The Cloud Engineering Summit replay is available! See all your favorite talks, on demand. Watch Now

Module types/output

This page documents the language specification for the kubernetes package. If you're looking for help working with the inputs, outputs, or functions of kubernetes resources in a Pulumi program, please see the resource documentation for examples and API reference.

namespace admissionregistration.v1

namespace admissionregistration.v1beta1

namespace apiextensions.v1

namespace apiextensions.v1beta1

namespace apiregistration.v1

namespace apiregistration.v1beta1

namespace apps.v1

namespace apps.v1beta1

namespace apps.v1beta2

namespace auditregistration.v1alpha1

namespace authentication.v1

namespace authentication.v1beta1

namespace authorization.v1

namespace authorization.v1beta1

namespace autoscaling.v1

namespace autoscaling.v2beta1

namespace autoscaling.v2beta2

namespace batch.v1

namespace batch.v1beta1

namespace batch.v2alpha1

namespace certificates.v1

namespace certificates.v1beta1

namespace coordination.v1

namespace coordination.v1beta1

namespace core.v1

namespace discovery.v1beta1

namespace events.v1

namespace events.v1beta1

namespace extensions.v1beta1

namespace flowcontrol.v1alpha1

namespace meta.v1

namespace networking.v1

namespace networking.v1beta1

namespace node.v1alpha1

namespace node.v1beta1

namespace policy.v1beta1

namespace rbac.v1

namespace rbac.v1alpha1

namespace rbac.v1beta1

namespace scheduling.v1

namespace scheduling.v1alpha1

namespace scheduling.v1beta1

namespace settings.v1alpha1

namespace storage.v1

namespace storage.v1alpha1

namespace storage.v1beta1

namespace admissionregistration.v1

interface MutatingWebhook

interface MutatingWebhook

MutatingWebhook describes an admission webhook and the resources and operations it applies to.

property admissionReviewVersions

admissionReviewVersions: string[];

AdmissionReviewVersions is an ordered list of preferred AdmissionReview versions the Webhook expects. API server will try to use first version in the list which it supports. If none of the versions specified in this list supported by API server, validation will fail for this object. If a persisted webhook configuration specifies allowed versions and does not include any versions known to the API Server, calls to the webhook will fail and be subject to the failure policy.

property clientConfig

clientConfig: WebhookClientConfig;

ClientConfig defines how to communicate with the hook. Required

property failurePolicy

failurePolicy: string;

FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Fail.

property matchPolicy

matchPolicy: string;

matchPolicy defines how the “rules” list is used to match incoming requests. Allowed values are “Exact” or “Equivalent”.

  • Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but “rules” only included apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"], a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.

  • Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and “rules” only included apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"], a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.

Defaults to “Equivalent”

property name

name: string;

The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where “imagepolicy” is the name of the webhook, and kubernetes.io is the name of the organization. Required.

property namespaceSelector

namespaceSelector: LabelSelector;

NamespaceSelector decides whether to run the webhook on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the webhook.

For example, to run the webhook on any objects whose namespace is not associated with “runlevel” of “0” or “1”; you will set the selector as follows: “namespaceSelector”: { “matchExpressions”: [ { “key”: “runlevel”, “operator”: “NotIn”, “values”: [ “0”, “1” ] } ] }

If instead you want to only run the webhook on any objects whose namespace is associated with the “environment” of “prod” or “staging”; you will set the selector as follows: “namespaceSelector”: { “matchExpressions”: [ { “key”: “environment”, “operator”: “In”, “values”: [ “prod”, “staging” ] } ] }

See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ for more examples of label selectors.

Default to the empty LabelSelector, which matches everything.

property objectSelector

objectSelector: LabelSelector;

ObjectSelector decides whether to run the webhook based on if the object has matching labels. objectSelector is evaluated against both the oldObject and newObject that would be sent to the webhook, and is considered to match if either object matches the selector. A null object (oldObject in the case of create, or newObject in the case of delete) or an object that cannot have labels (like a DeploymentRollback or a PodProxyOptions object) is not considered to match. Use the object selector only if the webhook is opt-in, because end users may skip the admission webhook by setting the labels. Default to the empty LabelSelector, which matches everything.

property reinvocationPolicy

reinvocationPolicy: string;

reinvocationPolicy indicates whether this webhook should be called multiple times as part of a single admission evaluation. Allowed values are “Never” and “IfNeeded”.

Never: the webhook will not be called more than once in a single admission evaluation.

IfNeeded: the webhook will be called at least one additional time as part of the admission evaluation if the object being admitted is modified by other admission plugins after the initial webhook call. Webhooks that specify this option must be idempotent, able to process objects they previously admitted. Note: * the number of additional invocations is not guaranteed to be exactly one. * if additional invocations result in further modifications to the object, webhooks are not guaranteed to be invoked again. * webhooks that use this option may be reordered to minimize the number of additional invocations. * to validate an object after all mutations are guaranteed complete, use a validating admission webhook instead.

