From 284a81915d44a8a42ff5fd392cbe5761dc95c985 Mon Sep 17 00:00:00 2001 From: Jason Boxman Date: Fri, 14 Feb 2025 15:44:46 -0500 Subject: [PATCH] Add OpenShift 4.18 rc9 APIs --- .../egressfirewall-k8s-ovn-org-v1.adoc | 35 +- rest_api/network_apis/network-apis-index.adoc | 6 +- ...mageregistry-operator-openshift-io-v1.adoc | 1281 +++++++++++++---- ...mageregistry-operator-openshift-io-v1.adoc | 660 +++++++-- ...sionmigrator-operator-openshift-io-v1.adoc | 46 +- .../operator_apis/operator-apis-index.adoc | 17 +- 6 files changed, 1611 insertions(+), 434 deletions(-) diff --git a/rest_api/network_apis/egressfirewall-k8s-ovn-org-v1.adoc b/rest_api/network_apis/egressfirewall-k8s-ovn-org-v1.adoc index 19e3b60b4e..951a9cd3e2 100644 --- a/rest_api/network_apis/egressfirewall-k8s-ovn-org-v1.adoc +++ b/rest_api/network_apis/egressfirewall-k8s-ovn-org-v1.adoc @@ -11,7 +11,11 @@ toc::[] Description:: + -- -EgressFirewall describes the current egress firewall for a Namespace. Traffic from a pod to an IP address outside the cluster will be checked against each EgressFirewallRule in the pod's namespace's EgressFirewall, in order. If no rule matches (or no EgressFirewall is present) then the traffic will be allowed by default. +EgressFirewall describes the current egress firewall for a Namespace. +Traffic from a pod to an IP address outside the cluster will be checked against +each EgressFirewallRule in the pod's namespace's EgressFirewall, in +order. If no rule matches (or no EgressFirewall is present) then the traffic +will be allowed by default. -- Type:: @@ -191,18 +195,23 @@ Type:: | `dnsName` | `string` -| dnsName is the domain name to allow/deny traffic to. If this is set, cidrSelector and nodeSelector must be unset. For a wildcard DNS name, the '*' will match only one label. Additionally, only a single '*' can be used at the beginning of the wildcard DNS name. For example, '*.example.com' will match 'sub1.example.com' but won't match 'sub2.sub1.example.com' +| dnsName is the domain name to allow/deny traffic to. If this is set, cidrSelector and nodeSelector must be unset. +For a wildcard DNS name, the '*' will match only one label. Additionally, only a single '*' can be +used at the beginning of the wildcard DNS name. For example, '*.example.com' will match 'sub1.example.com' +but won't match 'sub2.sub1.example.com'. | `nodeSelector` | `object` -| nodeSelector will allow/deny traffic to the Kubernetes node IP of selected nodes. If this is set, cidrSelector and DNSName must be unset. +| nodeSelector will allow/deny traffic to the Kubernetes node IP of selected nodes. If this is set, +cidrSelector and DNSName must be unset. |=== === .spec.egress[].to.nodeSelector Description:: + -- -nodeSelector will allow/deny traffic to the Kubernetes node IP of selected nodes. If this is set, cidrSelector and DNSName must be unset. +nodeSelector will allow/deny traffic to the Kubernetes node IP of selected nodes. If this is set, +cidrSelector and DNSName must be unset. -- Type:: @@ -221,11 +230,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.egress[].to.nodeSelector.matchExpressions @@ -245,7 +257,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -267,11 +280,15 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .status diff --git a/rest_api/network_apis/network-apis-index.adoc b/rest_api/network_apis/network-apis-index.adoc index 690ca6bf0b..5561b64ab1 100644 --- a/rest_api/network_apis/network-apis-index.adoc +++ b/rest_api/network_apis/network-apis-index.adoc @@ -69,7 +69,11 @@ Type:: Description:: + -- -EgressFirewall describes the current egress firewall for a Namespace. Traffic from a pod to an IP address outside the cluster will be checked against each EgressFirewallRule in the pod's namespace's EgressFirewall, in order. If no rule matches (or no EgressFirewall is present) then the traffic will be allowed by default. +EgressFirewall describes the current egress firewall for a Namespace. +Traffic from a pod to an IP address outside the cluster will be checked against +each EgressFirewallRule in the pod's namespace's EgressFirewall, in +order. If no rule matches (or no EgressFirewall is present) then the traffic +will be allowed by default. -- Type:: diff --git a/rest_api/operator_apis/config-imageregistry-operator-openshift-io-v1.adoc b/rest_api/operator_apis/config-imageregistry-operator-openshift-io-v1.adoc index edb2cdcf1f..dce17e0f99 100644 --- a/rest_api/operator_apis/config-imageregistry-operator-openshift-io-v1.adoc +++ b/rest_api/operator_apis/config-imageregistry-operator-openshift-io-v1.adoc @@ -11,8 +11,10 @@ toc::[] Description:: + -- -Config is the configuration object for a registry instance managed by the registry operator - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +Config is the configuration object for a registry instance managed by +the registry operator + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -75,11 +77,13 @@ Required:: | `defaultRoute` | `boolean` -| defaultRoute indicates whether an external facing route for the registry should be created using the default generated hostname. +| defaultRoute indicates whether an external facing route for the registry +should be created using the default generated hostname. | `disableRedirect` | `boolean` -| disableRedirect controls whether to route all data through the Registry, rather than redirecting to the backend. +| disableRedirect controls whether to route all data through the Registry, +rather than redirecting to the backend. | `httpSecret` | `string` @@ -87,8 +91,11 @@ Required:: | `logLevel` | `string` -| logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. - Valid values are: "Normal", "Debug", "Trace", "TraceAll". Defaults to "Normal". +| logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a +simple way to manage coarse grained logging choices that operators have to interpret for their operands. + +Valid values are: "Normal", "Debug", "Trace", "TraceAll". +Defaults to "Normal". | `logging` | `integer` @@ -100,24 +107,31 @@ Required:: | `nodeSelector` | `object (string)` -| nodeSelector defines the node selection constraints for the registry pod. +| nodeSelector defines the node selection constraints for the registry +pod. | `observedConfig` | `` -| observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator +| observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because +it is an input to the level for the operator | `operatorLogLevel` | `string` -| operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. - Valid values are: "Normal", "Debug", "Trace", "TraceAll". Defaults to "Normal". +| operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a +simple way to manage coarse grained logging choices that operators have to interpret for themselves. + +Valid values are: "Normal", "Debug", "Trace", "TraceAll". +Defaults to "Normal". | `proxy` | `object` -| proxy defines the proxy to be used when calling master api, upstream registries, etc. +| proxy defines the proxy to be used when calling master api, upstream +registries, etc. | `readOnly` | `boolean` -| readOnly indicates whether the registry instance should reject attempts to push new images or delete existing ones. +| readOnly indicates whether the registry instance should reject attempts +to push new images or delete existing ones. | `replicas` | `integer` @@ -125,7 +139,8 @@ Required:: | `requests` | `object` -| requests controls how many parallel requests a given registry instance will handle before queuing additional requests. +| requests controls how many parallel requests a given registry instance +will handle before queuing additional requests. | `resources` | `object` @@ -133,19 +148,23 @@ Required:: | `rolloutStrategy` | `string` -| rolloutStrategy defines rollout strategy for the image registry deployment. +| rolloutStrategy defines rollout strategy for the image registry +deployment. | `routes` | `array` -| routes defines additional external facing routes which should be created for the registry. +| routes defines additional external facing routes which should be +created for the registry. | `routes[]` | `object` -| ImageRegistryConfigRoute holds information on external route access to image registry. +| ImageRegistryConfigRoute holds information on external route access to image +registry. | `storage` | `object` -| storage details for configuring registry storage, e.g. S3 bucket coordinates. +| storage details for configuring registry storage, e.g. S3 bucket +coordinates. | `tolerations` | `array` @@ -153,7 +172,8 @@ Required:: | `tolerations[]` | `object` -| The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +| The pod this Toleration is attached to tolerates any taint that matches +the triple using the matching operator . | `topologySpreadConstraints` | `array` @@ -165,7 +185,11 @@ Required:: | `unsupportedConfigOverrides` | `` -| unsupportedConfigOverrides overrides the final configuration that was computed by the operator. Red Hat does not support the use of this field. Misuse of this field could lead to unexpected behavior or conflict with other configuration options. Seek guidance from the Red Hat support before using this field. Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. +| unsupportedConfigOverrides overrides the final configuration that was computed by the operator. +Red Hat does not support the use of this field. +Misuse of this field could lead to unexpected behavior or conflict with other configuration options. +Seek guidance from the Red Hat support before using this field. +Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. |=== === .spec.affinity @@ -217,22 +241,43 @@ Type:: | `preferredDuringSchedulingIgnoredDuringExecution` | `array` -| The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. +| The scheduler will prefer to schedule pods to nodes that satisfy +the affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node matches the corresponding matchExpressions; the +node(s) with the highest sum are the most preferred. | `preferredDuringSchedulingIgnoredDuringExecution[]` | `object` -| An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +| An empty preferred scheduling term matches all objects with implicit weight 0 +(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). | `requiredDuringSchedulingIgnoredDuringExecution` | `object` -| If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +| If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to an update), the system +may or may not try to eventually evict the pod from its node. |=== === .spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution Description:: + -- -The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. +The scheduler will prefer to schedule pods to nodes that satisfy +the affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node matches the corresponding matchExpressions; the +node(s) with the highest sum are the most preferred. -- Type:: @@ -245,7 +290,8 @@ Type:: Description:: + -- -An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +An empty preferred scheduling term matches all objects with implicit weight 0 +(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). -- Type:: @@ -293,7 +339,8 @@ Type:: | `matchExpressions[]` | `object` -| A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. | `matchFields` | `array` @@ -301,7 +348,8 @@ Type:: | `matchFields[]` | `object` -| A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. |=== === .spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[].preference.matchExpressions @@ -321,7 +369,8 @@ Type:: Description:: + -- -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. -- Type:: @@ -343,11 +392,16 @@ Required:: | `operator` | `string` -| Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +| Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. | `values` | `array (string)` -| An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +| An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch. |=== === .spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[].preference.matchFields @@ -367,7 +421,8 @@ Type:: Description:: + -- -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. -- Type:: @@ -389,18 +444,27 @@ Required:: | `operator` | `string` -| Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +| Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. | `values` | `array (string)` -| An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +| An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch. |=== === .spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution Description:: + -- -If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to an update), the system +may or may not try to eventually evict the pod from its node. -- Type:: @@ -421,7 +485,9 @@ Required:: | `nodeSelectorTerms[]` | `object` -| A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +| A null or empty node selector term matches no objects. The requirements of +them are ANDed. +The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. |=== === .spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms @@ -441,7 +507,9 @@ Type:: Description:: + -- -A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +A null or empty node selector term matches no objects. The requirements of +them are ANDed. +The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. -- Type:: @@ -460,7 +528,8 @@ Type:: | `matchExpressions[]` | `object` -| A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. | `matchFields` | `array` @@ -468,7 +537,8 @@ Type:: | `matchFields[]` | `object` -| A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. |=== === .spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchExpressions @@ -488,7 +558,8 @@ Type:: Description:: + -- -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. -- Type:: @@ -510,11 +581,16 @@ Required:: | `operator` | `string` -| Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +| Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. | `values` | `array (string)` -| An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +| An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch. |=== === .spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchFields @@ -534,7 +610,8 @@ Type:: Description:: + -- -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. -- Type:: @@ -556,11 +633,16 @@ Required:: | `operator` | `string` -| Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +| Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. | `values` | `array (string)` -| An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +| An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch. |=== === .spec.affinity.podAffinity @@ -582,7 +664,15 @@ Type:: | `preferredDuringSchedulingIgnoredDuringExecution` | `array` -| The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. +| The scheduler will prefer to schedule pods to nodes