diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml index c988818463..78e7a1192b 100644 --- a/_topic_maps/_topic_map.yml +++ b/_topic_maps/_topic_map.yml @@ -2369,8 +2369,8 @@ Topics: File: clusterautoscaler-autoscaling-openshift-io-v1 - Name: 'MachineAutoscaler [autoscaling.openshift.io/v1beta1]' File: machineautoscaler-autoscaling-openshift-io-v1beta1 - - Name: 'HorizontalPodAutoscaler [autoscaling/v1]' - File: horizontalpodautoscaler-autoscaling-v1 + - Name: 'HorizontalPodAutoscaler [autoscaling/v2]' + File: horizontalpodautoscaler-autoscaling-v2 - Name: 'Scale [autoscaling/v1]' File: scale-autoscaling-v1 - Name: Config APIs @@ -2406,12 +2406,16 @@ Topics: File: ingress-config-openshift-io-v1 - Name: 'Network [config.openshift.io/v1]' File: network-config-openshift-io-v1 + - Name: 'Node [config.openshift.io/v1]' + File: node-config-openshift-io-v1 - Name: 'OAuth [config.openshift.io/v1]' File: oauth-config-openshift-io-v1 - Name: 'OperatorHub [config.openshift.io/v1]' File: operatorhub-config-openshift-io-v1 - Name: 'Project [config.openshift.io/v1]' File: project-config-openshift-io-v1 + - Name: 'ProjectHelmChartRepository [helm.openshift.io/v1beta1]' + File: projecthelmchartrepository-helm-openshift-io-v1beta1 - Name: 'Proxy [config.openshift.io/v1]' File: proxy-config-openshift-io-v1 - Name: 'Scheduler [config.openshift.io/v1]' @@ -2524,8 +2528,8 @@ Topics: File: monitoring-apis-index - Name: 'Alertmanager [monitoring.coreos.com/v1]' File: alertmanager-monitoring-coreos-com-v1 - - Name: 'AlertmanagerConfig [monitoring.coreos.com/v1alpha1]' - File: alertmanagerconfig-monitoring-coreos-com-v1alpha1 + - Name: 'AlertmanagerConfig [monitoring.coreos.com/v1beta1]' + File: alertmanagerconfig-monitoring-coreos-com-v1beta1 - Name: 'PodMonitor [monitoring.coreos.com/v1]' File: podmonitor-monitoring-coreos-com-v1 - Name: 'Probe [monitoring.coreos.com/v1]' @@ -2545,6 +2549,8 @@ Topics: File: network-apis-index - Name: 'ClusterNetwork [network.openshift.io/v1]' File: clusternetwork-network-openshift-io-v1 + - Name: 'CloudPrivateIPConfig [cloud.network.openshift.io/v1]' + File: cloudprivateipconfig-cloud-network-openshift-io-v1 - Name: 'Endpoints [v1]' File: endpoints-v1 - Name: 'EndpointSlice [discovery.k8s.io/v1]' @@ -2567,6 +2573,8 @@ Topics: File: networkattachmentdefinition-k8s-cni-cncf-io-v1 - Name: 'NetworkPolicy [networking.k8s.io/v1]' File: networkpolicy-networking-k8s-io-v1 + - Name: 'OverlappingRangeIPReservation [whereabouts.cni.cncf.io/v1alpha1]' + File: overlappingrangeipreservation-whereabouts-cni-cncf-io-v1alpha1 - Name: 'PodNetworkConnectivityCheck [controlplane.operator.openshift.io/v1alpha1]' File: podnetworkconnectivitycheck-controlplane-operator-openshift-io-v1alpha1 - Name: 'Route [route.openshift.io/v1]' @@ -2580,6 +2588,8 @@ Topics: File: node-apis-index - Name: 'Node [v1]' File: node-v1 + - Name: 'PerformanceProfile [performance.openshift.io/v2]' + File: performanceprofile-performance-openshift-io-v2 - Name: 'Profile [tuned.openshift.io/v1]' File: profile-tuned-openshift-io-v1 - Name: 'RuntimeClass [node.k8s.io/v1]' @@ -2665,6 +2675,8 @@ Topics: File: clusterserviceversion-operators-coreos-com-v1alpha1 - Name: 'InstallPlan [operators.coreos.com/v1alpha1]' File: installplan-operators-coreos-com-v1alpha1 + - Name: 'OLMConfig [operators.coreos.com/v1]' + File: olmconfig-operators-coreos-com-v1 - Name: 'Operator [operators.coreos.com/v1]' File: operator-operators-coreos-com-v1 - Name: 'OperatorCondition [operators.coreos.com/v2]' @@ -2698,12 +2710,16 @@ Topics: Topics: - Name: About Provisioning APIs File: provisioning-apis-index + - Name: 'BMCEventSubscription [metal3.io/v1alpha1]' + File: bmceventsubscription-metal3-io-v1alpha1 - Name: 'BareMetalHost [metal3.io/v1alpha1]' File: baremetalhost-metal3-io-v1alpha1 - Name: 'FirmwareSchema [metal3.io/v1alpha1]' File: firmwareschema-metal3-io-v1alpha1 - Name: 'HostFirmwareSettings [metal3.io/v1alpha1]' File: hostfirmwaresettings-metal3-io-v1alpha1 + - Name: 'PreprovisioningImage [metal3.io/v1alpha1]' + File: preprovisioningimage-metal3-io-v1alpha1 - Name: 'Provisioning [metal3.io/v1alpha1]' File: provisioning-metal3-io-v1alpha1 - Name: RBAC APIs @@ -2743,14 +2759,14 @@ Topics: File: appliedclusterresourcequota-quota-openshift-io-v1 - Name: 'ClusterResourceQuota [quota.openshift.io/v1]' File: clusterresourcequota-quota-openshift-io-v1 - - Name: 'FlowSchema [flowcontrol.apiserver.k8s.io/v1beta1]' - File: flowschema-flowcontrol-apiserver-k8s-io-v1beta1 + - Name: 'FlowSchema [flowcontrol.apiserver.k8s.io/v1beta2]' + File: flowschema-flowcontrol-apiserver-k8s-io-v1beta2 - Name: 'LimitRange [v1]' File: limitrange-v1 - Name: 'PriorityClass [scheduling.k8s.io/v1]' File: priorityclass-scheduling-k8s-io-v1 - - Name: 'PriorityLevelConfiguration [flowcontrol.apiserver.k8s.io/v1beta1]' - File: prioritylevelconfiguration-flowcontrol-apiserver-k8s-io-v1beta1 + - Name: 'PriorityLevelConfiguration [flowcontrol.apiserver.k8s.io/v1beta2]' + File: prioritylevelconfiguration-flowcontrol-apiserver-k8s-io-v1beta2 - Name: 'ResourceQuota [v1]' File: resourcequota-v1 - Name: Security APIs @@ -2785,8 +2801,8 @@ Topics: File: csidriver-storage-k8s-io-v1 - Name: 'CSINode [storage.k8s.io/v1]' File: csinode-storage-k8s-io-v1 - - Name: 'CSIStorageCapacity [storage.k8s.io/v1beta1]' - File: csistoragecapacity-storage-k8s-io-v1beta1 + - Name: 'CSIStorageCapacity [storage.k8s.io/v1]' + File: csistoragecapacity-storage-k8s-io-v1 - Name: 'PersistentVolumeClaim [v1]' File: persistentvolumeclaim-v1 - Name: 'StorageClass [storage.k8s.io/v1]' diff --git a/api-config.yaml b/api-config.yaml index 2fc234d165..8f2cda5c89 100644 --- a/api-config.yaml +++ b/api-config.yaml @@ -49,7 +49,7 @@ apiMap: version: v1beta1 - kind: HorizontalPodAutoscaler group: autoscaling - version: v1 + version: v2 - kind: Scale group: autoscaling version: v1 @@ -97,6 +97,9 @@ apiMap: - kind: Network group: config.openshift.io version: v1 + - kind: Node + group: config.openshift.io + version: v1 - kind: OAuth group: config.openshift.io version: v1 @@ -106,6 +109,9 @@ apiMap: - kind: Project group: config.openshift.io version: v1 + - kind: ProjectHelmChartRepository + group: helm.openshift.io + version: v1beta1 - kind: Proxy group: config.openshift.io version: v1 @@ -238,7 +244,7 @@ apiMap: version: v1 - kind: AlertmanagerConfig group: monitoring.coreos.com - version: v1alpha1 + version: v1beta1 - kind: PodMonitor group: monitoring.coreos.com version: v1 @@ -262,6 +268,9 @@ apiMap: - kind: ClusterNetwork group: network.openshift.io version: v1 + - kind: CloudPrivateIPConfig + group: cloud.network.openshift.io + version: v1 - kind: Endpoints version: v1 - kind: EndpointSlice @@ -294,6 +303,9 @@ apiMap: - kind: NetworkPolicy group: networking.k8s.io version: v1 + - kind: OverlappingRangeIPReservation + group: whereabouts.cni.cncf.io + version: v1alpha1 - kind: PodNetworkConnectivityCheck group: controlplane.operator.openshift.io version: v1alpha1 @@ -306,6 +318,9 @@ apiMap: resources: - kind: Node version: v1 + - kind: PerformanceProfile + group: performance.openshift.io + version: v2 - kind: Profile group: tuned.openshift.io version: v1 @@ -423,6 +438,9 @@ apiMap: - kind: InstallPlan group: operators.coreos.com version: v1alpha1 + - kind: OLMConfig + group: operators.coreos.com + version: v1 - kind: Operator group: operators.coreos.com version: v1 @@ -462,6 +480,9 @@ apiMap: version: v1 - name: Provisioning APIs resources: + - kind: BMCEventSubscription + group: metal3.io + version: v1alpha1 - kind: BareMetalHost group: metal3.io version: v1alpha1 @@ -471,6 +492,9 @@ apiMap: - kind: HostFirmwareSettings group: metal3.io version: v1alpha1 + - kind: PreprovisioningImage + group: metal3.io + version: v1alpha1 - kind: Provisioning group: metal3.io version: v1alpha1 @@ -515,7 +539,7 @@ apiMap: version: v1 - kind: FlowSchema group: flowcontrol.apiserver.k8s.io - version: v1beta1 + version: v1beta2 - kind: LimitRange version: v1 - kind: PriorityClass @@ -523,7 +547,7 @@ apiMap: version: v1 - kind: PriorityLevelConfiguration group: flowcontrol.apiserver.k8s.io - version: v1beta1 + version: v1beta2 - kind: ResourceQuota version: v1 - name: Security APIs @@ -569,7 +593,7 @@ apiMap: version: v1 - kind: CSIStorageCapacity group: storage.k8s.io - version: v1beta1 + version: v1 - kind: PersistentVolumeClaim version: v1 - kind: StorageClass @@ -671,12 +695,6 @@ apiMap: group: apps version: v1 -# No properties defined in OpenAPI spec -# - kind: OverlappingRangeIPReservation -# group: whereabouts.cni.cncf.io -# version: v1alpha1 -# plural: overlappingrangeipreservations -# namespaced: true # TBD # - kind: NodeMetrics # group: metrics.k8s.io diff --git a/rest_api/authorization_apis/authorization-apis-index.adoc b/rest_api/authorization_apis/authorization-apis-index.adoc index fa51a50ea1..e59517362f 100644 --- a/rest_api/authorization_apis/authorization-apis-index.adoc +++ b/rest_api/authorization_apis/authorization-apis-index.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="authorization-apis"] = Authorization APIs -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -14,6 +13,8 @@ Description:: + -- LocalResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec in a particular namespace + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -25,6 +26,8 @@ Description:: + -- LocalSubjectAccessReview is an object for requesting information about whether a user or group can perform an action in a particular namespace + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -36,6 +39,8 @@ Description:: + -- ResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -47,6 +52,8 @@ Description:: + -- SelfSubjectRulesReview is a resource you can create to determine which actions you can perform in a namespace + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -58,6 +65,8 @@ Description:: + -- SubjectAccessReview is an object for requesting information about whether a user or group can perform an action + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -69,6 +78,8 @@ Description:: + -- SubjectRulesReview is a resource you can create to determine which actions another user can perform in a namespace + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/authorization_apis/localresourceaccessreview-authorization-openshift-io-v1.adoc b/rest_api/authorization_apis/localresourceaccessreview-authorization-openshift-io-v1.adoc index e529a717e6..0c4637e76c 100644 --- a/rest_api/authorization_apis/localresourceaccessreview-authorization-openshift-io-v1.adoc +++ b/rest_api/authorization_apis/localresourceaccessreview-authorization-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="localresourceaccessreview-authorization-openshift-io-v1"] = LocalResourceAccessReview [authorization.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- LocalResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec in a particular namespace + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/authorization_apis/localsubjectaccessreview-authorization-k8s-io-v1.adoc b/rest_api/authorization_apis/localsubjectaccessreview-authorization-k8s-io-v1.adoc index 8fda9cb7f7..a1a1585222 100644 --- a/rest_api/authorization_apis/localsubjectaccessreview-authorization-k8s-io-v1.adoc +++ b/rest_api/authorization_apis/localsubjectaccessreview-authorization-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="localsubjectaccessreview-authorization-k8s-io-v1"] = LocalSubjectAccessReview [authorization.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/authorization_apis/localsubjectaccessreview-authorization-openshift-io-v1.adoc b/rest_api/authorization_apis/localsubjectaccessreview-authorization-openshift-io-v1.adoc index a41dace7ba..3dca3d5a11 100644 --- a/rest_api/authorization_apis/localsubjectaccessreview-authorization-openshift-io-v1.adoc +++ b/rest_api/authorization_apis/localsubjectaccessreview-authorization-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="localsubjectaccessreview-authorization-openshift-io-v1"] = LocalSubjectAccessReview [authorization.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- LocalSubjectAccessReview is an object for requesting information about whether a user or group can perform an action in a particular namespace + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/authorization_apis/resourceaccessreview-authorization-openshift-io-v1.adoc b/rest_api/authorization_apis/resourceaccessreview-authorization-openshift-io-v1.adoc index 741d9e865f..f997ebcbb4 100644 --- a/rest_api/authorization_apis/resourceaccessreview-authorization-openshift-io-v1.adoc +++ b/rest_api/authorization_apis/resourceaccessreview-authorization-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="resourceaccessreview-authorization-openshift-io-v1"] = ResourceAccessReview [authorization.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- ResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/authorization_apis/selfsubjectaccessreview-authorization-k8s-io-v1.adoc b/rest_api/authorization_apis/selfsubjectaccessreview-authorization-k8s-io-v1.adoc index c2240c7e15..9de3c1c80f 100644 --- a/rest_api/authorization_apis/selfsubjectaccessreview-authorization-k8s-io-v1.adoc +++ b/rest_api/authorization_apis/selfsubjectaccessreview-authorization-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="selfsubjectaccessreview-authorization-k8s-io-v1"] = SelfSubjectAccessReview [authorization.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/authorization_apis/selfsubjectrulesreview-authorization-k8s-io-v1.adoc b/rest_api/authorization_apis/selfsubjectrulesreview-authorization-k8s-io-v1.adoc index b25421276c..1fbe481c85 100644 --- a/rest_api/authorization_apis/selfsubjectrulesreview-authorization-k8s-io-v1.adoc +++ b/rest_api/authorization_apis/selfsubjectrulesreview-authorization-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="selfsubjectrulesreview-authorization-k8s-io-v1"] = SelfSubjectRulesReview [authorization.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/authorization_apis/selfsubjectrulesreview-authorization-openshift-io-v1.adoc b/rest_api/authorization_apis/selfsubjectrulesreview-authorization-openshift-io-v1.adoc index 5026ddef10..8629e4a2b5 100644 --- a/rest_api/authorization_apis/selfsubjectrulesreview-authorization-openshift-io-v1.adoc +++ b/rest_api/authorization_apis/selfsubjectrulesreview-authorization-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="selfsubjectrulesreview-authorization-openshift-io-v1"] = SelfSubjectRulesReview [authorization.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- SelfSubjectRulesReview is a resource you can create to determine which actions you can perform in a namespace + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/authorization_apis/subjectaccessreview-authorization-k8s-io-v1.adoc b/rest_api/authorization_apis/subjectaccessreview-authorization-k8s-io-v1.adoc index c39ddcdc10..6a4b9f4030 100644 --- a/rest_api/authorization_apis/subjectaccessreview-authorization-k8s-io-v1.adoc +++ b/rest_api/authorization_apis/subjectaccessreview-authorization-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="subjectaccessreview-authorization-k8s-io-v1"] = SubjectAccessReview [authorization.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/authorization_apis/subjectaccessreview-authorization-openshift-io-v1.adoc b/rest_api/authorization_apis/subjectaccessreview-authorization-openshift-io-v1.adoc index 93c7a48a42..b5a75928af 100644 --- a/rest_api/authorization_apis/subjectaccessreview-authorization-openshift-io-v1.adoc +++ b/rest_api/authorization_apis/subjectaccessreview-authorization-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="subjectaccessreview-authorization-openshift-io-v1"] = SubjectAccessReview [authorization.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- SubjectAccessReview is an object for requesting information about whether a user or group can perform an action + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/authorization_apis/subjectrulesreview-authorization-openshift-io-v1.adoc b/rest_api/authorization_apis/subjectrulesreview-authorization-openshift-io-v1.adoc index b9ba387270..b77f597edb 100644 --- a/rest_api/authorization_apis/subjectrulesreview-authorization-openshift-io-v1.adoc +++ b/rest_api/authorization_apis/subjectrulesreview-authorization-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="subjectrulesreview-authorization-openshift-io-v1"] = SubjectRulesReview [authorization.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- SubjectRulesReview is a resource you can create to determine which actions another user can perform in a namespace + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/authorization_apis/tokenrequest-authentication-k8s-io-v1.adoc b/rest_api/authorization_apis/tokenrequest-authentication-k8s-io-v1.adoc index ad2ef81c56..9711bef8f7 100644 --- a/rest_api/authorization_apis/tokenrequest-authentication-k8s-io-v1.adoc +++ b/rest_api/authorization_apis/tokenrequest-authentication-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="tokenrequest-authentication-k8s-io-v1"] = TokenRequest [authentication.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/authorization_apis/tokenreview-authentication-k8s-io-v1.adoc b/rest_api/authorization_apis/tokenreview-authentication-k8s-io-v1.adoc index afa8622f67..6f8485bfca 100644 --- a/rest_api/authorization_apis/tokenreview-authentication-k8s-io-v1.adoc +++ b/rest_api/authorization_apis/tokenreview-authentication-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="tokenreview-authentication-k8s-io-v1"] = TokenReview [authentication.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -38,7 +37,7 @@ Required:: | `metadata` | xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] -| +| Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata | `spec` | `object` @@ -202,7 +201,7 @@ Description:: |=== | Parameter | Type | Description | `body` -| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview_v2`] schema +| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview`] schema | |=== @@ -211,11 +210,11 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview_v2`] schema +| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview`] schema | 201 - Created -| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview_v2`] schema +| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview`] schema | 202 - Accepted -| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview_v2`] schema +| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview`] schema | 401 - Unauthorized | Empty |=== @@ -252,7 +251,7 @@ Description:: |=== | Parameter | Type | Description | `body` -| `TokenReview` schema +| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview`] schema | |=== @@ -261,11 +260,11 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| `TokenReview` schema +| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview`] schema | 201 - Created -| `TokenReview` schema +| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview`] schema | 202 - Accepted -| `TokenReview` schema +| xref:../authorization_apis/tokenreview-authentication-k8s-io-v1.adoc#tokenreview-authentication-k8s-io-v1[`TokenReview`] schema | 401 - Unauthorized | Empty |=== diff --git a/rest_api/autoscale_apis/autoscale-apis-index.adoc b/rest_api/autoscale_apis/autoscale-apis-index.adoc index afd74ccc2c..fc671ac69c 100644 --- a/rest_api/autoscale_apis/autoscale-apis-index.adoc +++ b/rest_api/autoscale_apis/autoscale-apis-index.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="autoscale-apis"] = Autoscale APIs -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -30,12 +29,12 @@ MachineAutoscaler is the Schema for the machineautoscalers API Type:: `object` -== HorizontalPodAutoscaler [autoscaling/v1] +== HorizontalPodAutoscaler [autoscaling/v2] Description:: + -- -configuration of a horizontal pod autoscaler. +HorizontalPodAutoscaler is the configuration for a horizontal pod autoscaler, which automatically manages the replica count of any resource implementing the scale subresource based on the metrics specified. -- Type:: diff --git a/rest_api/autoscale_apis/clusterautoscaler-autoscaling-openshift-io-v1.adoc b/rest_api/autoscale_apis/clusterautoscaler-autoscaling-openshift-io-v1.adoc index f0735d25aa..53775cf9e9 100644 --- a/rest_api/autoscale_apis/clusterautoscaler-autoscaling-openshift-io-v1.adoc +++ b/rest_api/autoscale_apis/clusterautoscaler-autoscaling-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="clusterautoscaler-autoscaling-openshift-io-v1"] = ClusterAutoscaler [autoscaling.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -279,6 +278,10 @@ Required:: | `string` | How long a node should be unneeded before it is eligible for scale down +| `utilizationThreshold` +| `string` +| Node utilization level, defined as sum of requested resources divided by capacity, below which a node can be considered for scale down + |=== === .status Description:: diff --git a/rest_api/autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc b/rest_api/autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc similarity index 52% rename from rest_api/autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc rename to rest_api/autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc index ee188d0193..8cca394973 100644 --- a/rest_api/autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc +++ b/rest_api/autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc @@ -1,10 +1,9 @@ // Automatically generated by 'openshift-apidocs-gen'. Do not edit. :_content-type: ASSEMBLY -[id="horizontalpodautoscaler-autoscaling-v1"] -= HorizontalPodAutoscaler [autoscaling/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +[id="horizontalpodautoscaler-autoscaling-v2"] += HorizontalPodAutoscaler [autoscaling/v2] +:toc: macro +:toc-title: toc::[] @@ -12,7 +11,7 @@ toc::[] Description:: + -- -configuration of a horizontal pod autoscaler. +HorizontalPodAutoscaler is the configuration for a horizontal pod autoscaler, which automatically manages the replica count of any resource implementing the scale subresource based on the metrics specified. -- Type:: @@ -36,22 +35,22 @@ Type:: | `metadata` | xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] -| Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata +| metadata is the standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata | `spec` | `object` -| specification of a horizontal pod autoscaler. +| HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler. | `status` | `object` -| current status of a horizontal pod autoscaler +| HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler. |=== === .spec Description:: + -- -specification of a horizontal pod autoscaler. +HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler. -- Type:: @@ -67,9 +66,21 @@ Required:: |=== | Property | Type | Description +| `behavior` +| `object` +| HorizontalPodAutoscalerBehavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively). + | `maxReplicas` | `integer` -| upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas. +| maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas. + +| `metrics` +| `array` +| metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond. If not set, the default metric will be set to 80% average CPU utilization. + +| `metrics[]` +| `object` +| MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once). | `minReplicas` | `integer` @@ -79,9 +90,702 @@ Required:: | `object` | CrossVersionObjectReference contains enough information to let you identify the referred resource. -| `targetCPUUtilizationPercentage` +|=== +=== .spec.behavior +Description:: ++ +-- +HorizontalPodAutoscalerBehavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively). +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `scaleDown` +| `object` +| HPAScalingRules configures the scaling behavior for one direction. These Rules are applied after calculating DesiredReplicas from metrics for the HPA. They can limit the scaling velocity by specifying scaling policies. They can prevent flapping by specifying the stabilization window, so that the number of replicas is not set instantly, instead, the safest value from the stabilization window is chosen. + +| `scaleUp` +| `object` +| HPAScalingRules configures the scaling behavior for one direction. These Rules are applied after calculating DesiredReplicas from metrics for the HPA. They can limit the scaling velocity by specifying scaling policies. They can prevent flapping by specifying the stabilization window, so that the number of replicas is not set instantly, instead, the safest value from the stabilization window is chosen. + +|=== +=== .spec.behavior.scaleDown +Description:: ++ +-- +HPAScalingRules configures the scaling behavior for one direction. These Rules are applied after calculating DesiredReplicas from metrics for the HPA. They can limit the scaling velocity by specifying scaling policies. They can prevent flapping by specifying the stabilization window, so that the number of replicas is not set instantly, instead, the safest value from the stabilization window is chosen. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `policies` +| `array` +| policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid + +| `policies[]` +| `object` +| HPAScalingPolicy is a single policy which must hold true for a specified past interval. + +| `selectPolicy` +| `string` +| selectPolicy is used to specify which policy should be used. If not set, the default value Max is used. + +| `stabilizationWindowSeconds` | `integer` -| target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used. +| StabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long). + +|=== +=== .spec.behavior.scaleDown.policies +Description:: ++ +-- +policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid +-- + +Type:: + `array` + + + + +=== .spec.behavior.scaleDown.policies[] +Description:: ++ +-- +HPAScalingPolicy is a single policy which must hold true for a specified past interval. +-- + +Type:: + `object` + +Required:: + - `type` + - `value` + - `periodSeconds` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `periodSeconds` +| `integer` +| PeriodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). + +| `type` +| `string` +| Type is used to specify the scaling policy. + +| `value` +| `integer` +| Value contains the amount of change which is permitted by the policy. It must be greater than zero + +|=== +=== .spec.behavior.scaleUp +Description:: ++ +-- +HPAScalingRules configures the scaling behavior for one direction. These Rules are applied after calculating DesiredReplicas from metrics for the HPA. They can limit the scaling velocity by specifying scaling policies. They can prevent flapping by specifying the stabilization window, so that the number of replicas is not set instantly, instead, the safest value from the stabilization window is chosen. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `policies` +| `array` +| policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid + +| `policies[]` +| `object` +| HPAScalingPolicy is a single policy which must hold true for a specified past interval. + +| `selectPolicy` +| `string` +| selectPolicy is used to specify which policy should be used. If not set, the default value Max is used. + +| `stabilizationWindowSeconds` +| `integer` +| StabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long). + +|=== +=== .spec.behavior.scaleUp.policies +Description:: ++ +-- +policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid +-- + +Type:: + `array` + + + + +=== .spec.behavior.scaleUp.policies[] +Description:: ++ +-- +HPAScalingPolicy is a single policy which must hold true for a specified past interval. +-- + +Type:: + `object` + +Required:: + - `type` + - `value` + - `periodSeconds` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `periodSeconds` +| `integer` +| PeriodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min). + +| `type` +| `string` +| Type is used to specify the scaling policy. + +| `value` +| `integer` +| Value contains the amount of change which is permitted by the policy. It must be greater than zero + +|=== +=== .spec.metrics +Description:: ++ +-- +metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond. If not set, the default metric will be set to 80% average CPU utilization. +-- + +Type:: + `array` + + + + +=== .spec.metrics[] +Description:: ++ +-- +MetricSpec specifies how to scale based on a single metric (only `type` and one other matching field should be set at once). +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `containerResource` +| `object` +| ContainerResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). The values will be averaged together before being compared to the target. Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. Only one "target" type should be set. + +| `external` +| `object` +| ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). + +| `object` +| `object` +| ObjectMetricSource indicates how to scale on a metric describing a kubernetes object (for example, hits-per-second on an Ingress object). + +| `pods` +| `object` +| PodsMetricSource indicates how to scale on a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value. + +| `resource` +| `object` +| ResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). The values will be averaged together before being compared to the target. Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. Only one "target" type should be set. + +| `type` +| `string` +| type is the type of metric source. It should be one of "ContainerResource", "External", "Object", "Pods" or "Resource", each mapping to a matching field in the object. Note: "ContainerResource" type is available on when the feature-gate HPAContainerMetrics is enabled + +|=== +=== .spec.metrics[].containerResource +Description:: ++ +-- +ContainerResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). The values will be averaged together before being compared to the target. Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. Only one "target" type should be set. +-- + +Type:: + `object` + +Required:: + - `name` + - `target` + - `container` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `container` +| `string` +| container is the name of the container in the pods of the scaling target + +| `name` +| `string` +| name is the name of the resource in question. + +| `target` +| `object` +| MetricTarget defines the target value, average value, or average utilization of a specific metric + +|=== +=== .spec.metrics[].containerResource.target +Description:: ++ +-- +MetricTarget defines the target value, average value, or average utilization of a specific metric +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `averageUtilization` +| `integer` +| averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type + +| `averageValue` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| averageValue is the target value of the average of the metric across all relevant pods (as a quantity) + +| `type` +| `string` +| type represents whether the metric type is Utilization, Value, or AverageValue + +| `value` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| value is the target value of the metric (as a quantity). + +|=== +=== .spec.metrics[].external +Description:: ++ +-- +ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). +-- + +Type:: + `object` + +Required:: + - `metric` + - `target` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `metric` +| `object` +| MetricIdentifier defines the name and optionally selector for a metric + +| `target` +| `object` +| MetricTarget defines the target value, average value, or average utilization of a specific metric + +|=== +=== .spec.metrics[].external.metric +Description:: ++ +-- +MetricIdentifier defines the name and optionally selector for a metric +-- + +Type:: + `object` + +Required:: + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name is the name of the given metric + +| `selector` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector[`LabelSelector`] +| selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. + +|=== +=== .spec.metrics[].external.target +Description:: ++ +-- +MetricTarget defines the target value, average value, or average utilization of a specific metric +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `averageUtilization` +| `integer` +| averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type + +| `averageValue` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| averageValue is the target value of the average of the metric across all relevant pods (as a quantity) + +| `type` +| `string` +| type represents whether the metric type is Utilization, Value, or AverageValue + +| `value` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| value is the target value of the metric (as a quantity). + +|=== +=== .spec.metrics[].object +Description:: ++ +-- +ObjectMetricSource indicates how to scale on a metric describing a kubernetes object (for example, hits-per-second on an Ingress object). +-- + +Type:: + `object` + +Required:: + - `describedObject` + - `target` + - `metric` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `describedObject` +| `object` +| CrossVersionObjectReference contains enough information to let you identify the referred resource. + +| `metric` +| `object` +| MetricIdentifier defines the name and optionally selector for a metric + +| `target` +| `object` +| MetricTarget defines the target value, average value, or average utilization of a specific metric + +|=== +=== .spec.metrics[].object.describedObject +Description:: ++ +-- +CrossVersionObjectReference contains enough information to let you identify the referred resource. +-- + +Type:: + `object` + +Required:: + - `kind` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiVersion` +| `string` +| API version of the referent + +| `kind` +| `string` +| Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + +| `name` +| `string` +| Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names + +|=== +=== .spec.metrics[].object.metric +Description:: ++ +-- +MetricIdentifier defines the name and optionally selector for a metric +-- + +Type:: + `object` + +Required:: + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name is the name of the given metric + +| `selector` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector[`LabelSelector`] +| selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. + +|=== +=== .spec.metrics[].object.target +Description:: ++ +-- +MetricTarget defines the target value, average value, or average utilization of a specific metric +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `averageUtilization` +| `integer` +| averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type + +| `averageValue` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| averageValue is the target value of the average of the metric across all relevant pods (as a quantity) + +| `type` +| `string` +| type represents whether the metric type is Utilization, Value, or AverageValue + +| `value` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| value is the target value of the metric (as a quantity). + +|=== +=== .spec.metrics[].pods +Description:: ++ +-- +PodsMetricSource indicates how to scale on a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value. +-- + +Type:: + `object` + +Required:: + - `metric` + - `target` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `metric` +| `object` +| MetricIdentifier defines the name and optionally selector for a metric + +| `target` +| `object` +| MetricTarget defines the target value, average value, or average utilization of a specific metric + +|=== +=== .spec.metrics[].pods.metric +Description:: ++ +-- +MetricIdentifier defines the name and optionally selector for a metric +-- + +Type:: + `object` + +Required:: + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name is the name of the given metric + +| `selector` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector[`LabelSelector`] +| selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. + +|=== +=== .spec.metrics[].pods.target +Description:: ++ +-- +MetricTarget defines the target value, average value, or average utilization of a specific metric +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `averageUtilization` +| `integer` +| averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type + +| `averageValue` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| averageValue is the target value of the average of the metric across all relevant pods (as a quantity) + +| `type` +| `string` +| type represents whether the metric type is Utilization, Value, or AverageValue + +| `value` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| value is the target value of the metric (as a quantity). + +|=== +=== .spec.metrics[].resource +Description:: ++ +-- +ResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). The values will be averaged together before being compared to the target. Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. Only one "target" type should be set. +-- + +Type:: + `object` + +Required:: + - `name` + - `target` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name is the name of the resource in question. + +| `target` +| `object` +| MetricTarget defines the target value, average value, or average utilization of a specific metric + +|=== +=== .spec.metrics[].resource.target +Description:: ++ +-- +MetricTarget defines the target value, average value, or average utilization of a specific metric +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `averageUtilization` +| `integer` +| averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type + +| `averageValue` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| averageValue is the target value of the average of the metric across all relevant pods (as a quantity) + +| `type` +| `string` +| type represents whether the metric type is Utilization, Value, or AverageValue + +| `value` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| value is the target value of the metric (as a quantity). |=== === .spec.scaleTargetRef @@ -121,14 +825,13 @@ Required:: Description:: + -- -current status of a horizontal pod autoscaler +HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler. -- Type:: `object` Required:: - - `currentReplicas` - `desiredReplicas` @@ -137,25 +840,570 @@ Required:: |=== | Property | Type | Description -| `currentCPUUtilizationPercentage` -| `integer` -| current average CPU utilization over all pods, represented as a percentage of requested CPU, e.g. 70 means that an average pod is using now 70% of its requested CPU. +| `conditions` +| `array` +| conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met. + +| `conditions[]` +| `object` +| HorizontalPodAutoscalerCondition describes the state of a HorizontalPodAutoscaler at a certain point. + +| `currentMetrics` +| `array` +| currentMetrics is the last read state of the metrics used by this autoscaler. + +| `currentMetrics[]` +| `object` +| MetricStatus describes the last-read state of a single metric. | `currentReplicas` | `integer` -| current number of replicas of pods managed by this autoscaler. +| currentReplicas is current number of replicas of pods managed by this autoscaler, as last seen by the autoscaler. | `desiredReplicas` | `integer` -| desired number of replicas of pods managed by this autoscaler. +| desiredReplicas is the desired number of replicas of pods managed by this autoscaler, as last calculated by the autoscaler. | `lastScaleTime` | xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Time[`Time`] -| last time the HorizontalPodAutoscaler scaled the number of pods; used by the autoscaler to control how often the number of pods is changed. +| lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods, used by the autoscaler to control how often the number of pods is changed. | `observedGeneration` | `integer` -| most recent generation observed by this autoscaler. +| observedGeneration is the most recent generation observed by this autoscaler. + +|=== +=== .status.conditions +Description:: ++ +-- +conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met. +-- + +Type:: + `array` + + + + +=== .status.conditions[] +Description:: ++ +-- +HorizontalPodAutoscalerCondition describes the state of a HorizontalPodAutoscaler at a certain point. +-- + +Type:: + `object` + +Required:: + - `type` + - `status` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `lastTransitionTime` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Time[`Time`] +| lastTransitionTime is the last time the condition transitioned from one status to another + +| `message` +| `string` +| message is a human-readable explanation containing details about the transition + +| `reason` +| `string` +| reason is the reason for the condition's last transition. + +| `status` +| `string` +| status is the status of the condition (True, False, Unknown) + +| `type` +| `string` +| type describes the current condition + +|=== +=== .status.currentMetrics +Description:: ++ +-- +currentMetrics is the last read state of the metrics used by this autoscaler. +-- + +Type:: + `array` + + + + +=== .status.currentMetrics[] +Description:: ++ +-- +MetricStatus describes the last-read state of a single metric. +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `containerResource` +| `object` +| ContainerResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing a single container in each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. + +| `external` +| `object` +| ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object. + +| `object` +| `object` +| ObjectMetricStatus indicates the current value of a metric describing a kubernetes object (for example, hits-per-second on an Ingress object). + +| `pods` +| `object` +| PodsMetricStatus indicates the current value of a metric describing each pod in the current scale target (for example, transactions-processed-per-second). + +| `resource` +| `object` +| ResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. + +| `type` +| `string` +| type is the type of metric source. It will be one of "ContainerResource", "External", "Object", "Pods" or "Resource", each corresponds to a matching field in the object. Note: "ContainerResource" type is available on when the feature-gate HPAContainerMetrics is enabled + +|=== +=== .status.currentMetrics[].containerResource +Description:: ++ +-- +ContainerResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing a single container in each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. +-- + +Type:: + `object` + +Required:: + - `name` + - `current` + - `container` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `container` +| `string` +| Container is the name of the container in the pods of the scaling target + +| `current` +| `object` +| MetricValueStatus holds the current value for a metric + +| `name` +| `string` +| Name is the name of the resource in question. + +|=== +=== .status.currentMetrics[].containerResource.current +Description:: ++ +-- +MetricValueStatus holds the current value for a metric +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `averageUtilization` +| `integer` +| currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. + +| `averageValue` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| averageValue is the current value of the average of the metric across all relevant pods (as a quantity) + +| `value` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| value is the current value of the metric (as a quantity). + +|=== +=== .status.currentMetrics[].external +Description:: ++ +-- +ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object. +-- + +Type:: + `object` + +Required:: + - `metric` + - `current` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `current` +| `object` +| MetricValueStatus holds the current value for a metric + +| `metric` +| `object` +| MetricIdentifier defines the name and optionally selector for a metric + +|=== +=== .status.currentMetrics[].external.current +Description:: ++ +-- +MetricValueStatus holds the current value for a metric +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `averageUtilization` +| `integer` +| currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. + +| `averageValue` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| averageValue is the current value of the average of the metric across all relevant pods (as a quantity) + +| `value` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| value is the current value of the metric (as a quantity). + +|=== +=== .status.currentMetrics[].external.metric +Description:: ++ +-- +MetricIdentifier defines the name and optionally selector for a metric +-- + +Type:: + `object` + +Required:: + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name is the name of the given metric + +| `selector` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector[`LabelSelector`] +| selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. + +|=== +=== .status.currentMetrics[].object +Description:: ++ +-- +ObjectMetricStatus indicates the current value of a metric describing a kubernetes object (for example, hits-per-second on an Ingress object). +-- + +Type:: + `object` + +Required:: + - `metric` + - `current` + - `describedObject` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `current` +| `object` +| MetricValueStatus holds the current value for a metric + +| `describedObject` +| `object` +| CrossVersionObjectReference contains enough information to let you identify the referred resource. + +| `metric` +| `object` +| MetricIdentifier defines the name and optionally selector for a metric + +|=== +=== .status.currentMetrics[].object.current +Description:: ++ +-- +MetricValueStatus holds the current value for a metric +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `averageUtilization` +| `integer` +| currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. + +| `averageValue` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| averageValue is the current value of the average of the metric across all relevant pods (as a quantity) + +| `value` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| value is the current value of the metric (as a quantity). + +|=== +=== .status.currentMetrics[].object.describedObject +Description:: ++ +-- +CrossVersionObjectReference contains enough information to let you identify the referred resource. +-- + +Type:: + `object` + +Required:: + - `kind` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiVersion` +| `string` +| API version of the referent + +| `kind` +| `string` +| Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + +| `name` +| `string` +| Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names + +|=== +=== .status.currentMetrics[].object.metric +Description:: ++ +-- +MetricIdentifier defines the name and optionally selector for a metric +-- + +Type:: + `object` + +Required:: + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name is the name of the given metric + +| `selector` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector[`LabelSelector`] +| selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. + +|=== +=== .status.currentMetrics[].pods +Description:: ++ +-- +PodsMetricStatus indicates the current value of a metric describing each pod in the current scale target (for example, transactions-processed-per-second). +-- + +Type:: + `object` + +Required:: + - `metric` + - `current` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `current` +| `object` +| MetricValueStatus holds the current value for a metric + +| `metric` +| `object` +| MetricIdentifier defines the name and optionally selector for a metric + +|=== +=== .status.currentMetrics[].pods.current +Description:: ++ +-- +MetricValueStatus holds the current value for a metric +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `averageUtilization` +| `integer` +| currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. + +| `averageValue` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| averageValue is the current value of the average of the metric across all relevant pods (as a quantity) + +| `value` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| value is the current value of the metric (as a quantity). + +|=== +=== .status.currentMetrics[].pods.metric +Description:: ++ +-- +MetricIdentifier defines the name and optionally selector for a metric +-- + +Type:: + `object` + +Required:: + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name is the name of the given metric + +| `selector` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector[`LabelSelector`] +| selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics. + +|=== +=== .status.currentMetrics[].resource +Description:: ++ +-- +ResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the "pods" source. +-- + +Type:: + `object` + +Required:: + - `name` + - `current` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `current` +| `object` +| MetricValueStatus holds the current value for a metric + +| `name` +| `string` +| Name is the name of the resource in question. + +|=== +=== .status.currentMetrics[].resource.current +Description:: ++ +-- +MetricValueStatus holds the current value for a metric +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `averageUtilization` +| `integer` +| currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. + +| `averageValue` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| averageValue is the current value of the average of the metric across all relevant pods (as a quantity) + +| `value` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.api.resource.Quantity[`Quantity`] +| value is the current value of the metric (as a quantity). |=== @@ -163,30 +1411,30 @@ Required:: The following API endpoints are available: -* `/apis/autoscaling/v1/horizontalpodautoscalers` +* `/apis/autoscaling/v2/horizontalpodautoscalers` - `GET`: list or watch objects of kind HorizontalPodAutoscaler -* `/apis/autoscaling/v1/watch/horizontalpodautoscalers` +* `/apis/autoscaling/v2/watch/horizontalpodautoscalers` - `GET`: watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead. -* `/apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers` +* `/apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers` - `DELETE`: delete collection of HorizontalPodAutoscaler - `GET`: list or watch objects of kind HorizontalPodAutoscaler - `POST`: create a HorizontalPodAutoscaler -* `/apis/autoscaling/v1/watch/namespaces/{namespace}/horizontalpodautoscalers` +* `/apis/autoscaling/v2/watch/namespaces/{namespace}/horizontalpodautoscalers` - `GET`: watch individual changes to a list of HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead. -* `/apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}` +* `/apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name}` - `DELETE`: delete a HorizontalPodAutoscaler - `GET`: read the specified HorizontalPodAutoscaler - `PATCH`: partially update the specified HorizontalPodAutoscaler - `PUT`: replace the specified HorizontalPodAutoscaler -* `/apis/autoscaling/v1/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}` +* `/apis/autoscaling/v2/watch/namespaces/{namespace}/horizontalpodautoscalers/{name}` - `GET`: watch changes to an object of kind HorizontalPodAutoscaler. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter. -* `/apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}/status` +* `/apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name}/status` - `GET`: read status of the specified HorizontalPodAutoscaler - `PATCH`: partially update status of the specified HorizontalPodAutoscaler - `PUT`: replace status of the specified HorizontalPodAutoscaler -=== /apis/autoscaling/v1/horizontalpodautoscalers +=== /apis/autoscaling/v2/horizontalpodautoscalers .Global query parameters @@ -245,13 +1493,13 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../objects/index.adoc#io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList[`HorizontalPodAutoscalerList`] schema +| xref:../objects/index.adoc#io.k8s.api.autoscaling.v2.HorizontalPodAutoscalerList[`HorizontalPodAutoscalerList`] schema | 401 - Unauthorized | Empty |=== -=== /apis/autoscaling/v1/watch/horizontalpodautoscalers +=== /apis/autoscaling/v2/watch/horizontalpodautoscalers .Global query parameters @@ -316,7 +1564,7 @@ Description:: |=== -=== /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers +=== /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers .Global path parameters [cols="1,1,2",options="header"] @@ -463,7 +1711,7 @@ Defaults to unset |=== | HTTP code | Reponse body | 200 - OK -| xref:../objects/index.adoc#io.k8s.api.autoscaling.v1.HorizontalPodAutoscalerList[`HorizontalPodAutoscalerList`] schema +| xref:../objects/index.adoc#io.k8s.api.autoscaling.v2.HorizontalPodAutoscalerList[`HorizontalPodAutoscalerList`] schema | 401 - Unauthorized | Empty |=== @@ -492,7 +1740,7 @@ Description:: |=== | Parameter | Type | Description | `body` -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | |=== @@ -501,17 +1749,17 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 201 - Created -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 202 - Accepted -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 401 - Unauthorized | Empty |=== -=== /apis/autoscaling/v1/watch/namespaces/{namespace}/horizontalpodautoscalers +=== /apis/autoscaling/v2/watch/namespaces/{namespace}/horizontalpodautoscalers .Global path parameters [cols="1,1,2",options="header"] @@ -584,7 +1832,7 @@ Description:: |=== -=== /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name} +=== /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name} .Global path parameters [cols="1,1,2",options="header"] @@ -665,7 +1913,7 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 401 - Unauthorized | Empty |=== @@ -706,9 +1954,9 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 201 - Created -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 401 - Unauthorized | Empty |=== @@ -737,7 +1985,7 @@ Description:: |=== | Parameter | Type | Description | `body` -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | |=== @@ -746,15 +1994,15 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 201 - Created -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 401 - Unauthorized | Empty |=== -=== /apis/autoscaling/v1/watch/namespaces/{namespace}/horizontalpodautoscalers/{name} +=== /apis/autoscaling/v2/watch/namespaces/{namespace}/horizontalpodautoscalers/{name} .Global path parameters [cols="1,1,2",options="header"] @@ -830,7 +2078,7 @@ Description:: |=== -=== /apis/autoscaling/v1/namespaces/{namespace}/horizontalpodautoscalers/{name}/status +=== /apis/autoscaling/v2/namespaces/{namespace}/horizontalpodautoscalers/{name}/status .Global path parameters [cols="1,1,2",options="header"] @@ -865,7 +2113,7 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 401 - Unauthorized | Empty |=== @@ -906,9 +2154,9 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 201 - Created -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 401 - Unauthorized | Empty |=== @@ -937,7 +2185,7 @@ Description:: |=== | Parameter | Type | Description | `body` -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | |=== @@ -946,9 +2194,9 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 201 - Created -| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[`HorizontalPodAutoscaler`] schema +| xref:../autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[`HorizontalPodAutoscaler`] schema | 401 - Unauthorized | Empty |=== diff --git a/rest_api/autoscale_apis/machineautoscaler-autoscaling-openshift-io-v1beta1.adoc b/rest_api/autoscale_apis/machineautoscaler-autoscaling-openshift-io-v1beta1.adoc index e30d19e7ac..4d094e361f 100644 --- a/rest_api/autoscale_apis/machineautoscaler-autoscaling-openshift-io-v1beta1.adoc +++ b/rest_api/autoscale_apis/machineautoscaler-autoscaling-openshift-io-v1beta1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="machineautoscaler-autoscaling-openshift-io-v1beta1"] = MachineAutoscaler [autoscaling.openshift.io/v1beta1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/autoscale_apis/scale-autoscaling-v1.adoc b/rest_api/autoscale_apis/scale-autoscaling-v1.adoc index 9044eee6fc..935fd8e472 100644 --- a/rest_api/autoscale_apis/scale-autoscaling-v1.adoc +++ b/rest_api/autoscale_apis/scale-autoscaling-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="scale-autoscaling-v1"] = Scale [autoscaling/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/apiserver-config-openshift-io-v1.adoc b/rest_api/config_apis/apiserver-config-openshift-io-v1.adoc index 8b49e29f9c..7f1c162910 100644 --- a/rest_api/config_apis/apiserver-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/apiserver-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="apiserver-config-openshift-io-v1"] = APIServer [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/authentication-config-openshift-io-v1.adoc b/rest_api/config_apis/authentication-config-openshift-io-v1.adoc index 2df2c241cb..e65ca912a2 100644 --- a/rest_api/config_apis/authentication-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/authentication-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="authentication-config-openshift-io-v1"] = Authentication [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/build-config-openshift-io-v1.adoc b/rest_api/config_apis/build-config-openshift-io-v1.adoc index ae192798ca..0dfbd250f1 100644 --- a/rest_api/config_apis/build-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/build-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="build-config-openshift-io-v1"] = Build [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/clusteroperator-config-openshift-io-v1.adoc b/rest_api/config_apis/clusteroperator-config-openshift-io-v1.adoc index c2aafe4ac6..cd1e0b1024 100644 --- a/rest_api/config_apis/clusteroperator-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/clusteroperator-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="clusteroperator-config-openshift-io-v1"] = ClusterOperator [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -12,7 +11,8 @@ toc::[] Description:: + -- -ClusterOperator is the Custom Resource object which holds the current state of an operator. This object is used by operators to convey their state to the rest of the cluster. +ClusterOperator is the Custom Resource object which holds the current state of an operator. This object is used by operators to convey their state to the rest of the cluster. + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/config_apis/clusterversion-config-openshift-io-v1.adoc b/rest_api/config_apis/clusterversion-config-openshift-io-v1.adoc index 51ac01c14b..b581019ea6 100644 --- a/rest_api/config_apis/clusterversion-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/clusterversion-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="clusterversion-config-openshift-io-v1"] = ClusterVersion [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -12,7 +11,8 @@ toc::[] Description:: + -- -ClusterVersion is the configuration for the ClusterVersionOperator. This is where parameters related to automatic updates can be set. +ClusterVersion is the configuration for the ClusterVersionOperator. This is where parameters related to automatic updates can be set. + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -68,6 +68,10 @@ Required:: |=== | Property | Type | Description +| `capabilities` +| `object` +| capabilities configures the installation of optional, core cluster components. A null value here is identical to an empty object; see the child properties for default semantics. + | `channel` | `string` | channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster. The default channel will be contain stable updates that are appropriate for production clusters. @@ -93,6 +97,32 @@ Required:: | `string` | upstream may be used to specify the preferred update server. By default it will use the appropriate update server for the cluster and region. +|=== +=== .spec.capabilities +Description:: ++ +-- +capabilities configures the installation of optional, core cluster components. A null value here is identical to an empty object; see the child properties for default semantics. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `additionalEnabledCapabilities` +| `array (string)` +| additionalEnabledCapabilities extends the set of managed capabilities beyond the baseline defined in baselineCapabilitySet. The default is an empty set. + +| `baselineCapabilitySet` +| `string` +| baselineCapabilitySet selects an initial set of optional capabilities to enable, which can be extended via additionalEnabledCapabilities. If unset, the cluster will choose a default, and the default may change over time. The current default is vCurrent. + |=== === .spec.desiredUpdate Description:: @@ -114,8 +144,7 @@ Type:: | `force` | `boolean` -| force allows an administrator to update to an image that has failed verification, does not appear in the availableUpdates list, or otherwise would be blocked by normal protections on update. This option should only be used when the authenticity of the provided image has been verified out of band because the provided image will run with full administrative access to the cluster. Do not use this flag with images that comes from unknown or potentially malicious sources. - This flag does not override other forms of consistency checking that are required before a new update is deployed. +| force allows an administrator to update to an image that has failed verification or upgradeable checks. This option should only be used when the authenticity of the provided image has been verified out of band because the provided image will run with full administrative access to the cluster. Do not use this flag with images that comes from unknown or potentially malicious sources. | `image` | `string` @@ -206,7 +235,19 @@ Required:: | `availableUpdates` | `` -| availableUpdates contains the list of updates that are appropriate for this cluster. This list may be empty if no updates are recommended, if the update service is unavailable, or if an invalid channel has been specified. +| availableUpdates contains updates recommended for this cluster. Updates which appear in conditionalUpdates but not in availableUpdates may expose this cluster to known issues. This list may be empty if no updates are recommended, if the update service is unavailable, or if an invalid channel has been specified. + +| `capabilities` +| `object` +| capabilities describes the state of optional, core cluster components. + +| `conditionalUpdates` +| `array` +| conditionalUpdates contains the list of updates that may be recommended for this cluster if it meets specific required conditions. Consumers interested in the set of updates that are actually recommended for this cluster should use availableUpdates. This list may be empty if no updates are recommended, if the update service is unavailable, or if an empty or invalid channel has been specified. + +| `conditionalUpdates[]` +| `object` +| ConditionalUpdate represents an update which is recommended to some clusters on the version the current cluster is reconciling, but which may not be recommended for the current cluster. | `conditions` | `array` @@ -236,6 +277,304 @@ Required:: | `string` | versionHash is a fingerprint of the content that the cluster will be updated with. It is used by the operator to avoid unnecessary work and is for internal use only. +|=== +=== .status.capabilities +Description:: ++ +-- +capabilities describes the state of optional, core cluster components. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `enabledCapabilities` +| `array (string)` +| enabledCapabilities lists all the capabilities that are currently managed. + +| `knownCapabilities` +| `array (string)` +| knownCapabilities lists all the capabilities known to the current cluster. + +|=== +=== .status.conditionalUpdates +Description:: ++ +-- +conditionalUpdates contains the list of updates that may be recommended for this cluster if it meets specific required conditions. Consumers interested in the set of updates that are actually recommended for this cluster should use availableUpdates. This list may be empty if no updates are recommended, if the update service is unavailable, or if an empty or invalid channel has been specified. +-- + +Type:: + `array` + + + + +=== .status.conditionalUpdates[] +Description:: ++ +-- +ConditionalUpdate represents an update which is recommended to some clusters on the version the current cluster is reconciling, but which may not be recommended for the current cluster. +-- + +Type:: + `object` + +Required:: + - `release` + - `risks` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `conditions` +| `array` +| conditions represents the observations of the conditional update's current status. Known types are: * Evaluating, for whether the cluster-version operator will attempt to evaluate any risks[].matchingRules. * Recommended, for whether the update is recommended for the current cluster. + +| `conditions[]` +| `object` +| Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` + // other fields } + +| `release` +| `object` +| release is the target of the update. + +| `risks` +| `array` +| risks represents the range of issues associated with updating to the target release. The cluster-version operator will evaluate all entries, and only recommend the update if there is at least one entry and all entries recommend the update. + +| `risks[]` +| `object` +| ConditionalUpdateRisk represents a reason and cluster-state for not recommending a conditional update. + +|=== +=== .status.conditionalUpdates[].conditions +Description:: ++ +-- +conditions represents the observations of the conditional update's current status. Known types are: * Evaluating, for whether the cluster-version operator will attempt to evaluate any risks[].matchingRules. * Recommended, for whether the update is recommended for the current cluster. +-- + +Type:: + `array` + + + + +=== .status.conditionalUpdates[].conditions[] +Description:: ++ +-- +Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` + // other fields } +-- + +Type:: + `object` + +Required:: + - `lastTransitionTime` + - `message` + - `reason` + - `status` + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `lastTransitionTime` +| `string` +| lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + +| `message` +| `string` +| message is a human readable message indicating details about the transition. This may be an empty string. + +| `observedGeneration` +| `integer` +| observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + +| `reason` +| `string` +| reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + +| `status` +| `string` +| status of the condition, one of True, False, Unknown. + +| `type` +| `string` +| type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + +|=== +=== .status.conditionalUpdates[].release +Description:: ++ +-- +release is the target of the update. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `channels` +| `array (string)` +| channels is the set of Cincinnati channels to which the release currently belongs. + +| `image` +| `string` +| image is a container image location that contains the update. When this field is part of spec, image is optional if version is specified and the availableUpdates field contains a matching version. + +| `url` +| `string` +| url contains information about this release. This URL is set by the 'url' metadata property on a release or the metadata returned by the update API and should be displayed as a link in user interfaces. The URL field may not be set for test or nightly releases. + +| `version` +| `string` +| version is a semantic versioning identifying the update version. When this field is part of spec, version is optional if image is specified. + +|=== +=== .status.conditionalUpdates[].risks +Description:: ++ +-- +risks represents the range of issues associated with updating to the target release. The cluster-version operator will evaluate all entries, and only recommend the update if there is at least one entry and all entries recommend the update. +-- + +Type:: + `array` + + + + +=== .status.conditionalUpdates[].risks[] +Description:: ++ +-- +ConditionalUpdateRisk represents a reason and cluster-state for not recommending a conditional update. +-- + +Type:: + `object` + +Required:: + - `matchingRules` + - `message` + - `name` + - `url` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `matchingRules` +| `array` +| matchingRules is a slice of conditions for deciding which clusters match the risk and which do not. The slice is ordered by decreasing precedence. The cluster-version operator will walk the slice in order, and stop after the first it can successfully evaluate. If no condition can be successfully evaluated, the update will not be recommended. + +| `matchingRules[]` +| `object` +| ClusterCondition is a union of typed cluster conditions. The 'type' property determines which of the type-specific properties are relevant. When evaluated on a cluster, the condition may match, not match, or fail to evaluate. + +| `message` +| `string` +| message provides additional information about the risk of updating, in the event that matchingRules match the cluster state. This is only to be consumed by humans. It may contain Line Feed characters (U+000A), which should be rendered as new lines. + +| `name` +| `string` +| name is the CamelCase reason for not recommending a conditional update, in the event that matchingRules match the cluster state. + +| `url` +| `string` +| url contains information about this risk. + +|=== +=== .status.conditionalUpdates[].risks[].matchingRules +Description:: ++ +-- +matchingRules is a slice of conditions for deciding which clusters match the risk and which do not. The slice is ordered by decreasing precedence. The cluster-version operator will walk the slice in order, and stop after the first it can successfully evaluate. If no condition can be successfully evaluated, the update will not be recommended. +-- + +Type:: + `array` + + + + +=== .status.conditionalUpdates[].risks[].matchingRules[] +Description:: ++ +-- +ClusterCondition is a union of typed cluster conditions. The 'type' property determines which of the type-specific properties are relevant. When evaluated on a cluster, the condition may match, not match, or fail to evaluate. +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `promql` +| `object` +| promQL represents a cluster condition based on PromQL. + +| `type` +| `string` +| type represents the cluster-condition type. This defines the members and semantics of any additional properties. + +|=== +=== .status.conditionalUpdates[].risks[].matchingRules[].promql +Description:: ++ +-- +promQL represents a cluster condition based on PromQL. +-- + +Type:: + `object` + +Required:: + - `promql` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `promql` +| `string` +| PromQL is a PromQL query classifying clusters. This query query should return a 1 in the match case and a 0 in the does-not-match case. Queries which return no time series, or which return values besides 0 or 1, are evaluation failures. + |=== === .status.conditions Description:: @@ -361,6 +700,10 @@ Required:: |=== | Property | Type | Description +| `acceptedRisks` +| `string` +| acceptedRisks records risks which were accepted to initiate the update. For example, it may menition an Upgradeable=False or missing signature that was overriden via desiredUpdate.force, or an update that was initiated despite not being in the availableUpdates set of recommended update targets. + | `completionTime` | `` | completionTime, if set, is when the update was fully applied. The update that is currently being applied will have a null completion time. Completion time will always be set for entries that are not the current update (usually to the started time of the next update). @@ -379,7 +722,7 @@ Required:: | `verified` | `boolean` -| verified indicates whether the provided update was properly verified before it was installed. If this is false the cluster may not be trusted. +| verified indicates whether the provided update was properly verified before it was installed. If this is false the cluster may not be trusted. Verified does not cover upgradeable checks that depend on the cluster state at the time when the update target was accepted. | `version` | `string` diff --git a/rest_api/config_apis/config-apis-index.adoc b/rest_api/config_apis/config-apis-index.adoc index 2878b5f1ed..a16245eddb 100644 --- a/rest_api/config_apis/config-apis-index.adoc +++ b/rest_api/config_apis/config-apis-index.