Defaults to “Never”.

property rules

rules: RuleWithOperations[];

Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches any Rule. However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks from putting the cluster in a state which cannot be recovered from without completely disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.

property sideEffects

sideEffects: string;

SideEffects states whether this webhook has side effects. Acceptable values are: None, NoneOnDryRun (webhooks created via v1beta1 may also specify Some or Unknown). Webhooks with side effects MUST implement a reconciliation system, since a request may be rejected by a future step in the admission change and the side effects therefore need to be undone. Requests with the dryRun attribute will be auto-rejected if they match a webhook with sideEffects == Unknown or Some.

property timeoutSeconds

timeoutSeconds: number;

TimeoutSeconds specifies the timeout for this webhook. After the timeout passes, the webhook call will be ignored or the API call will fail based on the failure policy. The timeout value must be between 1 and 30 seconds. Default to 10 seconds.

interface MutatingWebhookConfiguration

interface MutatingWebhookConfiguration

MutatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and may change the object.

property apiVersion

apiVersion: "admissionregistration.k8s.io/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "MutatingWebhookConfiguration";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.

property webhooks

webhooks: MutatingWebhook[];

Webhooks is a list of webhooks and the affected resources and operations.

interface RuleWithOperations

interface RuleWithOperations

RuleWithOperations is a tuple of Operations and Resources. It is recommended to make sure that all the tuple expansions are valid.

property apiGroups

apiGroups: string[];

APIGroups is the API groups the resources belong to. ‘’ is all groups. If ‘’ is present, the length of the slice must be one. Required.

property apiVersions

apiVersions: string[];

APIVersions is the API versions the resources belong to. ‘’ is all versions. If ‘’ is present, the length of the slice must be one. Required.

property operations

operations: string[];

Operations is the operations the admission hook cares about - CREATE, UPDATE, DELETE, CONNECT or * for all of those operations and any future admission operations that are added. If ‘*’ is present, the length of the slice must be one. Required.

property resources

resources: string[];

Resources is a list of resources this rule applies to.

For example: ‘pods’ means pods. ‘pods/log’ means the log subresource of pods. ‘’ means all resources, but not subresources. ‘pods/’ means all subresources of pods. ‘/scale’ means all scale subresources. ‘/*’ means all resources and their subresources.

If wildcard is present, the validation rule will ensure resources do not overlap with each other.

Depending on the enclosing object, subresources might not be allowed. Required.

property scope

scope: string;

scope specifies the scope of this rule. Valid values are “Cluster”, “Namespaced”, and “” “Cluster” means that only cluster-scoped resources will match this rule. Namespace API objects are cluster-scoped. “Namespaced” means that only namespaced resources will match this rule. “” means that there are no scope restrictions. Subresources match the scope of their parent resource. Default is “*“.

interface ServiceReference

interface ServiceReference

ServiceReference holds a reference to Service.legacy.k8s.io

property name

name: string;

name is the name of the service. Required

property namespace

namespace: string;

namespace is the namespace of the service. Required

property path

path: string;

path is an optional URL path which will be sent in any request to this service.

property port

port: number;

If specified, the port on the service that hosting webhook. Default to 443 for backward compatibility. port should be a valid port number (1-65535, inclusive).

interface ValidatingWebhook

interface ValidatingWebhook

ValidatingWebhook describes an admission webhook and the resources and operations it applies to.

property admissionReviewVersions

admissionReviewVersions: string[];

AdmissionReviewVersions is an ordered list of preferred AdmissionReview versions the Webhook expects. API server will try to use first version in the list which it supports. If none of the versions specified in this list supported by API server, validation will fail for this object. If a persisted webhook configuration specifies allowed versions and does not include any versions known to the API Server, calls to the webhook will fail and be subject to the failure policy.

property clientConfig

clientConfig: WebhookClientConfig;

ClientConfig defines how to communicate with the hook. Required

property failurePolicy

failurePolicy: string;

FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Fail.

property matchPolicy

matchPolicy: string;

matchPolicy defines how the “rules” list is used to match incoming requests. Allowed values are “Exact” or “Equivalent”.

  • Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but “rules” only included apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"], a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.

  • Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and “rules” only included apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"], a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.

Defaults to “Equivalent”

property name

name: string;

The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where “imagepolicy” is the name of the webhook, and kubernetes.io is the name of the organization. Required.

property namespaceSelector

namespaceSelector: LabelSelector;

NamespaceSelector decides whether to run the webhook on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the webhook.

For example, to run the webhook on any objects whose namespace is not associated with “runlevel” of “0” or “1”; you will set the selector as follows: “namespaceSelector”: { “matchExpressions”: [ { “key”: “runlevel”, “operator”: “NotIn”, “values”: [ “0”, “1” ] } ] }

If instead you want to only run the webhook on any objects whose namespace is associated with the “environment” of “prod” or “staging”; you will set the selector as follows: “namespaceSelector”: { “matchExpressions”: [ { “key”: “environment”, “operator”: “In”, “values”: [ “prod”, “staging” ] } ] }

See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels for more examples of label selectors.