that satisfy +the affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the +node(s) with the highest sum are the most preferred. | `preferredDuringSchedulingIgnoredDuringExecution[]` | `object` @@ -590,18 +680,37 @@ Type:: | `requiredDuringSchedulingIgnoredDuringExecution` | `array` -| If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. +| If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to a pod label update), the +system may or may not try to eventually evict the pod from its node. +When there are multiple elements, the lists of nodes corresponding to each +podAffinityTerm are intersected, i.e. all terms must be satisfied. | `requiredDuringSchedulingIgnoredDuringExecution[]` | `object` -| Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +| Defines a set of pods (namely those matching the labelSelector +relative to the given namespace(s)) that this pod should be +co-located (affinity) or not co-located (anti-affinity) with, +where co-located is defined as running on a node whose value of +the label with key matches that of any node on which +a pod of the set of pods is running |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution Description:: + -- -The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. +The scheduler will prefer to schedule pods to nodes that satisfy +the affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the +node(s) with the highest sum are the most preferred. -- Type:: @@ -636,7 +745,8 @@ Required:: | `weight` | `integer` -| weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +| weight associated with matching the corresponding podAffinityTerm, +in the range 1-100. |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm @@ -660,34 +770,63 @@ Required:: | `labelSelector` | `object` -| A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +| A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. | `matchLabelKeys` | `array (string)` -| MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both matchLabelKeys and labelSelector. +Also, matchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `mismatchLabelKeys` | `array (string)` -| MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. +Also, mismatchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `namespaceSelector` | `object` -| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +| A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. | `namespaces` | `array (string)` -| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". +| namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace". | `topologyKey` | `string` -| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed. |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.labelSelector Description:: + -- -A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. -- Type:: @@ -706,11 +845,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.labelSelector.matchExpressions @@ -730,7 +872,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -752,18 +895,26 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector Description:: + -- -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. -- Type:: @@ -782,11 +933,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector.matchExpressions @@ -806,7 +960,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -828,18 +983,28 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution Description:: + -- -If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. +If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to a pod label update), the +system may or may not try to eventually evict the pod from its node. +When there are multiple elements, the lists of nodes corresponding to each +podAffinityTerm are intersected, i.e. all terms must be satisfied. -- Type:: @@ -852,7 +1017,12 @@ Type:: Description:: + -- -Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +Defines a set of pods (namely those matching the labelSelector +relative to the given namespace(s)) that this pod should be +co-located (affinity) or not co-located (anti-affinity) with, +where co-located is defined as running on a node whose value of +the label with key matches that of any node on which +a pod of the set of pods is running -- Type:: @@ -869,34 +1039,63 @@ Required:: | `labelSelector` | `object` -| A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +| A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. | `matchLabelKeys` | `array (string)` -| MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both matchLabelKeys and labelSelector. +Also, matchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `mismatchLabelKeys` | `array (string)` -| MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. +Also, mismatchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `namespaceSelector` | `object` -| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +| A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. | `namespaces` | `array (string)` -| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". +| namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace". | `topologyKey` | `string` -| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed. |=== === .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].labelSelector Description:: + -- -A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. -- Type:: @@ -915,11 +1114,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].labelSelector.matchExpressions @@ -939,7 +1141,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -961,18 +1164,26 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector Description:: + -- -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. -- Type:: @@ -991,11 +1202,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector.matchExpressions @@ -1015,7 +1229,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -1037,11 +1252,15 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAntiAffinity @@ -1063,7 +1282,15 @@ Type:: | `preferredDuringSchedulingIgnoredDuringExecution` | `array` -| The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. +| The scheduler will prefer to schedule pods to nodes that satisfy +the anti-affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling anti-affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the +node(s) with the highest sum are the most preferred. | `preferredDuringSchedulingIgnoredDuringExecution[]` | `object` @@ -1071,18 +1298,37 @@ Type:: | `requiredDuringSchedulingIgnoredDuringExecution` | `array` -| If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. +| If the anti-affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the anti-affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to a pod label update), the +system may or may not try to eventually evict the pod from its node. +When there are multiple elements, the lists of nodes corresponding to each +podAffinityTerm are intersected, i.e. all terms must be satisfied. | `requiredDuringSchedulingIgnoredDuringExecution[]` | `object` -| Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +| Defines a set of pods (namely those matching the labelSelector +relative to the given namespace(s)) that this pod should be +co-located (affinity) or not co-located (anti-affinity) with, +where co-located is defined as running on a node whose value of +the label with key matches that of any node on which +a pod of the set of pods is running |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution Description:: + -- -The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. +The scheduler will prefer to schedule pods to nodes that satisfy +the anti-affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling anti-affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the +node(s) with the highest sum are the most preferred. -- Type:: @@ -1117,7 +1363,8 @@ Required:: | `weight` | `integer` -| weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +| weight associated with matching the corresponding podAffinityTerm, +in the range 1-100. |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm @@ -1141,34 +1388,63 @@ Required:: | `labelSelector` | `object` -| A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +| A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. | `matchLabelKeys` | `array (string)` -| MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both matchLabelKeys and labelSelector. +Also, matchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `mismatchLabelKeys` | `array (string)` -| MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. +Also, mismatchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `namespaceSelector` | `object` -| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +| A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. | `namespaces` | `array (string)` -| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". +| namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace". | `topologyKey` | `string` -| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed. |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.labelSelector Description:: + -- -A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. -- Type:: @@ -1187,11 +1463,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.labelSelector.matchExpressions @@ -1211,7 +1490,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -1233,18 +1513,26 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector Description:: + -- -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. -- Type:: @@ -1263,11 +1551,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector.matchExpressions @@ -1287,7 +1578,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -1309,18 +1601,28 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution Description:: + -- -If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. +If the anti-affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the anti-affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to a pod label update), the +system may or may not try to eventually evict the pod from its node. +When there are multiple elements, the lists of nodes corresponding to each +podAffinityTerm are intersected, i.e. all terms must be satisfied. -- Type:: @@ -1333,7 +1635,12 @@ Type:: Description:: + -- -Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +Defines a set of pods (namely those matching the labelSelector +relative to the given namespace(s)) that this pod should be +co-located (affinity) or not co-located (anti-affinity) with, +where co-located is defined as running on a node whose value of +the label with key matches that of any node on which +a pod of the set of pods is running -- Type:: @@ -1350,34 +1657,63 @@ Required:: | `labelSelector` | `object` -| A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +| A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. | `matchLabelKeys` | `array (string)` -| MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both matchLabelKeys and labelSelector. +Also, matchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `mismatchLabelKeys` | `array (string)` -| MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. +Also, mismatchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `namespaceSelector` | `object` -| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +| A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. | `namespaces` | `array (string)` -| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". +| namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace". | `topologyKey` | `string` -| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed. |=== === .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].labelSelector Description:: + -- -A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. -- Type:: @@ -1396,11 +1732,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].labelSelector.matchExpressions @@ -1420,7 +1759,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -1442,18 +1782,26 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector Description:: + -- -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. -- Type:: @@ -1472,11 +1820,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector.matchExpressions @@ -1496,7 +1847,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -1518,18 +1870,23 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.proxy Description:: + -- -proxy defines the proxy to be used when calling master api, upstream registries, etc. +proxy defines the proxy to be used when calling master api, upstream +registries, etc. -- Type:: @@ -1544,22 +1901,26 @@ Type:: | `http` | `string` -| http defines the proxy to be used by the image registry when accessing HTTP endpoints. +| http defines the proxy to be used by the image registry when +accessing HTTP endpoints. | `https` | `string` -| https defines the proxy to be used by the image registry when accessing HTTPS endpoints. +| https defines the proxy to be used by the image registry when +accessing HTTPS endpoints. | `noProxy` | `string` -| noProxy defines a comma-separated list of host names that shouldn't go through any proxy. +| noProxy defines a comma-separated list of host names that shouldn't +go through any proxy. |=== === .spec.requests Description:: + -- -requests controls how many parallel requests a given registry instance will handle before queuing additional requests. +requests controls how many parallel requests a given registry instance +will handle before queuing additional requests. -- Type:: @@ -1608,7 +1969,8 @@ Type:: | `maxWaitInQueue` | `string` -| maxWaitInQueue sets the maximum time a request can wait in the queue before being rejected. +| maxWaitInQueue sets the maximum time a request can wait in the queue +before being rejected. |=== === .spec.requests.write @@ -1638,7 +2000,8 @@ Type:: | `maxWaitInQueue` | `string` -| maxWaitInQueue sets the maximum time a request can wait in the queue before being rejected. +| maxWaitInQueue sets the maximum time a request can wait in the queue +before being rejected. |=== === .spec.resources @@ -1660,9 +2023,13 @@ Type:: | `claims` | `array` -| Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. +| Claims lists the names of resources, defined in spec.resourceClaims, +that are used by this container. + +This is an alpha field and requires enabling the +DynamicResourceAllocation feature gate. + +This field is immutable. It can only be set for containers. | `claims[]` | `object` @@ -1670,20 +2037,28 @@ Type:: | `limits` | `integer-or-string` -| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +| Limits describes the maximum amount of compute resources allowed. +More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `requests` | `integer-or-string` -| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +| Requests describes the minimum amount of compute resources required. +If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, +otherwise to an implementation-defined