs: |
| - watch |
| - list |
| - create |
| - delete |
| - patch |
| - apiGroups: |
| - apps |
| resources: |
| - deployments |
| - daemonsets |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - delete |
| - patch |
| - apiGroups: |
| - rbac.authorization.k8s.io |
| resources: |
| - clusterroles |
| - clusterrolebindings |
| - roles |
| - rolebindings |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - delete |
| - patch |
| - update |
| - apiGroups: |
| - apiextensions.k8s.io |
| resources: |
| - customresourcedefinitions |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - delete |
| - patch |
| - apiGroups: |
| - security.openshift.io |
| resources: |
| - securitycontextconstraints |
| verbs: |
| - create |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - security.openshift.io |
| resourceNames: |
| - privileged |
| resources: |
| - securitycontextconstraints |
| verbs: |
| - get |
| - patch |
| - update |
| - apiGroups: |
| - security.openshift.io |
| resourceNames: |
| - kubevirt-handler |
| - kubevirt-controller |
| resources: |
| - securitycontextconstraints |
| verbs: |
| - get |
| - list |
| - watch |
| - update |
| - delete |
| - apiGroups: |
| - admissionregistration.k8s.io |
| resources: |
| - validatingwebhookconfigurations |
| - mutatingwebhookconfigurations |
| - validatingadmissionpolicybindings |
| - validatingadmissionpolicies |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - delete |
| - update |
| - patch |
| - apiGroups: |
| - apiregistration.k8s.io |
| resources: |
| - apiservices |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - delete |
| - update |
| - patch |
| - apiGroups: |
| - monitoring.coreos.com |
| resources: |
| - servicemonitors |
| - prometheusrules |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - delete |
| - update |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - namespaces |
| verbs: |
| - get |
| - list |
| - watch |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - pods |
| verbs: |
| - get |
| - list |
| - delete |
| - patch |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - virtualmachines |
| - virtualmachineinstances |
| verbs: |
| - get |
| - list |
| - watch |
| - patch |
| - update |
| - apiGroups: |
| - "" |
| resources: |
| - persistentvolumeclaims |
| verbs: |
| - get |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - virtualmachines/status |
| verbs: |
| - patch |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - virtualmachineinstancemigrations |
| verbs: |
| - create |
| - get |
| - list |
| - watch |
| - patch |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - virtualmachineinstancepresets |
| verbs: |
| - watch |
| - list |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - limitranges |
| verbs: |
| - watch |
| - list |
| - apiGroups: |
| - apiextensions.k8s.io |
| resources: |
| - customresourcedefinitions |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - kubevirts |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - snapshot.kubevirt.io |
| resources: |
| - virtualmachinesnapshots |
| - virtualmachinerestores |
| - virtualmachinesnapshotcontents |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - datasources |
| - datavolumes |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - namespaces |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - instancetype.kubevirt.io |
| resources: |
| - virtualmachineinstancetypes |
| - virtualmachineclusterinstancetypes |
| - virtualmachinepreferences |
| - virtualmachineclusterpreferences |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - migrations.kubevirt.io |
| resources: |
| - migrationpolicies |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - apps |
| resources: |
| - controllerrevisions |
| verbs: |
| - create |
| - list |
| - get |
| - apiGroups: |
| - "" |
| resources: |
| - namespaces |
| verbs: |
| - get |
| - list |
| - watch |
| - patch |
| - apiGroups: |
| - policy |
| resources: |
| - poddisruptionbudgets |
| verbs: |
| - get |
| - list |
| - watch |
| - delete |
| - create |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - pods |
| - configmaps |
| - endpoints |
| - services |
| verbs: |
| - get |
| - list |
| - watch |
| - delete |
| - update |
| - create |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - events |
| verbs: |
| - update |
| - create |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - secrets |
| verbs: |
| - create |
| - apiGroups: |
| - "" |
| resources: |
| - pods/finalizers |
| verbs: |
| - update |
| - apiGroups: |
| - "" |
| resources: |
| - pods/eviction |
| verbs: |
| - create |
| - apiGroups: |
| - "" |
| resources: |
| - pods/status |
| verbs: |
| - patch |
| - apiGroups: |
| - "" |
| resources: |
| - nodes |
| verbs: |
| - get |
| - list |
| - watch |