Default to the empty LabelSelector, which matches everything.

property objectSelector

objectSelector: LabelSelector;

ObjectSelector decides whether to run the webhook based on if the object has matching labels. objectSelector is evaluated against both the oldObject and newObject that would be sent to the webhook, and is considered to match if either object matches the selector. A null object (oldObject in the case of create, or newObject in the case of delete) or an object that cannot have labels (like a DeploymentRollback or a PodProxyOptions object) is not considered to match. Use the object selector only if the webhook is opt-in, because end users may skip the admission webhook by setting the labels. Default to the empty LabelSelector, which matches everything.

property rules

rules: RuleWithOperations[];

Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches any Rule. However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks from putting the cluster in a state which cannot be recovered from without completely disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.

property sideEffects

sideEffects: string;

SideEffects states whether this webhook has side effects. Acceptable values are: None, NoneOnDryRun (webhooks created via v1beta1 may also specify Some or Unknown). Webhooks with side effects MUST implement a reconciliation system, since a request may be rejected by a future step in the admission change and the side effects therefore need to be undone. Requests with the dryRun attribute will be auto-rejected if they match a webhook with sideEffects == Unknown or Some.

property timeoutSeconds

timeoutSeconds: number;

TimeoutSeconds specifies the timeout for this webhook. After the timeout passes, the webhook call will be ignored or the API call will fail based on the failure policy. The timeout value must be between 1 and 30 seconds. Default to 10 seconds.

interface ValidatingWebhookConfiguration

interface ValidatingWebhookConfiguration

ValidatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and object without changing it.

property apiVersion

apiVersion: "admissionregistration.k8s.io/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "ValidatingWebhookConfiguration";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.

property webhooks

webhooks: ValidatingWebhook[];

Webhooks is a list of webhooks and the affected resources and operations.

interface WebhookClientConfig

interface WebhookClientConfig

WebhookClientConfig contains the information to make a TLS connection with the webhook

property caBundle

caBundle: string;

caBundle is a PEM encoded CA bundle which will be used to validate the webhook’s server certificate. If unspecified, system trust roots on the apiserver are used.

property service

service: ServiceReference;

service is a reference to the service for this webhook. Either service or url must be specified.

If the webhook is running within the cluster, then you should use service.

property url

url: string;

url gives the location of the webhook, in standard URL form (scheme://host:port/path). Exactly one of url or service must be specified.

The host should not refer to a service running in the cluster; use the service field instead. The host might be resolved via external DNS in some apiservers (e.g., kube-apiserver cannot resolve in-cluster DNS as that would be a layering violation). host may also be an IP address.

Please note that using localhost or 127.0.0.1 as a host is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.

The scheme must be “https”; the URL must begin with “https://“.

A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.

Attempting to use a user or basic auth e.g. “user:password@” is not allowed. Fragments (“#…”) and query parameters (“?…”) are not allowed, either.

namespace admissionregistration.v1beta1

interface MutatingWebhook

interface MutatingWebhook

MutatingWebhook describes an admission webhook and the resources and operations it applies to.

property admissionReviewVersions

admissionReviewVersions: string[];

AdmissionReviewVersions is an ordered list of preferred AdmissionReview versions the Webhook expects. API server will try to use first version in the list which it supports. If none of the versions specified in this list supported by API server, validation will fail for this object. If a persisted webhook configuration specifies allowed versions and does not include any versions known to the API Server, calls to the webhook will fail and be subject to the failure policy. Default to ['v1beta1'].

property clientConfig

clientConfig: WebhookClientConfig;

ClientConfig defines how to communicate with the hook. Required

property failurePolicy

failurePolicy: string;

FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Ignore.

property matchPolicy

matchPolicy: string;

matchPolicy defines how the “rules” list is used to match incoming requests. Allowed values are “Exact” or “Equivalent”.

  • Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but “rules” only included apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"], a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.

  • Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and “rules” only included apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"], a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.

Defaults to “Exact”

property name

name: string;

The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where “imagepolicy” is the name of the webhook, and kubernetes.io is the name of the organization. Required.

property namespaceSelector

namespaceSelector: LabelSelector;

NamespaceSelector decides whether to run the webhook on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the webhook.

For example, to run the webhook on any objects whose namespace is not associated with “runlevel” of “0” or “1”; you will set the selector as follows: “namespaceSelector”: { “matchExpressions”: [ { “key”: “runlevel”, “operator”: “NotIn”, “values”: [ “0”, “1” ] } ] }

If instead you want to only run the webhook on any objects whose namespace is associated with the “environment” of “prod” or “staging”; you will set the selector as follows: “namespaceSelector”: { “matchExpressions”: [ { “key”: “environment”, “operator”: “In”, “values”: [ “prod”, “staging” ] } ] }

See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ for more examples of label selectors.