value. Requests cannot exceed Limits. +More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |=== === .spec.resources.claims Description:: + -- -Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. +Claims lists the names of resources, defined in spec.resourceClaims, +that are used by this container. + +This is an alpha field and requires enabling the +DynamicResourceAllocation feature gate. + +This field is immutable. It can only be set for containers. -- Type:: @@ -1713,14 +2088,23 @@ Required:: | `name` | `string` -| Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +| Name must match the name of one entry in pod.spec.resourceClaims of +the Pod where this field is used. It makes that resource available +inside a container. + +| `request` +| `string` +| Request is the name chosen for a request in the referenced claim. +If empty, everything from the claim is made available, otherwise +only the result of this request. |=== === .spec.routes Description:: + -- -routes defines additional external facing routes which should be created for the registry. +routes defines additional external facing routes which should be +created for the registry. -- Type:: @@ -1733,7 +2117,8 @@ Type:: Description:: + -- -ImageRegistryConfigRoute holds information on external route access to image registry. +ImageRegistryConfigRoute holds information on external route access to image +registry. -- Type:: @@ -1758,14 +2143,16 @@ Required:: | `secretName` | `string` -| secretName points to secret containing the certificates to be used by the route. +| secretName points to secret containing the certificates to be used +by the route. |=== === .spec.storage Description:: + -- -storage details for configuring registry storage, e.g. S3 bucket coordinates. +storage details for configuring registry storage, e.g. S3 bucket +coordinates. -- Type:: @@ -1784,7 +2171,10 @@ Type:: | `emptyDir` | `object` -| emptyDir represents ephemeral storage on the pod's host node. WARNING: this storage cannot be used with more than 1 replica and is not suitable for production use. When the pod is removed from a node for any reason, the data in the emptyDir is deleted forever. +| emptyDir represents ephemeral storage on the pod's host node. +WARNING: this storage cannot be used with more than 1 replica and +is not suitable for production use. When the pod is removed from a +node for any reason, the data in the emptyDir is deleted forever. | `gcs` | `object` @@ -1796,7 +2186,9 @@ Type:: | `managementState` | `string` -| managementState indicates if the operator manages the underlying storage unit. If Managed the operator will remove the storage when this operator gets Removed. +| managementState indicates if the operator manages the underlying +storage unit. If Managed the operator will remove the storage when +this operator gets Removed. | `oss` | `object` @@ -1838,7 +2230,9 @@ Type:: | `cloudName` | `string` -| cloudName is the name of the Azure cloud environment to be used by the registry. If empty, the operator will set it based on the infrastructure object. +| cloudName is the name of the Azure cloud environment to be used by the +registry. If empty, the operator will set it based on the infrastructure +object. | `container` | `string` @@ -1846,14 +2240,16 @@ Type:: | `networkAccess` | `object` -| networkAccess defines the network access properties for the storage account. Defaults to type: External. +| networkAccess defines the network access properties for the storage account. +Defaults to type: External. |=== === .spec.storage.azure.networkAccess Description:: + -- -networkAccess defines the network access properties for the storage account. Defaults to type: External. +networkAccess defines the network access properties for the storage account. +Defaults to type: External. -- Type:: @@ -1868,18 +2264,36 @@ Type:: | `internal` | `object` -| internal defines the vnet and subnet names to configure a private endpoint and connect it to the storage account in order to make it private. when type: Internal and internal is unset, the image registry operator will discover vnet and subnet names, and generate a private endpoint name. +| internal defines the vnet and subnet names to configure a private +endpoint and connect it to the storage account in order to make it +private. +when type: Internal and internal is unset, the image registry operator +will discover vnet and subnet names, and generate a private endpoint +name. | `type` | `string` -| type is the network access level to be used for the storage account. type: Internal means the storage account will be private, type: External means the storage account will be publicly accessible. Internal storage accounts are only exposed within the cluster's vnet. External storage accounts are publicly exposed on the internet. When type: Internal is used, a vnetName, subNetName and privateEndpointName may optionally be specified. If unspecificed, the image registry operator will discover vnet and subnet names, and generate a privateEndpointName. Defaults to "External". +| type is the network access level to be used for the storage account. +type: Internal means the storage account will be private, type: External +means the storage account will be publicly accessible. +Internal storage accounts are only exposed within the cluster's vnet. +External storage accounts are publicly exposed on the internet. +When type: Internal is used, a vnetName, subNetName and privateEndpointName +may optionally be specified. If unspecificed, the image registry operator +will discover vnet and subnet names, and generate a privateEndpointName. +Defaults to "External". |=== === .spec.storage.azure.networkAccess.internal Description:: + -- -internal defines the vnet and subnet names to configure a private endpoint and connect it to the storage account in order to make it private. when type: Internal and internal is unset, the image registry operator will discover vnet and subnet names, and generate a private endpoint name. +internal defines the vnet and subnet names to configure a private +endpoint and connect it to the storage account in order to make it +private. +when type: Internal and internal is unset, the image registry operator +will discover vnet and subnet names, and generate a private endpoint +name. -- Type:: @@ -1894,26 +2308,58 @@ Type:: | `networkResourceGroupName` | `string` -| networkResourceGroupName is the resource group name where the cluster's vnet and subnet are. When omitted, the registry operator will use the cluster resource group (from in the infrastructure status). If you set a networkResourceGroupName on your install-config.yaml, that value will be used automatically (for clusters configured with publish:Internal). Note that both vnet and subnet must be in the same resource group. It must be between 1 and 90 characters in length and must consist only of alphanumeric characters, hyphens (-), periods (.) and underscores (_), and not end with a period. +| networkResourceGroupName is the resource group name where the cluster's vnet +and subnet are. When omitted, the registry operator will use the cluster +resource group (from in the infrastructure status). +If you set a networkResourceGroupName on your install-config.yaml, that +value will be used automatically (for clusters configured with publish:Internal). +Note that both vnet and subnet must be in the same resource group. +It must be between 1 and 90 characters in length and must consist only of +alphanumeric characters, hyphens (-), periods (.) and underscores (_), and +not end with a period. | `privateEndpointName` | `string` -| privateEndpointName is the name of the private endpoint for the registry. When provided, the registry will use it as the name of the private endpoint it will create for the storage account. When omitted, the registry will generate one. It must be between 2 and 64 characters in length and must consist only of alphanumeric characters, hyphens (-), periods (.) and underscores (_). It must start with an alphanumeric character and end with an alphanumeric character or an underscore. +| privateEndpointName is the name of the private endpoint for the registry. +When provided, the registry will use it as the name of the private endpoint +it will create for the storage account. When omitted, the registry will +generate one. +It must be between 2 and 64 characters in length and must consist only of +alphanumeric characters, hyphens (-), periods (.) and underscores (_). +It must start with an alphanumeric character and end with an alphanumeric character or an underscore. | `subnetName` | `string` -| subnetName is the name of the subnet the registry operates in. When omitted, the registry operator will discover and set this by using the `kubernetes.io_cluster.` tag in the vnet resource, then using one of listed subnets. Advanced cluster network configurations that use network security groups to protect subnets should ensure the provided subnetName has access to Azure Storage service. It must be between 1 and 80 characters in length and must consist only of alphanumeric characters, hyphens (-), periods (.) and underscores (_). +| subnetName is the name of the subnet the registry operates in. When omitted, +the registry operator will discover and set this by using the `kubernetes.io_cluster.` +tag in the vnet resource, then using one of listed subnets. +Advanced cluster network configurations that use network security groups +to protect subnets should ensure the provided subnetName has access to +Azure Storage service. +It must be between 1 and 80 characters in length and must consist only of +alphanumeric characters, hyphens (-), periods (.) and underscores (_). | `vnetName` | `string` -| vnetName is the name of the vnet the registry operates in. When omitted, the registry operator will discover and set this by using the `kubernetes.io_cluster.` tag in the vnet resource. This tag is set automatically by the installer. Commonly, this will be the same vnet as the cluster. Advanced cluster network configurations should ensure the provided vnetName is the vnet of the nodes where the image registry pods are running from. It must be between 2 and 64 characters in length and must consist only of alphanumeric characters, hyphens (-), periods (.) and underscores (_). It must start with an alphanumeric character and end with an alphanumeric character or an underscore. +| vnetName is the name of the vnet the registry operates in. When omitted, +the registry operator will discover and set this by using the `kubernetes.io_cluster.` +tag in the vnet resource. This tag is set automatically by the installer. +Commonly, this will be the same vnet as the cluster. +Advanced cluster network configurations should ensure the provided vnetName +is the vnet of the nodes where the image registry pods are running from. +It must be between 2 and 64 characters in length and must consist only of +alphanumeric characters, hyphens (-), periods (.) and underscores (_). +It must start with an alphanumeric character and end with an alphanumeric character or an underscore. |=== === .spec.storage.emptyDir Description:: + -- -emptyDir represents ephemeral storage on the pod's host node. WARNING: this storage cannot be used with more than 1 replica and is not suitable for production use. When the pod is removed from a node for any reason, the data in the emptyDir is deleted forever. +emptyDir represents ephemeral storage on the pod's host node. +WARNING: this storage cannot be used with more than 1 replica and +is not suitable for production use. When the pod is removed from a +node for any reason, the data in the emptyDir is deleted forever. -- Type:: @@ -1941,19 +2387,25 @@ Type:: | `bucket` | `string` -| bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided. +| bucket is the bucket name in which you want to store the registry's +data. +Optional, will be generated if not provided. | `keyID` | `string` -| keyID is the KMS key ID to use for encryption. Optional, buckets are encrypted by default on GCP. This allows for the use of a custom encryption key. +| keyID is the KMS key ID to use for encryption. +Optional, buckets are encrypted by default on GCP. +This allows for the use of a custom encryption key. | `projectID` | `string` -| projectID is the Project ID of the GCP project that this bucket should be associated with. +| projectID is the Project ID of the GCP project that this bucket should +be associated with. | `region` | `string` -| region is the GCS location in which your bucket exists. Optional, will be set based on the installed GCS Region. +| region is the GCS location in which your bucket exists. +Optional, will be set based on the installed GCS Region. |=== === .spec.storage.ibmcos @@ -1975,23 +2427,33 @@ Type:: | `bucket` | `string` -| bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided. +| bucket is the bucket name in which you want to store the registry's +data. +Optional, will be generated if not provided. | `location` | `string` -| location is the IBM Cloud location in which your bucket exists. Optional, will be set based on the installed IBM Cloud location. +| location is the IBM Cloud location in which your bucket exists. +Optional, will be set based on the installed IBM Cloud location. | `resourceGroupName` | `string` -| resourceGroupName is the name of the IBM Cloud resource group that this bucket and its service instance is associated with. Optional, will be set based on the installed IBM Cloud resource group. +| resourceGroupName is the name of the IBM Cloud resource group that this +bucket and its service instance is associated with. +Optional, will be set based on the installed IBM Cloud resource group. | `resourceKeyCRN` | `string` -| resourceKeyCRN is the CRN of the IBM Cloud resource key that is created for the service instance. Commonly referred as a service credential and must contain HMAC type credentials. Optional, will be computed if not provided. +| resourceKeyCRN is the CRN of the IBM Cloud resource key that is created +for the service instance. Commonly referred as a service credential and +must contain HMAC type credentials. +Optional, will be computed if not provided. | `serviceInstanceCRN` | `string` -| serviceInstanceCRN is the CRN of the IBM Cloud Object Storage service instance that this bucket is associated with. Optional, will be computed if not provided. +| serviceInstanceCRN is the CRN of the IBM Cloud Object Storage service +instance that this bucket is associated with. +Optional, will be computed if not provided. |=== === .spec.storage.oss @@ -2013,26 +2475,36 @@ Type:: | `bucket` | `string` -| Bucket is the bucket name in which you want to store the registry's data. About Bucket naming, more details you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/257087.htm) Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default will be autogenerated in the form of -image-registry-- +| Bucket is the bucket name in which you want to store the registry's data. +About Bucket naming, more details you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/257087.htm) +Empty value means no opinion and the platform chooses the a default, which is subject to change over time. +Currently the default will be autogenerated in the form of -image-registry-- | `encryption` | `object` -| Encryption specifies whether you would like your data encrypted on the server side. More details, you can look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm) +| Encryption specifies whether you would like your data encrypted on the server side. +More details, you can look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm) | `endpointAccessibility` | `string` -| EndpointAccessibility specifies whether the registry use the OSS VPC internal endpoint Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default is `Internal`. +| EndpointAccessibility specifies whether the registry use the OSS VPC internal endpoint +Empty value means no opinion and the platform chooses the a default, which is subject to change over time. +Currently the default is `Internal`. | `region` | `string` -| Region is the Alibaba Cloud Region in which your bucket exists. For a list of regions, you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/31837.html). Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default will be based on the installed Alibaba Cloud Region. +| Region is the Alibaba Cloud Region in which your bucket exists. +For a list of regions, you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/31837.html). +Empty value means no opinion and the platform chooses the a default, which is subject to change over time. +Currently the default will be based on the installed Alibaba Cloud Region. |=== === .spec.storage.oss.encryption Description:: + -- -Encryption specifies whether you would like your data encrypted on the server side. More details, you can look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm) +Encryption specifies whether you would like your data encrypted on the server side. +More details, you can look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm) -- Type:: @@ -2051,7 +2523,9 @@ Type:: | `method` | `string` -| Method defines the different encrytion modes available Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default is `AES256`. +| Method defines the different encrytion modes available +Empty value means no opinion and the platform chooses the a default, which is subject to change over time. +Currently the default is `AES256`. |=== === .spec.storage.oss.encryption.kms @@ -2119,47 +2593,69 @@ Type:: | `bucket` | `string` -| bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided. +| bucket is the bucket name in which you want to store the registry's +data. +Optional, will be generated if not provided. | `chunkSizeMiB` | `integer` -| chunkSizeMiB defines the size of the multipart upload chunks of the S3 API. The S3 API requires multipart upload chunks to be at least 5MiB. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is 10 MiB. The value is an integer number of MiB. The minimum value is 5 and the maximum value is 5120 (5 GiB). +| chunkSizeMiB defines the size of the multipart upload chunks of the S3 API. +The S3 API requires multipart upload chunks to be at least 5MiB. +When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. +The current default value is 10 MiB. +The value is an integer number of MiB. +The minimum value is 5 and the maximum value is 5120 (5 GiB). | `cloudFront` | `object` -| cloudFront configures Amazon Cloudfront as the storage middleware in a registry. +| cloudFront configures Amazon Cloudfront as the storage middleware in a +registry. | `encrypt` | `boolean` -| encrypt specifies whether the registry stores the image in encrypted format or not. Optional, defaults to false. +| encrypt specifies whether the registry stores the image in encrypted +format or not. +Optional, defaults to false. | `keyID` | `string` -| keyID is the KMS key ID to use for encryption. Optional, Encrypt must be true, or this parameter is ignored. +| keyID is the KMS key ID to use for encryption. +Optional, Encrypt must be true, or this parameter is ignored. | `region` | `string` -| region is the AWS region in which your bucket exists. Optional, will be set based on the installed AWS Region. +| region is the AWS region in which your bucket exists. +Optional, will be set based on the installed AWS Region. | `regionEndpoint` | `string` -| regionEndpoint is the endpoint for S3 compatible storage services. It should be a valid URL with scheme, e.g. https://s3.example.com. Optional, defaults based on the Region that is provided. +| regionEndpoint is the endpoint for S3 compatible storage services. +It should be a valid URL with scheme, e.g. https://s3.example.com. +Optional, defaults based on the Region that is provided. | `trustedCA` | `object` -| trustedCA is a reference to a config map containing a CA bundle. The image registry and its operator use certificates from this bundle to verify S3 server certificates. - The namespace for the config map referenced by trustedCA is "openshift-config". The key for the bundle in the config map is "ca-bundle.crt". +| trustedCA is a reference to a config map containing a CA bundle. The +image registry and its operator use certificates from this bundle to +verify S3 server certificates. + +The namespace for the config map referenced by trustedCA is +"openshift-config". The key for the bundle in the config map is +"ca-bundle.crt". | `virtualHostedStyle` | `boolean` -| virtualHostedStyle enables using S3 virtual hosted style bucket paths with a custom RegionEndpoint Optional, defaults to false. +| virtualHostedStyle enables using S3 virtual hosted style bucket paths with +a custom RegionEndpoint +Optional, defaults to false. |=== === .spec.storage.s3.cloudFront Description:: + -- -cloudFront configures Amazon Cloudfront as the storage middleware in a registry. +cloudFront configures Amazon Cloudfront as the storage middleware in a +registry. -- Type:: @@ -2218,7 +2714,11 @@ Required:: | `name` | `string` -| Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. +| Name of the referent. +This field is effectively required, but due to backwards compatibility is +allowed to be empty. Instances of this type with an empty value here are +almost certainly wrong. +More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names | `optional` | `boolean` @@ -2229,8 +2729,13 @@ Required:: Description:: + -- -trustedCA is a reference to a config map containing a CA bundle. The image registry and its operator use certificates from this bundle to verify S3 server certificates. - The namespace for the config map referenced by trustedCA is "openshift-config". The key for the bundle in the config map is "ca-bundle.crt". +trustedCA is a reference to a config map containing a CA bundle. The +image registry and its operator use certificates from this bundle to +verify S3 server certificates. + +The namespace for the config map referenced by trustedCA is +"openshift-config". The key for the bundle in the config map is +"ca-bundle.crt". -- Type:: @@ -2245,7 +2750,12 @@ Type:: | `name` | `string` -| name is the metadata.name of the referenced config map. This field must adhere to standard config map naming restrictions. The name must consist solely of alphanumeric characters, hyphens (-) and periods (.). It has a maximum length of 253 characters. If this field is not specified or is empty string, the default trust bundle will be used. +| name is the metadata.name of the referenced config map. +This field must adhere to standard config map naming restrictions. +The name must consist solely of alphanumeric characters, hyphens (-) +and periods (.). It has a maximum length of 253 characters. +If this field is not specified or is empty string, the default trust +bundle will be used. |=== === .spec.storage.swift @@ -2275,7 +2785,8 @@ Type:: | `container` | `string` -| container defines the name of Swift container where to store the registry's data. +| container defines the name of Swift container where to store the +registry's data. | `domain` | `string` @@ -2315,7 +2826,8 @@ Type:: Description:: + -- -The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +The pod this Toleration is attached to tolerates any taint that matches +the triple using the matching operator . -- Type:: @@ -2330,23 +2842,32 @@ Type:: | `effect` | `string` -| Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +| Effect indicates the taint effect to match. Empty means match all taint effects. +When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. | `key` | `string` -| Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. +| Key is the taint key that the toleration applies to. Empty means match all taint keys. +If the key is empty, operator must be Exists; this combination means to match all values and all keys. | `operator` | `string` -| Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. +| Operator represents a key's relationship to the value. +Valid operators are Exists and Equal. Defaults to Equal. +Exists is equivalent to wildcard for value, so that a pod can +tolerate all taints of a particular category. | `tolerationSeconds` | `integer` -| TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. +| TolerationSeconds represents the period of time the toleration (which must be +of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, +it is not set, which means tolerate the taint forever (do not evict). Zero and +negative values will be treated as 0 (evict immediately) by the system. | `value` | `string` -| Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +| Value is the taint value the toleration matches to. +If the operator is Exists, the value should be empty, otherwise just a regular string. |=== === .spec.topologySpreadConstraints @@ -2385,46 +2906,128 @@ Required:: | `labelSelector` | `object` -| LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +| LabelSelector is used to find matching pods. +Pods that match this label selector are counted to determine the number of pods +in their corresponding topology domain. | `matchLabelKeys` | `array (string)` -| MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. - This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). +| MatchLabelKeys is a set of pod label keys to select the pods over which +spreading will be calculated. The keys are used to lookup values from the +incoming pod labels, those key-value labels are ANDed with labelSelector +to select the group of existing pods over which spreading will be calculated +for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. +MatchLabelKeys cannot be set when LabelSelector isn't set. +Keys that don't exist in the incoming pod labels will +be ignored. A null or empty list means only match against labelSelector. + +This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). | `maxSkew` | `integer` -| MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. \| zone1 \| zone2 \| zone3 \| \| P P \| P P \| P \| - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed. +| MaxSkew describes the degree to which pods may be unevenly distributed. +When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference +between the number of matching pods in the target topology and the global minimum. +The global minimum is the minimum number of matching pods in an eligible domain +or zero if the number of eligible domains is less than MinDomains. +For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same +labelSelector spread as 2/2/1: +In this case, the global minimum is 1. +\| zone1 \| zone2 \| zone3 \| +\| P P \| P P \| P \| +- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; +scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) +violate MaxSkew(1). +- if MaxSkew is 2, incoming pod can be scheduled onto any zone. +When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence +to topologies that satisfy it. +It's a required field. Default value is 1 and 0 is not allowed. | `minDomains` | `integer` -| MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: \| zone1 \| zone2 \| zone3 \| \| P P \| P P \| P P \| The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. +| MinDomains indicates a minimum number of eligible domains. +When the number of eligible domains with matching topology keys is less than minDomains, +Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. +And when the number of eligible domains with matching topology keys equals or greater than minDomains, +this value has no effect on scheduling. +As a result, when the number of eligible domains is less than minDomains, +scheduler won't schedule more than maxSkew Pods to those domains. +If value is nil, the constraint behaves as if MinDomains is equal to 1. +Valid values are integers greater than 0. +When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + +For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same +labelSelector spread as 2/2/2: +\| zone1 \| zone2 \| zone3 \| +\| P P \| P P \| P P \| +The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. +In this situation, new pod with the same labelSelector cannot be scheduled, +because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, +it will violate MaxSkew. | `nodeAffinityPolicy` | `string` -| NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +| NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector +when calculating pod topology spread skew. Options are: +- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. +- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + +If this value is nil, the behavior is equivalent to the Honor policy. +This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. | `nodeTaintsPolicy` | `string` -| NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. - If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. +| NodeTaintsPolicy indicates how we will treat node taints when calculating +pod topology spread skew. Options are: +- Honor: nodes without taints, along with tainted nodes for which the incoming pod +has a toleration, are included. +- Ignore: node taints are ignored. All nodes are included. + +If this value is nil, the behavior is equivalent to the Ignore policy. +This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. | `topologyKey` | `string` -| TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. It's a required field. +| TopologyKey is the key of node labels. Nodes that have a label with this key +and identical values are considered to be in the same topology. +We consider each as a "bucket", and try to put balanced number +of pods into each bucket. +We define a domain as a particular