| - update |
| - patch |
| - apiGroups: |
| - apps |
| resources: |
| - daemonsets |
| verbs: |
| - list |
| - apiGroups: |
| - apps |
| resources: |
| - controllerrevisions |
| verbs: |
| - watch |
| - list |
| - create |
| - delete |
| - get |
| - update |
| - apiGroups: |
| - "" |
| resources: |
| - persistentvolumeclaims |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - delete |
| - patch |
| - apiGroups: |
| - snapshot.kubevirt.io |
| resources: |
| - '*' |
| verbs: |
| - '*' |
| - apiGroups: |
| - export.kubevirt.io |
| resources: |
| - '*' |
| verbs: |
| - '*' |
| - apiGroups: |
| - pool.kubevirt.io |
| resources: |
| - virtualmachinepools |
| - virtualmachinepools/finalizers |
| - virtualmachinepools/status |
| - virtualmachinepools/scale |
| verbs: |
| - watch |
| - list |
| - create |
| - delete |
| - update |
| - patch |
| - get |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - '*' |
| verbs: |
| - '*' |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - virtualmachineinstances/addvolume |
| - virtualmachineinstances/removevolume |
| - virtualmachineinstances/freeze |
| - virtualmachineinstances/unfreeze |
| - virtualmachineinstances/softreboot |
| - virtualmachineinstances/sev/setupsession |
| - virtualmachineinstances/sev/injectlaunchsecret |
| verbs: |
| - update |
| - apiGroups: |
| - cdi.kubevirt.io |
| resources: |
| - '*' |
| verbs: |
| - '*' |
| - apiGroups: |
| - k8s.cni.cncf.io |
| resources: |
| - network-attachment-definitions |
| verbs: |
| - get |
| - apiGroups: |
| - apiextensions.k8s.io |
| resources: |
| - customresourcedefinitions |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - authorization.k8s.io |
| resources: |
| - subjectaccessreviews |
| verbs: |
| - create |
| - apiGroups: |
| - snapshot.storage.k8s.io |
| resources: |
| - volumesnapshotclasses |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - snapshot.storage.k8s.io |
| resources: |
| - volumesnapshots |
| verbs: |
| - get |
| - list |
| - watch |
| - create |
| - update |
| - delete |
| - apiGroups: |
| - storage.k8s.io |
| resources: |
| - storageclasses |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - instancetype.kubevirt.io |
| resources: |
| - virtualmachineinstancetypes |
| - virtualmachineclusterinstancetypes |
| - virtualmachinepreferences |
| - virtualmachineclusterpreferences |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - migrations.kubevirt.io |
| resources: |
| - migrationpolicies |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - clone.kubevirt.io |
| resources: |
| - virtualmachineclones |
| - virtualmachineclones/status |
| - virtualmachineclones/finalizers |
| verbs: |
| - get |
| - list |
| - watch |
| - update |
| - patch |
| - delete |
| - apiGroups: |
| - "" |
| resources: |
| - namespaces |
| verbs: |
| - get |
| - apiGroups: |
| - "" |
| resources: |
| - resourcequotas |
| verbs: |
| - list |
| - watch |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - virtualmachineinstances |
| verbs: |
| - update |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - nodes |
| verbs: |
| - patch |
| - list |
| - watch |
| - get |
| - apiGroups: |
| - "" |
| resources: |
| - configmaps |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - "" |
| resources: |
| - events |
| verbs: |
| - create |
| - patch |
| - apiGroups: |
| - apiextensions.k8s.io |
| resources: |
| - customresourcedefinitions |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - kubevirts |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - migrations.kubevirt.io |
| resources: |
| - migrationpolicies |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - export.kubevirt.io |
| resources: |
| - virtualmachineexports |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - kubevirts |
| verbs: |
| - list |
| - watch |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - kubevirts |
| verbs: |
| - get |
| - list |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - version |
| - guestfs |
| verbs: |
| - get |
| - list |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - virtualmachineinstances/console |
| - virtualmachineinstances/vnc |
| - virtualmachineinstances/vnc/screenshot |
| - virtualmachineinstances/portforward |
| - virtualmachineinstances/guestosinfo |
| - virtualmachineinstances/filesystemlist |
| - virtualmachineinstances/userlist |
| - virtualmachineinstances/sev/fetchcertchain |
| - virtualmachineinstances/sev/querylaunchmeasurement |
| verbs: |
| - get |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - virtualmachineinstances/pause |
| - virtualmachineinstances/unpause |
| - virtualmachineinstances/addvolume |
| - virtualmachineinstances/removevolume |
| - virtualmachineinstances/freeze |
| - virtualmachineinstances/unfreeze |