Default to the empty LabelSelector, which matches everything.

property objectSelector

objectSelector: LabelSelector;

ObjectSelector decides whether to run the webhook based on if the object has matching labels. objectSelector is evaluated against both the oldObject and newObject that would be sent to the webhook, and is considered to match if either object matches the selector. A null object (oldObject in the case of create, or newObject in the case of delete) or an object that cannot have labels (like a DeploymentRollback or a PodProxyOptions object) is not considered to match. Use the object selector only if the webhook is opt-in, because end users may skip the admission webhook by setting the labels. Default to the empty LabelSelector, which matches everything.

property reinvocationPolicy

reinvocationPolicy: string;

reinvocationPolicy indicates whether this webhook should be called multiple times as part of a single admission evaluation. Allowed values are “Never” and “IfNeeded”.

Never: the webhook will not be called more than once in a single admission evaluation.

IfNeeded: the webhook will be called at least one additional time as part of the admission evaluation if the object being admitted is modified by other admission plugins after the initial webhook call. Webhooks that specify this option must be idempotent, able to process objects they previously admitted. Note: * the number of additional invocations is not guaranteed to be exactly one. * if additional invocations result in further modifications to the object, webhooks are not guaranteed to be invoked again. * webhooks that use this option may be reordered to minimize the number of additional invocations. * to validate an object after all mutations are guaranteed complete, use a validating admission webhook instead.

Defaults to “Never”.

property rules

rules: RuleWithOperations[];

Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches any Rule. However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks from putting the cluster in a state which cannot be recovered from without completely disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.

property sideEffects

sideEffects: string;

SideEffects states whether this webhook has side effects. Acceptable values are: Unknown, None, Some, NoneOnDryRun Webhooks with side effects MUST implement a reconciliation system, since a request may be rejected by a future step in the admission change and the side effects therefore need to be undone. Requests with the dryRun attribute will be auto-rejected if they match a webhook with sideEffects == Unknown or Some. Defaults to Unknown.

property timeoutSeconds

timeoutSeconds: number;

TimeoutSeconds specifies the timeout for this webhook. After the timeout passes, the webhook call will be ignored or the API call will fail based on the failure policy. The timeout value must be between 1 and 30 seconds. Default to 30 seconds.

interface MutatingWebhookConfiguration

interface MutatingWebhookConfiguration

MutatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and may change the object. Deprecated in v1.16, planned for removal in v1.19. Use admissionregistration.k8s.io/v1 MutatingWebhookConfiguration instead.

property apiVersion

apiVersion: "admissionregistration.k8s.io/v1beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "MutatingWebhookConfiguration";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.

property webhooks

webhooks: MutatingWebhook[];

Webhooks is a list of webhooks and the affected resources and operations.

interface RuleWithOperations

interface RuleWithOperations

RuleWithOperations is a tuple of Operations and Resources. It is recommended to make sure that all the tuple expansions are valid.

property apiGroups

apiGroups: string[];

APIGroups is the API groups the resources belong to. ‘’ is all groups. If ‘’ is present, the length of the slice must be one. Required.

property apiVersions

apiVersions: string[];

APIVersions is the API versions the resources belong to. ‘’ is all versions. If ‘’ is present, the length of the slice must be one. Required.

property operations

operations: string[];

Operations is the operations the admission hook cares about - CREATE, UPDATE, DELETE, CONNECT or * for all of those operations and any future admission operations that are added. If ‘*’ is present, the length of the slice must be one. Required.

property resources

resources: string[];

Resources is a list of resources this rule applies to.

For example: ‘pods’ means pods. ‘pods/log’ means the log subresource of pods. ‘’ means all resources, but not subresources. ‘pods/’ means all subresources of pods. ‘/scale’ means all scale subresources. ‘/*’ means all resources and their subresources.

If wildcard is present, the validation rule will ensure resources do not overlap with each other.

Depending on the enclosing object, subresources might not be allowed. Required.

property scope

scope: string;

scope specifies the scope of this rule. Valid values are “Cluster”, “Namespaced”, and “” “Cluster” means that only cluster-scoped resources will match this rule. Namespace API objects are cluster-scoped. “Namespaced” means that only namespaced resources will match this rule. “” means that there are no scope restrictions. Subresources match the scope of their parent resource. Default is “*“.

interface ServiceReference

interface ServiceReference

ServiceReference holds a reference to Service.legacy.k8s.io

property name

name: string;

name is the name of the service. Required

property namespace

namespace: string;

namespace is the namespace of the service. Required

property path

path: string;

path is an optional URL path which will be sent in any request to this service.

property port

port: number;

If specified, the port on the service that hosting webhook. Default to 443 for backward compatibility. port should be a valid port number (1-65535, inclusive).