instance of a topology. +Also, we define an eligible domain as a domain whose nodes meet the requirements of +nodeAffinityPolicy and nodeTaintsPolicy. +e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. +And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. +It's a required field. | `whenUnsatisfiable` | `string` -| WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: \| zone1 \| zone2 \| zone3 \| \| P P P \| P \| P \| If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field. +| WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy +the spread constraint. +- DoNotSchedule (default) tells the scheduler not to schedule it. +- ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. +A constraint is considered "Unsatisfiable" for an incoming pod +if and only if every possible node assignment for that pod would violate +"MaxSkew" on some topology. +For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same +labelSelector spread as 3/1/1: +\| zone1 \| zone2 \| zone3 \| +\| P P P \| P \| P \| +If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled +to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies +MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler +won't make it *more* imbalanced. +It's a required field. |=== === .spec.topologySpreadConstraints[].labelSelector Description:: + -- -LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +LabelSelector is used to find matching pods. +Pods that match this label selector are counted to determine the number of pods +in their corresponding topology domain. -- Type:: @@ -2443,11 +3046,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.topologySpreadConstraints[].labelSelector.matchExpressions @@ -2467,7 +3073,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -2489,11 +3096,15 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .status @@ -2532,6 +3143,10 @@ Required:: | `object` | GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. +| `latestAvailableRevision` +| `integer` +| latestAvailableRevision is the deploymentID of the most recent deployment + | `observedGeneration` | `integer` | observedGeneration is the last generation change you've dealt with @@ -2542,7 +3157,8 @@ Required:: | `storage` | `object` -| storage indicates the current applied storage configuration of the registry. +| storage indicates the current applied storage configuration of the +registry. | `storageManaged` | `boolean` @@ -2577,6 +3193,8 @@ Type:: `object` Required:: + - `lastTransitionTime` + - `status` - `type` @@ -2587,7 +3205,8 @@ Required:: | `lastTransitionTime` | `string` -| +| lastTransitionTime is the last time the condition transitioned from one status to another. +This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. | `message` | `string` @@ -2599,11 +3218,11 @@ Required:: | `status` | `string` -| +| status of the condition, one of True, False, Unknown. | `type` | `string` -| +| type of condition in CamelCase or in foo.example.com/CamelCase. |=== === .status.generations @@ -2629,6 +3248,11 @@ GenerationStatus keeps track of the generation for a given resource so that deci Type:: `object` +Required:: + - `group` + - `name` + - `namespace` + - `resource` @@ -2665,7 +3289,8 @@ Type:: Description:: + -- -storage indicates the current applied storage configuration of the registry. +storage indicates the current applied storage configuration of the +registry. -- Type:: @@ -2684,7 +3309,10 @@ Type:: | `emptyDir` | `object` -| emptyDir represents ephemeral storage on the pod's host node. WARNING: this storage cannot be used with more than 1 replica and is not suitable for production use. When the pod is removed from a node for any reason, the data in the emptyDir is deleted forever. +| emptyDir represents ephemeral storage on the pod's host node. +WARNING: this storage cannot be used with more than 1 replica and +is not suitable for production use. When the pod is removed from a +node for any reason, the data in the emptyDir is deleted forever. | `gcs` | `object` @@ -2696,7 +3324,9 @@ Type:: | `managementState` | `string` -| managementState indicates if the operator manages the underlying storage unit. If Managed the operator will remove the storage when this operator gets Removed. +| managementState indicates if the operator manages the underlying +storage unit. If Managed the operator will remove the storage when +this operator gets Removed. | `oss` | `object` @@ -2738,7 +3368,9 @@ Type:: | `cloudName` | `string` -| cloudName is the name of the Azure cloud environment to be used by the registry. If empty, the operator will set it based on the infrastructure object. +| cloudName is the name of the Azure cloud environment to be used by the +registry. If empty, the operator will set it based on the infrastructure +object. | `container` | `string` @@ -2746,14 +3378,16 @@ Type:: | `networkAccess` | `object` -| networkAccess defines the network access properties for the storage account. Defaults to type: External. +| networkAccess defines the network access properties for the storage account. +Defaults to type: External. |=== === .status.storage.azure.networkAccess Description:: + -- -networkAccess defines the network access properties for the storage account. Defaults to type: External. +networkAccess defines the network access properties for the storage account. +Defaults to type: External. -- Type:: @@ -2768,18 +3402,36 @@ Type:: | `internal` | `object` -| internal defines the vnet and subnet names to configure a private endpoint and connect it to the storage account in order to make it private. when type: Internal and internal is unset, the image registry operator will discover vnet and subnet names, and generate a private endpoint name. +| internal defines the vnet and subnet names to configure a private +endpoint and connect it to the storage account in order to make it +private. +when type: Internal and internal is unset, the image registry operator +will discover vnet and subnet names, and generate a private endpoint +name. | `type` | `string` -| type is the network access level to be used for the storage account. type: Internal means the storage account will be private, type: External means the storage account will be publicly accessible. Internal storage accounts are only exposed within the cluster's vnet. External storage accounts are publicly exposed on the internet. When type: Internal is used, a vnetName, subNetName and privateEndpointName may optionally be specified. If unspecificed, the image registry operator will discover vnet and subnet names, and generate a privateEndpointName. Defaults to "External". +| type is the network access level to be used for the storage account. +type: Internal means the storage account will be private, type: External +means the storage account will be publicly accessible. +Internal storage accounts are only exposed within the cluster's vnet. +External storage accounts are publicly exposed on the internet. +When type: Internal is used, a vnetName, subNetName and privateEndpointName +may optionally be specified. If unspecificed, the image registry operator +will discover vnet and subnet names, and generate a privateEndpointName. +Defaults to "External". |=== === .status.storage.azure.networkAccess.internal Description:: + -- -internal defines the vnet and subnet names to configure a private endpoint and connect it to the storage account in order to make it private. when type: Internal and internal is unset, the image registry operator will discover vnet and subnet names, and generate a private endpoint name. +internal defines the vnet and subnet names to configure a private +endpoint and connect it to the storage account in order to make it +private. +when type: Internal and internal is unset, the image registry operator +will discover vnet and subnet names, and generate a private endpoint +name. -- Type:: @@ -2794,26 +3446,58 @@ Type:: | `networkResourceGroupName` | `string` -| networkResourceGroupName is the resource group name where the cluster's vnet and subnet are. When omitted, the registry operator will use the cluster resource group (from in the infrastructure status). If you set a networkResourceGroupName on your install-config.yaml, that value will be used automatically (for clusters configured with publish:Internal). Note that both vnet and subnet must be in the same resource group. It must be between 1 and 90 characters in length and must consist only of alphanumeric characters, hyphens (-), periods (.) and underscores (_), and not end with a period. +| networkResourceGroupName is the resource group name where the cluster's vnet +and subnet are. When omitted, the registry operator will use the cluster +resource group (from in the infrastructure status). +If you set a networkResourceGroupName on your install-config.yaml, that +value will be used automatically (for clusters configured with publish:Internal). +Note that both vnet and subnet must be in the same resource group. +It must be between 1 and 90 characters in length and must consist only of +alphanumeric characters, hyphens (-), periods (.) and underscores (_), and +not end with a period. | `privateEndpointName` | `string` -| privateEndpointName is the name of the private endpoint for the registry. When provided, the registry will use it as the name of the private endpoint it will create for the storage account. When omitted, the registry will generate one. It must be between 2 and 64 characters in length and must consist only of alphanumeric characters, hyphens (-), periods (.) and underscores (_). It must start with an alphanumeric character and end with an alphanumeric character or an underscore. +| privateEndpointName is the name of the private endpoint for the registry. +When provided, the registry will use it as the name of the private endpoint +it will create for the storage account. When omitted, the registry will +generate one. +It must be between 2 and 64 characters in length and must consist only of +alphanumeric characters, hyphens (-), periods (.) and underscores (_). +It must start with an alphanumeric character and end with an alphanumeric character or an underscore. | `subnetName` | `string` -| subnetName is the name of the subnet the registry operates in. When omitted, the registry operator will discover and set this by using the `kubernetes.io_cluster.` tag in the vnet resource, then using one of listed subnets. Advanced cluster network configurations that use network security groups to protect subnets should ensure the provided subnetName has access to Azure Storage service. It must be between 1 and 80 characters in length and must consist only of alphanumeric characters, hyphens (-), periods (.) and underscores (_). +| subnetName is the name of the subnet the registry operates in. When omitted, +the registry operator will discover and set this by using the `kubernetes.io_cluster.` +tag in the vnet resource, then using one of listed subnets. +Advanced cluster network configurations that use network security groups +to protect subnets should ensure the provided subnetName has access to +Azure Storage service. +It must be between 1 and 80 characters in length and must consist only of +alphanumeric characters, hyphens (-), periods (.) and underscores (_). | `vnetName` | `string` -| vnetName is the name of the vnet the registry operates in. When omitted, the registry operator will discover and set this by using the `kubernetes.io_cluster.` tag in the vnet resource. This tag is set automatically by the installer. Commonly, this will be the same vnet as the cluster. Advanced cluster network configurations should ensure the provided vnetName is the vnet of the nodes where the image registry pods are running from. It must be between 2 and 64 characters in length and must consist only of alphanumeric characters, hyphens (-), periods (.) and underscores (_). It must start with an alphanumeric character and end with an alphanumeric character or an underscore. +| vnetName is the name of the vnet the registry operates in. When omitted, +the registry operator will discover and set this by using the `kubernetes.io_cluster.` +tag in the vnet resource. This tag is set automatically by the installer. +Commonly, this will be the same vnet as the cluster. +Advanced cluster network configurations should ensure the provided vnetName +is the vnet of the nodes where the image registry pods are running from. +It must be between 2 and 64 characters in length and must consist only of +alphanumeric characters, hyphens (-), periods (.) and underscores (_). +It must start with an alphanumeric character and end with an alphanumeric character or an underscore. |=== === .status.storage.emptyDir Description:: + -- -emptyDir represents ephemeral storage on the pod's host node. WARNING: this storage cannot be used with more than 1 replica and is not suitable for production use. When the pod is removed from a node for any reason, the data in the emptyDir is deleted forever. +emptyDir represents ephemeral storage on the pod's host node. +WARNING: this storage cannot be used with more than 1 replica and +is not suitable for production use. When the pod is removed from a +node for any reason, the data in the emptyDir is deleted forever. -- Type:: @@ -2841,19 +3525,25 @@ Type:: | `bucket` | `string` -| bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided. +| bucket is the bucket name in which you want to store the registry's +data. +Optional, will be generated if not provided. | `keyID` | `string` -| keyID is the KMS key ID to use for encryption. Optional, buckets are encrypted by default on GCP. This allows for the use of a custom encryption key. +| keyID is the KMS key ID to use for encryption. +Optional, buckets are encrypted by default on GCP. +This allows for the use of a custom encryption key. | `projectID` | `string` -| projectID is the Project ID of the GCP project that this bucket should be associated with. +| projectID is the Project ID of the GCP project that this bucket should +be associated with. | `region` | `string` -| region is the GCS location in which your bucket exists. Optional, will be set based on the installed GCS Region. +| region is the GCS location in which your bucket exists. +Optional, will be set based on the installed GCS Region. |=== === .status.storage.ibmcos @@ -2875,23 +3565,33 @@ Type:: | `bucket` | `string` -| bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided. +| bucket is the bucket name in which you want to store the registry's +data. +Optional, will be generated if not provided. | `location` | `string` -| location is the IBM Cloud location in which your bucket exists. Optional, will be set based on the installed IBM Cloud location. +| location is the IBM Cloud location in which your bucket exists. +Optional, will be set based on the installed IBM Cloud