| - virtualmachineinstances/softreboot |
| - virtualmachineinstances/sev/setupsession |
| - virtualmachineinstances/sev/injectlaunchsecret |
| verbs: |
| - update |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - virtualmachines/expand-spec |
| - virtualmachines/portforward |
| verbs: |
| - get |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - virtualmachines/start |
| - virtualmachines/stop |
| - virtualmachines/restart |
| - virtualmachines/addvolume |
| - virtualmachines/removevolume |
| - virtualmachines/migrate |
| - virtualmachines/memorydump |
| verbs: |
| - update |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - expand-vm-spec |
| verbs: |
| - update |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - virtualmachines |
| - virtualmachineinstances |
| - virtualmachineinstancepresets |
| - virtualmachineinstancereplicasets |
| - virtualmachineinstancemigrations |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - deletecollection |
| - apiGroups: |
| - snapshot.kubevirt.io |
| resources: |
| - virtualmachinesnapshots |
| - virtualmachinesnapshotcontents |
| - virtualmachinerestores |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - deletecollection |
| - apiGroups: |
| - export.kubevirt.io |
| resources: |
| - virtualmachineexports |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - deletecollection |
| - apiGroups: |
| - clone.kubevirt.io |
| resources: |
| - virtualmachineclones |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - deletecollection |
| - apiGroups: |
| - instancetype.kubevirt.io |
| resources: |
| - virtualmachineinstancetypes |
| - virtualmachineclusterinstancetypes |
| - virtualmachinepreferences |
| - virtualmachineclusterpreferences |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - deletecollection |
| - apiGroups: |
| - pool.kubevirt.io |
| resources: |
| - virtualmachinepools |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - deletecollection |
| - apiGroups: |
| - migrations.kubevirt.io |
| resources: |
| - migrationpolicies |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - virtualmachineinstances/console |
| - virtualmachineinstances/vnc |
| - virtualmachineinstances/vnc/screenshot |
| - virtualmachineinstances/portforward |
| - virtualmachineinstances/guestosinfo |
| - virtualmachineinstances/filesystemlist |
| - virtualmachineinstances/userlist |
| - virtualmachineinstances/sev/fetchcertchain |
| - virtualmachineinstances/sev/querylaunchmeasurement |
| verbs: |
| - get |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - virtualmachineinstances/pause |
| - virtualmachineinstances/unpause |
| - virtualmachineinstances/addvolume |
| - virtualmachineinstances/removevolume |
| - virtualmachineinstances/freeze |
| - virtualmachineinstances/unfreeze |
| - virtualmachineinstances/softreboot |
| - virtualmachineinstances/sev/setupsession |
| - virtualmachineinstances/sev/injectlaunchsecret |
| verbs: |
| - update |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - virtualmachines/expand-spec |
| - virtualmachines/portforward |
| verbs: |
| - get |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - virtualmachines/start |
| - virtualmachines/stop |
| - virtualmachines/restart |
| - virtualmachines/addvolume |
| - virtualmachines/removevolume |
| - virtualmachines/migrate |
| - virtualmachines/memorydump |
| verbs: |
| - update |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - expand-vm-spec |
| verbs: |
| - update |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - virtualmachines |
| - virtualmachineinstances |
| - virtualmachineinstancepresets |
| - virtualmachineinstancereplicasets |
| - virtualmachineinstancemigrations |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - apiGroups: |
| - snapshot.kubevirt.io |
| resources: |
| - virtualmachinesnapshots |
| - virtualmachinesnapshotcontents |
| - virtualmachinerestores |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - apiGroups: |
| - export.kubevirt.io |
| resources: |
| - virtualmachineexports |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - apiGroups: |
| - clone.kubevirt.io |
| resources: |
| - virtualmachineclones |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - apiGroups: |
| - instancetype.kubevirt.io |
| resources: |
| - virtualmachineinstancetypes |
| - virtualmachineclusterinstancetypes |
| - virtualmachinepreferences |
| - virtualmachineclusterpreferences |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - apiGroups: |
| - pool.kubevirt.io |
| resources: |
| - virtualmachinepools |
| verbs: |
| - get |
| - delete |
| - create |
| - update |
| - patch |
| - list |
| - watch |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - kubevirts |
| verbs: |
| - get |
| - list |
| - apiGroups: |
| - migrations.kubevirt.io |