interface ValidatingWebhook

interface ValidatingWebhook

ValidatingWebhook describes an admission webhook and the resources and operations it applies to.

property admissionReviewVersions

admissionReviewVersions: string[];

AdmissionReviewVersions is an ordered list of preferred AdmissionReview versions the Webhook expects. API server will try to use first version in the list which it supports. If none of the versions specified in this list supported by API server, validation will fail for this object. If a persisted webhook configuration specifies allowed versions and does not include any versions known to the API Server, calls to the webhook will fail and be subject to the failure policy. Default to ['v1beta1'].

property clientConfig

clientConfig: WebhookClientConfig;

ClientConfig defines how to communicate with the hook. Required

property failurePolicy

failurePolicy: string;

FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Ignore.

property matchPolicy

matchPolicy: string;

matchPolicy defines how the “rules” list is used to match incoming requests. Allowed values are “Exact” or “Equivalent”.

  • Exact: match a request only if it exactly matches a specified rule. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, but “rules” only included apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"], a request to apps/v1beta1 or extensions/v1beta1 would not be sent to the webhook.

  • Equivalent: match a request if modifies a resource listed in rules, even via another API group or version. For example, if deployments can be modified via apps/v1, apps/v1beta1, and extensions/v1beta1, and “rules” only included apiGroups:["apps"], apiVersions:["v1"], resources: ["deployments"], a request to apps/v1beta1 or extensions/v1beta1 would be converted to apps/v1 and sent to the webhook.

Defaults to “Exact”

property name

name: string;

The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where “imagepolicy” is the name of the webhook, and kubernetes.io is the name of the organization. Required.

property namespaceSelector

namespaceSelector: LabelSelector;

NamespaceSelector decides whether to run the webhook on an object based on whether the namespace for that object matches the selector. If the object itself is a namespace, the matching is performed on object.metadata.labels. If the object is another cluster scoped resource, it never skips the webhook.

For example, to run the webhook on any objects whose namespace is not associated with “runlevel” of “0” or “1”; you will set the selector as follows: “namespaceSelector”: { “matchExpressions”: [ { “key”: “runlevel”, “operator”: “NotIn”, “values”: [ “0”, “1” ] } ] }

If instead you want to only run the webhook on any objects whose namespace is associated with the “environment” of “prod” or “staging”; you will set the selector as follows: “namespaceSelector”: { “matchExpressions”: [ { “key”: “environment”, “operator”: “In”, “values”: [ “prod”, “staging” ] } ] }

See https://kubernetes.io/docs/concepts/overview/working-with-objects/labels for more examples of label selectors.

Default to the empty LabelSelector, which matches everything.

property objectSelector

objectSelector: LabelSelector;

ObjectSelector decides whether to run the webhook based on if the object has matching labels. objectSelector is evaluated against both the oldObject and newObject that would be sent to the webhook, and is considered to match if either object matches the selector. A null object (oldObject in the case of create, or newObject in the case of delete) or an object that cannot have labels (like a DeploymentRollback or a PodProxyOptions object) is not considered to match. Use the object selector only if the webhook is opt-in, because end users may skip the admission webhook by setting the labels. Default to the empty LabelSelector, which matches everything.

property rules

rules: RuleWithOperations[];

Rules describes what operations on what resources/subresources the webhook cares about. The webhook cares about an operation if it matches any Rule. However, in order to prevent ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks from putting the cluster in a state which cannot be recovered from without completely disabling the plugin, ValidatingAdmissionWebhooks and MutatingAdmissionWebhooks are never called on admission requests for ValidatingWebhookConfiguration and MutatingWebhookConfiguration objects.

property sideEffects

sideEffects: string;

SideEffects states whether this webhook has side effects. Acceptable values are: Unknown, None, Some, NoneOnDryRun Webhooks with side effects MUST implement a reconciliation system, since a request may be rejected by a future step in the admission change and the side effects therefore need to be undone. Requests with the dryRun attribute will be auto-rejected if they match a webhook with sideEffects == Unknown or Some. Defaults to Unknown.

property timeoutSeconds

timeoutSeconds: number;

TimeoutSeconds specifies the timeout for this webhook. After the timeout passes, the webhook call will be ignored or the API call will fail based on the failure policy. The timeout value must be between 1 and 30 seconds. Default to 30 seconds.

interface ValidatingWebhookConfiguration

interface ValidatingWebhookConfiguration

ValidatingWebhookConfiguration describes the configuration of and admission webhook that accept or reject and object without changing it. Deprecated in v1.16, planned for removal in v1.19. Use admissionregistration.k8s.io/v1 ValidatingWebhookConfiguration instead.

property apiVersion

apiVersion: "admissionregistration.k8s.io/v1beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "ValidatingWebhookConfiguration";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.

property webhooks

webhooks: ValidatingWebhook[];

Webhooks is a list of webhooks and the affected resources and operations.

interface WebhookClientConfig

interface WebhookClientConfig

WebhookClientConfig contains the information to make a TLS connection with the webhook

property caBundle

caBundle: string;

caBundle is a PEM encoded CA bundle which will be used to validate the webhook’s server certificate. If unspecified, system trust roots on the apiserver are used.

property service

service: ServiceReference;

service is a reference to the service for this webhook. Either service or url must be specified.