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="config-apis"] = Config APIs -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -50,7 +49,8 @@ Type:: Description:: + -- -ClusterOperator is the Custom Resource object which holds the current state of an operator. This object is used by operators to convey their state to the rest of the cluster. +ClusterOperator is the Custom Resource object which holds the current state of an operator. This object is used by operators to convey their state to the rest of the cluster. + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -61,7 +61,8 @@ Type:: Description:: + -- -ClusterVersion is the configuration for the ClusterVersionOperator. This is where parameters related to automatic updates can be set. +ClusterVersion is the configuration for the ClusterVersionOperator. This is where parameters related to automatic updates can be set. + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -172,6 +173,18 @@ Network holds cluster-wide information about Network. The canonical name is `clu Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- +Type:: + `object` + +== Node [config.openshift.io/v1] + +Description:: ++ +-- +Node holds cluster-wide information about node specific features. + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +-- + Type:: `object` @@ -208,6 +221,18 @@ Project holds cluster-wide information about Project. The canonical name is `cl Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- +Type:: + `object` + +== ProjectHelmChartRepository [helm.openshift.io/v1beta1] + +Description:: ++ +-- +ProjectHelmChartRepository holds namespace-wide configuration for proxied Helm chart repository + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). +-- + Type:: `object` diff --git a/rest_api/config_apis/console-config-openshift-io-v1.adoc b/rest_api/config_apis/console-config-openshift-io-v1.adoc index cb071bbc28..e49023f2a7 100644 --- a/rest_api/config_apis/console-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/console-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="console-config-openshift-io-v1"] = Console [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/dns-config-openshift-io-v1.adoc b/rest_api/config_apis/dns-config-openshift-io-v1.adoc index d601df22dc..570e4ae076 100644 --- a/rest_api/config_apis/dns-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/dns-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="dns-config-openshift-io-v1"] = DNS [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/featuregate-config-openshift-io-v1.adoc b/rest_api/config_apis/featuregate-config-openshift-io-v1.adoc index 9986e120bb..3be3f0683c 100644 --- a/rest_api/config_apis/featuregate-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/featuregate-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="featuregate-config-openshift-io-v1"] = FeatureGate [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/helmchartrepository-helm-openshift-io-v1beta1.adoc b/rest_api/config_apis/helmchartrepository-helm-openshift-io-v1beta1.adoc index 9f7f1cd6a0..ad5321b104 100644 --- a/rest_api/config_apis/helmchartrepository-helm-openshift-io-v1beta1.adoc +++ b/rest_api/config_apis/helmchartrepository-helm-openshift-io-v1beta1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="helmchartrepository-helm-openshift-io-v1beta1"] = HelmChartRepository [helm.openshift.io/v1beta1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -77,7 +76,7 @@ Type:: | `disabled` | `boolean` -| If set to true, disable the repo usage in the cluster +| If set to true, disable the repo usage in the cluster/namespace | `name` | `string` diff --git a/rest_api/config_apis/image-config-openshift-io-v1.adoc b/rest_api/config_apis/image-config-openshift-io-v1.adoc index 07772cafaf..cdfff1f88d 100644 --- a/rest_api/config_apis/image-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/image-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="image-config-openshift-io-v1"] = Image [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/imagecontentpolicy-config-openshift-io-v1.adoc b/rest_api/config_apis/imagecontentpolicy-config-openshift-io-v1.adoc index adeb0cffcb..ae4b09635f 100644 --- a/rest_api/config_apis/imagecontentpolicy-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/imagecontentpolicy-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="imagecontentpolicy-config-openshift-io-v1"] = ImageContentPolicy [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/infrastructure-config-openshift-io-v1.adoc b/rest_api/config_apis/infrastructure-config-openshift-io-v1.adoc index 4cff8dea2b..ae2b2a27be 100644 --- a/rest_api/config_apis/infrastructure-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/infrastructure-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="infrastructure-config-openshift-io-v1"] = Infrastructure [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -153,6 +152,10 @@ Type:: | `object` | Kubevirt contains settings specific to the kubevirt infrastructure provider. +| `nutanix` +| `object` +| Nutanix contains settings specific to the Nutanix infrastructure provider. + | `openstack` | `object` | OpenStack contains settings specific to the OpenStack infrastructure provider. @@ -167,7 +170,7 @@ Type:: | `type` | `string` -| type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "KubeVirt", "EquinixMetal", "PowerVS", "AlibabaCloud" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. +| type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "KubeVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. | `vsphere` | `object` @@ -330,6 +333,139 @@ Type:: +=== .spec.platformSpec.nutanix +Description:: ++ +-- +Nutanix contains settings specific to the Nutanix infrastructure provider. +-- + +Type:: + `object` + +Required:: + - `prismCentral` + - `prismElements` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `prismCentral` +| `object` +| prismCentral holds the endpoint address and port to access the Nutanix Prism Central. When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + +| `prismElements` +| `array` +| prismElements holds one or more endpoint address and port data to access the Nutanix Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) spread over multiple Prism Elements (clusters) of the Prism Central. + +| `prismElements[]` +| `object` +| NutanixPrismElementEndpoint holds the name and endpoint data for a Prism Element (cluster) + +|=== +=== .spec.platformSpec.nutanix.prismCentral +Description:: ++ +-- +prismCentral holds the endpoint address and port to access the Nutanix Prism Central. When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. +-- + +Type:: + `object` + +Required:: + - `address` + - `port` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `address` +| `string` +| address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + +| `port` +| `integer` +| port is the port number to access the Nutanix Prism Central or Element (cluster) + +|=== +=== .spec.platformSpec.nutanix.prismElements +Description:: ++ +-- +prismElements holds one or more endpoint address and port data to access the Nutanix Prism Elements (clusters) of the Nutanix Prism Central. Currently we only support one Prism Element (cluster) for an OpenShift cluster, where all the Nutanix resources (VMs, subnets, volumes, etc.) used in the OpenShift cluster are located. In the future, we may support Nutanix resources (VMs, etc.) spread over multiple Prism Elements (clusters) of the Prism Central. +-- + +Type:: + `array` + + + + +=== .spec.platformSpec.nutanix.prismElements[] +Description:: ++ +-- +NutanixPrismElementEndpoint holds the name and endpoint data for a Prism Element (cluster) +-- + +Type:: + `object` + +Required:: + - `endpoint` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `endpoint` +| `object` +| endpoint holds the endpoint address and port data of the Prism Element (cluster). When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. + +| `name` +| `string` +| name is the name of the Prism Element (cluster). This value will correspond with the cluster field configured on other resources (eg Machines, PVCs, etc). + +|=== +=== .spec.platformSpec.nutanix.prismElements[].endpoint +Description:: ++ +-- +endpoint holds the endpoint address and port data of the Prism Element (cluster). When a cluster-wide proxy is installed, by default, this endpoint will be accessed via the proxy. Should you wish for communication with this endpoint not to be proxied, please add the endpoint to the proxy spec.noProxy list. +-- + +Type:: + `object` + +Required:: + - `address` + - `port` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `address` +| `string` +| address is the endpoint address (DNS name or IP address) of the Nutanix Prism Central or Element (cluster) + +| `port` +| `integer` +| port is the port number to access the Nutanix Prism Central or Element (cluster) + +|=== === .spec.platformSpec.openstack Description:: + @@ -369,6 +505,61 @@ Type:: +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `serviceEndpoints` +| `array` +| serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. + +| `serviceEndpoints[]` +| `object` +| PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. + +|=== +=== .spec.platformSpec.powervs.serviceEndpoints +Description:: ++ +-- +serviceEndpoints is a list of custom endpoints which will override the default service endpoints of a Power VS service. +-- + +Type:: + `array` + + + + +=== .spec.platformSpec.powervs.serviceEndpoints[] +Description:: ++ +-- +PowervsServiceEndpoint stores the configuration of a custom url to override existing defaults of PowerVS Services. +-- + +Type:: + `object` + +Required:: + - `name` + - `url` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud + +| `url` +| `string` +| url is fully qualified URI with scheme https, that overrides the default generated endpoint for a client. This must be provided and cannot be empty. + +|=== === .spec.platformSpec.vsphere Description:: + @@ -482,6 +673,10 @@ Type:: | `object` | Kubevirt contains settings specific to the kubevirt infrastructure provider. +| `nutanix` +| `object` +| Nutanix contains settings specific to the Nutanix infrastructure provider. + | `openstack` | `object` | OpenStack contains settings specific to the OpenStack infrastructure provider. @@ -496,7 +691,7 @@ Type:: | `type` | `string` -| type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "EquinixMetal", "PowerVS", "AlibabaCloud" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. +| type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", "EquinixMetal", "PowerVS", "AlibabaCloud", "Nutanix" and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. This value will be synced with to the `status.platform` and `status.platformStatus.type`. Currently this value cannot be changed once set. | `vsphere` @@ -516,7 +711,6 @@ Type:: Required:: - `region` - - `resourceGroupID` @@ -865,6 +1059,32 @@ Type:: +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiServerInternalIP` +| `string` +| apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + +| `ingressIP` +| `string` +| ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + +|=== +=== .status.platformStatus.nutanix +Description:: ++ +-- +Nutanix contains settings specific to the Nutanix infrastructure provider. +-- + +Type:: + `object` + + + + [cols="1,1,1",options="header"] |=== | Property | Type | Description @@ -1015,7 +1235,7 @@ Required:: | `name` | `string` -| name is the name of the Power VS service. +| name is the name of the Power VS service. Few of the services are IAM - https://cloud.ibm.com/apidocs/iam-identity-token-api ResourceController - https://cloud.ibm.com/apidocs/resource-controller/resource-controller Power Cloud - https://cloud.ibm.com/apidocs/power-cloud | `url` | `string` diff --git a/rest_api/config_apis/ingress-config-openshift-io-v1.adoc b/rest_api/config_apis/ingress-config-openshift-io-v1.adoc index 33748ed512..b8f7bfa6ce 100644 --- a/rest_api/config_apis/ingress-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/ingress-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="ingress-config-openshift-io-v1"] = Ingress [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -362,6 +361,13 @@ Type:: | `object` | ComponentRouteStatus contains information allowing configuration of a route's hostname and serving certificate. +| `defaultPlacement` +| `string` +| defaultPlacement is set at installation time to control which nodes will host the ingress router pods by default. The options are control-plane nodes or worker nodes. + This field works by dictating how the Cluster Ingress Operator will consider unset replicas and nodePlacement fields in IngressController resources when creating the corresponding Deployments. + See the documentation for the IngressController replicas and nodePlacement fields for more information. + When omitted, the default value is Workers + |=== === .status.componentRoutes Description:: diff --git a/rest_api/config_apis/network-config-openshift-io-v1.adoc b/rest_api/config_apis/network-config-openshift-io-v1.adoc index 084c9d8009..63ed4ca3f1 100644 --- a/rest_api/config_apis/network-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/network-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="network-config-openshift-io-v1"] = Network [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -281,10 +280,92 @@ Type:: |=== | Property | Type | Description +| `mtu` +| `object` +| MTU contains the MTU migration configuration. + | `networkType` | `string` | NetworkType is the target plugin that is to be deployed. Currently supported values are: OpenShiftSDN, OVNKubernetes +|=== +=== .status.migration.mtu +Description:: ++ +-- +MTU contains the MTU migration configuration. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `machine` +| `object` +| Machine contains MTU migration configuration for the machine's uplink. + +| `network` +| `object` +| Network contains MTU migration configuration for the default network. + +|=== +=== .status.migration.mtu.machine +Description:: ++ +-- +Machine contains MTU migration configuration for the machine's uplink. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `from` +| `integer` +| From is the MTU to migrate from. + +| `to` +| `integer` +| To is the MTU to migrate to. + +|=== +=== .status.migration.mtu.network +Description:: ++ +-- +Network contains MTU migration configuration for the default network. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `from` +| `integer` +| From is the MTU to migrate from. + +| `to` +| `integer` +| To is the MTU to migrate to. + |=== == API endpoints diff --git a/rest_api/config_apis/node-config-openshift-io-v1.adoc b/rest_api/config_apis/node-config-openshift-io-v1.adoc new file mode 100644 index 0000000000..1ea97bea98 --- /dev/null +++ b/rest_api/config_apis/node-config-openshift-io-v1.adoc @@ -0,0 +1,585 @@ +// Automatically generated by 'openshift-apidocs-gen'. Do not edit. +:_content-type: ASSEMBLY +[id="node-config-openshift-io-v1"] += Node [config.openshift.io/v1] +:toc: macro +:toc-title: + +toc::[] + + +Description:: ++ +-- +Node holds cluster-wide information about node specific features. + Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +-- + +Type:: + `object` + +Required:: + - `spec` + + +== Specification + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiVersion` +| `string` +| APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + +| `kind` +| `string` +| Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + +| `metadata` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v2[`ObjectMeta_v2`] +| Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + +| `spec` +| `object` +| spec holds user settable values for configuration + +| `status` +| `object` +| status holds observed values. + +|=== +=== .spec +Description:: ++ +-- +spec holds user settable values for configuration +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `cgroupMode` +| `string` +| CgroupMode determines the cgroups version on the node + +| `workerLatencyProfile` +| `string` +| WorkerLatencyProfile determins the how fast the kubelet is updating the status and corresponding reaction of the cluster + +|=== +=== .status +Description:: ++ +-- +status holds observed values. +-- + +Type:: + `object` + + + + + +== API endpoints + +The following API endpoints are available: + +* `/apis/config.openshift.io/v1/nodes` +- `DELETE`: delete collection of Node +- `GET`: list objects of kind Node +- `POST`: create a Node +* `/apis/config.openshift.io/v1/nodes/{name}` +- `DELETE`: delete a Node +- `GET`: read the specified Node +- `PATCH`: partially update the specified Node +- `PUT`: replace the specified Node +* `/apis/config.openshift.io/v1/nodes/{name}/status` +- `GET`: read status of the specified Node +- `PATCH`: partially update status of the specified Node +- `PUT`: replace status of the specified Node + + +=== /apis/config.openshift.io/v1/nodes + + +.Global query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `pretty` +| `string` +| If 'true', then the output is pretty printed. +|=== + +HTTP method:: + `DELETE` + +Description:: + delete collection of Node + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `allowWatchBookmarks` +| `boolean` +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. +| `continue` +| `string` +| The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". + +This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications. +| `fieldSelector` +| `string` +| A selector to restrict the list of returned objects by their fields. Defaults to everything. +| `labelSelector` +| `string` +| A selector to restrict the list of returned objects by their labels. Defaults to everything. +| `limit` +| `integer` +| limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. + +The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned. +| `resourceVersion` +| `string` +| resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +| `resourceVersionMatch` +| `string` +| resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +| `timeoutSeconds` +| `integer` +| Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity. +| `watch` +| `boolean` +| Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Status_v2[`Status_v2`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `GET` + +Description:: + list objects of kind Node + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `allowWatchBookmarks` +| `boolean` +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. +| `continue` +| `string` +| The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". + +This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications. +| `fieldSelector` +| `string` +| A selector to restrict the list of returned objects by their fields. Defaults to everything. +| `labelSelector` +| `string` +| A selector to restrict the list of returned objects by their labels. Defaults to everything. +| `limit` +| `integer` +| limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. + +The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned. +| `resourceVersion` +| `string` +| resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +| `resourceVersionMatch` +| `string` +| resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +| `timeoutSeconds` +| `integer` +| Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity. +| `watch` +| `boolean` +| Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../objects/index.adoc#io.openshift.config.v1.NodeList[`NodeList`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `POST` + +Description:: + create a Node + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `fieldManager` +| `string` +| fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 201 - Created +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 202 - Accepted +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 401 - Unauthorized +| Empty +|=== + + +=== /apis/config.openshift.io/v1/nodes/{name} + +.Global path parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `name` +| `string` +| name of the Node +|=== + +.Global query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `pretty` +| `string` +| If 'true', then the output is pretty printed. +|=== + +HTTP method:: + `DELETE` + +Description:: + delete a Node + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `gracePeriodSeconds` +| `integer` +| The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +| `orphanDependents` +| `boolean` +| Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +| `propagationPolicy` +| `string` +| Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions_v2[`DeleteOptions_v2`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Status_v2[`Status_v2`] schema +| 202 - Accepted +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Status_v2[`Status_v2`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `GET` + +Description:: + read the specified Node + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `resourceVersion` +| `string` +| resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +|=== + + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `PATCH` + +Description:: + partially update the specified Node + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `fieldManager` +| `string` +| fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Patch[`Patch`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `PUT` + +Description:: + replace the specified Node + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `fieldManager` +| `string` +| fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 201 - Created +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 401 - Unauthorized +| Empty +|=== + + +=== /apis/config.openshift.io/v1/nodes/{name}/status + +.Global path parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `name` +| `string` +| name of the Node +|=== + +.Global query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `pretty` +| `string` +| If 'true', then the output is pretty printed. +|=== + +HTTP method:: + `GET` + +Description:: + read status of the specified Node + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `resourceVersion` +| `string` +| resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +|=== + + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `PATCH` + +Description:: + partially update status of the specified Node + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `fieldManager` +| `string` +| fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Patch[`Patch`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `PUT` + +Description:: + replace status of the specified Node + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `fieldManager` +| `string` +| fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 201 - Created +| xref:../config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[`Node`] schema +| 401 - Unauthorized +| Empty +|=== + + diff --git a/rest_api/config_apis/oauth-config-openshift-io-v1.adoc b/rest_api/config_apis/oauth-config-openshift-io-v1.adoc index c7decf38b6..205b15c4d2 100644 --- a/rest_api/config_apis/oauth-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/oauth-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="oauth-config-openshift-io-v1"] = OAuth [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/operatorhub-config-openshift-io-v1.adoc b/rest_api/config_apis/operatorhub-config-openshift-io-v1.adoc index daf7550452..962540d359 100644 --- a/rest_api/config_apis/operatorhub-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/operatorhub-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="operatorhub-config-openshift-io-v1"] = OperatorHub [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/project-config-openshift-io-v1.adoc b/rest_api/config_apis/project-config-openshift-io-v1.adoc index 40baf262f2..bdd442548f 100644 --- a/rest_api/config_apis/project-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/project-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="project-config-openshift-io-v1"] = Project [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc b/rest_api/config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc new file mode 100644 index 0000000000..8016dab307 --- /dev/null +++ b/rest_api/config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc @@ -0,0 +1,828 @@ +// Automatically generated by 'openshift-apidocs-gen'. Do not edit. +:_content-type: ASSEMBLY +[id="projecthelmchartrepository-helm-openshift-io-v1beta1"] += ProjectHelmChartRepository [helm.openshift.io/v1beta1] +:toc: macro +:toc-title: + +toc::[] + + +Description:: ++ +-- +ProjectHelmChartRepository holds namespace-wide configuration for proxied Helm chart repository + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). +-- + +Type:: + `object` + +Required:: + - `spec` + + +== Specification + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiVersion` +| `string` +| APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + +| `kind` +| `string` +| Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + +| `metadata` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v2[`ObjectMeta_v2`] +| Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + +| `spec` +| `object` +| spec holds user settable values for configuration + +| `status` +| `object` +| Observed status of the repository within the namespace.. + +|=== +=== .spec +Description:: ++ +-- +spec holds user settable values for configuration +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `connectionConfig` +| `object` +| Required configuration for connecting to the chart repo + +| `description` +| `string` +| Optional human readable repository description, it can be used by UI for displaying purposes + +| `disabled` +| `boolean` +| If set to true, disable the repo usage in the cluster/namespace + +| `name` +| `string` +| Optional associated human readable repository name, it can be used by UI for displaying purposes + +|=== +=== .spec.connectionConfig +Description:: ++ +-- +Required configuration for connecting to the chart repo +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `ca` +| `object` +| ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca-bundle.crt" is used to locate the data. If empty, the default system roots are used. The namespace for this config map is openshift-config. + +| `tlsClientConfig` +| `object` +| tlsClientConfig is an optional reference to a secret by name that contains the PEM-encoded TLS client certificate and private key to present when connecting to the server. The key "tls.crt" is used to locate the client certificate. The key "tls.key" is used to locate the private key. The namespace for this secret is openshift-config. + +| `url` +| `string` +| Chart repository URL + +|=== +=== .spec.connectionConfig.ca +Description:: ++ +-- +ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca-bundle.crt" is used to locate the data. If empty, the default system roots are used. The namespace for this config map is openshift-config. +-- + +Type:: + `object` + +Required:: + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name is the metadata.name of the referenced config map + +|=== +=== .spec.connectionConfig.tlsClientConfig +Description:: ++ +-- +tlsClientConfig is an optional reference to a secret by name that contains the PEM-encoded TLS client certificate and private key to present when connecting to the server. The key "tls.crt" is used to locate the client certificate. The key "tls.key" is used to locate the private key. The namespace for this secret is openshift-config. +-- + +Type:: + `object` + +Required:: + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name is the metadata.name of the referenced secret + +|=== +=== .status +Description:: ++ +-- +Observed status of the repository within the namespace.. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `conditions` +| `array` +| conditions is a list of conditions and their statuses + +| `conditions[]` +| `object` +| Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` + // other fields } + +|=== +=== .status.conditions +Description:: ++ +-- +conditions is a list of conditions and their statuses +-- + +Type:: + `array` + + + + +=== .status.conditions[] +Description:: ++ +-- +Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` + // other fields } +-- + +Type:: + `object` + +Required:: + - `lastTransitionTime` + - `message` + - `reason` + - `status` + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `lastTransitionTime` +| `string` +| lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + +| `message` +| `string` +| message is a human readable message indicating details about the transition. This may be an empty string. + +| `observedGeneration` +| `integer` +| observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + +| `reason` +| `string` +| reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + +| `status` +| `string` +| status of the condition, one of True, False, Unknown. + +| `type` +| `string` +| type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + +|=== + +== API endpoints + +The following API endpoints are available: + +* `/apis/helm.openshift.io/v1beta1/projecthelmchartrepositories` +- `GET`: list objects of kind ProjectHelmChartRepository +* `/apis/helm.openshift.io/v1beta1/namespaces/{namespace}/projecthelmchartrepositories` +- `DELETE`: delete collection of ProjectHelmChartRepository +- `GET`: list objects of kind ProjectHelmChartRepository +- `POST`: create a ProjectHelmChartRepository +* `/apis/helm.openshift.io/v1beta1/namespaces/{namespace}/projecthelmchartrepositories/{name}` +- `DELETE`: delete a ProjectHelmChartRepository +- `GET`: read the specified ProjectHelmChartRepository +- `PATCH`: partially update the specified ProjectHelmChartRepository +- `PUT`: replace the specified ProjectHelmChartRepository +* `/apis/helm.openshift.io/v1beta1/namespaces/{namespace}/projecthelmchartrepositories/{name}/status` +- `GET`: read status of the specified ProjectHelmChartRepository +- `PATCH`: partially update status of the specified ProjectHelmChartRepository +- `PUT`: replace status of the specified ProjectHelmChartRepository + + +=== /apis/helm.openshift.io/v1beta1/projecthelmchartrepositories + + +.Global query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `allowWatchBookmarks` +| `boolean` +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. +| `continue` +| `string` +| The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". + +This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications. +| `fieldSelector` +| `string` +| A selector to restrict the list of returned objects by their fields. Defaults to everything. +| `labelSelector` +| `string` +| A selector to restrict the list of returned objects by their labels. Defaults to everything. +| `limit` +| `integer` +| limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. + +The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned. +| `pretty` +| `string` +| If 'true', then the output is pretty printed. +| `resourceVersion` +| `string` +| resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +| `resourceVersionMatch` +| `string` +| resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +| `timeoutSeconds` +| `integer` +| Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity. +| `watch` +| `boolean` +| Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + +HTTP method:: + `GET` + +Description:: + list objects of kind ProjectHelmChartRepository + + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../objects/index.adoc#io.openshift.helm.v1beta1.ProjectHelmChartRepositoryList[`ProjectHelmChartRepositoryList`] schema +| 401 - Unauthorized +| Empty +|=== + + +=== /apis/helm.openshift.io/v1beta1/namespaces/{namespace}/projecthelmchartrepositories + +.Global path parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `namespace` +| `string` +| object name and auth scope, such as for teams and projects +|=== + +.Global query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `pretty` +| `string` +| If 'true', then the output is pretty printed. +|=== + +HTTP method:: + `DELETE` + +Description:: + delete collection of ProjectHelmChartRepository + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `allowWatchBookmarks` +| `boolean` +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. +| `continue` +| `string` +| The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". + +This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications. +| `fieldSelector` +| `string` +| A selector to restrict the list of returned objects by their fields. Defaults to everything. +| `labelSelector` +| `string` +| A selector to restrict the list of returned objects by their labels. Defaults to everything. +| `limit` +| `integer` +| limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. + +The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned. +| `resourceVersion` +| `string` +| resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +| `resourceVersionMatch` +| `string` +| resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +| `timeoutSeconds` +| `integer` +| Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity. +| `watch` +| `boolean` +| Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Status_v2[`Status_v2`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `GET` + +Description:: + list objects of kind ProjectHelmChartRepository + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `allowWatchBookmarks` +| `boolean` +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. +| `continue` +| `string` +| The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". + +This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications. +| `fieldSelector` +| `string` +| A selector to restrict the list of returned objects by their fields. Defaults to everything. +| `labelSelector` +| `string` +| A selector to restrict the list of returned objects by their labels. Defaults to everything. +| `limit` +| `integer` +| limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. + +The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned. +| `resourceVersion` +| `string` +| resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +| `resourceVersionMatch` +| `string` +| resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +| `timeoutSeconds` +| `integer` +| Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity. +| `watch` +| `boolean` +| Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. +|=== + + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../objects/index.adoc#io.openshift.helm.v1beta1.ProjectHelmChartRepositoryList[`ProjectHelmChartRepositoryList`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `POST` + +Description:: + create a ProjectHelmChartRepository + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `fieldManager` +| `string` +| fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 201 - Created +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 202 - Accepted +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 401 - Unauthorized +| Empty +|=== + + +=== /apis/helm.openshift.io/v1beta1/namespaces/{namespace}/projecthelmchartrepositories/{name} + +.Global path parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `name` +| `string` +| name of the ProjectHelmChartRepository +| `namespace` +| `string` +| object name and auth scope, such as for teams and projects +|=== + +.Global query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `pretty` +| `string` +| If 'true', then the output is pretty printed. +|=== + +HTTP method:: + `DELETE` + +Description:: + delete a ProjectHelmChartRepository + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `gracePeriodSeconds` +| `integer` +| The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. +| `orphanDependents` +| `boolean` +| Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. +| `propagationPolicy` +| `string` +| Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions_v2[`DeleteOptions_v2`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Status_v2[`Status_v2`] schema +| 202 - Accepted +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Status_v2[`Status_v2`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `GET` + +Description:: + read the specified ProjectHelmChartRepository + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `resourceVersion` +| `string` +| resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +|=== + + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `PATCH` + +Description:: + partially update the specified ProjectHelmChartRepository + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `fieldManager` +| `string` +| fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Patch[`Patch`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `PUT` + +Description:: + replace the specified ProjectHelmChartRepository + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `fieldManager` +| `string` +| fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 201 - Created +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 401 - Unauthorized +| Empty +|=== + + +=== /apis/helm.openshift.io/v1beta1/namespaces/{namespace}/projecthelmchartrepositories/{name}/status + +.Global path parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `name` +| `string` +| name of the ProjectHelmChartRepository +| `namespace` +| `string` +| object name and auth scope, such as for teams and projects +|=== + +.Global query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `pretty` +| `string` +| If 'true', then the output is pretty printed. +|=== + +HTTP method:: + `GET` + +Description:: + read status of the specified ProjectHelmChartRepository + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `resourceVersion` +| `string` +| resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details. + +Defaults to unset +|=== + + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `PATCH` + +Description:: + partially update status of the specified ProjectHelmChartRepository + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `fieldManager` +| `string` +| fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Patch[`Patch`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 401 - Unauthorized +| Empty +|=== + +HTTP method:: + `PUT` + +Description:: + replace status of the specified ProjectHelmChartRepository + + +.Query parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `dryRun` +| `string` +| When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed +| `fieldManager` +| `string` +| fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. +|=== + +.Body parameters +[cols="1,1,2",options="header"] +|=== +| Parameter | Type | Description +| `body` +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| +|=== + +.HTTP responses +[cols="1,1",options="header"] +|=== +| HTTP code | Reponse body +| 200 - OK +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 201 - Created +| xref:../config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[`ProjectHelmChartRepository`] schema +| 401 - Unauthorized +| Empty +|=== + + diff --git a/rest_api/config_apis/proxy-config-openshift-io-v1.adoc b/rest_api/config_apis/proxy-config-openshift-io-v1.adoc index bddd459b72..c73730b20f 100644 --- a/rest_api/config_apis/proxy-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/proxy-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="proxy-config-openshift-io-v1"] = Proxy [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/config_apis/scheduler-config-openshift-io-v1.adoc b/rest_api/config_apis/scheduler-config-openshift-io-v1.adoc index 0088675c0b..cc9032584d 100644 --- a/rest_api/config_apis/scheduler-config-openshift-io-v1.adoc +++ b/rest_api/config_apis/scheduler-config-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="scheduler-config-openshift-io-v1"] = Scheduler [config.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/console_apis/console-apis-index.adoc b/rest_api/console_apis/console-apis-index.adoc index 631d18dab2..30d0cde102 100644 --- a/rest_api/console_apis/console-apis-index.adoc +++ b/rest_api/console_apis/console-apis-index.