location. | `resourceGroupName` | `string` -| resourceGroupName is the name of the IBM Cloud resource group that this bucket and its service instance is associated with. Optional, will be set based on the installed IBM Cloud resource group. +| resourceGroupName is the name of the IBM Cloud resource group that this +bucket and its service instance is associated with. +Optional, will be set based on the installed IBM Cloud resource group. | `resourceKeyCRN` | `string` -| resourceKeyCRN is the CRN of the IBM Cloud resource key that is created for the service instance. Commonly referred as a service credential and must contain HMAC type credentials. Optional, will be computed if not provided. +| resourceKeyCRN is the CRN of the IBM Cloud resource key that is created +for the service instance. Commonly referred as a service credential and +must contain HMAC type credentials. +Optional, will be computed if not provided. | `serviceInstanceCRN` | `string` -| serviceInstanceCRN is the CRN of the IBM Cloud Object Storage service instance that this bucket is associated with. Optional, will be computed if not provided. +| serviceInstanceCRN is the CRN of the IBM Cloud Object Storage service +instance that this bucket is associated with. +Optional, will be computed if not provided. |=== === .status.storage.oss @@ -2913,26 +3613,36 @@ Type:: | `bucket` | `string` -| Bucket is the bucket name in which you want to store the registry's data. About Bucket naming, more details you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/257087.htm) Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default will be autogenerated in the form of -image-registry-- +| Bucket is the bucket name in which you want to store the registry's data. +About Bucket naming, more details you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/257087.htm) +Empty value means no opinion and the platform chooses the a default, which is subject to change over time. +Currently the default will be autogenerated in the form of -image-registry-- | `encryption` | `object` -| Encryption specifies whether you would like your data encrypted on the server side. More details, you can look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm) +| Encryption specifies whether you would like your data encrypted on the server side. +More details, you can look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm) | `endpointAccessibility` | `string` -| EndpointAccessibility specifies whether the registry use the OSS VPC internal endpoint Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default is `Internal`. +| EndpointAccessibility specifies whether the registry use the OSS VPC internal endpoint +Empty value means no opinion and the platform chooses the a default, which is subject to change over time. +Currently the default is `Internal`. | `region` | `string` -| Region is the Alibaba Cloud Region in which your bucket exists. For a list of regions, you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/31837.html). Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default will be based on the installed Alibaba Cloud Region. +| Region is the Alibaba Cloud Region in which your bucket exists. +For a list of regions, you can look at the [official documentation](https://www.alibabacloud.com/help/doc-detail/31837.html). +Empty value means no opinion and the platform chooses the a default, which is subject to change over time. +Currently the default will be based on the installed Alibaba Cloud Region. |=== === .status.storage.oss.encryption Description:: + -- -Encryption specifies whether you would like your data encrypted on the server side. More details, you can look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm) +Encryption specifies whether you would like your data encrypted on the server side. +More details, you can look cat the [official documentation](https://www.alibabacloud.com/help/doc-detail/117914.htm) -- Type:: @@ -2951,7 +3661,9 @@ Type:: | `method` | `string` -| Method defines the different encrytion modes available Empty value means no opinion and the platform chooses the a default, which is subject to change over time. Currently the default is `AES256`. +| Method defines the different encrytion modes available +Empty value means no opinion and the platform chooses the a default, which is subject to change over time. +Currently the default is `AES256`. |=== === .status.storage.oss.encryption.kms @@ -3019,47 +3731,69 @@ Type:: | `bucket` | `string` -| bucket is the bucket name in which you want to store the registry's data. Optional, will be generated if not provided. +| bucket is the bucket name in which you want to store the registry's +data. +Optional, will be generated if not provided. | `chunkSizeMiB` | `integer` -| chunkSizeMiB defines the size of the multipart upload chunks of the S3 API. The S3 API requires multipart upload chunks to be at least 5MiB. When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is 10 MiB. The value is an integer number of MiB. The minimum value is 5 and the maximum value is 5120 (5 GiB). +| chunkSizeMiB defines the size of the multipart upload chunks of the S3 API. +The S3 API requires multipart upload chunks to be at least 5MiB. +When omitted, this means no opinion and the platform is left to choose a reasonable default, which is subject to change over time. +The current default value is 10 MiB. +The value is an integer number of MiB. +The minimum value is 5 and the maximum value is 5120 (5 GiB). | `cloudFront` | `object` -| cloudFront configures Amazon Cloudfront as the storage middleware in a registry. +| cloudFront configures Amazon Cloudfront as the storage middleware in a +registry. | `encrypt` | `boolean` -| encrypt specifies whether the registry stores the image in encrypted format or not. Optional, defaults to false. +| encrypt specifies whether the registry stores the image in encrypted +format or not. +Optional, defaults to false. | `keyID` | `string` -| keyID is the KMS key ID to use for encryption. Optional, Encrypt must be true, or this parameter is ignored. +| keyID is the KMS key ID to use for encryption. +Optional, Encrypt must be true, or this parameter is ignored. | `region` | `string` -| region is the AWS region in which your bucket exists. Optional, will be set based on the installed AWS Region. +| region is the AWS region in which your bucket exists. +Optional, will be set based on the installed AWS Region. | `regionEndpoint` | `string` -| regionEndpoint is the endpoint for S3 compatible storage services. It should be a valid URL with scheme, e.g. https://s3.example.com. Optional, defaults based on the Region that is provided. +| regionEndpoint is the endpoint for S3 compatible storage services. +It should be a valid URL with scheme, e.g. https://s3.example.com. +Optional, defaults based on the Region that is provided. | `trustedCA` | `object` -| trustedCA is a reference to a config map containing a CA bundle. The image registry and its operator use certificates from this bundle to verify S3 server certificates. - The namespace for the config map referenced by trustedCA is "openshift-config". The key for the bundle in the config map is "ca-bundle.crt". +| trustedCA is a reference to a config map containing a CA bundle. The +image registry and its operator use certificates from this bundle to +verify S3 server certificates. + +The namespace for the config map referenced by trustedCA is +"openshift-config". The key for the bundle in the config map is +"ca-bundle.crt". | `virtualHostedStyle` | `boolean` -| virtualHostedStyle enables using S3 virtual hosted style bucket paths with a custom RegionEndpoint Optional, defaults to false. +| virtualHostedStyle enables using S3 virtual hosted style bucket paths with +a custom RegionEndpoint +Optional, defaults to false. |=== === .status.storage.s3.cloudFront Description:: + -- -cloudFront configures Amazon Cloudfront as the storage middleware in a registry. +cloudFront configures Amazon Cloudfront as the storage middleware in a +registry. -- Type:: @@ -3118,7 +3852,11 @@ Required:: | `name` | `string` -| Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. +| Name of the referent. +This field is effectively required, but due to backwards compatibility is +allowed to be empty. Instances of this type with an empty value here are +almost certainly wrong. +More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names | `optional` | `boolean` @@ -3129,8 +3867,13 @@ Required:: Description:: + -- -trustedCA is a reference to a config map containing a CA bundle. The image registry and its operator use certificates from this bundle to verify S3 server certificates. - The namespace for the config map referenced by trustedCA is "openshift-config". The key for the bundle in the config map is "ca-bundle.crt". +trustedCA is a reference to a config map containing a CA bundle. The +image registry and its operator use certificates from this bundle to +verify S3 server certificates. + +The namespace for the config map referenced by trustedCA is +"openshift-config". The key for the bundle in the config map is +"ca-bundle.crt". -- Type:: @@ -3145,7 +3888,12 @@ Type:: | `name` | `string` -| name is the metadata.name of the referenced config map. This field must adhere to standard config map naming restrictions. The name must consist solely of alphanumeric characters, hyphens (-) and periods (.). It has a maximum length of 253 characters. If this field is not specified or is empty string, the default trust bundle will be used. +| name is the metadata.name of the referenced config map. +This field must adhere to standard config map naming restrictions. +The name must consist solely of alphanumeric characters, hyphens (-) +and periods (.). It has a maximum length of 253 characters. +If this field is not specified or is empty string, the default trust +bundle will be used. |=== === .status.storage.swift @@ -3175,7 +3923,8 @@ Type:: | `container` | `string` -| container defines the name of Swift container where to store the registry's data. +| container defines the name of Swift container where to store the +registry's data. | `domain` | `string` diff --git a/rest_api/operator_apis/imagepruner-imageregistry-operator-openshift-io-v1.adoc b/rest_api/operator_apis/imagepruner-imageregistry-operator-openshift-io-v1.adoc index 76678011fd..cb3bdf209f 100644 --- a/rest_api/operator_apis/imagepruner-imageregistry-operator-openshift-io-v1.adoc +++ b/rest_api/operator_apis/imagepruner-imageregistry-operator-openshift-io-v1.adoc @@ -11,8 +11,10 @@ toc::[] Description:: + -- -ImagePruner is the configuration object for an image registry pruner managed by the registry operator. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +ImagePruner is the configuration object for an image registry pruner +managed by the registry operator. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -73,28 +75,35 @@ Type:: | `failedJobsHistoryLimit` | `integer` -| failedJobsHistoryLimit specifies how many failed image pruner jobs to retain. Defaults to 3 if not set. +| failedJobsHistoryLimit specifies how many failed image pruner jobs to retain. +Defaults to 3 if not set. | `ignoreInvalidImageReferences` | `boolean` -| ignoreInvalidImageReferences indicates whether the pruner can ignore errors while parsing image references. +| ignoreInvalidImageReferences indicates whether the pruner can ignore +errors while parsing image references. | `keepTagRevisions` | `integer` -| keepTagRevisions specifies the number of image revisions for a tag in an image stream that will be preserved. Defaults to 3. +| keepTagRevisions specifies the number of image revisions for a tag in an image stream that will be preserved. +Defaults to 3. | `keepYoungerThan` | `integer` -| keepYoungerThan specifies the minimum age in nanoseconds of an image and its referrers for it to be considered a candidate for pruning. DEPRECATED: This field is deprecated in favor of keepYoungerThanDuration. If both are set, this field is ignored and keepYoungerThanDuration takes precedence. +| keepYoungerThan specifies the minimum age in nanoseconds of an image and its referrers for it to be considered a candidate for pruning. +DEPRECATED: This field is deprecated in favor of keepYoungerThanDuration. If both are set, this field is ignored and keepYoungerThanDuration takes precedence. | `keepYoungerThanDuration` | `string` -| keepYoungerThanDuration specifies the minimum age of an image and its referrers for it to be considered a candidate for pruning. Defaults to 60m (60 minutes). +| keepYoungerThanDuration specifies the minimum age of an image and its referrers for it to be considered a candidate for pruning. +Defaults to 60m (60 minutes). | `logLevel` | `string` -| logLevel sets the level of log output for the pruner job. - Valid values are: "Normal", "Debug", "Trace", "TraceAll". Defaults to "Normal". +| logLevel sets the level of log output for the pruner job. + +Valid values are: "Normal", "Debug", "Trace", "TraceAll". +Defaults to "Normal". | `nodeSelector` | `object (string)` @@ -106,15 +115,18 @@ Type:: | `schedule` | `string` -| schedule specifies when to execute the job using standard cronjob syntax: https://wikipedia.org/wiki/Cron. Defaults to `0 0 * * *`. +| schedule specifies when to execute the job using standard cronjob syntax: https://wikipedia.org/wiki/Cron. +Defaults to `0 0 * * *`. | `successfulJobsHistoryLimit` | `integer` -| successfulJobsHistoryLimit specifies how many successful image pruner jobs to retain. Defaults to 3 if not set. +| successfulJobsHistoryLimit specifies how many successful image pruner jobs to retain. +Defaults to 3 if not set. | `suspend` | `boolean` -| suspend specifies whether or not to suspend subsequent executions of this cronjob. Defaults to false. +| suspend specifies whether or not to suspend subsequent executions of this cronjob. +Defaults to false. | `tolerations` | `array` @@ -122,7 +134,8 @@ Type:: | `tolerations[]` | `object` -| The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +| The pod this Toleration is attached to tolerates any taint that matches +the triple using the matching operator . |=== === .spec.affinity @@ -174,22 +187,43 @@ Type:: | `preferredDuringSchedulingIgnoredDuringExecution` | `array` -| The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. +| The scheduler will prefer to schedule pods to nodes that satisfy +the affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node matches the corresponding matchExpressions; the +node(s) with the highest sum are the most preferred. | `preferredDuringSchedulingIgnoredDuringExecution[]` | `object` -| An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +| An empty preferred scheduling term matches all objects with implicit weight 0 +(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). | `requiredDuringSchedulingIgnoredDuringExecution` | `object` -| If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +| If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to an update), the system +may or may not try to eventually evict the pod from its node. |=== === .spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution Description:: + -- -The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. +The scheduler will prefer to schedule pods to nodes that satisfy +the affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node matches the corresponding matchExpressions; the +node(s) with the highest sum are the most preferred. -- Type:: @@ -202,7 +236,8 @@ Type:: Description:: + -- -An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +An empty preferred scheduling term matches all objects with implicit weight 0 +(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). -- Type:: @@ -250,7 +285,8 @@ Type:: | `matchExpressions[]` | `object` -| A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. | `matchFields` | `array` @@ -258,7 +294,8 @@ Type:: | `matchFields[]` | `object` -| A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. |=== === .spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[].preference.matchExpressions @@ -278,7 +315,8 @@ Type:: Description:: + -- -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. -- Type:: @@ -300,11 +338,16 @@ Required:: | `operator` | `string` -| Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +| Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. | `values` | `array (string)` -| An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +| An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch. |=== === .spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[].preference.matchFields @@ -324,7 +367,8 @@ Type:: Description:: + -- -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. -- Type:: @@ -346,18 +390,27 @@ Required:: | `operator` | `string` -| Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +| Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. | `values` | `array (string)` -| An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +| An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch. |=== === .spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution Description:: + -- -If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to an update), the system +may or may not try to eventually evict the pod from its node. -- Type:: @@ -378,7 +431,9 @@ Required:: | `nodeSelectorTerms[]` | `object` -| A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +| A null or empty node selector term matches no objects. The requirements of +them are ANDed. +The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. |=== === .spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms @@ -398,7 +453,9 @@ Type:: Description:: + -- -A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +A null or empty node selector term matches no objects. The requirements of +them are ANDed. +The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. -- Type:: @@ -417,7 +474,8 @@ Type:: | `matchExpressions[]` | `object` -| A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. | `matchFields` | `array` @@ -425,7 +483,8 @@ Type:: | `matchFields[]` | `object` -| A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. |=== === .spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchExpressions @@ -445,7 +504,8 @@ Type:: Description:: + -- -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. -- Type:: @@ -467,11 +527,16 @@ Required:: | `operator` | `string` -| Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +| Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. | `values` | `array (string)` -| An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +| An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch. |=== === .spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchFields @@ -491,7 +556,8 @@ Type:: Description:: + -- -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A node selector requirement is a selector that contains values, a key, and an operator +that relates the key and values. -- Type:: @@ -513,11 +579,16 @@ Required:: | `operator` | `string` -| Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. +| Represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. | `values` | `array (string)` -| An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. +| An array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. If the operator is Gt or Lt, the values +array must have a single element, which will be interpreted as an integer. +This array is replaced during a strategic merge patch. |=== === .spec.affinity.podAffinity @@ -539,7 +610,15 @@ Type:: | `preferredDuringSchedulingIgnoredDuringExecution` | `array` -| The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. +| The scheduler will prefer to schedule pods to nodes that satisfy +the affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the +node(s) with the highest sum are the most preferred. | `preferredDuringSchedulingIgnoredDuringExecution[]` | `object` @@ -547,18 +626,37 @@ Type:: | `requiredDuringSchedulingIgnoredDuringExecution` | `array` -| If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. +| If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to a pod label update), the +system may or may not try to eventually evict the pod from its node. +When there are multiple elements, the lists of nodes corresponding to each +podAffinityTerm are intersected, i.e. all terms must be satisfied. | `requiredDuringSchedulingIgnoredDuringExecution[]` | `object` -| Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +| Defines a set of pods (namely those matching the labelSelector +relative to the given namespace(s)) that this pod should be +co-located (affinity) or not co-located (anti-affinity) with, +where co-located is defined as running on a node whose value of +the label with key matches that of any node on which +a pod of the set of pods is running |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution Description:: + -- -The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. +The scheduler will prefer to schedule pods to nodes that satisfy +the affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the +node(s) with the highest sum are the most preferred. -- Type:: @@ -593,7 +691,8 @@ Required:: | `weight` | `integer` -| weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +| weight associated with matching the corresponding podAffinityTerm, +in the range 1-100. |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm @@ -617,34 +716,63 @@ Required:: | `labelSelector` | `object` -| A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +| A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. | `matchLabelKeys` | `array (string)` -| MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both matchLabelKeys and labelSelector. +Also, matchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `mismatchLabelKeys` | `array (string)` -| MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. +Also, mismatchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `namespaceSelector` | `object` -| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +| A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. | `namespaces` | `array (string)` -| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". +| namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace". | `topologyKey` | `string` -| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed. |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.labelSelector Description:: + -- -A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. -- Type:: @@ -663,11 +791,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.labelSelector.matchExpressions @@ -687,7 +818,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -709,18 +841,26 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector Description:: + -- -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. -- Type:: @@ -739,11 +879,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector.matchExpressions @@ -763,7 +906,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -785,18 +929,28 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution Description:: + -- -If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. +If the affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to a pod label update), the +system may or may not try to eventually evict the pod from its node. +When there are multiple elements, the lists of nodes corresponding to each +podAffinityTerm are intersected, i.e. all terms must be satisfied. -- Type:: @@ -809,7 +963,12 @@ Type:: Description:: + -- -Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +Defines a set of pods (namely those matching the labelSelector +relative to the given namespace(s)) that this pod should be +co-located (affinity) or not co-located (anti-affinity) with, +where co-located is defined as running on a node whose value of +the label with key matches that of any node on which +a pod of the set of pods is running -- Type:: @@ -826,34 +985,63 @@ Required:: | `labelSelector` | `object` -| A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +| A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. | `matchLabelKeys` | `array (string)` -| MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both matchLabelKeys and labelSelector. +Also, matchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `mismatchLabelKeys` | `array (string)` -| MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. +Also, mismatchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `namespaceSelector` | `object` -| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +| A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. | `namespaces` | `array (string)` -| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". +| namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace". | `topologyKey` | `string` -| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed. |=== === .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].labelSelector Description:: + -- -A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. -- Type:: @@ -872,11 +1060,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].labelSelector.matchExpressions @@ -896,7 +1087,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -918,18 +1110,26 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector Description:: + -- -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. -- Type:: @@ -948,11 +1148,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector.matchExpressions @@ -972,7 +1175,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -994,11 +1198,15 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAntiAffinity @@ -1020,7 +1228,15 @@ Type:: | `preferredDuringSchedulingIgnoredDuringExecution` | `array` -| The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. +| The scheduler will prefer to schedule pods to nodes that satisfy +the anti-affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling anti-affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the +node(s) with the highest sum are the most preferred. | `preferredDuringSchedulingIgnoredDuringExecution[]` | `object` @@ -1028,18 +1244,37 @@ Type:: | `requiredDuringSchedulingIgnoredDuringExecution` | `array` -| If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. +| If the anti-affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the anti-affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to a pod label update), the +system may or may not try to eventually evict the pod from its node. +When there are multiple elements, the lists of nodes corresponding to each +podAffinityTerm are intersected, i.e. all terms must be satisfied. | `requiredDuringSchedulingIgnoredDuringExecution[]` | `object` -| Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +| Defines a set of pods (namely those matching the labelSelector +relative to the given namespace(s)) that this pod should be +co-located (affinity) or not co-located (anti-affinity) with, +where co-located is defined as running on a node whose value of +the label with key matches that of any node on which +a pod of the set of pods is running |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution Description:: + -- -The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. +The scheduler will prefer to schedule pods to nodes that satisfy +the anti-affinity expressions specified by this field, but it may choose +a node that violates one or more of the expressions. The node that is +most preferred is the one with the greatest sum of weights, i.e. +for each node that meets all of the scheduling requirements (resource +request, requiredDuringScheduling anti-affinity expressions, etc.), +compute a sum by iterating through the elements of this field and adding +"weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the +node(s) with the highest sum are the most preferred. -- Type:: @@ -1074,7 +1309,8 @@ Required:: | `weight` | `integer` -| weight associated with matching the corresponding podAffinityTerm, in the range 1-100. +| weight associated with matching the corresponding podAffinityTerm, +in the range 1-100. |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm @@ -1098,34 +1334,63 @@ Required:: | `labelSelector` | `object` -| A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +| A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. | `matchLabelKeys` | `array (string)` -| MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both matchLabelKeys and labelSelector. +Also, matchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `mismatchLabelKeys` | `array (string)` -| MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. +Also, mismatchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `namespaceSelector` | `object` -| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +| A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. | `namespaces` | `array (string)` -| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". +| namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace". | `topologyKey` | `string` -| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed. |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.labelSelector Description:: + -- -A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. -- Type:: @@ -1144,11 +1409,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.labelSelector.matchExpressions @@ -1168,7 +1436,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -1190,18 +1459,26 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector Description:: + -- -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. -- Type:: @@ -1220,11 +1497,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[].podAffinityTerm.namespaceSelector.matchExpressions @@ -1244,7 +1524,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -1266,18 +1547,28 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution Description:: + -- -If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. +If the anti-affinity requirements specified by this field are not met at +scheduling time, the pod will not be scheduled onto the node. +If the anti-affinity requirements specified by this field cease to be met +at some point during pod execution (e.g. due to a pod label update), the +system may or may not try to eventually evict the pod from its node. +When there are multiple elements, the lists of nodes corresponding to each +podAffinityTerm are intersected, i.e. all terms must be satisfied. -- Type:: @@ -1290,7 +1581,12 @@ Type:: Description:: + -- -Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +Defines a set of pods (namely those matching the labelSelector +relative to the given namespace(s)) that this pod should be +co-located (affinity) or not co-located (anti-affinity) with, +where co-located is defined as running on a node whose value of +the label with key matches that of any node on which +a pod of the set of pods is running -- Type:: @@ -1307,34 +1603,63 @@ Required:: | `labelSelector` | `object` -| A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +| A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. | `matchLabelKeys` | `array (string)` -| MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both matchLabelKeys and labelSelector. +Also, matchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `mismatchLabelKeys` | `array (string)` -| MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. +| MismatchLabelKeys is a set of pod label keys to select which pods will +be taken into consideration. The keys are used to lookup values from the +incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` +to select the group of existing pods which pods will be taken into consideration +for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming +pod labels will be ignored. The default value is empty. +The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. +Also, mismatchLabelKeys cannot be set when labelSelector isn't set. +This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default). | `namespaceSelector` | `object` -| A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +| A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. | `namespaces` | `array (string)` -| namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". +| namespaces specifies a static list of namespace names that the term applies to. +The term is applied to the union of the namespaces listed in this field +and the ones selected by namespaceSelector. +null or empty namespaces list and null namespaceSelector means "this pod's namespace". | `topologyKey` | `string` -| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. +| This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching +the labelSelector in the specified namespaces, where co-located is defined as running on a node +whose value of the label with key topologyKey matches that of any node on which any of the +selected pods is running. +Empty topologyKey is not allowed. |=== === .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].labelSelector Description:: + -- -A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. +A label query over a set of resources, in this case pods. +If it's null, this PodAffinityTerm matches with no Pods. -- Type:: @@ -1353,11 +1678,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].labelSelector.matchExpressions @@ -1377,7 +1705,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -1399,18 +1728,26 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector Description:: + -- -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. +A label query over the set of namespaces that the term applies to. +The term is applied to the union of the namespaces selected by this field +and the ones listed in the namespaces field. +null selector and null or empty namespaces list means "this pod's namespace". +An empty selector ({}) matches all namespaces. -- Type:: @@ -1429,11 +1766,14 @@ Type:: | `matchExpressions[]` | `object` -| A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +| A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. | `matchLabels` | `object (string)` -| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. +| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels +map is equivalent to an element of matchExpressions, whose key field is "key", the +operator is "In", and the values array contains only "value". The requirements are ANDed. |=== === .spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].namespaceSelector.matchExpressions @@ -1453,7 +1793,8 @@ Type:: Description:: + -- -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +A label selector requirement is a selector that contains values, a key, and an operator that +relates the key and values. -- Type:: @@ -1475,11 +1816,15 @@ Required:: | `operator` | `string` -| operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. +| operator represents a key's relationship to a set of values. +Valid operators are In, NotIn, Exists and DoesNotExist. | `values` | `array (string)` -| values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. +| values is an array of string values. If the operator is In or NotIn, +the values array must be non-empty. If the operator is Exists or DoesNotExist, +the values array must be empty. This array is replaced during a strategic +merge patch. |=== === .spec.resources @@ -1501,9 +1846,13 @@ Type:: | `claims` | `array` -| Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. +| Claims lists the names of resources, defined in spec.resourceClaims, +that are used by this container. + +This is an alpha field and requires enabling the +DynamicResourceAllocation feature gate. + +This field is immutable. It can only be set for containers. | `claims[]` | `object` @@ -1511,20 +1860,28 @@ Type:: | `limits` | `integer-or-string` -| Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +| Limits describes the maximum amount of compute resources allowed. +More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | `requests` | `integer-or-string` -| Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ +| Requests describes the minimum amount of compute resources required. +If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, +otherwise to an implementation-defined value. Requests cannot exceed Limits. +More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |=== === .spec.resources.claims Description:: + -- -Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. - This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. +Claims lists the names of resources, defined in spec.resourceClaims, +that are used by this container. + +This is an alpha field and requires enabling the +DynamicResourceAllocation feature gate. + +This field is immutable. It can only be set for containers. -- Type:: @@ -1554,7 +1911,15 @@ Required:: | `name` | `string` -| Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. +| Name must match the name of one entry in pod.spec.resourceClaims of +the Pod where this field is used. It makes that resource available +inside a container. + +| `request` +| `string` +| Request is the name chosen for a request in the referenced claim. +If empty, everything from the claim is made available, otherwise +only the result of this request. |=== === .spec.tolerations @@ -1574,7 +1939,8 @@ Type:: Description:: + -- -The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +The pod this Toleration is attached to tolerates any taint that matches +the triple using the matching operator . -- Type:: @@ -1589,23 +1955,32 @@ Type:: | `effect` | `string` -| Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. +| Effect indicates the taint effect to match. Empty means match all taint effects. +When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. | `key` | `string` -| Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. +| Key is the taint key that the toleration applies to. Empty means match all taint keys. +If the key is empty, operator must be Exists; this combination means to match all values and all keys. | `operator` | `string` -| Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. +| Operator represents a key's relationship to the value. +Valid operators are Exists and Equal. Defaults to Equal. +Exists is equivalent to wildcard for value, so that a pod can +tolerate all taints of a particular category. | `tolerationSeconds` | `integer` -| TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. +| TolerationSeconds represents the period of time the toleration (which must be +of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, +it is not set, which means tolerate the taint forever (do not evict). Zero and +negative values will be treated as 0 (evict immediately) by the system. | `value` | `string` -| Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. +| Value is the taint value the toleration matches to. +If the operator is Exists, the value should be empty, otherwise just a regular string. |=== === .status @@ -1662,6 +2037,8 @@ Type:: `object` Required:: + - `lastTransitionTime` + - `status` - `type` @@ -1672,7 +2049,8 @@ Required:: | `lastTransitionTime` | `string` -| +| lastTransitionTime is the last time the condition transitioned from one status to another. +This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. | `message` | `string` @@ -1684,11 +2062,11 @@ Required:: | `status` | `string` -| +| status of the condition, one of True, False, Unknown. | `type` | `string` -| +| type of condition in CamelCase or in foo.example.com/CamelCase. |=== diff --git a/rest_api/operator_apis/kubestorageversionmigrator-operator-openshift-io-v1.adoc b/rest_api/operator_apis/kubestorageversionmigrator-operator-openshift-io-v1.adoc index 3d404c15ed..38f50a1b52 100644 --- a/rest_api/operator_apis/kubestorageversionmigrator-operator-openshift-io-v1.adoc +++ b/rest_api/operator_apis/kubestorageversionmigrator-operator-openshift-io-v1.adoc @@ -11,8 +11,9 @@ toc::[] Description:: + -- -KubeStorageVersionMigrator provides information to configure an operator to manage kube-storage-version-migrator. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +KubeStorageVersionMigrator provides information to configure an operator to manage kube-storage-version-migrator. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -68,8 +69,11 @@ Type:: | `logLevel` | `string` -| logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. - Valid values are: "Normal", "Debug", "Trace", "TraceAll". Defaults to "Normal". +| logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a +simple way to manage coarse grained logging choices that operators have to interpret for their operands. + +Valid values are: "Normal", "Debug", "Trace", "TraceAll". +Defaults to "Normal". | `managementState` | `string` @@ -77,16 +81,24 @@ Type:: | `observedConfig` | `` -| observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator +| observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because +it is an input to the level for the operator | `operatorLogLevel` | `string` -| operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. - Valid values are: "Normal", "Debug", "Trace", "TraceAll". Defaults to "Normal". +| operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a +simple way to manage coarse grained logging choices that operators have to interpret for themselves. + +Valid values are: "Normal", "Debug", "Trace", "TraceAll". +Defaults to "Normal". | `unsupportedConfigOverrides` | `` -| unsupportedConfigOverrides overrides the final configuration that was computed by the operator. Red Hat does not support the use of this field. Misuse of this field could lead to unexpected behavior or conflict with other configuration options. Seek guidance from the Red Hat support before using this field. Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. +| unsupportedConfigOverrides overrides the final configuration that was computed by the operator. +Red Hat does not support the use of this field. +Misuse of this field could lead to unexpected behavior or conflict with other configuration options. +Seek guidance from the Red Hat support before using this field. +Use of this property blocks cluster upgrades, it must be removed before upgrading your cluster. |=== === .status @@ -122,6 +134,10 @@ Type:: | `object` | GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. +| `latestAvailableRevision` +| `integer` +| latestAvailableRevision is the deploymentID of the most recent deployment + | `observedGeneration` | `integer` | observedGeneration is the last generation change you've dealt with @@ -159,6 +175,8 @@ Type:: `object` Required:: + - `lastTransitionTime` + - `status` - `type` @@ -169,7 +187,8 @@ Required:: | `lastTransitionTime` | `string` -| +| lastTransitionTime is the last time the condition transitioned from one status to another. +This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. | `message` | `string` @@ -181,11 +200,11 @@ Required:: | `status` | `string` -| +| status of the condition, one of True, False, Unknown. | `type` | `string` -| +| type of condition in CamelCase or in foo.example.com/CamelCase. |=== === .status.generations @@ -211,6 +230,11 @@ GenerationStatus keeps track of the generation for a given resource so that deci Type:: `object` +Required:: + - `group` + - `name` + - `namespace` + - `resource` diff --git a/rest_api/operator_apis/operator-apis-index.adoc b/rest_api/operator_apis/operator-apis-index.adoc index d0e3365978..56fb6dc6b0 100644 --- a/rest_api/operator_apis/operator-apis-index.adoc +++ b/rest_api/operator_apis/operator-apis-index.adoc @@ -79,8 +79,10 @@ Type:: Description:: + -- -Config is the configuration object for a registry instance managed by the registry operator - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +Config is the configuration object for a registry instance managed by +the registry operator + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -177,8 +179,10 @@ Type:: Description:: + -- -ImagePruner is the configuration object for an image registry pruner managed by the registry operator. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +ImagePruner is the configuration object for an image registry pruner +managed by the registry operator. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type:: @@ -265,8 +269,9 @@ Type:: Description:: + -- -KubeStorageVersionMigrator provides information to configure an operator to manage kube-storage-version-migrator. - Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). +KubeStorageVersionMigrator provides information to configure an operator to manage kube-storage-version-migrator. + +Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). -- Type::