If the webhook is running within the cluster, then you should use service.

property url

url: string;

url gives the location of the webhook, in standard URL form (scheme://host:port/path). Exactly one of url or service must be specified.

The host should not refer to a service running in the cluster; use the service field instead. The host might be resolved via external DNS in some apiservers (e.g., kube-apiserver cannot resolve in-cluster DNS as that would be a layering violation). host may also be an IP address.

Please note that using localhost or 127.0.0.1 as a host is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.

The scheme must be “https”; the URL must begin with “https://“.

A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.

Attempting to use a user or basic auth e.g. “user:password@” is not allowed. Fragments (“#…”) and query parameters (“?…”) are not allowed, either.

namespace apiextensions.v1

interface CustomResourceColumnDefinition

interface CustomResourceColumnDefinition

CustomResourceColumnDefinition specifies a column for server side printing.

property description

description: string;

description is a human readable description of this column.

property format

format: string;

format is an optional OpenAPI type definition for this column. The ‘name’ format is applied to the primary identifier column to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for details.

property jsonPath

jsonPath: string;

jsonPath is a simple JSON path (i.e. with array notation) which is evaluated against each custom resource to produce the value for this column.

property name

name: string;

name is a human readable name for the column.

property priority

priority: number;

priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a priority greater than 0.

property type

type: string;

type is an OpenAPI type definition for this column. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for details.

interface CustomResourceConversion

interface CustomResourceConversion

CustomResourceConversion describes how to convert different versions of a CR.

property strategy

strategy: string;

strategy specifies how custom resources are converted between versions. Allowed values are: - None: The converter only change the apiVersion and would not touch any other field in the custom resource. - Webhook: API Server will call to an external webhook to do the conversion. Additional information is needed for this option. This requires spec.preserveUnknownFields to be false, and spec.conversion.webhook to be set.

property webhook

webhook: WebhookConversion;

webhook describes how to call the conversion webhook. Required when strategy is set to Webhook.

interface CustomResourceDefinition

interface CustomResourceDefinition

CustomResourceDefinition represents a resource that should be exposed on the API server. Its name MUST be in the format <.spec.name>.<.spec.group>.

property apiVersion

apiVersion: "apiextensions.k8s.io/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "CustomResourceDefinition";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

property spec

spec: CustomResourceDefinitionSpec;

spec describes how the user wants the resources to appear

property status

status: CustomResourceDefinitionStatus;

status indicates the actual state of the CustomResourceDefinition

interface CustomResourceDefinitionCondition

interface CustomResourceDefinitionCondition

CustomResourceDefinitionCondition contains details for the current condition of this pod.

property lastTransitionTime

lastTransitionTime: string;

lastTransitionTime last time the condition transitioned from one status to another.

property message

message: string;

message is a human-readable message indicating details about last transition.

property reason

reason: string;

reason is a unique, one-word, CamelCase reason for the condition’s last transition.

property status

status: string;

status is the status of the condition. Can be True, False, Unknown.

property type

type: string;

type is the type of the condition. Types include Established, NamesAccepted and Terminating.

interface CustomResourceDefinitionNames

interface CustomResourceDefinitionNames

CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition

property categories

categories: string[];

categories is a list of grouped resources this custom resource belongs to (e.g. ‘all’). This is published in API discovery documents, and used by clients to support invocations like kubectl get all.

property kind

kind: string;

kind is the serialized kind of the resource. It is normally CamelCase and singular. Custom resource instances will use this value as the kind attribute in API calls.

property listKind

listKind: string;

listKind is the serialized kind of the list for this resource. Defaults to “kindList”.

property plural

plural: string;

plural is the plural name of the resource to serve. The custom resources are served under /apis/&lt;group&gt;/&lt;version&gt;/.../&lt;plural&gt;. Must match the name of the CustomResourceDefinition (in the form &lt;names.plural&gt;.&lt;group&gt;). Must be all lowercase.

property shortNames

shortNames: string[];

shortNames are short names for the resource, exposed in API discovery documents, and used by clients to support invocations like kubectl get &lt;shortname&gt;. It must be all lowercase.

property singular

singular: string;

singular is the singular name of the resource. It must be all lowercase. Defaults to lowercased kind.

interface CustomResourceDefinitionSpec

interface CustomResourceDefinitionSpec

CustomResourceDefinitionSpec describes how a user wants their resource to appear

property conversion

conversion: CustomResourceConversion;

conversion defines conversion settings for the CRD.