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="console-apis"] = Console APIs -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -14,7 +13,7 @@ Description:: + -- ConsoleCLIDownload is an extension for configuring openshift web console command line interface (CLI) downloads. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: @@ -26,7 +25,7 @@ Description:: + -- ConsoleExternalLogLink is an extension for customizing OpenShift web console log links. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: @@ -38,7 +37,7 @@ Description:: + -- ConsoleLink is an extension for customizing OpenShift web console links. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: @@ -50,7 +49,7 @@ Description:: + -- ConsoleNotification is the extension for configuring openshift web console notifications. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: @@ -74,7 +73,7 @@ Description:: + -- ConsoleQuickStart is an extension for guiding user through various workflows in the OpenShift web console. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: @@ -86,7 +85,7 @@ Description:: + -- ConsoleYAMLSample is an extension for customizing OpenShift web console YAML samples. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/console_apis/consoleclidownload-console-openshift-io-v1.adoc b/rest_api/console_apis/consoleclidownload-console-openshift-io-v1.adoc index f96aeab9f2..fa100a296e 100644 --- a/rest_api/console_apis/consoleclidownload-console-openshift-io-v1.adoc +++ b/rest_api/console_apis/consoleclidownload-console-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="consoleclidownload-console-openshift-io-v1"] = ConsoleCLIDownload [console.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,7 +12,7 @@ Description:: + -- ConsoleCLIDownload is an extension for configuring openshift web console command line interface (CLI) downloads. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/console_apis/consoleexternalloglink-console-openshift-io-v1.adoc b/rest_api/console_apis/consoleexternalloglink-console-openshift-io-v1.adoc index 08c1fd9697..4ce2db793e 100644 --- a/rest_api/console_apis/consoleexternalloglink-console-openshift-io-v1.adoc +++ b/rest_api/console_apis/consoleexternalloglink-console-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="consoleexternalloglink-console-openshift-io-v1"] = ConsoleExternalLogLink [console.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,7 +12,7 @@ Description:: + -- ConsoleExternalLogLink is an extension for customizing OpenShift web console log links. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/console_apis/consolelink-console-openshift-io-v1.adoc b/rest_api/console_apis/consolelink-console-openshift-io-v1.adoc index 4005825bfe..d0894528b8 100644 --- a/rest_api/console_apis/consolelink-console-openshift-io-v1.adoc +++ b/rest_api/console_apis/consolelink-console-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="consolelink-console-openshift-io-v1"] = ConsoleLink [console.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,7 +12,7 @@ Description:: + -- ConsoleLink is an extension for customizing OpenShift web console links. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/console_apis/consolenotification-console-openshift-io-v1.adoc b/rest_api/console_apis/consolenotification-console-openshift-io-v1.adoc index e2421a97bc..56f603a375 100644 --- a/rest_api/console_apis/consolenotification-console-openshift-io-v1.adoc +++ b/rest_api/console_apis/consolenotification-console-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="consolenotification-console-openshift-io-v1"] = ConsoleNotification [console.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,7 +12,7 @@ Description:: + -- ConsoleNotification is the extension for configuring openshift web console notifications. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/console_apis/consoleplugin-console-openshift-io-v1alpha1.adoc b/rest_api/console_apis/consoleplugin-console-openshift-io-v1alpha1.adoc index ba37a3b4f0..120dbcb86b 100644 --- a/rest_api/console_apis/consoleplugin-console-openshift-io-v1alpha1.adoc +++ b/rest_api/console_apis/consoleplugin-console-openshift-io-v1alpha1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="consoleplugin-console-openshift-io-v1alpha1"] = ConsolePlugin [console.openshift.io/v1alpha1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -58,7 +57,6 @@ Type:: `object` Required:: - - `displayName` - `service` @@ -71,16 +69,117 @@ Required:: | `string` | displayName is the display name of the plugin. +| `proxy` +| `array` +| proxy is a list of proxies that describe various service type to which the plugin needs to connect to. + +| `proxy[]` +| `object` +| ConsolePluginProxy holds information on various service types to which console's backend will proxy the plugin's requests. + | `service` | `object` -| service is a Kubernetes Service that exposes the plugin using a deployment with an HTTP server. The Service must use HTTPS and service serving certificate. The console backend will proxy the plugins assets from the Service using the service CA bundle. +| service is a Kubernetes Service that exposes the plugin using a deployment with an HTTP server. The Service must use HTTPS and Service serving certificate. The console backend will proxy the plugins assets from the Service using the service CA bundle. + +|=== +=== .spec.proxy +Description:: ++ +-- +proxy is a list of proxies that describe various service type to which the plugin needs to connect to. +-- + +Type:: + `array` + + + + +=== .spec.proxy[] +Description:: ++ +-- +ConsolePluginProxy holds information on various service types to which console's backend will proxy the plugin's requests. +-- + +Type:: + `object` + +Required:: + - `alias` + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `alias` +| `string` +| alias is a proxy name that identifies the plugin's proxy. An alias name should be unique per plugin. The console backend exposes following proxy endpoint: + /api/proxy/plugin///? + Request example path: + /api/proxy/plugin/acm/search/pods?namespace=openshift-apiserver + +| `authorize` +| `boolean` +| authorize indicates if the proxied request should contain the logged-in user's OpenShift access token in the "Authorization" request header. For example: + Authorization: Bearer sha256~kV46hPnEYhCWFnB85r5NrprAxggzgb6GOeLbgcKNsH0 + By default the access token is not part of the proxied request. + +| `caCertificate` +| `string` +| caCertificate provides the cert authority certificate contents, in case the proxied Service is using custom service CA. By default, the service CA bundle provided by the service-ca operator is used. + +| `service` +| `object` +| service is an in-cluster Service that the plugin will connect to. The Service must use HTTPS. The console backend exposes an endpoint in order to proxy communication between the plugin and the Service. Note: service field is required for now, since currently only "Service" type is supported. + +| `type` +| `string` +| type is the type of the console plugin's proxy. Currently only "Service" is supported. + +|=== +=== .spec.proxy[].service +Description:: ++ +-- +service is an in-cluster Service that the plugin will connect to. The Service must use HTTPS. The console backend exposes an endpoint in order to proxy communication between the plugin and the Service. Note: service field is required for now, since currently only "Service" type is supported. +-- + +Type:: + `object` + +Required:: + - `name` + - `namespace` + - `port` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| name of Service that the plugin needs to connect to. + +| `namespace` +| `string` +| namespace of Service that the plugin needs to connect to + +| `port` +| `integer` +| port on which the Service that the plugin needs to connect to is listening on. |=== === .spec.service Description:: + -- -service is a Kubernetes Service that exposes the plugin using a deployment with an HTTP server. The Service must use HTTPS and service serving certificate. The console backend will proxy the plugins assets from the Service using the service CA bundle. +service is a Kubernetes Service that exposes the plugin using a deployment with an HTTP server. The Service must use HTTPS and Service serving certificate. The console backend will proxy the plugins assets from the Service using the service CA bundle. -- Type:: @@ -104,11 +203,11 @@ Required:: | `name` | `string` -| name of Service that is serving the plugin. +| name of Service that is serving the plugin assets. | `namespace` | `string` -| namespace of Service that is serving the plugin. +| namespace of Service that is serving the plugin assets. | `port` | `integer` diff --git a/rest_api/console_apis/consolequickstart-console-openshift-io-v1.adoc b/rest_api/console_apis/consolequickstart-console-openshift-io-v1.adoc index 286fee805f..8ecdfeda2c 100644 --- a/rest_api/console_apis/consolequickstart-console-openshift-io-v1.adoc +++ b/rest_api/console_apis/consolequickstart-console-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="consolequickstart-console-openshift-io-v1"] = ConsoleQuickStart [console.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,7 +12,7 @@ Description:: + -- ConsoleQuickStart is an extension for guiding user through various workflows in the OpenShift web console. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/console_apis/consoleyamlsample-console-openshift-io-v1.adoc b/rest_api/console_apis/consoleyamlsample-console-openshift-io-v1.adoc index 7f35ec09b1..2286d42c93 100644 --- a/rest_api/console_apis/consoleyamlsample-console-openshift-io-v1.adoc +++ b/rest_api/console_apis/consoleyamlsample-console-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="consoleyamlsample-console-openshift-io-v1"] = ConsoleYAMLSample [console.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,7 +12,7 @@ Description:: + -- ConsoleYAMLSample is an extension for customizing OpenShift web console YAML samples. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/extension_apis/apiservice-apiregistration-k8s-io-v1.adoc b/rest_api/extension_apis/apiservice-apiregistration-k8s-io-v1.adoc index 09385c376d..e81ab95c36 100644 --- a/rest_api/extension_apis/apiservice-apiregistration-k8s-io-v1.adoc +++ b/rest_api/extension_apis/apiservice-apiregistration-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="apiservice-apiregistration-k8s-io-v1"] = APIService [apiregistration.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/extension_apis/customresourcedefinition-apiextensions-k8s-io-v1.adoc b/rest_api/extension_apis/customresourcedefinition-apiextensions-k8s-io-v1.adoc index 75fb421063..2e2b76c784 100644 --- a/rest_api/extension_apis/customresourcedefinition-apiextensions-k8s-io-v1.adoc +++ b/rest_api/extension_apis/customresourcedefinition-apiextensions-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="customresourcedefinition-apiextensions-k8s-io-v1"] = CustomResourceDefinition [apiextensions.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/extension_apis/extension-apis-index.adoc b/rest_api/extension_apis/extension-apis-index.adoc index 151e99f105..87fc1b4a56 100644 --- a/rest_api/extension_apis/extension-apis-index.adoc +++ b/rest_api/extension_apis/extension-apis-index.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="extension-apis"] = Extension APIs -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/extension_apis/mutatingwebhookconfiguration-admissionregistration-k8s-io-v1.adoc b/rest_api/extension_apis/mutatingwebhookconfiguration-admissionregistration-k8s-io-v1.adoc index e52f6cef0d..ae05c4700c 100644 --- a/rest_api/extension_apis/mutatingwebhookconfiguration-admissionregistration-k8s-io-v1.adoc +++ b/rest_api/extension_apis/mutatingwebhookconfiguration-admissionregistration-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="mutatingwebhookconfiguration-admissionregistration-k8s-io-v1"] = MutatingWebhookConfiguration [admissionregistration.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/extension_apis/validatingwebhookconfiguration-admissionregistration-k8s-io-v1.adoc b/rest_api/extension_apis/validatingwebhookconfiguration-admissionregistration-k8s-io-v1.adoc index 537a004f22..e019f51b50 100644 --- a/rest_api/extension_apis/validatingwebhookconfiguration-admissionregistration-k8s-io-v1.adoc +++ b/rest_api/extension_apis/validatingwebhookconfiguration-admissionregistration-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="validatingwebhookconfiguration-admissionregistration-k8s-io-v1"] = ValidatingWebhookConfiguration [admissionregistration.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/image_apis/image-apis-index.adoc b/rest_api/image_apis/image-apis-index.adoc index dbd51e0181..362de51aca 100644 --- a/rest_api/image_apis/image-apis-index.adoc +++ b/rest_api/image_apis/image-apis-index.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="image-apis"] = Image APIs -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -14,6 +13,8 @@ Description:: + -- Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -25,6 +26,8 @@ Description:: + -- ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -36,6 +39,8 @@ Description:: + -- ImageStreamImage represents an Image that is retrieved by image name from an ImageStream. User interfaces and regular users can use this resource to access the metadata details of a tagged image in the image stream history for viewing, since Image resources are not directly accessible to end users. A not found error will be returned if no such image is referenced by a tag within the ImageStream. Images are created when spec tags are set on an image stream that represent an image in an external registry, when pushing to the integrated registry, or when tagging an existing image from one image stream to another. The name of an image stream image is in the form "@", where the digest is the content addressible identifier for the image (sha256:xxxxx...). You can use ImageStreamImages as the from.kind of an image stream spec tag to reference an image exactly. The only operations supported on the imagestreamimage endpoint are retrieving the image. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -49,6 +54,8 @@ Description:: The image stream import resource provides an easy way for a user to find and import container images from other container image registries into the server. Individual images or an entire image repository may be imported, and users may choose to see the results of the import prior to tagging the resulting images into the specified image stream. This API is intended for end-user tools that need to see the metadata of the image prior to import (for instance, to generate an application from it). Clients that know the desired image can continue to create spec.tags directly into their image streams. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -60,6 +67,8 @@ Description:: + -- ImageStreamLayers describes information about the layers referenced by images in this image stream. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -71,6 +80,8 @@ Description:: + -- ImageStreamMapping represents a mapping from a single image stream tag to a container image as well as the reference to the container image stream the image came from. This resource is used by privileged integrators to create an image resource and to associate it with an image stream in the status tags field. Creating an ImageStreamMapping will allow any user who can view the image stream to tag or pull that image, so only create mappings where the user has proven they have access to the image contents directly. The only operation supported for this resource is create and the metadata name and namespace should be set to the image stream containing the tag that should be updated. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -82,6 +93,8 @@ Description:: + -- An ImageStream stores a mapping of tags to images, metadata overrides that are applied when images are tagged in a stream, and an optional reference to a container image repository on a registry. Users typically update the spec.tags field to point to external images which are imported from container registries using credentials in your namespace with the pull secret type, or to existing image stream tags and images which are immediately accessible for tagging or pulling. The history of images applied to a tag is visible in the status.tags field and any user who can view an image stream is allowed to tag that image into their own image streams. Access to pull images from the integrated registry is granted by having the "get imagestreams/layers" permission on a given image stream. Users may remove a tag by deleting the imagestreamtag resource, which causes both spec and status for that tag to be removed. Image stream history is retained until an administrator runs the prune operation, which removes references that are no longer in use. To preserve a historical image, ensure there is a tag in spec pointing to that image by its digest. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -93,6 +106,8 @@ Description:: + -- ImageStreamTag represents an Image that is retrieved by tag name from an ImageStream. Use this resource to interact with the tags and images in an image stream by tag, or to see the image details for a particular tag. The image associated with this resource is the most recently successfully tagged, imported, or pushed image (as described in the image stream status.tags.items list for this tag). If an import is in progress or has failed the previous image will be shown. Deleting an image stream tag clears both the status and spec fields of an image stream. If no image can be retrieved for a given tag, a not found error will be returned. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -104,6 +119,8 @@ Description:: + -- ImageTag represents a single tag within an image stream and includes the spec, the status history, and the currently referenced image (if any) of the provided tag. This type replaces the ImageStreamTag by providing a full view of the tag. ImageTags are returned for every spec or status tag present on the image stream. If no tag exists in either form a not found error will be returned by the API. A create operation will succeed if no spec tag has already been defined and the spec field is set. Delete will remove both spec and status elements from the image stream. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/image_apis/image-image-openshift-io-v1.adoc b/rest_api/image_apis/image-image-openshift-io-v1.adoc index fe42f44e74..5e49f1541e 100644 --- a/rest_api/image_apis/image-image-openshift-io-v1.adoc +++ b/rest_api/image_apis/image-image-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="image-image-openshift-io-v1"] = Image [image.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -73,7 +74,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signatures` @@ -84,6 +85,8 @@ Required:: | `object` | ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + |=== === .dockerImageLayers Description:: @@ -150,6 +153,8 @@ Description:: + -- ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -202,7 +207,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signedClaims` @@ -448,7 +453,7 @@ Description:: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -546,7 +551,7 @@ Description:: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -722,6 +727,8 @@ Description:: | HTTP code | Reponse body | 200 - OK | xref:../image_apis/image-image-openshift-io-v1.adoc#image-image-openshift-io-v1[`Image`] schema +| 201 - Created +| xref:../image_apis/image-image-openshift-io-v1.adoc#image-image-openshift-io-v1[`Image`] schema | 401 - Unauthorized | Empty |=== @@ -784,7 +791,7 @@ Description:: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". diff --git a/rest_api/image_apis/imagesignature-image-openshift-io-v1.adoc b/rest_api/image_apis/imagesignature-image-openshift-io-v1.adoc index 98973a17f0..2721b1c0a3 100644 --- a/rest_api/image_apis/imagesignature-image-openshift-io-v1.adoc +++ b/rest_api/image_apis/imagesignature-image-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="imagesignature-image-openshift-io-v1"] = ImageSignature [image.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -66,7 +67,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signedClaims` diff --git a/rest_api/image_apis/imagestream-image-openshift-io-v1.adoc b/rest_api/image_apis/imagestream-image-openshift-io-v1.adoc index 207316edfd..d10224e0db 100644 --- a/rest_api/image_apis/imagestream-image-openshift-io-v1.adoc +++ b/rest_api/image_apis/imagestream-image-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="imagestream-image-openshift-io-v1"] = ImageStream [image.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- An ImageStream stores a mapping of tags to images, metadata overrides that are applied when images are tagged in a stream, and an optional reference to a container image repository on a registry. Users typically update the spec.tags field to point to external images which are imported from container registries using credentials in your namespace with the pull secret type, or to existing image stream tags and images which are immediately accessible for tagging or pulling. The history of images applied to a tag is visible in the status.tags field and any user who can view an image stream is allowed to tag that image into their own image streams. Access to pull images from the integrated registry is granted by having the "get imagestreams/layers" permission on a given image stream. Users may remove a tag by deleting the imagestreamtag resource, which causes both spec and status for that tag to be removed. Image stream history is retained until an administrator runs the prune operation, which removes references that are no longer in use. To preserve a historical image, ensure there is a tag in spec pointing to that image by its digest. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -35,7 +36,7 @@ Type:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `spec` @@ -142,7 +143,7 @@ Required:: | Optional; if specified, annotations that are applied to images retrieved via ImageStreamTags. | `from` -| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference_v2[`ObjectReference_v2`] +| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference[`ObjectReference`] | Optional; if specified, a reference to another image that this tag should point to. Valid values are ImageStreamTag, ImageStreamImage, and DockerImage. ImageStreamTag references can only reference a tag within this same ImageStream. | `generation` @@ -454,7 +455,7 @@ The following API endpoints are available: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -519,7 +520,7 @@ Description:: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -681,7 +682,7 @@ Description:: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -787,7 +788,7 @@ Description:: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -966,6 +967,8 @@ Description:: | HTTP code | Reponse body | 200 - OK | xref:../image_apis/imagestream-image-openshift-io-v1.adoc#imagestream-image-openshift-io-v1[`ImageStream`] schema +| 201 - Created +| xref:../image_apis/imagestream-image-openshift-io-v1.adoc#imagestream-image-openshift-io-v1[`ImageStream`] schema | 401 - Unauthorized | Empty |=== @@ -1031,7 +1034,7 @@ Description:: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -1164,6 +1167,8 @@ Description:: | HTTP code | Reponse body | 200 - OK | xref:../image_apis/imagestream-image-openshift-io-v1.adoc#imagestream-image-openshift-io-v1[`ImageStream`] schema +| 201 - Created +| xref:../image_apis/imagestream-image-openshift-io-v1.adoc#imagestream-image-openshift-io-v1[`ImageStream`] schema | 401 - Unauthorized | Empty |=== diff --git a/rest_api/image_apis/imagestreamimage-image-openshift-io-v1.adoc b/rest_api/image_apis/imagestreamimage-image-openshift-io-v1.adoc index e98927ab35..2ce6bde6d9 100644 --- a/rest_api/image_apis/imagestreamimage-image-openshift-io-v1.adoc +++ b/rest_api/image_apis/imagestreamimage-image-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="imagestreamimage-image-openshift-io-v1"] = ImageStreamImage [image.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- ImageStreamImage represents an Image that is retrieved by image name from an ImageStream. User interfaces and regular users can use this resource to access the metadata details of a tagged image in the image stream history for viewing, since Image resources are not directly accessible to end users. A not found error will be returned if no such image is referenced by a tag within the ImageStream. Images are created when spec tags are set on an image stream that represent an image in an external registry, when pushing to the integrated registry, or when tagging an existing image from one image stream to another. The name of an image stream image is in the form "@", where the digest is the content addressible identifier for the image (sha256:xxxxx...). You can use ImageStreamImages as the from.kind of an image stream spec tag to reference an image exactly. The only operations supported on the imagestreamimage endpoint are retrieving the image. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -36,12 +37,14 @@ Required:: | `object` | Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + | `kind` | `string` | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | |=== @@ -50,6 +53,8 @@ Description:: + -- Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -109,7 +114,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signatures` @@ -120,6 +125,8 @@ Required:: | `object` | ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + |=== === .image.dockerImageLayers Description:: @@ -186,6 +193,8 @@ Description:: + -- ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -238,7 +247,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signedClaims` diff --git a/rest_api/image_apis/imagestreamimport-image-openshift-io-v1.adoc b/rest_api/image_apis/imagestreamimport-image-openshift-io-v1.adoc index b03716e340..e1223a37ab 100644 --- a/rest_api/image_apis/imagestreamimport-image-openshift-io-v1.adoc +++ b/rest_api/image_apis/imagestreamimport-image-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="imagestreamimport-image-openshift-io-v1"] = ImageStreamImport [image.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -15,6 +14,8 @@ Description:: The image stream import resource provides an easy way for a user to find and import container images from other container image registries into the server. Individual images or an entire image repository may be imported, and users may choose to see the results of the import prior to tagging the resulting images into the specified image stream. This API is intended for end-user tools that need to see the metadata of the image prior to import (for instance, to generate an application from it). Clients that know the desired image can continue to create spec.tags directly into their image streams. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -40,7 +41,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `spec` @@ -121,7 +122,7 @@ Required:: | Property | Type | Description | `from` -| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference_v2[`ObjectReference_v2`] +| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference[`ObjectReference`] | From is the source of an image to import; only kind DockerImage is allowed | `importPolicy` @@ -137,7 +138,7 @@ Required:: | TagReferencePolicy describes how pull-specs for images in this image stream tag are generated when image change triggers in deployment configs or builds are resolved. This allows the image stream author to control how images are accessed. | `to` -| xref:../objects/index.adoc#io.k8s.api.core.v1.LocalObjectReference_v2[`LocalObjectReference_v2`] +| xref:../objects/index.adoc#io.k8s.api.core.v1.LocalObjectReference[`LocalObjectReference`] | To is a tag in the current image stream to assign the imported image to, if name is not specified the default tag from from.name will be used |=== @@ -211,7 +212,7 @@ Required:: | Property | Type | Description | `from` -| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference_v2[`ObjectReference_v2`] +| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference[`ObjectReference`] | From is the source for the image repository to import; only kind DockerImage and a name of a container image repository is allowed | `importPolicy` @@ -306,6 +307,8 @@ Type:: | `object` | An ImageStream stores a mapping of tags to images, metadata overrides that are applied when images are tagged in a stream, and an optional reference to a container image repository on a registry. Users typically update the spec.tags field to point to external images which are imported from container registries using credentials in your namespace with the pull secret type, or to existing image stream tags and images which are immediately accessible for tagging or pulling. The history of images applied to a tag is visible in the status.tags field and any user who can view an image stream is allowed to tag that image into their own image streams. Access to pull images from the integrated registry is granted by having the "get imagestreams/layers" permission on a given image stream. Users may remove a tag by deleting the imagestreamtag resource, which causes both spec and status for that tag to be removed. Image stream history is retained until an administrator runs the prune operation, which removes references that are no longer in use. To preserve a historical image, ensure there is a tag in spec pointing to that image by its digest. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + | `repository` | `object` | RepositoryImportStatus describes the result of an image repository import @@ -347,6 +350,8 @@ Required:: | `object` | Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + | `status` | xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Status[`Status`] | Status is the status of the image import, including errors encountered while retrieving the image @@ -361,6 +366,8 @@ Description:: + -- Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -420,7 +427,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signatures` @@ -431,6 +438,8 @@ Required:: | `object` | ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + |=== === .status.images[].image.dockerImageLayers Description:: @@ -497,6 +506,8 @@ Description:: + -- ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -549,7 +560,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signedClaims` @@ -682,6 +693,8 @@ Description:: + -- An ImageStream stores a mapping of tags to images, metadata overrides that are applied when images are tagged in a stream, and an optional reference to a container image repository on a registry. Users typically update the spec.tags field to point to external images which are imported from container registries using credentials in your namespace with the pull secret type, or to existing image stream tags and images which are immediately accessible for tagging or pulling. The history of images applied to a tag is visible in the status.tags field and any user who can view an image stream is allowed to tag that image into their own image streams. Access to pull images from the integrated registry is granted by having the "get imagestreams/layers" permission on a given image stream. Users may remove a tag by deleting the imagestreamtag resource, which causes both spec and status for that tag to be removed. Image stream history is retained until an administrator runs the prune operation, which removes references that are no longer in use. To preserve a historical image, ensure there is a tag in spec pointing to that image by its digest. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -703,7 +716,7 @@ Type:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `spec` @@ -810,7 +823,7 @@ Required:: | Optional; if specified, annotations that are applied to images retrieved via ImageStreamTags. | `from` -| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference_v2[`ObjectReference_v2`] +| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference[`ObjectReference`] | Optional; if specified, a reference to another image that this tag should point to. Valid values are ImageStreamTag, ImageStreamImage, and DockerImage. ImageStreamTag references can only reference a tag within this same ImageStream. | `generation` @@ -1155,6 +1168,8 @@ Required:: | `object` | Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + | `status` | xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.Status[`Status`] | Status is the status of the image import, including errors encountered while retrieving the image @@ -1169,6 +1184,8 @@ Description:: + -- Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -1228,7 +1245,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signatures` @@ -1239,6 +1256,8 @@ Required:: | `object` | ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + |=== === .status.repository.images[].image.dockerImageLayers Description:: @@ -1305,6 +1324,8 @@ Description:: + -- ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -1357,7 +1378,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signedClaims` diff --git a/rest_api/image_apis/imagestreamlayers-image-openshift-io-v1.adoc b/rest_api/image_apis/imagestreamlayers-image-openshift-io-v1.adoc index 81f1cba80d..0415146250 100644 --- a/rest_api/image_apis/imagestreamlayers-image-openshift-io-v1.adoc +++ b/rest_api/image_apis/imagestreamlayers-image-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="imagestreamlayers-image-openshift-io-v1"] = ImageStreamLayers [image.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- ImageStreamLayers describes information about the layers referenced by images in this image stream. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -54,7 +55,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | |=== diff --git a/rest_api/image_apis/imagestreammapping-image-openshift-io-v1.adoc b/rest_api/image_apis/imagestreammapping-image-openshift-io-v1.adoc index 44e35ca78c..6c79cb4a6a 100644 --- a/rest_api/image_apis/imagestreammapping-image-openshift-io-v1.adoc +++ b/rest_api/image_apis/imagestreammapping-image-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="imagestreammapping-image-openshift-io-v1"] = ImageStreamMapping [image.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- ImageStreamMapping represents a mapping from a single image stream tag to a container image as well as the reference to the container image stream the image came from. This resource is used by privileged integrators to create an image resource and to associate it with an image stream in the status tags field. Creating an ImageStreamMapping will allow any user who can view the image stream to tag or pull that image, so only create mappings where the user has proven they have access to the image contents directly. The only operation supported for this resource is create and the metadata name and namespace should be set to the image stream containing the tag that should be updated. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -37,12 +38,14 @@ Required:: | `object` | Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + | `kind` | `string` | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `tag` @@ -55,6 +58,8 @@ Description:: + -- Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -114,7 +119,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signatures` @@ -125,6 +130,8 @@ Required:: | `object` | ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + |=== === .image.dockerImageLayers Description:: @@ -191,6 +198,8 @@ Description:: + -- ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -243,7 +252,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signedClaims` diff --git a/rest_api/image_apis/imagestreamtag-image-openshift-io-v1.adoc b/rest_api/image_apis/imagestreamtag-image-openshift-io-v1.adoc index 68f2be9800..ce66a5b329 100644 --- a/rest_api/image_apis/imagestreamtag-image-openshift-io-v1.adoc +++ b/rest_api/image_apis/imagestreamtag-image-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="imagestreamtag-image-openshift-io-v1"] = ImageStreamTag [image.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- ImageStreamTag represents an Image that is retrieved by tag name from an ImageStream. Use this resource to interact with the tags and images in an image stream by tag, or to see the image details for a particular tag. The image associated with this resource is the most recently successfully tagged, imported, or pushed image (as described in the image stream status.tags.items list for this tag). If an import is in progress or has failed the previous image will be shown. Deleting an image stream tag clears both the status and spec fields of an image stream. If no image can be retrieved for a given tag, a not found error will be returned. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -51,6 +52,8 @@ Required:: | `object` | Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + | `kind` | `string` | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds @@ -60,7 +63,7 @@ Required:: | ImageLookupPolicy describes how an image stream can be used to override the image references used by pods, builds, and other resources in a namespace. | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `tag` @@ -132,6 +135,8 @@ Description:: + -- Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -191,7 +196,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signatures` @@ -202,6 +207,8 @@ Required:: | `object` | ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + |=== === .image.dockerImageLayers Description:: @@ -268,6 +275,8 @@ Description:: + -- ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -320,7 +329,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signedClaims` @@ -496,7 +505,7 @@ Required:: | Optional; if specified, annotations that are applied to images retrieved via ImageStreamTags. | `from` -| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference_v2[`ObjectReference_v2`] +| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference[`ObjectReference`] | Optional; if specified, a reference to another image that this tag should point to. Valid values are ImageStreamTag, ImageStreamImage, and DockerImage. ImageStreamTag references can only reference a tag within this same ImageStream. | `generation` @@ -596,7 +605,7 @@ The following API endpoints are available: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -685,7 +694,7 @@ Description:: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -897,6 +906,8 @@ Description:: | HTTP code | Reponse body | 200 - OK | xref:../image_apis/imagestreamtag-image-openshift-io-v1.adoc#imagestreamtag-image-openshift-io-v1[`ImageStreamTag`] schema +| 201 - Created +| xref:../image_apis/imagestreamtag-image-openshift-io-v1.adoc#imagestreamtag-image-openshift-io-v1[`ImageStreamTag`] schema | 401 - Unauthorized | Empty |=== diff --git a/rest_api/image_apis/imagetag-image-openshift-io-v1.adoc b/rest_api/image_apis/imagetag-image-openshift-io-v1.adoc index 48a7941479..0708a2dffd 100644 --- a/rest_api/image_apis/imagetag-image-openshift-io-v1.adoc +++ b/rest_api/image_apis/imagetag-image-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="imagetag-image-openshift-io-v1"] = ImageTag [image.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -13,6 +12,8 @@ Description:: + -- ImageTag represents a single tag within an image stream and includes the spec, the status history, and the currently referenced image (if any) of the provided tag. This type replaces the ImageStreamTag by providing a full view of the tag. ImageTags are returned for every spec or status tag present on the image stream. If no tag exists in either form a not found error will be returned by the API. A create operation will succeed if no spec tag has already been defined and the spec field is set. Delete will remove both spec and status elements from the image stream. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -38,12 +39,14 @@ Required:: | `object` | Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + | `kind` | `string` | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `spec` @@ -60,6 +63,8 @@ Description:: + -- Image is an immutable representation of a container image and metadata at a point in time. Images are named by taking a hash of their contents (metadata and content) and any change in format, content, or metadata results in a new name. The images resource is primarily for use by cluster administrators and integrations like the cluster image registry - end users instead access images via the imagestreamtags or imagestreamimages resources. While image metadata is stored in the API, any integration that implements the container image registry API must provide its own storage for the raw manifest data, image config, and layer contents. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -119,7 +124,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signatures` @@ -130,6 +135,8 @@ Required:: | `object` | ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). + |=== === .image.dockerImageLayers Description:: @@ -196,6 +203,8 @@ Description:: + -- ImageSignature holds a signature of an image. It allows to verify image identity and possibly other claims as long as the signature is trusted. Based on this information it is possible to restrict runnable images to those matching cluster-wide policy. Mandatory fields should be parsed by clients doing image verification. The others are parsed from signature's content by the server. They serve just an informative purpose. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -248,7 +257,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta[`ObjectMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta_v3[`ObjectMeta_v3`] | | `signedClaims` @@ -400,7 +409,7 @@ Required:: | Optional; if specified, annotations that are applied to images retrieved via ImageStreamTags. | `from` -| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference_v2[`ObjectReference_v2`] +| xref:../objects/index.adoc#io.k8s.api.core.v1.ObjectReference[`ObjectReference`] | Optional; if specified, a reference to another image that this tag should point to. Valid values are ImageStreamTag, ImageStreamImage, and DockerImage. ImageStreamTag references can only reference a tag within this same ImageStream. | `generation` @@ -652,7 +661,7 @@ The following API endpoints are available: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -741,7 +750,7 @@ Description:: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". @@ -953,6 +962,8 @@ Description:: | HTTP code | Reponse body | 200 - OK | xref:../image_apis/imagetag-image-openshift-io-v1.adoc#imagetag-image-openshift-io-v1[`ImageTag`] schema +| 201 - Created +| xref:../image_apis/imagetag-image-openshift-io-v1.adoc#imagetag-image-openshift-io-v1[`ImageTag`] schema | 401 - Unauthorized | Empty |=== diff --git a/rest_api/image_apis/secretlist-image-openshift-io-v1.adoc b/rest_api/image_apis/secretlist-image-openshift-io-v1.adoc index babb45a338..14faf4f0e9 100644 --- a/rest_api/image_apis/secretlist-image-openshift-io-v1.adoc +++ b/rest_api/image_apis/secretlist-image-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="secretlist-image-openshift-io-v1"] = SecretList [image.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -41,7 +40,7 @@ Required:: | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | `metadata` -| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta[`ListMeta`] +| xref:../objects/index.adoc#io.k8s.apimachinery.pkg.apis.meta.v1.ListMeta_v2[`ListMeta_v2`] | Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |=== @@ -74,7 +73,7 @@ The following API endpoints are available: | Parameter | Type | Description | `allowWatchBookmarks` | `boolean` -| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. +| allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. | `continue` | `string` | The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". diff --git a/rest_api/index.adoc b/rest_api/index.adoc index f02bb6e10d..2781ad3516 100644 --- a/rest_api/index.adoc +++ b/rest_api/index.adoc @@ -2,17 +2,14 @@ :_content-type: ASSEMBLY [id="api-index"] = API index -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] [cols="1,1",options="header"] |=== ^| API ^| API group | xref:./monitoring_apis/alertmanager-monitoring-coreos-com-v1.adoc#alertmanager-monitoring-coreos-com-v1[Alertmanager] | monitoring.coreos.com/v1 -| xref:./monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc#alertmanagerconfig-monitoring-coreos-com-v1alpha1[AlertmanagerConfig] -| monitoring.coreos.com/v1alpha1 +| xref:./monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc#alertmanagerconfig-monitoring-coreos-com-v1beta1[AlertmanagerConfig] +| monitoring.coreos.com/v1beta1 | xref:./metadata_apis/apirequestcount-apiserver-openshift-io-v1.adoc#apirequestcount-apiserver-openshift-io-v1[APIRequestCount] | apiserver.openshift.io/v1 | xref:./config_apis/apiserver-config-openshift-io-v1.adoc#apiserver-config-openshift-io-v1[APIServer] @@ -29,6 +26,8 @@ endif::[] | metal3.io/v1alpha1 | xref:./metadata_apis/binding-v1.adoc#binding-v1[Binding] | v1 +| xref:./provisioning_apis/bmceventsubscription-metal3-io-v1alpha1.adoc#bmceventsubscription-metal3-io-v1alpha1[BMCEventSubscription] +| metal3.io/v1alpha1 | xref:./template_apis/brokertemplateinstance-template-openshift-io-v1.adoc#brokertemplateinstance-template-openshift-io-v1[BrokerTemplateInstance] | template.openshift.io/v1 | xref:./workloads_apis/build-build-openshift-io-v1.adoc#build-build-openshift-io-v1[Build] @@ -47,6 +46,8 @@ endif::[] | certificates.k8s.io/v1 | xref:./operator_apis/cloudcredential-operator-openshift-io-v1.adoc#cloudcredential-operator-openshift-io-v1[CloudCredential] | operator.openshift.io/v1 +| xref:./network_apis/cloudprivateipconfig-cloud-network-openshift-io-v1.adoc#cloudprivateipconfig-cloud-network-openshift-io-v1[CloudPrivateIPConfig] +| cloud.network.openshift.io/v1 | xref:./autoscale_apis/clusterautoscaler-autoscaling-openshift-io-v1.adoc#clusterautoscaler-autoscaling-openshift-io-v1[ClusterAutoscaler] | autoscaling.openshift.io/v1 | xref:./operator_apis/clustercsidriver-operator-openshift-io-v1.adoc#clustercsidriver-operator-openshift-io-v1[ClusterCSIDriver] @@ -113,8 +114,8 @@ endif::[] | storage.k8s.io/v1 | xref:./operator_apis/csisnapshotcontroller-operator-openshift-io-v1.adoc#csisnapshotcontroller-operator-openshift-io-v1[CSISnapshotController] | operator.openshift.io/v1 -| xref:./storage_apis/csistoragecapacity-storage-k8s-io-v1beta1.adoc#csistoragecapacity-storage-k8s-io-v1beta1[CSIStorageCapacity] -| storage.k8s.io/v1beta1 +| xref:./storage_apis/csistoragecapacity-storage-k8s-io-v1.adoc#csistoragecapacity-storage-k8s-io-v1[CSIStorageCapacity] +| storage.k8s.io/v1 | xref:./extension_apis/customresourcedefinition-apiextensions-k8s-io-v1.adoc#customresourcedefinition-apiextensions-k8s-io-v1[CustomResourceDefinition] | apiextensions.k8s.io/v1 | xref:./workloads_apis/daemonset-apps-v1.adoc#daemonset-apps-v1[DaemonSet] @@ -155,14 +156,14 @@ endif::[] | config.openshift.io/v1 | xref:./provisioning_apis/firmwareschema-metal3-io-v1alpha1.adoc#firmwareschema-metal3-io-v1alpha1[FirmwareSchema] | metal3.io/v1alpha1 -| xref:./schedule_and_quota_apis/flowschema-flowcontrol-apiserver-k8s-io-v1beta1.adoc#flowschema-flowcontrol-apiserver-k8s-io-v1beta1[FlowSchema] -| flowcontrol.apiserver.k8s.io/v1beta1 +| xref:./schedule_and_quota_apis/flowschema-flowcontrol-apiserver-k8s-io-v1beta2.adoc#flowschema-flowcontrol-apiserver-k8s-io-v1beta2[FlowSchema] +| flowcontrol.apiserver.k8s.io/v1beta2 | xref:./user_and_group_apis/group-user-openshift-io-v1.adoc#group-user-openshift-io-v1[Group] | user.openshift.io/v1 | xref:./config_apis/helmchartrepository-helm-openshift-io-v1beta1.adoc#helmchartrepository-helm-openshift-io-v1beta1[HelmChartRepository] | helm.openshift.io/v1beta1 -| xref:./autoscale_apis/horizontalpodautoscaler-autoscaling-v1.adoc#horizontalpodautoscaler-autoscaling-v1[HorizontalPodAutoscaler] -| autoscaling/v1 +| xref:./autoscale_apis/horizontalpodautoscaler-autoscaling-v2.adoc#horizontalpodautoscaler-autoscaling-v2[HorizontalPodAutoscaler] +| autoscaling/v2 | xref:./provisioning_apis/hostfirmwaresettings-metal3-io-v1alpha1.adoc#hostfirmwaresettings-metal3-io-v1alpha1[HostFirmwareSettings] | metal3.io/v1alpha1 | xref:./network_apis/hostsubnet-network-openshift-io-v1.adoc#hostsubnet-network-openshift-io-v1[HostSubnet] @@ -259,6 +260,8 @@ endif::[] | networking.k8s.io/v1 | xref:./node_apis/node-v1.adoc#node-v1[Node] | v1 +| xref:./config_apis/node-config-openshift-io-v1.adoc#node-config-openshift-io-v1[Node] +| config.openshift.io/v1 | xref:./config_apis/oauth-config-openshift-io-v1.adoc#oauth-config-openshift-io-v1[OAuth] | config.openshift.io/v1 | xref:./oauth_apis/oauthaccesstoken-oauth-openshift-io-v1.adoc#oauthaccesstoken-oauth-openshift-io-v1[OAuthAccessToken] @@ -269,6 +272,8 @@ endif::[] | oauth.openshift.io/v1 | xref:./oauth_apis/oauthclientauthorization-oauth-openshift-io-v1.adoc#oauthclientauthorization-oauth-openshift-io-v1[OAuthClientAuthorization] | oauth.openshift.io/v1 +| xref:./operatorhub_apis/olmconfig-operators-coreos-com-v1.adoc#olmconfig-operators-coreos-com-v1[OLMConfig] +| operators.coreos.com/v1 | xref:./operator_apis/openshiftapiserver-operator-openshift-io-v1.adoc#openshiftapiserver-operator-openshift-io-v1[OpenShiftAPIServer] | operator.openshift.io/v1 | xref:./operator_apis/openshiftcontrollermanager-operator-openshift-io-v1.adoc#openshiftcontrollermanager-operator-openshift-io-v1[OpenShiftControllerManager] @@ -283,8 +288,12 @@ endif::[] | config.openshift.io/v1 | xref:./operator_apis/operatorpki-network-operator-openshift-io-v1.adoc#operatorpki-network-operator-openshift-io-v1[OperatorPKI] | network.operator.openshift.io/v1 +| xref:./network_apis/overlappingrangeipreservation-whereabouts-cni-cncf-io-v1alpha1.adoc#overlappingrangeipreservation-whereabouts-cni-cncf-io-v1alpha1[OverlappingRangeIPReservation] +| whereabouts.cni.cncf.io/v1alpha1 | xref:./operatorhub_apis/packagemanifest-packages-operators-coreos-com-v1.adoc#packagemanifest-packages-operators-coreos-com-v1[PackageManifest] | packages.operators.coreos.com/v1 +| xref:./node_apis/performanceprofile-performance-openshift-io-v2.adoc#performanceprofile-performance-openshift-io-v2[PerformanceProfile] +| performance.openshift.io/v2 | xref:./workloads_apis/persistentvolume-v1.adoc#persistentvolume-v1[PersistentVolume] | v1 | xref:./storage_apis/persistentvolumeclaim-v1.adoc#persistentvolumeclaim-v1[PersistentVolumeClaim] @@ -305,10 +314,12 @@ endif::[] | security.openshift.io/v1 | xref:./template_apis/podtemplate-v1.adoc#podtemplate-v1[PodTemplate] | v1 +| xref:./provisioning_apis/preprovisioningimage-metal3-io-v1alpha1.adoc#preprovisioningimage-metal3-io-v1alpha1[PreprovisioningImage] +| metal3.io/v1alpha1 | xref:./schedule_and_quota_apis/priorityclass-scheduling-k8s-io-v1.adoc#priorityclass-scheduling-k8s-io-v1[PriorityClass] | scheduling.k8s.io/v1 -| xref:./schedule_and_quota_apis/prioritylevelconfiguration-flowcontrol-apiserver-k8s-io-v1beta1.adoc#prioritylevelconfiguration-flowcontrol-apiserver-k8s-io-v1beta1[PriorityLevelConfiguration] -| flowcontrol.apiserver.k8s.io/v1beta1 +| xref:./schedule_and_quota_apis/prioritylevelconfiguration-flowcontrol-apiserver-k8s-io-v1beta2.adoc#prioritylevelconfiguration-flowcontrol-apiserver-k8s-io-v1beta2[PriorityLevelConfiguration] +| flowcontrol.apiserver.k8s.io/v1beta2 | xref:./monitoring_apis/probe-monitoring-coreos-com-v1.adoc#probe-monitoring-coreos-com-v1[Probe] | monitoring.coreos.com/v1 | xref:./node_apis/profile-tuned-openshift-io-v1.adoc#profile-tuned-openshift-io-v1[Profile] @@ -317,6 +328,8 @@ endif::[] | config.openshift.io/v1 | xref:./project_apis/project-project-openshift-io-v1.adoc#project-project-openshift-io-v1[Project] | project.openshift.io/v1 +| xref:./config_apis/projecthelmchartrepository-helm-openshift-io-v1beta1.adoc#projecthelmchartrepository-helm-openshift-io-v1beta1[ProjectHelmChartRepository] +| helm.openshift.io/v1beta1 | xref:./project_apis/projectrequest-project-openshift-io-v1.adoc#projectrequest-project-openshift-io-v1[ProjectRequest] | project.openshift.io/v1 | xref:./monitoring_apis/prometheus-monitoring-coreos-com-v1.adoc#prometheus-monitoring-coreos-com-v1[Prometheus] diff --git a/rest_api/machine_apis/containerruntimeconfig-machineconfiguration-openshift-io-v1.adoc b/rest_api/machine_apis/containerruntimeconfig-machineconfiguration-openshift-io-v1.adoc index 2fa0409f42..c634a8f66e 100644 --- a/rest_api/machine_apis/containerruntimeconfig-machineconfiguration-openshift-io-v1.adoc +++ b/rest_api/machine_apis/containerruntimeconfig-machineconfiguration-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="containerruntimeconfig-machineconfiguration-openshift-io-v1"] = ContainerRuntimeConfig [machineconfiguration.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -104,7 +103,7 @@ Type:: | `overlaySize` | `string` -| overlaySize specifies the maximum size of a container image. This flag can be used to set quota on the size of container images. (default: 10GB) +| overlaySize specifies the maximum size of a container image. This flag can be used to set quota on the size of container images. | `pidsLimit` | `integer` diff --git a/rest_api/machine_apis/controllerconfig-machineconfiguration-openshift-io-v1.adoc b/rest_api/machine_apis/controllerconfig-machineconfiguration-openshift-io-v1.adoc index 44cd3d222f..170e292e75 100644 --- a/rest_api/machine_apis/controllerconfig-machineconfiguration-openshift-io-v1.adoc +++ b/rest_api/machine_apis/controllerconfig-machineconfiguration-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="controllerconfig-machineconfiguration-openshift-io-v1"] = ControllerConfig [machineconfiguration.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -115,6 +114,10 @@ Required:: | `string` | kubeAPIServerServingCAData managed Kubelet to API Server Cert... Rotated automatically +| `network` +| `` +| network contains additional network related information + | `networkType` | `string` | networkType holds the type of network the cluster is using XXX: this is temporary and will be dropped as soon as possible in favor of a better support to start network related services the proper way. Nobody is also changing this once the cluster is up and running the first time, so, disallow regeneration if this changes. diff --git a/rest_api/machine_apis/kubeletconfig-machineconfiguration-openshift-io-v1.adoc b/rest_api/machine_apis/kubeletconfig-machineconfiguration-openshift-io-v1.adoc index 050fa1de96..53cb9c2686 100644 --- a/rest_api/machine_apis/kubeletconfig-machineconfiguration-openshift-io-v1.adoc +++ b/rest_api/machine_apis/kubeletconfig-machineconfiguration-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="kubeletconfig-machineconfiguration-openshift-io-v1"] = KubeletConfig [machineconfiguration.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/machine_apis/machine-apis-index.adoc b/rest_api/machine_apis/machine-apis-index.adoc index a890dfd22b..ccb5e2aa46 100644 --- a/rest_api/machine_apis/machine-apis-index.adoc +++ b/rest_api/machine_apis/machine-apis-index.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="machine-apis"] = Machine APIs -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -68,7 +67,7 @@ Type:: Description:: + -- -MachineHealthCheck is the Schema for the machinehealthchecks API +MachineHealthCheck is the Schema for the machinehealthchecks API Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: @@ -79,7 +78,7 @@ Type:: Description:: + -- -Machine is the Schema for the machines API +Machine is the Schema for the machines API Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: @@ -90,7 +89,7 @@ Type:: Description:: + -- -MachineSet ensures that a specified number of machines replicas are running at any given time. +MachineSet ensures that a specified number of machines replicas are running at any given time. Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: diff --git a/rest_api/machine_apis/machine-machine-openshift-io-v1beta1.adoc b/rest_api/machine_apis/machine-machine-openshift-io-v1beta1.adoc index f7e4abb505..35e9c47883 100644 --- a/rest_api/machine_apis/machine-machine-openshift-io-v1beta1.adoc +++ b/rest_api/machine_apis/machine-machine-openshift-io-v1beta1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="machine-machine-openshift-io-v1beta1"] = Machine [machine.openshift.io/v1beta1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -12,7 +11,7 @@ toc::[] Description:: + -- -Machine is the Schema for the machines API +Machine is the Schema for the machines API Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: @@ -64,6 +63,10 @@ Type:: |=== | Property | Type | Description +| `lifecycleHooks` +| `object` +| LifecycleHooks allow users to pause operations on the machine at certain predefined points within the machine lifecycle. + | `metadata` | `object` | ObjectMeta will autopopulate the Node created. Use this to indicate what labels, annotations, name prefix, etc., should be used when creating the Node. @@ -84,6 +87,124 @@ Type:: | `object` | The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. +|=== +=== .spec.lifecycleHooks +Description:: ++ +-- +LifecycleHooks allow users to pause operations on the machine at certain predefined points within the machine lifecycle. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `preDrain` +| `array` +| PreDrain hooks prevent the machine from being drained. This also blocks further lifecycle events, such as termination. + +| `preDrain[]` +| `object` +| LifecycleHook represents a single instance of a lifecycle hook + +| `preTerminate` +| `array` +| PreTerminate hooks prevent the machine from being terminated. PreTerminate hooks be actioned after the Machine has been drained. + +| `preTerminate[]` +| `object` +| LifecycleHook represents a single instance of a lifecycle hook + +|=== +=== .spec.lifecycleHooks.preDrain +Description:: ++ +-- +PreDrain hooks prevent the machine from being drained. This also blocks further lifecycle events, such as termination. +-- + +Type:: + `array` + + + + +=== .spec.lifecycleHooks.preDrain[] +Description:: ++ +-- +LifecycleHook represents a single instance of a lifecycle hook +-- + +Type:: + `object` + +Required:: + - `name` + - `owner` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| Name defines a unique name for the lifcycle hook. The name should be unique and descriptive, ideally 1-3 words, in CamelCase or it may be namespaced, eg. foo.example.com/CamelCase. Names must be unique and should only be managed by a single entity. + +| `owner` +| `string` +| Owner defines the owner of the lifecycle hook. This should be descriptive enough so that users can identify who/what is responsible for blocking the lifecycle. This could be the name of a controller (e.g. clusteroperator/etcd) or an administrator managing the hook. + +|=== +=== .spec.lifecycleHooks.preTerminate +Description:: ++ +-- +PreTerminate hooks prevent the machine from being terminated. PreTerminate hooks be actioned after the Machine has been drained. +-- + +Type:: + `array` + + + + +=== .spec.lifecycleHooks.preTerminate[] +Description:: ++ +-- +LifecycleHook represents a single instance of a lifecycle hook +-- + +Type:: + `object` + +Required:: + - `name` + - `owner` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| Name defines a unique name for the lifcycle hook. The name should be unique and descriptive, ideally 1-3 words, in CamelCase or it may be namespaced, eg. foo.example.com/CamelCase. Names must be unique and should only be managed by a single entity. + +| `owner` +| `string` +| Owner defines the owner of the lifecycle hook. This should be descriptive enough so that users can identify who/what is responsible for blocking the lifecycle. This could be the name of a controller (e.g. clusteroperator/etcd) or an administrator managing the hook. + |=== === .spec.metadata Description:: @@ -175,7 +296,7 @@ Required:: | `blockOwnerDeletion` | `boolean` -| If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +| If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. | `controller` | `boolean` @@ -397,9 +518,6 @@ Condition defines an observation of a Machine API resource operational state. Type:: `object` -Required:: - - `status` - - `type` diff --git a/rest_api/machine_apis/machineconfig-machineconfiguration-openshift-io-v1.adoc b/rest_api/machine_apis/machineconfig-machineconfiguration-openshift-io-v1.adoc index fdab59e769..c4ac9b6a28 100644 --- a/rest_api/machine_apis/machineconfig-machineconfiguration-openshift-io-v1.adoc +++ b/rest_api/machine_apis/machineconfig-machineconfiguration-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="machineconfig-machineconfiguration-openshift-io-v1"] = MachineConfig [machineconfiguration.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -82,7 +81,7 @@ Type:: | `osImageURL` | `string` -| OSImageURL specifies the remote location that will be used to fetch the OS to fetch the OS. +| OSImageURL specifies the remote location that will be used to fetch the OS |=== diff --git a/rest_api/machine_apis/machineconfigpool-machineconfiguration-openshift-io-v1.adoc b/rest_api/machine_apis/machineconfigpool-machineconfiguration-openshift-io-v1.adoc index e6a8003380..cf946cb656 100644 --- a/rest_api/machine_apis/machineconfigpool-machineconfiguration-openshift-io-v1.adoc +++ b/rest_api/machine_apis/machineconfigpool-machineconfiguration-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="machineconfigpool-machineconfiguration-openshift-io-v1"] = MachineConfigPool [machineconfiguration.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -74,7 +73,7 @@ Type:: | `maxUnavailable` | `integer-or-string` -| maxUnavailable specifies the percentage or constant number of machines that can be updating at any given time. default is 1. +| maxUnavailable defines either an integer number or percentage of nodes in the corresponding pool that can go Unavailable during an update. This includes nodes Unavailable for any reason, including user initiated cordons, failing nodes, etc. The default value is 1. A value larger than 1 will mean multiple nodes going unavailable during the update, which may affect your workload stress on the remaining nodes. You cannot set this value to 0 to stop updates (it will default back to 1); to stop updates, use the 'paused' property instead. Drain will respect Pod Disruption Budgets (PDBs) such as etcd quorum guards, even if maxUnavailable is greater than one. | `nodeSelector` | `object` diff --git a/rest_api/machine_apis/machinehealthcheck-machine-openshift-io-v1beta1.adoc b/rest_api/machine_apis/machinehealthcheck-machine-openshift-io-v1beta1.adoc index bbb44e4bbd..850186f74a 100644 --- a/rest_api/machine_apis/machinehealthcheck-machine-openshift-io-v1beta1.adoc +++ b/rest_api/machine_apis/machinehealthcheck-machine-openshift-io-v1beta1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="machinehealthcheck-machine-openshift-io-v1beta1"] = MachineHealthCheck [machine.openshift.io/v1beta1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -12,7 +11,7 @@ toc::[] Description:: + -- -MachineHealthCheck is the Schema for the machinehealthchecks API +MachineHealthCheck is the Schema for the machinehealthchecks API Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: @@ -57,9 +56,6 @@ Specification of machine health check policy Type:: `object` -Required:: - - `selector` - - `unhealthyConditions` @@ -239,10 +235,6 @@ UnhealthyCondition represents a Node condition type and value with a timeout spe Type:: `object` -Required:: - - `status` - - `timeout` - - `type` @@ -273,9 +265,6 @@ Most recently observed status of MachineHealthCheck resource Type:: `object` -Required:: - - `currentHealthy` - - `expectedMachines` @@ -327,9 +316,6 @@ Condition defines an observation of a Machine API resource operational state. Type:: `object` -Required:: - - `status` - - `type` diff --git a/rest_api/machine_apis/machineset-machine-openshift-io-v1beta1.adoc b/rest_api/machine_apis/machineset-machine-openshift-io-v1beta1.adoc index 498503b83a..4b85d97b03 100644 --- a/rest_api/machine_apis/machineset-machine-openshift-io-v1beta1.adoc +++ b/rest_api/machine_apis/machineset-machine-openshift-io-v1beta1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="machineset-machine-openshift-io-v1beta1"] = MachineSet [machine.openshift.io/v1beta1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -12,7 +11,7 @@ toc::[] Description:: + -- -MachineSet ensures that a specified number of machines replicas are running at any given time. +MachineSet ensures that a specified number of machines replicas are running at any given time. Compatibility level 2: Stable within a major release for a minimum of 9 months or 3 minor releases (whichever is longer). -- Type:: @@ -57,8 +56,6 @@ MachineSetSpec defines the desired state of MachineSet Type:: `object` -Required:: - - `selector` @@ -279,7 +276,7 @@ Required:: | `blockOwnerDeletion` | `boolean` -| If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +| If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. | `controller` | `boolean` @@ -315,6 +312,10 @@ Type:: |=== | Property | Type | Description +| `lifecycleHooks` +| `object` +| LifecycleHooks allow users to pause operations on the machine at certain predefined points within the machine lifecycle. + | `metadata` | `object` | ObjectMeta will autopopulate the Node created. Use this to indicate what labels, annotations, name prefix, etc., should be used when creating the Node. @@ -335,6 +336,124 @@ Type:: | `object` | The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. +|=== +=== .spec.template.spec.lifecycleHooks +Description:: ++ +-- +LifecycleHooks allow users to pause operations on the machine at certain predefined points within the machine lifecycle. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `preDrain` +| `array` +| PreDrain hooks prevent the machine from being drained. This also blocks further lifecycle events, such as termination. + +| `preDrain[]` +| `object` +| LifecycleHook represents a single instance of a lifecycle hook + +| `preTerminate` +| `array` +| PreTerminate hooks prevent the machine from being terminated. PreTerminate hooks be actioned after the Machine has been drained. + +| `preTerminate[]` +| `object` +| LifecycleHook represents a single instance of a lifecycle hook + +|=== +=== .spec.template.spec.lifecycleHooks.preDrain +Description:: ++ +-- +PreDrain hooks prevent the machine from being drained. This also blocks further lifecycle events, such as termination. +-- + +Type:: + `array` + + + + +=== .spec.template.spec.lifecycleHooks.preDrain[] +Description:: ++ +-- +LifecycleHook represents a single instance of a lifecycle hook +-- + +Type:: + `object` + +Required:: + - `name` + - `owner` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| Name defines a unique name for the lifcycle hook. The name should be unique and descriptive, ideally 1-3 words, in CamelCase or it may be namespaced, eg. foo.example.com/CamelCase. Names must be unique and should only be managed by a single entity. + +| `owner` +| `string` +| Owner defines the owner of the lifecycle hook. This should be descriptive enough so that users can identify who/what is responsible for blocking the lifecycle. This could be the name of a controller (e.g. clusteroperator/etcd) or an administrator managing the hook. + +|=== +=== .spec.template.spec.lifecycleHooks.preTerminate +Description:: ++ +-- +PreTerminate hooks prevent the machine from being terminated. PreTerminate hooks be actioned after the Machine has been drained. +-- + +Type:: + `array` + + + + +=== .spec.template.spec.lifecycleHooks.preTerminate[] +Description:: ++ +-- +LifecycleHook represents a single instance of a lifecycle hook +-- + +Type:: + `object` + +Required:: + - `name` + - `owner` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| Name defines a unique name for the lifcycle hook. The name should be unique and descriptive, ideally 1-3 words, in CamelCase or it may be namespaced, eg. foo.example.com/CamelCase. Names must be unique and should only be managed by a single entity. + +| `owner` +| `string` +| Owner defines the owner of the lifecycle hook. This should be descriptive enough so that users can identify who/what is responsible for blocking the lifecycle. This could be the name of a controller (e.g. clusteroperator/etcd) or an administrator managing the hook. + |=== === .spec.template.spec.metadata Description:: @@ -426,7 +545,7 @@ Required:: | `blockOwnerDeletion` | `boolean` -| If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +| If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. | `controller` | `boolean` @@ -527,8 +646,6 @@ MachineSetStatus defines the observed state of MachineSet Type:: `object` -Required:: - - `replicas` diff --git a/rest_api/metadata_apis/apirequestcount-apiserver-openshift-io-v1.adoc b/rest_api/metadata_apis/apirequestcount-apiserver-openshift-io-v1.adoc index d60ac96c6f..bbed4f01f3 100644 --- a/rest_api/metadata_apis/apirequestcount-apiserver-openshift-io-v1.adoc +++ b/rest_api/metadata_apis/apirequestcount-apiserver-openshift-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="apirequestcount-apiserver-openshift-io-v1"] = APIRequestCount [apiserver.openshift.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/metadata_apis/binding-v1.adoc b/rest_api/metadata_apis/binding-v1.adoc index b3c6f65da8..170bcce7dd 100644 --- a/rest_api/metadata_apis/binding-v1.adoc +++ b/rest_api/metadata_apis/binding-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="binding-v1"] = Binding [v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/metadata_apis/componentstatus-v1.adoc b/rest_api/metadata_apis/componentstatus-v1.adoc index 5f393282f2..0247c355a1 100644 --- a/rest_api/metadata_apis/componentstatus-v1.adoc +++ b/rest_api/metadata_apis/componentstatus-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="componentstatus-v1"] = ComponentStatus [v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/metadata_apis/configmap-v1.adoc b/rest_api/metadata_apis/configmap-v1.adoc index 39a09d63bb..94be84461e 100644 --- a/rest_api/metadata_apis/configmap-v1.adoc +++ b/rest_api/metadata_apis/configmap-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="configmap-v1"] = ConfigMap [v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/metadata_apis/controllerrevision-apps-v1.adoc b/rest_api/metadata_apis/controllerrevision-apps-v1.adoc index 29f44a586a..f08987f491 100644 --- a/rest_api/metadata_apis/controllerrevision-apps-v1.adoc +++ b/rest_api/metadata_apis/controllerrevision-apps-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="controllerrevision-apps-v1"] = ControllerRevision [apps/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/metadata_apis/event-events-k8s-io-v1.adoc b/rest_api/metadata_apis/event-events-k8s-io-v1.adoc index 6637ec9d6d..1d1dff67f9 100644 --- a/rest_api/metadata_apis/event-events-k8s-io-v1.adoc +++ b/rest_api/metadata_apis/event-events-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="event-events-k8s-io-v1"] = Event [events.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/metadata_apis/event-v1.adoc b/rest_api/metadata_apis/event-v1.adoc index 9db022148b..f809f09165 100644 --- a/rest_api/metadata_apis/event-v1.adoc +++ b/rest_api/metadata_apis/event-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="event-v1"] = Event [v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/metadata_apis/lease-coordination-k8s-io-v1.adoc b/rest_api/metadata_apis/lease-coordination-k8s-io-v1.adoc index 5b30a2d92b..d1aa3a5693 100644 --- a/rest_api/metadata_apis/lease-coordination-k8s-io-v1.adoc +++ b/rest_api/metadata_apis/lease-coordination-k8s-io-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="lease-coordination-k8s-io-v1"] = Lease [coordination.k8s.io/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/metadata_apis/metadata-apis-index.adoc b/rest_api/metadata_apis/metadata-apis-index.adoc index 65d3acd29f..ceae958e6f 100644 --- a/rest_api/metadata_apis/metadata-apis-index.adoc +++ b/rest_api/metadata_apis/metadata-apis-index.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="metadata-apis"] = Metadata APIs -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] diff --git a/rest_api/metadata_apis/namespace-v1.adoc b/rest_api/metadata_apis/namespace-v1.adoc index d3e6cdb2fd..f4f49b5a32 100644 --- a/rest_api/metadata_apis/namespace-v1.adoc +++ b/rest_api/metadata_apis/namespace-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="namespace-v1"] = Namespace [v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -98,6 +97,10 @@ Type:: | `string` | Phase is the current lifecycle phase of the namespace. More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/ +Possible enum values: + - `"Active"` means the namespace is available for use in the system + - `"Terminating"` means the namespace is undergoing graceful termination + |=== === .status.conditions Description:: diff --git a/rest_api/monitoring_apis/alertmanager-monitoring-coreos-com-v1.adoc b/rest_api/monitoring_apis/alertmanager-monitoring-coreos-com-v1.adoc index 57b57f1b23..82ee8dd4a0 100644 --- a/rest_api/monitoring_apis/alertmanager-monitoring-coreos-com-v1.adoc +++ b/rest_api/monitoring_apis/alertmanager-monitoring-coreos-com-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="alertmanager-monitoring-coreos-com-v1"] = Alertmanager [monitoring.coreos.com/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -82,6 +81,10 @@ Type:: | `object` | AlertmanagerConfigs to be selected for to merge and configure Alertmanager with. +| `alertmanagerConfiguration` +| `object` +| EXPERIMENTAL: alertmanagerConfiguration specifies the global Alertmanager configuration. If defined, it takes precedence over the `configSecret` field. This field may change in future releases. + | `baseImage` | `string` | Base image that is used to deploy pods, without tag. Deprecated: use 'image' instead @@ -108,7 +111,9 @@ Type:: | `configSecret` | `string` -| ConfigSecret is the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains configuration for this Alertmanager instance. Defaults to 'alertmanager-' The secret is mounted into /etc/alertmanager/config. +| ConfigSecret is the name of a Kubernetes Secret in the same namespace as the Alertmanager object, which contains the configuration for this Alertmanager instance. If empty, it defaults to 'alertmanager-'. + The Alertmanager configuration should be available under the `alertmanager.yaml` key. Additional keys from the original secret are copied to the generated secret. + If either the secret or the `alertmanager.yaml` key is missing, the operator provisions an Alertmanager configuration with one empty receiver (effectively dropping alert notifications). | `containers` | `array` @@ -126,6 +131,14 @@ Type:: | `boolean` | ForceEnableClusterMode ensures Alertmanager does not deactivate the cluster mode when running with a single replica. Use case is e.g. spanning an Alertmanager cluster across Kubernetes clusters with a single replica in each. +| `hostAliases` +| `array` +| Pods' hostAliases configuration + +| `hostAliases[]` +| `object` +| HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file. + | `image` | `string` | Image if specified has precedence over baseImage, tag and sha combinations. Specifying the version is still necessary to ensure the Prometheus Operator knows what version of Alertmanager is being configured. @@ -753,9 +766,13 @@ Required:: | `object` | A label query over a set of resources, in this case pods. +| `namespaceSelector` +| `object` +| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + | `namespaces` | `array (string)` -| namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" +| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" | `topologyKey` | `string` @@ -821,6 +838,82 @@ Required:: +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| key is the label key that the selector applies to. + +| `operator` +| `string` +| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + +| `values` +| `array (string)` +| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + +|=== +=== .