| resources: |
| - migrationpolicies |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - kubevirts |
| verbs: |
| - get |
| - list |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - virtualmachines/expand-spec |
| - virtualmachineinstances/guestosinfo |
| - virtualmachineinstances/filesystemlist |
| - virtualmachineinstances/userlist |
| - virtualmachineinstances/sev/fetchcertchain |
| - virtualmachineinstances/sev/querylaunchmeasurement |
| verbs: |
| - get |
| - apiGroups: |
| - subresources.kubevirt.io |
| resources: |
| - expand-vm-spec |
| verbs: |
| - update |
| - apiGroups: |
| - kubevirt.io |
| resources: |
| - virtualmachines |
| - virtualmachineinstances |
| - virtualmachineinstancepresets |
| - virtualmachineinstancereplicasets |
| - virtualmachineinstancemigrations |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - snapshot.kubevirt.io |
| resources: |
| - virtualmachinesnapshots |
| - virtualmachinesnapshotcontents |
| - virtualmachinerestores |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - export.kubevirt.io |
| resources: |
| - virtualmachineexports |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - clone.kubevirt.io |
| resources: |
| - virtualmachineclones |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - instancetype.kubevirt.io |
| resources: |
| - virtualmachineinstancetypes |
| - virtualmachineclusterinstancetypes |
| - virtualmachinepreferences |
| - virtualmachineclusterpreferences |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - pool.kubevirt.io |
| resources: |
| - virtualmachinepools |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - migrations.kubevirt.io |
| resources: |
| - migrationpolicies |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - instancetype.kubevirt.io |
| resources: |
| - virtualmachineclusterinstancetypes |
| - virtualmachineclusterpreferences |
| verbs: |
| - get |
| - list |
| - watch |
| - apiGroups: |
| - authentication.k8s.io |
| resources: |
| - tokenreviews |
| verbs: |
| - create |
| - apiGroups: |
| - authorization.k8s.io |
| resources: |
| - subjectaccessreviews |
| verbs: |
| - create |
| --- |
| apiVersion: rbac.authorization.k8s.io/v1 |
| kind: ClusterRoleBinding |
| metadata: |
| labels: |
| kubevirt.io: "" |
| name: kubevirt-operator |
| roleRef: |
| apiGroup: rbac.authorization.k8s.io |
| kind: ClusterRole |
| name: kubevirt-operator |
| subjects: |
| - kind: ServiceAccount |
| name: kubevirt-operator |
| namespace: kubevirt |
| |
| --- |
| apiVersion: apps/v1 |
| kind: Deployment |
| metadata: |
| labels: |
| kubevirt.io: virt-operator |
| name: virt-operator |
| namespace: kubevirt |
| spec: |
| replicas: 2 |
| selector: |
| matchLabels: |
| kubevirt.io: virt-operator |
| strategy: |
| type: RollingUpdate |
| template: |
| metadata: |
| labels: |
| kubevirt.io: virt-operator |
| name: virt-operator |
| prometheus.kubevirt.io: "true" |
| name: virt-operator |
| spec: |
| affinity: |
| podAntiAffinity: |
| preferredDuringSchedulingIgnoredDuringExecution: |
| - podAffinityTerm: |
| labelSelector: |
| matchExpressions: |
| - key: kubevirt.io |
| operator: In |
| values: |
| - virt-operator |
| topologyKey: kubernetes.io/hostname |
| weight: 1 |
| containers: |
| - args: |
| - --port |
| - "8443" |
| - -v |
| - "2" |
| command: |
| - virt-operator |
| env: |
| - name: VIRT_OPERATOR_IMAGE |
| value: quay.io/kubevirt/virt-operator:v1.3.1 |
| - name: WATCH_NAMESPACE |
| valueFrom: |
| fieldRef: |
| fieldPath: metadata.annotations['olm.targetNamespaces'] |
| - name: KUBEVIRT_VERSION |
| value: v1.3.1 |
| image: quay.io/kubevirt/virt-operator:v1.3.1 |
| imagePullPolicy: IfNotPresent |
| name: virt-operator |
| ports: |
| - containerPort: 8443 |
| name: metrics |
| protocol: TCP |
| - containerPort: 8444 |
| name: webhooks |
| protocol: TCP |
| readinessProbe: |
| httpGet: |
| path: /metrics |
| port: 8443 |
| scheme: HTTPS |
| initialDelaySeconds: 5 |
| timeoutSeconds: 10 |
| resources: |
| requests: |
| cpu: 10m |
| memory: 450Mi |
| securityContext: |
| allowPrivilegeEscalation: false |
| capabilities: |
| drop: |
| - ALL |
| seccompProfile: |
| type: RuntimeDefault |
| volumeMounts: |
| - mountPath: /etc/virt-operator/certificates |
| name: kubevirt-operator-certs |
| readOnly: true |
| - mountPath: /profile-data |
| name: profile-data |
| nodeSelector: |
| kubernetes.io/os: linux |
| priorityClassName: kubevirt-cluster-critical |
| securityContext: |
| runAsNonRoot: true |
| seccompProfile: |
| type: RuntimeDefault |
| serviceAccountName: kubevirt-operator |
| tolerations: |
| - key: CriticalAddonsOnly |
| operator: Exists |
| volumes: |
| - name: kubevirt-operator-certs |
| secret: |
| optional: true |
| secretName: kubevirt-operator-certs |
| - emptyDir: {} |
| name: profile-data |