property group

group: string;

group is the API group of the defined custom resource. The custom resources are served under /apis/&lt;group&gt;/.... Must match the name of the CustomResourceDefinition (in the form &lt;names.plural&gt;.&lt;group&gt;).

property names

names: CustomResourceDefinitionNames;

names specify the resource and kind names for the custom resource.

property preserveUnknownFields

preserveUnknownFields: boolean;

preserveUnknownFields indicates that object fields which are not specified in the OpenAPI schema should be preserved when persisting to storage. apiVersion, kind, metadata and known fields inside metadata are always preserved. This field is deprecated in favor of setting x-preserve-unknown-fields to true in spec.versions[*].schema.openAPIV3Schema. See https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/#pruning-versus-preserving-unknown-fields for details.

property scope

scope: string;

scope indicates whether the defined custom resource is cluster- or namespace-scoped. Allowed values are Cluster and Namespaced.

property versions

versions: CustomResourceDefinitionVersion[];

versions is the list of all API versions of the defined custom resource. Version names are used to compute the order in which served versions are listed in API discovery. If the version string is “kube-like”, it will sort above non “kube-like” version strings, which are ordered lexicographically. “Kube-like” versions start with a “v”, then are followed by a number (the major version), then optionally the string “alpha” or “beta” and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.

interface CustomResourceDefinitionStatus

interface CustomResourceDefinitionStatus

CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition

property acceptedNames

acceptedNames: CustomResourceDefinitionNames;

acceptedNames are the names that are actually being used to serve discovery. They may be different than the names in spec.

property conditions

conditions: CustomResourceDefinitionCondition[];

conditions indicate state for particular aspects of a CustomResourceDefinition

property storedVersions

storedVersions: string[];

storedVersions lists all versions of CustomResources that were ever persisted. Tracking these versions allows a migration path for stored versions in etcd. The field is mutable so a migration controller can finish a migration to another version (ensuring no old objects are left in storage), and then remove the rest of the versions from this list. Versions may not be removed from spec.versions while they exist in this list.

interface CustomResourceDefinitionVersion

interface CustomResourceDefinitionVersion

CustomResourceDefinitionVersion describes a version for CRD.

property additionalPrinterColumns

additionalPrinterColumns: CustomResourceColumnDefinition[];

additionalPrinterColumns specifies additional columns returned in Table output. See https://kubernetes.io/docs/reference/using-api/api-concepts/#receiving-resources-as-tables for details. If no columns are specified, a single column displaying the age of the custom resource is used.

property deprecated

deprecated: boolean;

deprecated indicates this version of the custom resource API is deprecated. When set to true, API requests to this version receive a warning header in the server response. Defaults to false.

property deprecationWarning

deprecationWarning: string;

deprecationWarning overrides the default warning returned to API clients. May only be set when deprecated is true. The default warning indicates this version is deprecated and recommends use of the newest served version of equal or greater stability, if one exists.

property name

name: string;

name is the version name, e.g. “v1”, “v2beta1”, etc. The custom resources are served under this version at /apis/&lt;group&gt;/&lt;version&gt;/... if served is true.

property schema

schema: CustomResourceValidation;

schema describes the schema used for validation, pruning, and defaulting of this version of the custom resource.

property served

served: boolean;

served is a flag enabling/disabling this version from being served via REST APIs

property storage

storage: boolean;

storage indicates this version should be used when persisting custom resources to storage. There must be exactly one version with storage=true.

property subresources

subresources: CustomResourceSubresources;

subresources specify what subresources this version of the defined custom resource have.

interface CustomResourceSubresources

interface CustomResourceSubresources

CustomResourceSubresources defines the status and scale subresources for CustomResources.

property scale

scale: CustomResourceSubresourceScale;

scale indicates the custom resource should serve a /scale subresource that returns an autoscaling/v1 Scale object.

property status

status: any;

status indicates the custom resource should serve a /status subresource. When enabled: 1. requests to the custom resource primary endpoint ignore changes to the status stanza of the object. 2. requests to the custom resource /status subresource ignore changes to anything other than the status stanza of the object.

interface CustomResourceSubresourceScale

interface CustomResourceSubresourceScale

CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.

property labelSelectorPath

labelSelectorPath: string;

labelSelectorPath defines the JSON path inside of a custom resource that corresponds to Scale status.selector. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status or .spec. Must be set to work with HorizontalPodAutoscaler. The field pointed by this JSON path must be a string field (not a complex selector struct) which contains a serialized label selector in string form. More info: https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions#scale-subresource If there is no value under the given path in the custom resource, the status.selector value in the /scale subresource will default to the empty string.

property specReplicasPath

specReplicasPath: string;

specReplicasPath defines the JSON path inside of a custom resource that corresponds to Scale spec.replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .spec. If there is no value under the given path in the custom resource, the /scale subresource will return an error on GET.