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector +Description:: ++ +-- +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `matchExpressions` +| `array` +| matchExpressions is a list of label selector requirements. The requirements are ANDed. + +| `matchExpressions[]` +| `object` +| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +| `matchLabels` +| `object (string)` +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + +|=== +=== .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector.matchExpressions +Description:: ++ +-- +matchExpressions is a list of label selector requirements. The requirements are ANDed. +-- + +Type:: + `array` + + + + +=== .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector.matchExpressions[] +Description:: ++ +-- +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +-- + +Type:: + `object` + +Required:: + - `key` + - `operator` + + + [cols="1,1,1",options="header"] |=== | Property | Type | Description @@ -874,9 +967,13 @@ Required:: | `object` | A label query over a set of resources, in this case pods. +| `namespaceSelector` +| `object` +| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + | `namespaces` | `array (string)` -| namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" +| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" | `topologyKey` | `string` @@ -942,6 +1039,82 @@ Required:: +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| key is the label key that the selector applies to. + +| `operator` +| `string` +| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + +| `values` +| `array (string)` +| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + +|=== +=== .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector +Description:: ++ +-- +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `matchExpressions` +| `array` +| matchExpressions is a list of label selector requirements. The requirements are ANDed. + +| `matchExpressions[]` +| `object` +| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +| `matchLabels` +| `object (string)` +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + +|=== +=== .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector.matchExpressions +Description:: ++ +-- +matchExpressions is a list of label selector requirements. The requirements are ANDed. +-- + +Type:: + `array` + + + + +=== .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector.matchExpressions[] +Description:: ++ +-- +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +-- + +Type:: + `object` + +Required:: + - `key` + - `operator` + + + [cols="1,1,1",options="header"] |=== | Property | Type | Description @@ -1058,9 +1231,13 @@ Required:: | `object` | A label query over a set of resources, in this case pods. +| `namespaceSelector` +| `object` +| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + | `namespaces` | `array (string)` -| namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" +| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" | `topologyKey` | `string` @@ -1126,6 +1303,82 @@ Required:: +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| key is the label key that the selector applies to. + +| `operator` +| `string` +| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + +| `values` +| `array (string)` +| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + +|=== +=== .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector +Description:: ++ +-- +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `matchExpressions` +| `array` +| matchExpressions is a list of label selector requirements. The requirements are ANDed. + +| `matchExpressions[]` +| `object` +| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +| `matchLabels` +| `object (string)` +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + +|=== +=== .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector.matchExpressions +Description:: ++ +-- +matchExpressions is a list of label selector requirements. The requirements are ANDed. +-- + +Type:: + `array` + + + + +=== .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector.matchExpressions[] +Description:: ++ +-- +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +-- + +Type:: + `object` + +Required:: + - `key` + - `operator` + + + [cols="1,1,1",options="header"] |=== | Property | Type | Description @@ -1179,9 +1432,13 @@ Required:: | `object` | A label query over a set of resources, in this case pods. +| `namespaceSelector` +| `object` +| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + | `namespaces` | `array (string)` -| namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" +| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" | `topologyKey` | `string` @@ -1247,6 +1504,82 @@ Required:: +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| key is the label key that the selector applies to. + +| `operator` +| `string` +| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + +| `values` +| `array (string)` +| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + +|=== +=== .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector +Description:: ++ +-- +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `matchExpressions` +| `array` +| matchExpressions is a list of label selector requirements. The requirements are ANDed. + +| `matchExpressions[]` +| `object` +| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +| `matchLabels` +| `object (string)` +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + +|=== +=== .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector.matchExpressions +Description:: ++ +-- +matchExpressions is a list of label selector requirements. The requirements are ANDed. +-- + +Type:: + `array` + + + + +=== .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector.matchExpressions[] +Description:: ++ +-- +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +-- + +Type:: + `object` + +Required:: + - `key` + - `operator` + + + [cols="1,1,1",options="header"] |=== | Property | Type | Description @@ -1415,6 +1748,28 @@ Required:: | `array (string)` | values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +|=== +=== .spec.alertmanagerConfiguration +Description:: ++ +-- +EXPERIMENTAL: alertmanagerConfiguration specifies the global Alertmanager configuration. If defined, it takes precedence over the `configSecret` field. This field may change in future releases. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| The name of the AlertmanagerConfig resource which is used to generate the global configuration. It must be defined in the same namespace as the Alertmanager object. The operator will not enforce a `namespace` label for routes and inhibition rules. + |=== === .spec.containers Description:: @@ -1450,11 +1805,11 @@ Required:: | `args` | `array (string)` -| Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +| Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell | `command` | `array (string)` -| Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +| Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell | `env` | `array` @@ -1506,15 +1861,15 @@ Required:: | `resources` | `object` -| Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +| Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `securityContext` | `object` -| Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +| SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | `startupProbe` | `object` -| StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. This is a beta feature enabled by the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +| StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes | `stdin` | `boolean` @@ -1595,7 +1950,7 @@ Required:: | `value` | `string` -| Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +| Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". | `valueFrom` | `object` @@ -1625,7 +1980,7 @@ Type:: | `fieldRef` | `object` -| Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +| Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. | `resourceFieldRef` | `object` @@ -1672,7 +2027,7 @@ Required:: Description:: + -- -Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -- Type:: @@ -1878,7 +2233,7 @@ Type:: | `preStop` | `object` -| PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The reason for termination is passed to the handler. The Pod's termination grace period countdown begins before the PreStop hooked is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period. Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +| PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks |=== === .spec.containers[].lifecycle.postStart @@ -1900,7 +2255,7 @@ Type:: | `exec` | `object` -| One and only one of the following should be specified. Exec specifies the action to take. +| Exec specifies the action to take. | `httpGet` | `object` @@ -1908,14 +2263,14 @@ Type:: | `tcpSocket` | `object` -| TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +| Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. |=== === .spec.containers[].lifecycle.postStart.exec Description:: + -- -One and only one of the following should be specified. Exec specifies the action to take. +Exec specifies the action to take. -- Type:: @@ -2023,7 +2378,7 @@ Required:: Description:: + -- -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. -- Type:: @@ -2051,7 +2406,7 @@ Required:: Description:: + -- -PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The reason for termination is passed to the handler. The Pod's termination grace period countdown begins before the PreStop hooked is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period. Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks -- Type:: @@ -2066,7 +2421,7 @@ Type:: | `exec` | `object` -| One and only one of the following should be specified. Exec specifies the action to take. +| Exec specifies the action to take. | `httpGet` | `object` @@ -2074,14 +2429,14 @@ Type:: | `tcpSocket` | `object` -| TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +| Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. |=== === .spec.containers[].lifecycle.preStop.exec Description:: + -- -One and only one of the following should be specified. Exec specifies the action to take. +Exec specifies the action to take. -- Type:: @@ -2189,7 +2544,7 @@ Required:: Description:: + -- -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. -- Type:: @@ -2232,12 +2587,16 @@ Type:: | `exec` | `object` -| One and only one of the following should be specified. Exec specifies the action to take. +| Exec specifies the action to take. | `failureThreshold` | `integer` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +| `grpc` +| `object` +| GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. + | `httpGet` | `object` | HTTPGet specifies the http request to perform. @@ -2256,7 +2615,11 @@ Type:: | `tcpSocket` | `object` -| TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +| TCPSocket specifies an action involving a TCP port. + +| `terminationGracePeriodSeconds` +| `integer` +| Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. | `timeoutSeconds` | `integer` @@ -2267,7 +2630,7 @@ Type:: Description:: + -- -One and only one of the following should be specified. Exec specifies the action to take. +Exec specifies the action to take. -- Type:: @@ -2284,6 +2647,35 @@ Type:: | `array (string)` | Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('\|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +|=== +=== .spec.containers[].livenessProbe.grpc +Description:: ++ +-- +GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. +-- + +Type:: + `object` + +Required:: + - `port` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `port` +| `integer` +| Port number of the gRPC service. Number must be in the range 1 to 65535. + +| `service` +| `string` +| Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + |=== === .spec.containers[].livenessProbe.httpGet Description:: @@ -2375,7 +2767,7 @@ Required:: Description:: + -- -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +TCPSocket specifies an action involving a TCP port. -- Type:: @@ -2471,12 +2863,16 @@ Type:: | `exec` | `object` -| One and only one of the following should be specified. Exec specifies the action to take. +| Exec specifies the action to take. | `failureThreshold` | `integer` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +| `grpc` +| `object` +| GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. + | `httpGet` | `object` | HTTPGet specifies the http request to perform. @@ -2495,7 +2891,11 @@ Type:: | `tcpSocket` | `object` -| TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +| TCPSocket specifies an action involving a TCP port. + +| `terminationGracePeriodSeconds` +| `integer` +| Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. | `timeoutSeconds` | `integer` @@ -2506,7 +2906,7 @@ Type:: Description:: + -- -One and only one of the following should be specified. Exec specifies the action to take. +Exec specifies the action to take. -- Type:: @@ -2523,6 +2923,35 @@ Type:: | `array (string)` | Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('\|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +|=== +=== .spec.containers[].readinessProbe.grpc +Description:: ++ +-- +GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. +-- + +Type:: + `object` + +Required:: + - `port` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `port` +| `integer` +| Port number of the gRPC service. Number must be in the range 1 to 65535. + +| `service` +| `string` +| Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + |=== === .spec.containers[].readinessProbe.httpGet Description:: @@ -2614,7 +3043,7 @@ Required:: Description:: + -- -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +TCPSocket specifies an action involving a TCP port. -- Type:: @@ -2642,7 +3071,7 @@ Required:: Description:: + -- -Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- Type:: @@ -2657,18 +3086,18 @@ Type:: | `limits` | `integer-or-string` -| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `requests` | `integer-or-string` -| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |=== === .spec.containers[].securityContext Description:: + -- -Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -- Type:: @@ -2683,27 +3112,27 @@ Type:: | `allowPrivilegeEscalation` | `boolean` -| AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +| AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. | `capabilities` | `object` -| The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +| The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. | `privileged` | `boolean` -| Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +| Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. | `procMount` | `string` -| procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. +| procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. | `readOnlyRootFilesystem` | `boolean` -| Whether this container has a read-only root filesystem. Default is false. +| Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. | `runAsGroup` | `integer` -| The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +| The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. | `runAsNonRoot` | `boolean` @@ -2711,22 +3140,26 @@ Type:: | `runAsUser` | `integer` -| The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +| The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. | `seLinuxOptions` | `object` -| The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +| The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + +| `seccompProfile` +| `object` +| The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. | `windowsOptions` | `object` -| The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +| The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. |=== === .spec.containers[].securityContext.capabilities Description:: + -- -The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. -- Type:: @@ -2752,7 +3185,7 @@ Type:: Description:: + -- -The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- Type:: @@ -2781,12 +3214,41 @@ Type:: | `string` | User is a SELinux user label that applies to the container. +|=== +=== .spec.containers[].securityContext.seccompProfile +Description:: ++ +-- +The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `localhostProfile` +| `string` +| localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + +| `type` +| `string` +| type indicates which kind of seccomp profile will be applied. Valid options are: + Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + |=== === .spec.containers[].securityContext.windowsOptions Description:: + -- -The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. -- Type:: @@ -2807,6 +3269,10 @@ Type:: | `string` | GMSACredentialSpecName is the name of the GMSA credential spec to use. +| `hostProcess` +| `boolean` +| HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + | `runAsUserName` | `string` | The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. @@ -2816,7 +3282,7 @@ Type:: Description:: + -- -StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. This is a beta feature enabled by the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- Type:: @@ -2831,12 +3297,16 @@ Type:: | `exec` | `object` -| One and only one of the following should be specified. Exec specifies the action to take. +| Exec specifies the action to take. | `failureThreshold` | `integer` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +| `grpc` +| `object` +| GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. + | `httpGet` | `object` | HTTPGet specifies the http request to perform. @@ -2855,7 +3325,11 @@ Type:: | `tcpSocket` | `object` -| TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +| TCPSocket specifies an action involving a TCP port. + +| `terminationGracePeriodSeconds` +| `integer` +| Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. | `timeoutSeconds` | `integer` @@ -2866,7 +3340,7 @@ Type:: Description:: + -- -One and only one of the following should be specified. Exec specifies the action to take. +Exec specifies the action to take. -- Type:: @@ -2883,6 +3357,35 @@ Type:: | `array (string)` | Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('\|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +|=== +=== .spec.containers[].startupProbe.grpc +Description:: ++ +-- +GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. +-- + +Type:: + `object` + +Required:: + - `port` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `port` +| `integer` +| Port number of the gRPC service. Number must be in the range 1 to 65535. + +| `service` +| `string` +| Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + |=== === .spec.containers[].startupProbe.httpGet Description:: @@ -2974,7 +3477,7 @@ Required:: Description:: + -- -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +TCPSocket specifies an action involving a TCP port. -- Type:: @@ -3097,6 +3600,48 @@ Required:: | `string` | Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath are mutually exclusive. +|=== +=== .spec.hostAliases +Description:: ++ +-- +Pods' hostAliases configuration +-- + +Type:: + `array` + + + + +=== .spec.hostAliases[] +Description:: ++ +-- +HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file. +-- + +Type:: + `object` + +Required:: + - `hostnames` + - `ip` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `hostnames` +| `array (string)` +| Hostnames for the above IP address. + +| `ip` +| `string` +| IP address of the host file entry. + |=== === .spec.imagePullSecrets Description:: @@ -3167,11 +3712,11 @@ Required:: | `args` | `array (string)` -| Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +| Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell | `command` | `array (string)` -| Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +| Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell | `env` | `array` @@ -3223,15 +3768,15 @@ Required:: | `resources` | `object` -| Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +| Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `securityContext` | `object` -| Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +| SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | `startupProbe` | `object` -| StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. This is a beta feature enabled by the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +| StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes | `stdin` | `boolean` @@ -3312,7 +3857,7 @@ Required:: | `value` | `string` -| Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +| Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". | `valueFrom` | `object` @@ -3342,7 +3887,7 @@ Type:: | `fieldRef` | `object` -| Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +| Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. | `resourceFieldRef` | `object` @@ -3389,7 +3934,7 @@ Required:: Description:: + -- -Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. +Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -- Type:: @@ -3595,7 +4140,7 @@ Type:: | `preStop` | `object` -| PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The reason for termination is passed to the handler. The Pod's termination grace period countdown begins before the PreStop hooked is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period. Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +| PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks |=== === .spec.initContainers[].lifecycle.postStart @@ -3617,7 +4162,7 @@ Type:: | `exec` | `object` -| One and only one of the following should be specified. Exec specifies the action to take. +| Exec specifies the action to take. | `httpGet` | `object` @@ -3625,14 +4170,14 @@ Type:: | `tcpSocket` | `object` -| TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +| Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. |=== === .spec.initContainers[].lifecycle.postStart.exec Description:: + -- -One and only one of the following should be specified. Exec specifies the action to take. +Exec specifies the action to take. -- Type:: @@ -3740,7 +4285,7 @@ Required:: Description:: + -- -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. -- Type:: @@ -3768,7 +4313,7 @@ Required:: Description:: + -- -PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The reason for termination is passed to the handler. The Pod's termination grace period countdown begins before the PreStop hooked is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period. Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks -- Type:: @@ -3783,7 +4328,7 @@ Type:: | `exec` | `object` -| One and only one of the following should be specified. Exec specifies the action to take. +| Exec specifies the action to take. | `httpGet` | `object` @@ -3791,14 +4336,14 @@ Type:: | `tcpSocket` | `object` -| TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +| Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. |=== === .spec.initContainers[].lifecycle.preStop.exec Description:: + -- -One and only one of the following should be specified. Exec specifies the action to take. +Exec specifies the action to take. -- Type:: @@ -3906,7 +4451,7 @@ Required:: Description:: + -- -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. -- Type:: @@ -3949,12 +4494,16 @@ Type:: | `exec` | `object` -| One and only one of the following should be specified. Exec specifies the action to take. +| Exec specifies the action to take. | `failureThreshold` | `integer` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +| `grpc` +| `object` +| GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. + | `httpGet` | `object` | HTTPGet specifies the http request to perform. @@ -3973,7 +4522,11 @@ Type:: | `tcpSocket` | `object` -| TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +| TCPSocket specifies an action involving a TCP port. + +| `terminationGracePeriodSeconds` +| `integer` +| Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. | `timeoutSeconds` | `integer` @@ -3984,7 +4537,7 @@ Type:: Description:: + -- -One and only one of the following should be specified. Exec specifies the action to take. +Exec specifies the action to take. -- Type:: @@ -4001,6 +4554,35 @@ Type:: | `array (string)` | Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('\|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +|=== +=== .spec.initContainers[].livenessProbe.grpc +Description:: ++ +-- +GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. +-- + +Type:: + `object` + +Required:: + - `port` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `port` +| `integer` +| Port number of the gRPC service. Number must be in the range 1 to 65535. + +| `service` +| `string` +| Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + |=== === .spec.initContainers[].livenessProbe.httpGet Description:: @@ -4092,7 +4674,7 @@ Required:: Description:: + -- -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +TCPSocket specifies an action involving a TCP port. -- Type:: @@ -4188,12 +4770,16 @@ Type:: | `exec` | `object` -| One and only one of the following should be specified. Exec specifies the action to take. +| Exec specifies the action to take. | `failureThreshold` | `integer` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +| `grpc` +| `object` +| GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. + | `httpGet` | `object` | HTTPGet specifies the http request to perform. @@ -4212,7 +4798,11 @@ Type:: | `tcpSocket` | `object` -| TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +| TCPSocket specifies an action involving a TCP port. + +| `terminationGracePeriodSeconds` +| `integer` +| Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. | `timeoutSeconds` | `integer` @@ -4223,7 +4813,7 @@ Type:: Description:: + -- -One and only one of the following should be specified. Exec specifies the action to take. +Exec specifies the action to take. -- Type:: @@ -4240,6 +4830,35 @@ Type:: | `array (string)` | Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('\|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +|=== +=== .spec.initContainers[].readinessProbe.grpc +Description:: ++ +-- +GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. +-- + +Type:: + `object` + +Required:: + - `port` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `port` +| `integer` +| Port number of the gRPC service. Number must be in the range 1 to 65535. + +| `service` +| `string` +| Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + |=== === .spec.initContainers[].readinessProbe.httpGet Description:: @@ -4331,7 +4950,7 @@ Required:: Description:: + -- -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +TCPSocket specifies an action involving a TCP port. -- Type:: @@ -4359,7 +4978,7 @@ Required:: Description:: + -- -Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -- Type:: @@ -4374,18 +4993,18 @@ Type:: | `limits` | `integer-or-string` -| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `requests` | `integer-or-string` -| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |=== === .spec.initContainers[].securityContext Description:: + -- -Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -- Type:: @@ -4400,27 +5019,27 @@ Type:: | `allowPrivilegeEscalation` | `boolean` -| AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +| AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. | `capabilities` | `object` -| The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +| The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. | `privileged` | `boolean` -| Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +| Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows. | `procMount` | `string` -| procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. +| procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows. | `readOnlyRootFilesystem` | `boolean` -| Whether this container has a read-only root filesystem. Default is false. +| Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows. | `runAsGroup` | `integer` -| The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +| The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. | `runAsNonRoot` | `boolean` @@ -4428,22 +5047,26 @@ Type:: | `runAsUser` | `integer` -| The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +| The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. | `seLinuxOptions` | `object` -| The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +| The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. + +| `seccompProfile` +| `object` +| The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. | `windowsOptions` | `object` -| The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +| The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. |=== === .spec.initContainers[].securityContext.capabilities Description:: + -- -The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. -- Type:: @@ -4469,7 +5092,7 @@ Type:: Description:: + -- -The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. -- Type:: @@ -4498,12 +5121,41 @@ Type:: | `string` | User is a SELinux user label that applies to the container. +|=== +=== .spec.initContainers[].securityContext.seccompProfile +Description:: ++ +-- +The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `localhostProfile` +| `string` +| localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + +| `type` +| `string` +| type indicates which kind of seccomp profile will be applied. Valid options are: + Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + |=== === .spec.initContainers[].securityContext.windowsOptions Description:: + -- -The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. -- Type:: @@ -4524,6 +5176,10 @@ Type:: | `string` | GMSACredentialSpecName is the name of the GMSA credential spec to use. +| `hostProcess` +| `boolean` +| HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + | `runAsUserName` | `string` | The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. @@ -4533,7 +5189,7 @@ Type:: Description:: + -- -StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. This is a beta feature enabled by the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -- Type:: @@ -4548,12 +5204,16 @@ Type:: | `exec` | `object` -| One and only one of the following should be specified. Exec specifies the action to take. +| Exec specifies the action to take. | `failureThreshold` | `integer` | Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +| `grpc` +| `object` +| GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. + | `httpGet` | `object` | HTTPGet specifies the http request to perform. @@ -4572,7 +5232,11 @@ Type:: | `tcpSocket` | `object` -| TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +| TCPSocket specifies an action involving a TCP port. + +| `terminationGracePeriodSeconds` +| `integer` +| Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. | `timeoutSeconds` | `integer` @@ -4583,7 +5247,7 @@ Type:: Description:: + -- -One and only one of the following should be specified. Exec specifies the action to take. +Exec specifies the action to take. -- Type:: @@ -4600,6 +5264,35 @@ Type:: | `array (string)` | Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('\|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +|=== +=== .spec.initContainers[].startupProbe.grpc +Description:: ++ +-- +GRPC specifies an action involving a GRPC port. This is an alpha field and requires enabling GRPCContainerProbe feature gate. +-- + +Type:: + `object` + +Required:: + - `port` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `port` +| `integer` +| Port number of the gRPC service. Number must be in the range 1 to 65535. + +| `service` +| `string` +| Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + If this is not specified, the default behavior is defined by gRPC. + |=== === .spec.initContainers[].startupProbe.httpGet Description:: @@ -4691,7 +5384,7 @@ Required:: Description:: + -- -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +TCPSocket specifies an action involving a TCP port. -- Type:: @@ -4864,11 +5557,11 @@ Type:: | `limits` | `integer-or-string` -| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `requests` | `integer-or-string` -| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |=== === .spec.securityContext @@ -4892,15 +5585,15 @@ Type:: | `integer` | A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- - If unset, the Kubelet will not modify the ownership and permissions of any volume. + If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows. | `fsGroupChangePolicy` | `string` -| fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified defaults to "Always". +| fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows. | `runAsGroup` | `integer` -| The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. +| The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. | `runAsNonRoot` | `boolean` @@ -4908,19 +5601,23 @@ Type:: | `runAsUser` | `integer` -| The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. +| The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. | `seLinuxOptions` | `object` -| The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. +| The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. + +| `seccompProfile` +| `object` +| The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. | `supplementalGroups` | `array (integer)` -| A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container. +| A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container. Note that this field cannot be set when spec.os.name is windows. | `sysctls` | `array` -| Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. +| Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. | `sysctls[]` | `object` @@ -4928,14 +5625,14 @@ Type:: | `windowsOptions` | `object` -| The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +| The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. |=== === .spec.securityContext.seLinuxOptions Description:: + -- -The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. +The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. -- Type:: @@ -4964,12 +5661,41 @@ Type:: | `string` | User is a SELinux user label that applies to the container. +|=== +=== .spec.securityContext.seccompProfile +Description:: ++ +-- +The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. +-- + +Type:: + `object` + +Required:: + - `type` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `localhostProfile` +| `string` +| localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is "Localhost". + +| `type` +| `string` +| type indicates which kind of seccomp profile will be applied. Valid options are: + Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied. + |=== === .spec.securityContext.sysctls Description:: + -- -Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. +Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. -- Type:: @@ -5011,7 +5737,7 @@ Required:: Description:: + -- -The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. -- Type:: @@ -5032,6 +5758,10 @@ Type:: | `string` | GMSACredentialSpecName is the name of the GMSA credential spec to use. +| `hostProcess` +| `boolean` +| HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true. + | `runAsUserName` | `string` | The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. @@ -5062,6 +5792,10 @@ Type:: | `object` | EmptyDirVolumeSource to be used by the Prometheus StatefulSets. If specified, used in place of any volumeClaimTemplate. More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir +| `ephemeral` +| `object` +| EphemeralVolumeSource to be used by the Prometheus StatefulSets. This is a beta field in k8s 1.21, for lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes + | `volumeClaimTemplate` | `object` | A PVC spec to be used by the Prometheus StatefulSets. @@ -5092,6 +5826,293 @@ Type:: | `integer-or-string` | Total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir +|=== +=== .spec.storage.ephemeral +Description:: ++ +-- +EphemeralVolumeSource to be used by the Prometheus StatefulSets. This is a beta field in k8s 1.21, for lower versions, starting with k8s 1.19, it requires enabling the GenericEphemeralVolume feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `volumeClaimTemplate` +| `object` +| Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. + +|=== +=== .spec.storage.ephemeral.volumeClaimTemplate +Description:: ++ +-- +Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. +-- + +Type:: + `object` + +Required:: + - `spec` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `metadata` +| `object` +| May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + +| `spec` +| `object` +| The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + +|=== +=== .spec.storage.ephemeral.volumeClaimTemplate.metadata +Description:: ++ +-- +May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +-- + +Type:: + `object` + + + + +=== .spec.storage.ephemeral.volumeClaimTemplate.spec +Description:: ++ +-- +The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `accessModes` +| `array (string)` +| AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + +| `dataSource` +| `object` +| This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field. + +| `dataSourceRef` +| `object` +| Specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Alpha) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + +| `resources` +| `object` +| Resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + +| `selector` +| `object` +| A label query over volumes to consider for binding. + +| `storageClassName` +| `string` +| Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + +| `volumeMode` +| `string` +| volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + +| `volumeName` +| `string` +| VolumeName is the binding reference to the PersistentVolume backing this claim. + +|=== +=== .spec.storage.ephemeral.volumeClaimTemplate.spec.dataSource +Description:: ++ +-- +This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field. +-- + +Type:: + `object` + +Required:: + - `kind` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiGroup` +| `string` +| APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + +| `kind` +| `string` +| Kind is the type of resource being referenced + +| `name` +| `string` +| Name is the name of resource being referenced + +|=== +=== .spec.storage.ephemeral.volumeClaimTemplate.spec.dataSourceRef +Description:: ++ +-- +Specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Alpha) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +-- + +Type:: + `object` + +Required:: + - `kind` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiGroup` +| `string` +| APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + +| `kind` +| `string` +| Kind is the type of resource being referenced + +| `name` +| `string` +| Name is the name of resource being referenced + +|=== +=== .spec.storage.ephemeral.volumeClaimTemplate.spec.resources +Description:: ++ +-- +Resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `limits` +| `integer-or-string` +| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + +| `requests` +| `integer-or-string` +| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + +|=== +=== .spec.storage.ephemeral.volumeClaimTemplate.spec.selector +Description:: ++ +-- +A label query over volumes to consider for binding. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `matchExpressions` +| `array` +| matchExpressions is a list of label selector requirements. The requirements are ANDed. + +| `matchExpressions[]` +| `object` +| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +| `matchLabels` +| `object (string)` +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + +|=== +=== .spec.storage.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions +Description:: ++ +-- +matchExpressions is a list of label selector requirements. The requirements are ANDed. +-- + +Type:: + `array` + + + + +=== .spec.storage.ephemeral.volumeClaimTemplate.spec.selector.matchExpressions[] +Description:: ++ +-- +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +-- + +Type:: + `object` + +Required:: + - `key` + - `operator` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| key is the label key that the selector applies to. + +| `operator` +| `string` +| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + +| `values` +| `array (string)` +| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + |=== === .spec.storage.volumeClaimTemplate Description:: @@ -5184,11 +6205,15 @@ Type:: | `dataSource` | `object` -| This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot - Beta) * An existing PVC (PersistentVolumeClaim) * An existing custom resource/object that implements data population (Alpha) In order to use VolumeSnapshot object types, the appropriate feature gate must be enabled (VolumeSnapshotDataSource or AnyVolumeDataSource) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the specified data source is not supported, the volume will not be created and the failure will be reported as an event. In the future, we plan to support more data source types and the behavior of the provisioner may change. +| This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field. + +| `dataSourceRef` +| `object` +| Specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Alpha) Using this field requires the AnyVolumeDataSource feature gate to be enabled. | `resources` | `object` -| Resources represents the minimum resources the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +| Resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources | `selector` | `object` @@ -5211,7 +6236,40 @@ Type:: Description:: + -- -This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot - Beta) * An existing PVC (PersistentVolumeClaim) * An existing custom resource/object that implements data population (Alpha) In order to use VolumeSnapshot object types, the appropriate feature gate must be enabled (VolumeSnapshotDataSource or AnyVolumeDataSource) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the specified data source is not supported, the volume will not be created and the failure will be reported as an event. In the future, we plan to support more data source types and the behavior of the provisioner may change. +This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field. +-- + +Type:: + `object` + +Required:: + - `kind` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiGroup` +| `string` +| APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + +| `kind` +| `string` +| Kind is the type of resource being referenced + +| `name` +| `string` +| Name is the name of resource being referenced + +|=== +=== .spec.storage.volumeClaimTemplate.spec.dataSourceRef +Description:: ++ +-- +Specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Alpha) Using this field requires the AnyVolumeDataSource feature gate to be enabled. -- Type:: @@ -5244,7 +6302,7 @@ Required:: Description:: + -- -Resources represents the minimum resources the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +Resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources -- Type:: @@ -5259,11 +6317,11 @@ Type:: | `limits` | `integer-or-string` -| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `requests` | `integer-or-string` -| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |=== === .spec.storage.volumeClaimTemplate.spec.selector @@ -5363,6 +6421,10 @@ Type:: | `array (string)` | AccessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 +| `allocatedResources` +| `integer-or-string` +| The storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + | `capacity` | `integer-or-string` | Represents the actual resources of the underlying volume. @@ -5379,6 +6441,10 @@ Type:: | `string` | Phase represents the current phase of PersistentVolumeClaim. +| `resizeStatus` +| `string` +| ResizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature. + |=== === .spec.storage.volumeClaimTemplate.status.conditions Description:: @@ -5529,7 +6595,7 @@ Required:: | `maxSkew` | `integer` -| MaxSkew describes the degree to which pods may be unevenly distributed. It's the maximum permitted difference between the number of matching pods in any two topology domains of a given topology type. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: \| zone1 \| zone2 \| zone3 \| \| P \| P \| \| - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. It's a required field. Default value is 1 and 0 is not allowed. +| MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: \| zone1 \| zone2 \| zone3 \| \| P \| P \| \| - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. | `topologyKey` | `string` @@ -5537,7 +6603,7 @@ Required:: | `whenUnsatisfiable` | `string` -| WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it - ScheduleAnyway tells the scheduler to still schedule it It's considered as "Unsatisfiable" if and only if placing incoming pod on any topology violates "MaxSkew". For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: \| zone1 \| zone2 \| zone3 \| \| P P P \| P \| P \| If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +| WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: \| zone1 \| zone2 \| zone3 \| \| P P P \| P \| P \| If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. |=== === .spec.topologySpreadConstraints[].labelSelector @@ -5732,7 +6798,7 @@ Required:: | `csi` | `object` -| CSI (Container Storage Interface) represents storage that is handled by an external CSI driver (Alpha feature). +| CSI (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). | `downwardAPI` | `object` @@ -5742,6 +6808,14 @@ Required:: | `object` | EmptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir +| `ephemeral` +| `object` +| Ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. + | `fc` | `object` | FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. @@ -6080,7 +7154,7 @@ Type:: | `defaultMode` | `integer` -| Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +| Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | `items` | `array` @@ -6138,7 +7212,7 @@ Required:: | `mode` | `integer` -| Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +| Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | `path` | `string` @@ -6149,7 +7223,7 @@ Required:: Description:: + -- -CSI (Container Storage Interface) represents storage that is handled by an external CSI driver (Alpha feature). +CSI (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). -- Type:: @@ -6226,7 +7300,7 @@ Type:: | `defaultMode` | `integer` -| Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +| Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | `items` | `array` @@ -6275,7 +7349,7 @@ Required:: | `mode` | `integer` -| Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +| Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | `path` | `string` @@ -6371,6 +7445,297 @@ Type:: | `integer-or-string` | Total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir +|=== +=== .spec.volumes[].ephemeral +Description:: ++ +-- +Ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the same time. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `volumeClaimTemplate` +| `object` +| Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. + +|=== +=== .spec.volumes[].ephemeral.volumeClaimTemplate +Description:: ++ +-- +Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. + This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. + Required, must not be nil. +-- + +Type:: + `object` + +Required:: + - `spec` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `metadata` +| `object` +| May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. + +| `spec` +| `object` +| The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. + +|=== +=== .spec.volumes[].ephemeral.volumeClaimTemplate.metadata +Description:: ++ +-- +May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation. +-- + +Type:: + `object` + + + + +=== .spec.volumes[].ephemeral.volumeClaimTemplate.spec +Description:: ++ +-- +The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `accessModes` +| `array (string)` +| AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + +| `dataSource` +| `object` +| This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field. + +| `dataSourceRef` +| `object` +| Specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Alpha) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + +| `resources` +| `object` +| Resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + +| `selector` +| `object` +| A label query over volumes to consider for binding. + +| `storageClassName` +| `string` +| Name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + +| `volumeMode` +| `string` +| volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec. + +| `volumeName` +| `string` +| VolumeName is the binding reference to the PersistentVolume backing this claim. + +|=== +=== .spec.volumes[].ephemeral.volumeClaimTemplate.spec.dataSource +Description:: ++ +-- +This field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field. +-- + +Type:: + `object` + +Required:: + - `kind` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiGroup` +| `string` +| APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + +| `kind` +| `string` +| Kind is the type of resource being referenced + +| `name` +| `string` +| Name is the name of resource being referenced + +|=== +=== .spec.volumes[].ephemeral.volumeClaimTemplate.spec.dataSourceRef +Description:: ++ +-- +Specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While DataSource ignores disallowed values (dropping them), DataSourceRef preserves all values, and generates an error if a disallowed value is specified. (Alpha) Using this field requires the AnyVolumeDataSource feature gate to be enabled. +-- + +Type:: + `object` + +Required:: + - `kind` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiGroup` +| `string` +| APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + +| `kind` +| `string` +| Kind is the type of resource being referenced + +| `name` +| `string` +| Name is the name of resource being referenced + +|=== +=== .spec.volumes[].ephemeral.volumeClaimTemplate.spec.resources +Description:: ++ +-- +Resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `limits` +| `integer-or-string` +| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + +| `requests` +| `integer-or-string` +| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + +|=== +=== .spec.volumes[].ephemeral.volumeClaimTemplate.spec.selector +Description:: ++ +-- +A label query over volumes to consider for binding. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `matchExpressions` +| `array` +| matchExpressions is a list of label selector requirements. The requirements are ANDed. + +| `matchExpressions[]` +| `object` +| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +| `matchLabels` +| `object (string)` +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + +|=== +=== .spec.volumes[].ephemeral.volumeClaimTemplate.spec.selector.matchExpressions +Description:: ++ +-- +matchExpressions is a list of label selector requirements. The requirements are ANDed. +-- + +Type:: + `array` + + + + +=== .spec.volumes[].ephemeral.volumeClaimTemplate.spec.selector.matchExpressions[] +Description:: ++ +-- +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +-- + +Type:: + `object` + +Required:: + - `key` + - `operator` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| key is the label key that the selector applies to. + +| `operator` +| `string` +| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + +| `values` +| `array (string)` +| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + |=== === .spec.volumes[].fc Description:: @@ -6846,8 +8211,6 @@ Items for all in one resources secrets, configmaps, and downward API Type:: `object` -Required:: - - `sources` @@ -6857,7 +8220,7 @@ Required:: | `defaultMode` | `integer` -| Mode bits to use on created files by default. Must be a value between 0 and 0777. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +| Mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | `sources` | `array` @@ -6988,7 +8351,7 @@ Required:: | `mode` | `integer` -| Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +| Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | `path` | `string` @@ -7059,7 +8422,7 @@ Required:: | `mode` | `integer` -| Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +| Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | `path` | `string` @@ -7203,7 +8566,7 @@ Required:: | `mode` | `integer` -| Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +| Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | `path` | `string` @@ -7465,7 +8828,7 @@ Type:: | `defaultMode` | `integer` -| Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +| Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | `items` | `array` @@ -7523,7 +8886,7 @@ Required:: | `mode` | `integer` -| Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +| Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. | `path` | `string` diff --git a/rest_api/monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc b/rest_api/monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc similarity index 68% rename from rest_api/monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc rename to rest_api/monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc index d7729b64a4..b6d70653dc 100644 --- a/rest_api/monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc +++ b/rest_api/monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc @@ -1,10 +1,9 @@ // Automatically generated by 'openshift-apidocs-gen'. Do not edit. :_content-type: ASSEMBLY -[id="alertmanagerconfig-monitoring-coreos-com-v1alpha1"] -= AlertmanagerConfig [monitoring.coreos.com/v1alpha1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +[id="alertmanagerconfig-monitoring-coreos-com-v1beta1"] += AlertmanagerConfig [monitoring.coreos.com/v1beta1] +:toc: macro +:toc-title: toc::[] @@ -82,6 +81,14 @@ Type:: | `object` | The Alertmanager route definition for alerts matching the resource’s namespace. If present, it will be added to the generated Alertmanager configuration as a first-level route. +| `timeIntervals` +| `array` +| List of TimeInterval specifying when the routes should be muted or active. + +| `timeIntervals[]` +| `object` +| TimeInterval specifies the periods in time when notifications will be muted or active. + |=== === .spec.inhibitRules Description:: @@ -166,14 +173,14 @@ Required:: |=== | Property | Type | Description +| `matchType` +| `string` +| Match operator, one of `=` (equal to), `!=` (not equal to), `=~` (regex match) or `!~` (not regex match). Negative operators (`!=` and `!~`) require Alertmanager >= v0.22.0. + | `name` | `string` | Label to match. -| `regex` -| `boolean` -| Whether to match on equality (false) or regular-expression (true). - | `value` | `string` | Label value to match. @@ -211,14 +218,14 @@ Required:: |=== | Property | Type | Description +| `matchType` +| `string` +| Match operator, one of `=` (equal to), `!=` (not equal to), `=~` (regex match) or `!~` (not regex match). Negative operators (`!=` and `!~`) require Alertmanager >= v0.22.0. + | `name` | `string` | Label to match. -| `regex` -| `boolean` -| Whether to match on equality (false) or regular-expression (true). - | `value` | `string` | Label value to match. @@ -300,6 +307,22 @@ Required:: | `object` | SlackConfig configures notifications via Slack. See https://prometheus.io/docs/alerting/latest/configuration/#slack_config +| `snsConfigs` +| `array` +| List of SNS configurations + +| `snsConfigs[]` +| `object` +| SNSConfig configures notifications via AWS SNS. See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs + +| `telegramConfigs` +| `array` +| List of Telegram configurations. + +| `telegramConfigs[]` +| `object` +| TelegramConfig configures notifications via Telegram. See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config + | `victoropsConfigs` | `array` | List of VictorOps configurations. @@ -401,7 +424,7 @@ Type:: | `smarthost` | `string` -| The SMTP host through which emails are sent. +| The SMTP host and port through which emails are sent. E.g. example.com:25 | `text` | `string` @@ -428,6 +451,7 @@ Type:: Required:: - `key` + - `name` @@ -441,11 +465,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].emailConfigs[].authSecret @@ -460,6 +480,7 @@ Type:: Required:: - `key` + - `name` @@ -473,11 +494,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].emailConfigs[].headers @@ -802,6 +819,10 @@ Type:: |=== | Property | Type | Description +| `actions` +| `string` +| Comma separated list of actions that will be available for the alert. + | `apiKey` | `object` | The secret's key that contains the OpsGenie API key. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -822,6 +843,10 @@ Type:: | `object` | KeyValue defines a (key, value) tuple. +| `entity` +| `string` +| Optional field that can be used to specify which domain alert is related to. + | `httpConfig` | `object` | HTTP client configuration. @@ -871,6 +896,7 @@ Type:: Required:: - `key` + - `name` @@ -884,11 +910,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].opsgenieConfigs[].details @@ -962,6 +984,14 @@ Type:: | `object` | The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. +| `followRedirects` +| `boolean` +| FollowRedirects specifies whether the client should follow HTTP 3xx redirects. + +| `oauth2` +| `object` +| OAuth2 client credentials used to fetch a token for the targets. + | `proxyURL` | `string` | Optional proxy URL. @@ -1126,6 +1156,167 @@ Description:: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. -- +Type:: + `object` + +Required:: + - `key` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| The name of the secret in the object's namespace to select from. + +|=== +=== .spec.receivers[].opsgenieConfigs[].httpConfig.oauth2 +Description:: ++ +-- +OAuth2 client credentials used to fetch a token for the targets. +-- + +Type:: + `object` + +Required:: + - `clientId` + - `clientSecret` + - `tokenUrl` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `clientId` +| `object` +| The secret or configmap containing the OAuth2 client id + +| `clientSecret` +| `object` +| The secret containing the OAuth2 client secret + +| `endpointParams` +| `object (string)` +| Parameters to append to the token URL + +| `scopes` +| `array (string)` +| OAuth2 scopes used for the token request + +| `tokenUrl` +| `string` +| The URL to fetch the token from + +|=== +=== .spec.receivers[].opsgenieConfigs[].httpConfig.oauth2.clientId +Description:: ++ +-- +The secret or configmap containing the OAuth2 client id +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].opsgenieConfigs[].httpConfig.oauth2.clientId.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].opsgenieConfigs[].httpConfig.oauth2.clientId.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].opsgenieConfigs[].httpConfig.oauth2.clientSecret +Description:: ++ +-- +The secret containing the OAuth2 client secret +-- + Type:: `object` @@ -1516,6 +1707,22 @@ Type:: | `object` | HTTP client configuration. +| `pagerDutyImageConfigs` +| `array` +| A list of image details to attach that provide further detail about an incident. + +| `pagerDutyImageConfigs[]` +| `object` +| PagerDutyImageConfig attaches images to an incident + +| `pagerDutyLinkConfigs` +| `array` +| A list of link details to attach that provide further detail about an incident. + +| `pagerDutyLinkConfigs[]` +| `object` +| PagerDutyLinkConfig attaches text links to an incident + | `routingKey` | `object` | The secret's key that contains the PagerDuty integration key (when using Events API v2). Either this field or `serviceKey` needs to be defined. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. @@ -1608,6 +1815,14 @@ Type:: | `object` | The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. +| `followRedirects` +| `boolean` +| FollowRedirects specifies whether the client should follow HTTP 3xx redirects. + +| `oauth2` +| `object` +| OAuth2 client credentials used to fetch a token for the targets. + | `proxyURL` | `string` | Optional proxy URL. @@ -1772,6 +1987,167 @@ Description:: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. -- +Type:: + `object` + +Required:: + - `key` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| The name of the secret in the object's namespace to select from. + +|=== +=== .spec.receivers[].pagerdutyConfigs[].httpConfig.oauth2 +Description:: ++ +-- +OAuth2 client credentials used to fetch a token for the targets. +-- + +Type:: + `object` + +Required:: + - `clientId` + - `clientSecret` + - `tokenUrl` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `clientId` +| `object` +| The secret or configmap containing the OAuth2 client id + +| `clientSecret` +| `object` +| The secret containing the OAuth2 client secret + +| `endpointParams` +| `object (string)` +| Parameters to append to the token URL + +| `scopes` +| `array (string)` +| OAuth2 scopes used for the token request + +| `tokenUrl` +| `string` +| The URL to fetch the token from + +|=== +=== .spec.receivers[].pagerdutyConfigs[].httpConfig.oauth2.clientId +Description:: ++ +-- +The secret or configmap containing the OAuth2 client id +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].pagerdutyConfigs[].httpConfig.oauth2.clientId.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].pagerdutyConfigs[].httpConfig.oauth2.clientId.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].pagerdutyConfigs[].httpConfig.oauth2.clientSecret +Description:: ++ +-- +The secret containing the OAuth2 client secret +-- + Type:: `object` @@ -2046,6 +2422,88 @@ Required:: | `boolean` | Specify whether the Secret or its key must be defined +|=== +=== .spec.receivers[].pagerdutyConfigs[].pagerDutyImageConfigs +Description:: ++ +-- +A list of image details to attach that provide further detail about an incident. +-- + +Type:: + `array` + + + + +=== .spec.receivers[].pagerdutyConfigs[].pagerDutyImageConfigs[] +Description:: ++ +-- +PagerDutyImageConfig attaches images to an incident +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `alt` +| `string` +| Alt is the optional alternative text for the image. + +| `href` +| `string` +| Optional URL; makes the image a clickable link. + +| `src` +| `string` +| Src of the image being attached to the incident + +|=== +=== .spec.receivers[].pagerdutyConfigs[].pagerDutyLinkConfigs +Description:: ++ +-- +A list of link details to attach that provide further detail about an incident. +-- + +Type:: + `array` + + + + +=== .spec.receivers[].pagerdutyConfigs[].pagerDutyLinkConfigs[] +Description:: ++ +-- +PagerDutyLinkConfig attaches text links to an incident +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `alt` +| `string` +| Text that describes the purpose of the link, and can be used as the link's text. + +| `href` +| `string` +| Href is the URL of the link to be attached + |=== === .spec.receivers[].pagerdutyConfigs[].routingKey Description:: @@ -2059,6 +2517,7 @@ Type:: Required:: - `key` + - `name` @@ -2072,11 +2531,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].pagerdutyConfigs[].serviceKey @@ -2091,6 +2546,7 @@ Type:: Required:: - `key` + - `name` @@ -2104,11 +2560,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].pushoverConfigs @@ -2223,6 +2675,14 @@ Type:: | `object` | The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. +| `followRedirects` +| `boolean` +| FollowRedirects specifies whether the client should follow HTTP 3xx redirects. + +| `oauth2` +| `object` +| OAuth2 client credentials used to fetch a token for the targets. + | `proxyURL` | `string` | Optional proxy URL. @@ -2387,6 +2847,167 @@ Description:: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. -- +Type:: + `object` + +Required:: + - `key` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| The name of the secret in the object's namespace to select from. + +|=== +=== .spec.receivers[].pushoverConfigs[].httpConfig.oauth2 +Description:: ++ +-- +OAuth2 client credentials used to fetch a token for the targets. +-- + +Type:: + `object` + +Required:: + - `clientId` + - `clientSecret` + - `tokenUrl` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `clientId` +| `object` +| The secret or configmap containing the OAuth2 client id + +| `clientSecret` +| `object` +| The secret containing the OAuth2 client secret + +| `endpointParams` +| `object (string)` +| Parameters to append to the token URL + +| `scopes` +| `array (string)` +| OAuth2 scopes used for the token request + +| `tokenUrl` +| `string` +| The URL to fetch the token from + +|=== +=== .spec.receivers[].pushoverConfigs[].httpConfig.oauth2.clientId +Description:: ++ +-- +The secret or configmap containing the OAuth2 client id +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].pushoverConfigs[].httpConfig.oauth2.clientId.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].pushoverConfigs[].httpConfig.oauth2.clientId.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].pushoverConfigs[].httpConfig.oauth2.clientSecret +Description:: ++ +-- +The secret containing the OAuth2 client secret +-- + Type:: `object` @@ -2674,6 +3295,7 @@ Type:: Required:: - `key` + - `name` @@ -2687,11 +3309,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].pushoverConfigs[].userKey @@ -2706,6 +3324,7 @@ Type:: Required:: - `key` + - `name` @@ -2719,11 +3338,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].slackConfigs @@ -2963,6 +3578,7 @@ Type:: Required:: - `key` + - `name` @@ -2976,11 +3592,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].slackConfigs[].fields @@ -3058,6 +3670,14 @@ Type:: | `object` | The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. +| `followRedirects` +| `boolean` +| FollowRedirects specifies whether the client should follow HTTP 3xx redirects. + +| `oauth2` +| `object` +| OAuth2 client credentials used to fetch a token for the targets. + | `proxyURL` | `string` | Optional proxy URL. @@ -3222,6 +3842,167 @@ Description:: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. -- +Type:: + `object` + +Required:: + - `key` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| The name of the secret in the object's namespace to select from. + +|=== +=== .spec.receivers[].slackConfigs[].httpConfig.oauth2 +Description:: ++ +-- +OAuth2 client credentials used to fetch a token for the targets. +-- + +Type:: + `object` + +Required:: + - `clientId` + - `clientSecret` + - `tokenUrl` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `clientId` +| `object` +| The secret or configmap containing the OAuth2 client id + +| `clientSecret` +| `object` +| The secret containing the OAuth2 client secret + +| `endpointParams` +| `object (string)` +| Parameters to append to the token URL + +| `scopes` +| `array (string)` +| OAuth2 scopes used for the token request + +| `tokenUrl` +| `string` +| The URL to fetch the token from + +|=== +=== .spec.receivers[].slackConfigs[].httpConfig.oauth2.clientId +Description:: ++ +-- +The secret or configmap containing the OAuth2 client id +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].slackConfigs[].httpConfig.oauth2.clientId.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].slackConfigs[].httpConfig.oauth2.clientId.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].slackConfigs[].httpConfig.oauth2.clientSecret +Description:: ++ +-- +The secret containing the OAuth2 client secret +-- + Type:: `object` @@ -3480,6 +4261,1545 @@ Required:: +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs +Description:: ++ +-- +List of SNS configurations +-- + +Type:: + `array` + + + + +=== .spec.receivers[].snsConfigs[] +Description:: ++ +-- +SNSConfig configures notifications via AWS SNS. See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiURL` +| `string` +| The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. If not specified, the SNS API URL from the SNS SDK will be used. + +| `attributes` +| `object (string)` +| SNS message attributes. + +| `httpConfig` +| `object` +| HTTP client configuration. + +| `message` +| `string` +| The message content of the SNS notification. + +| `phoneNumber` +| `string` +| Phone number if message is delivered via SMS in E.164 format. If you don't specify this value, you must specify a value for the TopicARN or TargetARN. + +| `sendResolved` +| `boolean` +| Whether or not to notify about resolved alerts. + +| `sigv4` +| `object` +| Configures AWS's Signature Verification 4 signing process to sign requests. + +| `subject` +| `string` +| Subject line when the message is delivered to email endpoints. + +| `targetARN` +| `string` +| The mobile platform endpoint ARN if message is delivered via mobile notifications. If you don't specify this value, you must specify a value for the topic_arn or PhoneNumber. + +| `topicARN` +| `string` +| SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic If you don't specify this value, you must specify a value for the PhoneNumber or TargetARN. + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig +Description:: ++ +-- +HTTP client configuration. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `authorization` +| `object` +| Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + +| `basicAuth` +| `object` +| BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. + +| `bearerTokenSecret` +| `object` +| The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. + +| `followRedirects` +| `boolean` +| FollowRedirects specifies whether the client should follow HTTP 3xx redirects. + +| `oauth2` +| `object` +| OAuth2 client credentials used to fetch a token for the targets. + +| `proxyURL` +| `string` +| Optional proxy URL. + +| `tlsConfig` +| `object` +| TLS configuration for the client. + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.authorization +Description:: ++ +-- +Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `credentials` +| `object` +| The secret's key that contains the credentials of the request + +| `type` +| `string` +| Set the authentication type. Defaults to Bearer, Basic will cause an error + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.authorization.credentials +Description:: ++ +-- +The secret's key that contains the credentials of the request +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.basicAuth +Description:: ++ +-- +BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `password` +| `object` +| The secret in the service monitor namespace that contains the password for authentication. + +| `username` +| `object` +| The secret in the service monitor namespace that contains the username for authentication. + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.basicAuth.password +Description:: ++ +-- +The secret in the service monitor namespace that contains the password for authentication. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.basicAuth.username +Description:: ++ +-- +The secret in the service monitor namespace that contains the username for authentication. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.bearerTokenSecret +Description:: ++ +-- +The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. +-- + +Type:: + `object` + +Required:: + - `key` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| The name of the secret in the object's namespace to select from. + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.oauth2 +Description:: ++ +-- +OAuth2 client credentials used to fetch a token for the targets. +-- + +Type:: + `object` + +Required:: + - `clientId` + - `clientSecret` + - `tokenUrl` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `clientId` +| `object` +| The secret or configmap containing the OAuth2 client id + +| `clientSecret` +| `object` +| The secret containing the OAuth2 client secret + +| `endpointParams` +| `object (string)` +| Parameters to append to the token URL + +| `scopes` +| `array (string)` +| OAuth2 scopes used for the token request + +| `tokenUrl` +| `string` +| The URL to fetch the token from + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.oauth2.clientId +Description:: ++ +-- +The secret or configmap containing the OAuth2 client id +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.oauth2.clientId.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.oauth2.clientId.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.oauth2.clientSecret +Description:: ++ +-- +The secret containing the OAuth2 client secret +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.tlsConfig +Description:: ++ +-- +TLS configuration for the client. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `ca` +| `object` +| Struct containing the CA cert to use for the targets. + +| `cert` +| `object` +| Struct containing the client cert file for the targets. + +| `insecureSkipVerify` +| `boolean` +| Disable target certificate validation. + +| `keySecret` +| `object` +| Secret containing the client key file for the targets. + +| `serverName` +| `string` +| Used to verify the hostname for the targets. + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.tlsConfig.ca +Description:: ++ +-- +Struct containing the CA cert to use for the targets. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.tlsConfig.ca.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.tlsConfig.ca.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.tlsConfig.cert +Description:: ++ +-- +Struct containing the client cert file for the targets. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.tlsConfig.cert.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.tlsConfig.cert.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].httpConfig.tlsConfig.keySecret +Description:: ++ +-- +Secret containing the client key file for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].sigv4 +Description:: ++ +-- +Configures AWS's Signature Verification 4 signing process to sign requests. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `accessKey` +| `object` +| AccessKey is the AWS API key. If blank, the environment variable `AWS_ACCESS_KEY_ID` is used. + +| `profile` +| `string` +| Profile is the named AWS profile used to authenticate. + +| `region` +| `string` +| Region is the AWS region. If blank, the region from the default credentials chain used. + +| `roleArn` +| `string` +| RoleArn is the named AWS profile used to authenticate. + +| `secretKey` +| `object` +| SecretKey is the AWS API secret. If blank, the environment variable `AWS_SECRET_ACCESS_KEY` is used. + +|=== +=== .spec.receivers[].snsConfigs[].sigv4.accessKey +Description:: ++ +-- +AccessKey is the AWS API key. If blank, the environment variable `AWS_ACCESS_KEY_ID` is used. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].snsConfigs[].sigv4.secretKey +Description:: ++ +-- +SecretKey is the AWS API secret. If blank, the environment variable `AWS_SECRET_ACCESS_KEY` is used. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs +Description:: ++ +-- +List of Telegram configurations. +-- + +Type:: + `array` + + + + +=== .spec.receivers[].telegramConfigs[] +Description:: ++ +-- +TelegramConfig configures notifications via Telegram. See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `apiURL` +| `string` +| The Telegram API URL i.e. https://api.telegram.org. If not specified, default API URL will be used. + +| `botToken` +| `object` +| Telegram bot token The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. + +| `chatID` +| `integer` +| The Telegram chat ID. + +| `disableNotifications` +| `boolean` +| Disable telegram notifications + +| `httpConfig` +| `object` +| HTTP client configuration. + +| `message` +| `string` +| Message template + +| `parseMode` +| `string` +| Parse mode for telegram message + +| `sendResolved` +| `boolean` +| Whether to notify about resolved alerts. + +|=== +=== .spec.receivers[].telegramConfigs[].botToken +Description:: ++ +-- +Telegram bot token The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. +-- + +Type:: + `object` + +Required:: + - `key` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| The name of the secret in the object's namespace to select from. + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig +Description:: ++ +-- +HTTP client configuration. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `authorization` +| `object` +| Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. + +| `basicAuth` +| `object` +| BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. + +| `bearerTokenSecret` +| `object` +| The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. + +| `followRedirects` +| `boolean` +| FollowRedirects specifies whether the client should follow HTTP 3xx redirects. + +| `oauth2` +| `object` +| OAuth2 client credentials used to fetch a token for the targets. + +| `proxyURL` +| `string` +| Optional proxy URL. + +| `tlsConfig` +| `object` +| TLS configuration for the client. + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.authorization +Description:: ++ +-- +Authorization header configuration for the client. This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `credentials` +| `object` +| The secret's key that contains the credentials of the request + +| `type` +| `string` +| Set the authentication type. Defaults to Bearer, Basic will cause an error + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.authorization.credentials +Description:: ++ +-- +The secret's key that contains the credentials of the request +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.basicAuth +Description:: ++ +-- +BasicAuth for the client. This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `password` +| `object` +| The secret in the service monitor namespace that contains the password for authentication. + +| `username` +| `object` +| The secret in the service monitor namespace that contains the username for authentication. + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.basicAuth.password +Description:: ++ +-- +The secret in the service monitor namespace that contains the password for authentication. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.basicAuth.username +Description:: ++ +-- +The secret in the service monitor namespace that contains the username for authentication. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.bearerTokenSecret +Description:: ++ +-- +The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. +-- + +Type:: + `object` + +Required:: + - `key` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| The name of the secret in the object's namespace to select from. + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.oauth2 +Description:: ++ +-- +OAuth2 client credentials used to fetch a token for the targets. +-- + +Type:: + `object` + +Required:: + - `clientId` + - `clientSecret` + - `tokenUrl` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `clientId` +| `object` +| The secret or configmap containing the OAuth2 client id + +| `clientSecret` +| `object` +| The secret containing the OAuth2 client secret + +| `endpointParams` +| `object (string)` +| Parameters to append to the token URL + +| `scopes` +| `array (string)` +| OAuth2 scopes used for the token request + +| `tokenUrl` +| `string` +| The URL to fetch the token from + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.oauth2.clientId +Description:: ++ +-- +The secret or configmap containing the OAuth2 client id +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.oauth2.clientId.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.oauth2.clientId.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.oauth2.clientSecret +Description:: ++ +-- +The secret containing the OAuth2 client secret +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.tlsConfig +Description:: ++ +-- +TLS configuration for the client. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `ca` +| `object` +| Struct containing the CA cert to use for the targets. + +| `cert` +| `object` +| Struct containing the client cert file for the targets. + +| `insecureSkipVerify` +| `boolean` +| Disable target certificate validation. + +| `keySecret` +| `object` +| Secret containing the client key file for the targets. + +| `serverName` +| `string` +| Used to verify the hostname for the targets. + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.tlsConfig.ca +Description:: ++ +-- +Struct containing the CA cert to use for the targets. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.tlsConfig.ca.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.tlsConfig.ca.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.tlsConfig.cert +Description:: ++ +-- +Struct containing the client cert file for the targets. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.tlsConfig.cert.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.tlsConfig.cert.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].telegramConfigs[].httpConfig.tlsConfig.keySecret +Description:: ++ +-- +Secret containing the client key file for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + [cols="1,1,1",options="header"] |=== | Property | Type | Description @@ -3584,6 +5904,7 @@ Type:: Required:: - `key` + - `name` @@ -3597,11 +5918,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].victoropsConfigs[].customFields @@ -3675,6 +5992,14 @@ Type:: | `object` | The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. +| `followRedirects` +| `boolean` +| FollowRedirects specifies whether the client should follow HTTP 3xx redirects. + +| `oauth2` +| `object` +| OAuth2 client credentials used to fetch a token for the targets. + | `proxyURL` | `string` | Optional proxy URL. @@ -3839,6 +6164,167 @@ Description:: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. -- +Type:: + `object` + +Required:: + - `key` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| The name of the secret in the object's namespace to select from. + +|=== +=== .spec.receivers[].victoropsConfigs[].httpConfig.oauth2 +Description:: ++ +-- +OAuth2 client credentials used to fetch a token for the targets. +-- + +Type:: + `object` + +Required:: + - `clientId` + - `clientSecret` + - `tokenUrl` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `clientId` +| `object` +| The secret or configmap containing the OAuth2 client id + +| `clientSecret` +| `object` +| The secret containing the OAuth2 client secret + +| `endpointParams` +| `object (string)` +| Parameters to append to the token URL + +| `scopes` +| `array (string)` +| OAuth2 scopes used for the token request + +| `tokenUrl` +| `string` +| The URL to fetch the token from + +|=== +=== .spec.receivers[].victoropsConfigs[].httpConfig.oauth2.clientId +Description:: ++ +-- +The secret or configmap containing the OAuth2 client id +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].victoropsConfigs[].httpConfig.oauth2.clientId.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].victoropsConfigs[].httpConfig.oauth2.clientId.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].victoropsConfigs[].httpConfig.oauth2.clientSecret +Description:: ++ +-- +The secret containing the OAuth2 client secret +-- + Type:: `object` @@ -4194,6 +6680,14 @@ Type:: | `object` | The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. +| `followRedirects` +| `boolean` +| FollowRedirects specifies whether the client should follow HTTP 3xx redirects. + +| `oauth2` +| `object` +| OAuth2 client credentials used to fetch a token for the targets. + | `proxyURL` | `string` | Optional proxy URL. @@ -4358,6 +6852,167 @@ Description:: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. -- +Type:: + `object` + +Required:: + - `key` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| The name of the secret in the object's namespace to select from. + +|=== +=== .spec.receivers[].webhookConfigs[].httpConfig.oauth2 +Description:: ++ +-- +OAuth2 client credentials used to fetch a token for the targets. +-- + +Type:: + `object` + +Required:: + - `clientId` + - `clientSecret` + - `tokenUrl` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `clientId` +| `object` +| The secret or configmap containing the OAuth2 client id + +| `clientSecret` +| `object` +| The secret containing the OAuth2 client secret + +| `endpointParams` +| `object (string)` +| Parameters to append to the token URL + +| `scopes` +| `array (string)` +| OAuth2 scopes used for the token request + +| `tokenUrl` +| `string` +| The URL to fetch the token from + +|=== +=== .spec.receivers[].webhookConfigs[].httpConfig.oauth2.clientId +Description:: ++ +-- +The secret or configmap containing the OAuth2 client id +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].webhookConfigs[].httpConfig.oauth2.clientId.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].webhookConfigs[].httpConfig.oauth2.clientId.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].webhookConfigs[].httpConfig.oauth2.clientSecret +Description:: ++ +-- +The secret containing the OAuth2 client secret +-- + Type:: `object` @@ -4645,6 +7300,7 @@ Type:: Required:: - `key` + - `name` @@ -4658,11 +7314,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].wechatConfigs @@ -4752,6 +7404,7 @@ Type:: Required:: - `key` + - `name` @@ -4765,11 +7418,7 @@ Required:: | `name` | `string` -| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? - -| `optional` -| `boolean` -| Specify whether the Secret or its key must be defined +| The name of the secret in the object's namespace to select from. |=== === .spec.receivers[].wechatConfigs[].httpConfig @@ -4801,6 +7450,14 @@ Type:: | `object` | The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. +| `followRedirects` +| `boolean` +| FollowRedirects specifies whether the client should follow HTTP 3xx redirects. + +| `oauth2` +| `object` +| OAuth2 client credentials used to fetch a token for the targets. + | `proxyURL` | `string` | Optional proxy URL. @@ -4965,6 +7622,167 @@ Description:: The secret's key that contains the bearer token to be used by the client for authentication. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator. -- +Type:: + `object` + +Required:: + - `key` + - `name` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| The name of the secret in the object's namespace to select from. + +|=== +=== .spec.receivers[].wechatConfigs[].httpConfig.oauth2 +Description:: ++ +-- +OAuth2 client credentials used to fetch a token for the targets. +-- + +Type:: + `object` + +Required:: + - `clientId` + - `clientSecret` + - `tokenUrl` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `clientId` +| `object` +| The secret or configmap containing the OAuth2 client id + +| `clientSecret` +| `object` +| The secret containing the OAuth2 client secret + +| `endpointParams` +| `object (string)` +| Parameters to append to the token URL + +| `scopes` +| `array (string)` +| OAuth2 scopes used for the token request + +| `tokenUrl` +| `string` +| The URL to fetch the token from + +|=== +=== .spec.receivers[].wechatConfigs[].httpConfig.oauth2.clientId +Description:: ++ +-- +The secret or configmap containing the OAuth2 client id +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `configMap` +| `object` +| ConfigMap containing data to use for the targets. + +| `secret` +| `object` +| Secret containing data to use for the targets. + +|=== +=== .spec.receivers[].wechatConfigs[].httpConfig.oauth2.clientId.configMap +Description:: ++ +-- +ConfigMap containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key to select. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the ConfigMap or its key must be defined + +|=== +=== .spec.receivers[].wechatConfigs[].httpConfig.oauth2.clientId.secret +Description:: ++ +-- +Secret containing data to use for the targets. +-- + +Type:: + `object` + +Required:: + - `key` + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `key` +| `string` +| The key of the secret to select from. Must be a valid secret key. + +| `name` +| `string` +| Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + +| `optional` +| `boolean` +| Specify whether the Secret or its key must be defined + +|=== +=== .spec.receivers[].wechatConfigs[].httpConfig.oauth2.clientSecret +Description:: ++ +-- +The secret containing the OAuth2 client secret +-- + Type:: `object` @@ -5263,15 +8081,15 @@ Type:: | `groupBy` | `array (string)` -| List of labels to group by. +| List of labels to group by. Labels must not be repeated (unique list). Special label "..." (aggregate by all possible labels), if provided, must be the only element in the list. | `groupInterval` | `string` -| How long to wait before sending an updated notification. Must match the regular expression `[0-9]+(ms\|s\|m\|h)` (milliseconds seconds minutes hours). +| How long to wait before sending an updated notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "5m" | `groupWait` | `string` -| How long to wait before sending the initial notification. Must match the regular expression `[0-9]+(ms\|s\|m\|h)` (milliseconds seconds minutes hours). +| How long to wait before sending the initial notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "30s" | `matchers` | `array` @@ -5281,13 +8099,17 @@ Type:: | `object` | Matcher defines how to match on alert's labels. +| `muteTimeIntervals` +| `array (string)` +| Note: this comment applies to the field definition above but appears below otherwise it gets included in the generated manifest. CRD schema doesn't support self-referential types for now (see https://github.com/kubernetes/kubernetes/issues/62872). We have to use an alternative type to circumvent the limitation. The downside is that the Kube API can't validate the data beyond the fact that it is a valid JSON representation. MuteTimeIntervals is a list of MuteTimeInterval names that will mute this route when matched, + | `receiver` | `string` | Name of the receiver for this route. If not empty, it should be listed in the `receivers` field. | `repeatInterval` | `string` -| How long to wait before repeating the last notification. Must match the regular expression `[0-9]+(ms\|s\|m\|h)` (milliseconds seconds minutes hours). +| How long to wait before repeating the last notification. Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` Example: "4h" | `routes` | `array (undefined)` @@ -5326,38 +8148,218 @@ Required:: |=== | Property | Type | Description +| `matchType` +| `string` +| Match operator, one of `=` (equal to), `!=` (not equal to), `=~` (regex match) or `!~` (not regex match). Negative operators (`!=` and `!~`) require Alertmanager >= v0.22.0. + | `name` | `string` | Label to match. -| `regex` -| `boolean` -| Whether to match on equality (false) or regular-expression (true). - | `value` | `string` | Label value to match. +|=== +=== .spec.timeIntervals +Description:: ++ +-- +List of TimeInterval specifying when the routes should be muted or active. +-- + +Type:: + `array` + + + + +=== .spec.timeIntervals[] +Description:: ++ +-- +TimeInterval specifies the periods in time when notifications will be muted or active. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `name` +| `string` +| Name of the time interval. + +| `timeIntervals` +| `array` +| TimeIntervals is a list of TimePeriod. + +| `timeIntervals[]` +| `object` +| TimePeriod describes periods of time. + +|=== +=== .spec.timeIntervals[].timeIntervals +Description:: ++ +-- +TimeIntervals is a list of TimePeriod. +-- + +Type:: + `array` + + + + +=== .spec.timeIntervals[].timeIntervals[] +Description:: ++ +-- +TimePeriod describes periods of time. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `daysOfMonth` +| `array` +| DaysOfMonth is a list of DayOfMonthRange + +| `daysOfMonth[]` +| `object` +| DayOfMonthRange is an inclusive range of days of the month beginning at 1 + +| `months` +| `array (string)` +| Months is a list of MonthRange + +| `times` +| `array` +| Times is a list of TimeRange + +| `times[]` +| `object` +| TimeRange defines a start and end time in 24hr format + +| `weekdays` +| `array (string)` +| Weekdays is a list of WeekdayRange + +| `years` +| `array (string)` +| Years is a list of YearRange + +|=== +=== .spec.timeIntervals[].timeIntervals[].daysOfMonth +Description:: ++ +-- +DaysOfMonth is a list of DayOfMonthRange +-- + +Type:: + `array` + + + + +=== .spec.timeIntervals[].timeIntervals[].daysOfMonth[] +Description:: ++ +-- +DayOfMonthRange is an inclusive range of days of the month beginning at 1 +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `end` +| `integer` +| End of the inclusive range + +| `start` +| `integer` +| Start of the inclusive range + +|=== +=== .spec.timeIntervals[].timeIntervals[].times +Description:: ++ +-- +Times is a list of TimeRange +-- + +Type:: + `array` + + + + +=== .spec.timeIntervals[].timeIntervals[].times[] +Description:: ++ +-- +TimeRange defines a start and end time in 24hr format +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `endTime` +| `string` +| EndTime is the end time in 24hr format. + +| `startTime` +| `string` +| StartTime is the start time in 24hr format. + |=== == API endpoints The following API endpoints are available: -* `/apis/monitoring.coreos.com/v1alpha1/alertmanagerconfigs` +* `/apis/monitoring.coreos.com/v1beta1/alertmanagerconfigs` - `GET`: list objects of kind AlertmanagerConfig -* `/apis/monitoring.coreos.com/v1alpha1/namespaces/{namespace}/alertmanagerconfigs` +* `/apis/monitoring.coreos.com/v1beta1/namespaces/{namespace}/alertmanagerconfigs` - `DELETE`: delete collection of AlertmanagerConfig - `GET`: list objects of kind AlertmanagerConfig - `POST`: create an AlertmanagerConfig -* `/apis/monitoring.coreos.com/v1alpha1/namespaces/{namespace}/alertmanagerconfigs/{name}` +* `/apis/monitoring.coreos.com/v1beta1/namespaces/{namespace}/alertmanagerconfigs/{name}` - `DELETE`: delete an AlertmanagerConfig - `GET`: read the specified AlertmanagerConfig - `PATCH`: partially update the specified AlertmanagerConfig - `PUT`: replace the specified AlertmanagerConfig -=== /apis/monitoring.coreos.com/v1alpha1/alertmanagerconfigs +=== /apis/monitoring.coreos.com/v1beta1/alertmanagerconfigs .Global query parameters @@ -5416,13 +8418,13 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../objects/index.adoc#com.coreos.monitoring.v1alpha1.AlertmanagerConfigList[`AlertmanagerConfigList`] schema +| xref:../objects/index.adoc#com.coreos.monitoring.v1beta1.AlertmanagerConfigList[`AlertmanagerConfigList`] schema | 401 - Unauthorized | Empty |=== -=== /apis/monitoring.coreos.com/v1alpha1/namespaces/{namespace}/alertmanagerconfigs +=== /apis/monitoring.coreos.com/v1beta1/namespaces/{namespace}/alertmanagerconfigs .Global path parameters [cols="1,1,2",options="header"] @@ -5555,7 +8557,7 @@ Defaults to unset |=== | HTTP code | Reponse body | 200 - OK -| xref:../objects/index.adoc#com.coreos.monitoring.v1alpha1.AlertmanagerConfigList[`AlertmanagerConfigList`] schema +| xref:../objects/index.adoc#com.coreos.monitoring.v1beta1.AlertmanagerConfigList[`AlertmanagerConfigList`] schema | 401 - Unauthorized | Empty |=== @@ -5584,7 +8586,7 @@ Description:: |=== | Parameter | Type | Description | `body` -| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc#alertmanagerconfig-monitoring-coreos-com-v1alpha1[`AlertmanagerConfig`] schema +| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc#alertmanagerconfig-monitoring-coreos-com-v1beta1[`AlertmanagerConfig`] schema | |=== @@ -5593,17 +8595,17 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc#alertmanagerconfig-monitoring-coreos-com-v1alpha1[`AlertmanagerConfig`] schema +| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc#alertmanagerconfig-monitoring-coreos-com-v1beta1[`AlertmanagerConfig`] schema | 201 - Created -| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc#alertmanagerconfig-monitoring-coreos-com-v1alpha1[`AlertmanagerConfig`] schema +| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc#alertmanagerconfig-monitoring-coreos-com-v1beta1[`AlertmanagerConfig`] schema | 202 - Accepted -| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc#alertmanagerconfig-monitoring-coreos-com-v1alpha1[`AlertmanagerConfig`] schema +| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc#alertmanagerconfig-monitoring-coreos-com-v1beta1[`AlertmanagerConfig`] schema | 401 - Unauthorized | Empty |=== -=== /apis/monitoring.coreos.com/v1alpha1/namespaces/{namespace}/alertmanagerconfigs/{name} +=== /apis/monitoring.coreos.com/v1beta1/namespaces/{namespace}/alertmanagerconfigs/{name} .Global path parameters [cols="1,1,2",options="header"] @@ -5696,7 +8698,7 @@ Defaults to unset |=== | HTTP code | Reponse body | 200 - OK -| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc#alertmanagerconfig-monitoring-coreos-com-v1alpha1[`AlertmanagerConfig`] schema +| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc#alertmanagerconfig-monitoring-coreos-com-v1beta1[`AlertmanagerConfig`] schema | 401 - Unauthorized | Empty |=== @@ -5734,7 +8736,7 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc#alertmanagerconfig-monitoring-coreos-com-v1alpha1[`AlertmanagerConfig`] schema +| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc#alertmanagerconfig-monitoring-coreos-com-v1beta1[`AlertmanagerConfig`] schema | 401 - Unauthorized | Empty |=== @@ -5763,7 +8765,7 @@ Description:: |=== | Parameter | Type | Description | `body` -| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc#alertmanagerconfig-monitoring-coreos-com-v1alpha1[`AlertmanagerConfig`] schema +| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc#alertmanagerconfig-monitoring-coreos-com-v1beta1[`AlertmanagerConfig`] schema | |=== @@ -5772,9 +8774,9 @@ Description:: |=== | HTTP code | Reponse body | 200 - OK -| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc#alertmanagerconfig-monitoring-coreos-com-v1alpha1[`AlertmanagerConfig`] schema +| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc#alertmanagerconfig-monitoring-coreos-com-v1beta1[`AlertmanagerConfig`] schema | 201 - Created -| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1alpha1.adoc#alertmanagerconfig-monitoring-coreos-com-v1alpha1[`AlertmanagerConfig`] schema +| xref:../monitoring_apis/alertmanagerconfig-monitoring-coreos-com-v1beta1.adoc#alertmanagerconfig-monitoring-coreos-com-v1beta1[`AlertmanagerConfig`] schema | 401 - Unauthorized | Empty |=== diff --git a/rest_api/monitoring_apis/monitoring-apis-index.adoc b/rest_api/monitoring_apis/monitoring-apis-index.adoc index 9298d7f2f3..a77a67a36a 100644 --- a/rest_api/monitoring_apis/monitoring-apis-index.adoc +++ b/rest_api/monitoring_apis/monitoring-apis-index.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="monitoring-apis"] = Monitoring APIs -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -19,7 +18,7 @@ Alertmanager describes an Alertmanager cluster. Type:: `object` -== AlertmanagerConfig [monitoring.coreos.com/v1alpha1] +== AlertmanagerConfig [monitoring.coreos.com/v1beta1] Description:: + diff --git a/rest_api/monitoring_apis/podmonitor-monitoring-coreos-com-v1.adoc b/rest_api/monitoring_apis/podmonitor-monitoring-coreos-com-v1.adoc index f9d2c3e886..2d69e64b5d 100644 --- a/rest_api/monitoring_apis/podmonitor-monitoring-coreos-com-v1.adoc +++ b/rest_api/monitoring_apis/podmonitor-monitoring-coreos-com-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="podmonitor-monitoring-coreos-com-v1"] = PodMonitor [monitoring.coreos.com/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -65,6 +64,10 @@ Required:: |=== | Property | Type | Description +| `attachMetadata` +| `object` +| Attaches node metadata to discovered targets. Only valid for role: pod. Only valid in Prometheus versions 2.35.0 and newer. + | `jobLabel` | `string` | The label to use to retrieve the job name from. @@ -109,6 +112,28 @@ Required:: | `integer` | TargetLimit defines a limit on the number of scraped targets that will be accepted. +|=== +=== .spec.attachMetadata +Description:: ++ +-- +Attaches node metadata to discovered targets. Only valid for role: pod. Only valid in Prometheus versions 2.35.0 and newer. +-- + +Type:: + `object` + + + + +[cols="1,1,1",options="header"] +|=== +| Property | Type | Description + +| `node` +| `boolean` +| When set to true, Prometheus must have permissions to get Nodes. + |=== === .spec.namespaceSelector Description:: @@ -133,7 +158,7 @@ Type:: | `matchNames` | `array (string)` -| List of namespace names. +| List of namespace names to select from. |=== === .spec.podMetricsEndpoints @@ -178,6 +203,10 @@ Type:: | `object` | Secret to mount to read bearer token for scraping targets. The secret needs to be in the same namespace as the pod monitor and accessible by the Prometheus Operator. +| `followRedirects` +| `boolean` +| FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. + | `honorLabels` | `boolean` | HonorLabels chooses the metric's labels on collisions with target labels. @@ -188,7 +217,7 @@ Type:: | `interval` | `string` -| Interval at which metrics should be scraped +| Interval at which metrics should be scraped If not specified Prometheus' global scrape interval is used. | `metricRelabelings` | `array` @@ -224,7 +253,7 @@ Type:: | `relabelings` | `array` -| RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields and replaces original scrape job name with __tmp_prometheus_job_name. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +| RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job's name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config | `relabelings[]` | `object` @@ -236,7 +265,7 @@ Type:: | `scrapeTimeout` | `string` -| Timeout after which the scrape is ended +| Timeout after which the scrape is ended If not specified, the Prometheus global scrape interval is used. | `targetPort` | `integer-or-string` @@ -667,7 +696,7 @@ Type:: Description:: + -- -RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields and replaces original scrape job name with __tmp_prometheus_job_name. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. The original scrape job's name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config -- Type:: diff --git a/rest_api/monitoring_apis/probe-monitoring-coreos-com-v1.adoc b/rest_api/monitoring_apis/probe-monitoring-coreos-com-v1.adoc index fe1f4a9907..11896cfff4 100644 --- a/rest_api/monitoring_apis/probe-monitoring-coreos-com-v1.adoc +++ b/rest_api/monitoring_apis/probe-monitoring-coreos-com-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="probe-monitoring-coreos-com-v1"] = Probe [monitoring.coreos.com/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -120,7 +119,7 @@ Type:: | `scrapeTimeout` | `string` -| Timeout for scraping metrics from the Prometheus exporter. +| Timeout for scraping metrics from the Prometheus exporter. If not specified, the Prometheus global scrape interval is used. | `targetLimit` | `integer` @@ -128,7 +127,7 @@ Type:: | `targets` | `object` -| Targets defines a set of static and/or dynamically discovered targets to be probed using the prober. +| Targets defines a set of static or dynamically discovered targets to probe. | `tlsConfig` | `object` @@ -578,7 +577,7 @@ Required:: Description:: + -- -Targets defines a set of static and/or dynamically discovered targets to be probed using the prober. +Targets defines a set of static or dynamically discovered targets to probe. -- Type:: @@ -593,18 +592,18 @@ Type:: | `ingress` | `object` -| Ingress defines the set of dynamically discovered ingress objects which hosts are considered for probing. +| ingress defines the Ingress objects to probe and the relabeling configuration. If `staticConfig` is also defined, `staticConfig` takes precedence. | `staticConfig` | `object` -| StaticConfig defines static targets which are considers for probing. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config. +| staticConfig defines the static list of targets to probe and the relabeling configuration. If `ingress` is also defined, `staticConfig` takes precedence. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config. |=== === .spec.targets.ingress Description:: + -- -Ingress defines the set of dynamically discovered ingress objects which hosts are considered for probing. +ingress defines the Ingress objects to probe and the relabeling configuration. If `staticConfig` is also defined, `staticConfig` takes precedence. -- Type:: @@ -619,11 +618,11 @@ Type:: | `namespaceSelector` | `object` -| Select Ingress objects by namespace. +| From which namespaces to select Ingress objects. | `relabelingConfigs` | `array` -| RelabelConfigs to apply to samples before ingestion. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +| RelabelConfigs to apply to the label set of the target before it gets scraped. The original ingress address is available via the `__tmp_prometheus_ingress_address` label. It can be used to customize the probed URL. The original scrape job's name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config | `relabelingConfigs[]` | `object` @@ -631,14 +630,14 @@ Type:: | `selector` | `object` -| Select Ingress objects by labels. +| Selector to select the Ingress objects. |=== === .spec.targets.ingress.namespaceSelector Description:: + -- -Select Ingress objects by namespace. +From which namespaces to select Ingress objects. -- Type:: @@ -657,14 +656,14 @@ Type:: | `matchNames` | `array (string)` -| List of namespace names. +| List of namespace names to select from. |=== === .spec.targets.ingress.relabelingConfigs Description:: + -- -RelabelConfigs to apply to samples before ingestion. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +RelabelConfigs to apply to the label set of the target before it gets scraped. The original ingress address is available via the `__tmp_prometheus_ingress_address` label. It can be used to customize the probed URL. The original scrape job's name is available via the `__tmp_prometheus_job_name` label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config -- Type:: @@ -723,7 +722,7 @@ Type:: Description:: + -- -Select Ingress objects by labels. +Selector to select the Ingress objects. -- Type:: @@ -799,7 +798,7 @@ Required:: Description:: + -- -StaticConfig defines static targets which are considers for probing. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config. +staticConfig defines the static list of targets to probe and the relabeling configuration. If `ingress` is also defined, `staticConfig` takes precedence. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config. -- Type:: @@ -818,7 +817,7 @@ Type:: | `relabelingConfigs` | `array` -| RelabelConfigs to apply to samples before ingestion. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +| RelabelConfigs to apply to the label set of the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config | `relabelingConfigs[]` | `object` @@ -826,14 +825,14 @@ Type:: | `static` | `array (string)` -| Targets is a list of URLs to probe using the configured prober. +| The list of hosts to probe. |=== === .spec.targets.staticConfig.relabelingConfigs Description:: + -- -RelabelConfigs to apply to samples before ingestion. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +RelabelConfigs to apply to the label set of the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config -- Type:: diff --git a/rest_api/monitoring_apis/prometheus-monitoring-coreos-com-v1.adoc b/rest_api/monitoring_apis/prometheus-monitoring-coreos-com-v1.adoc index c3ad530b4a..b43f207ee2 100644 --- a/rest_api/monitoring_apis/prometheus-monitoring-coreos-com-v1.adoc +++ b/rest_api/monitoring_apis/prometheus-monitoring-coreos-com-v1.adoc @@ -2,9 +2,8 @@ :_content-type: ASSEMBLY [id="prometheus-monitoring-coreos-com-v1"] = Prometheus [monitoring.coreos.com/v1] -ifdef::product-title[] -include::_attributes/common-attributes.adoc[] -endif::[] +:toc: macro +:toc-title: toc::[] @@ -46,7 +45,7 @@ Required:: | `status` | `object` -| Most recent observed status of the Prometheus cluster. Read-only. Not included when requesting from the apiserver, only from the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status +| Most recent observed status of the Prometheus cluster. Read-only. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status |=== === .spec @@ -126,6 +125,10 @@ Type:: | `array (string)` | Enable access to Prometheus disabled features. By default, no features are enabled. Enabling disabled features is entirely outside the scope of what the maintainers will support and by doing so, you accept that this behaviour may break at any time without notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/ +| `enableRemoteWriteReceiver` +| `boolean` +| Enable Prometheus to be used as a receiver for the Prometheus remote write protocol. Defaults to the value of `false`. WARNING: This is not considered an efficient way of ingesting samples. Use it with caution for specific low-volume use cases. It is not suitable for replacing the ingestion via scraping and turning Prometheus into a push-based metrics collection system. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver Only valid in Prometheus versions 2.33.0 and newer. + | `enforcedBodySizeLimit` | `string` | EnforcedBodySizeLimit defines the maximum size of uncompressed response body that will be accepted by Prometheus. Targets responding with a body larger than this many bytes will cause the scrape to fail. Example: 100MB. If defined, the limit will apply to all service/pod monitors and probes. This is an experimental feature, this behaviour could change or be removed in the future. Only valid in Prometheus versions 2.28.0 and newer. @@ -145,7 +148,7 @@ Type:: | `enforcedNamespaceLabel` | `string` | EnforcedNamespaceLabel If set, a label will be added to - 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor` and `ProbeConfig` object) and 2. in all `PrometheusRule` objects (except the ones excluded in `prometheusRulesExcludedFromEnforce`) to * alerting & recording rules and * the metrics used in their expressions (`expr`). + 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor` and `Probe` objects) and 2. in all `PrometheusRule` objects (except the ones excluded in `prometheusRulesExcludedFromEnforce`) to * alerting & recording rules and * the metrics used in their expressions (`expr`). Label name is this field's value. Label value is the namespace of the created object (mentioned above). | `enforcedSampleLimit` @@ -158,7 +161,15 @@ Type:: | `evaluationInterval` | `string` -| Interval between consecutive evaluations. Default: `1m` +| Interval between consecutive evaluations. Default: `30s` + +| `excludedFromEnforcement` +| `array` +| List of references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects to be excluded from enforcing a namespace label of origin. Applies only if enforcedNamespaceLabel set to true. + +| `excludedFromEnforcement[]` +| `object` +| ObjectReference references a PodMonitor, ServiceMonitor, Probe or PrometheusRule object. | `externalLabels` | `object (string)` @@ -168,9 +179,17 @@ Type:: | `string` | The external URL the Prometheus instances will be available under. This is necessary to generate correct URLs. This is necessary if Prometheus is not served from root of a DNS name. +| `hostAliases` +| `array` +| Pods' hostAliases configuration + +| `hostAliases[]` +| `object` +| HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's hosts file. + | `ignoreNamespaceSelectors` | `boolean` -| IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from the podmonitor and servicemonitor configs, and they will only discover endpoints within their current namespace. Defaults to false. +| IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from all PodMonitor, ServiceMonitor and Probe objects. They will only discover endpoints within their current namespace. Defaults to false. | `image` | `string` @@ -214,11 +233,11 @@ Type:: | `overrideHonorLabels` | `boolean` -| OverrideHonorLabels if set to true overrides all user configured honor_labels. If HonorLabels is set in ServiceMonitor or PodMonitor to true, this overrides honor_labels to false. +| When true, Prometheus resolves label conflicts by renaming the labels in the scraped data to "exported_