property statusReplicasPath

statusReplicasPath: string;

statusReplicasPath defines the JSON path inside of a custom resource that corresponds to Scale status.replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status. If there is no value under the given path in the custom resource, the status.replicas value in the /scale subresource will default to 0.

interface CustomResourceValidation

interface CustomResourceValidation

CustomResourceValidation is a list of validation methods for CustomResources.

property openAPIV3Schema

openAPIV3Schema: JSONSchemaProps;

openAPIV3Schema is the OpenAPI v3 schema to use for validation and pruning.

interface ExternalDocumentation

interface ExternalDocumentation

ExternalDocumentation allows referencing an external resource for extended documentation.

property description

description: string;

property url

url: string;

interface JSONSchemaProps

interface JSONSchemaProps

JSONSchemaProps is a JSON-Schema following Specification Draft 4 (http://json-schema.org/).

property $ref

$ref: string;

property $schema

$schema: string;

property additionalItems

additionalItems: JSONSchemaProps | boolean;

property additionalProperties

additionalProperties: JSONSchemaProps | boolean;

property allOf

allOf: JSONSchemaProps[];

property anyOf

anyOf: JSONSchemaProps[];

property default

default: any;

default is a default value for undefined object fields. Defaulting is a beta feature under the CustomResourceDefaulting feature gate. Defaulting requires spec.preserveUnknownFields to be false.

property definitions

definitions: {[key: string]: JSONSchemaProps};

property dependencies

dependencies: {[key: string]: JSONSchemaProps | string[]};

property description

description: string;

property enum

enum: any[];

property example

example: any;

property exclusiveMaximum

exclusiveMaximum: boolean;

property exclusiveMinimum

exclusiveMinimum: boolean;

property externalDocs

externalDocs: ExternalDocumentation;

property format

format: string;

format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:

  • bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)1{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)2{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)3{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)4{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like “0321751043” or “978-0321751041” - isbn10: an ISBN10 number string like “0321751043” - isbn13: an ISBN13 number string like “978-0321751041” - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\d{3}[- ]?\d{2}[- ]?\d{4}$ - hexcolor: an hexadecimal color code like “#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like “rgb(255,255,2559” - byte: base64 encoded binary data - password: any kind of string - date: a date string like “2006-01-02” as defined by full-date in RFC3339 - duration: a duration string like “22 ns” as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like “2014-12-15T19:30:20.000Z” as defined by date-time in RFC3339.

property id

id: string;

property items

items: JSONSchemaProps | any[];

property maxItems

maxItems: number;

property maxLength

maxLength: number;

property maxProperties

maxProperties: number;

property maximum

maximum: number;

property minItems

minItems: number;

property minLength

minLength: number;

property minProperties

minProperties: number;

property minimum

minimum: number;

property multipleOf

multipleOf: number;

property not

not: JSONSchemaProps;

property nullable

nullable: boolean;

property oneOf

oneOf: JSONSchemaProps[];

property pattern

pattern: string;

property patternProperties

patternProperties: {[key: string]: JSONSchemaProps};

property properties

properties: {[key: string]: JSONSchemaProps};

property required

required: string[];

property title

title: string;

property type

type: string;

property uniqueItems

uniqueItems: boolean;

property x_kubernetes_embedded_resource

x_kubernetes_embedded_resource: boolean;

x-kubernetes-embedded-resource defines that the value is an embedded Kubernetes runtime.Object, with TypeMeta and ObjectMeta. The type must be object. It is allowed to further restrict the embedded object. kind, apiVersion and metadata are validated automatically. x-kubernetes-preserve-unknown-fields is allowed to be true, but does not have to be if the object is fully specified (up to kind, apiVersion, metadata).

property x_kubernetes_int_or_string

x_kubernetes_int_or_string: boolean;

x-kubernetes-int-or-string specifies that this value is either an integer or a string. If this is true, an empty type is allowed and type as child of anyOf is permitted if following one of the following patterns:

1) anyOf: - type: integer - type: string 2) allOf: - anyOf: - type: integer - type: string - … zero or more

property x_kubernetes_list_map_keys

x_kubernetes_list_map_keys: string[];

x-kubernetes-list-map-keys annotates an array with the x-kubernetes-list-type map by specifying the keys used as the index of the map.

This tag MUST only be used on lists that have the “x-kubernetes-list-type” extension set to “map”. Also, the values specified for this attribute must be a scalar typed field of the child structure (no nesting is supported).

The properties specified must either be required or have a default value, to ensure those properties are present for all list items.

property x_kubernetes_list_type

x_kubernetes_list_type: string;

x-kubernetes-list-type annotates an array to further describe its topology. This extension must only be used on lists and may have 3 possible values:

1) atomic: the list is treated as a single entity, like a scalar. Atomic lists will be entirely replaced when updated. This extension may be used on any type of list (struct, scalar, …). 2) set: Sets are lists that must not have multiple items with the same value. Each value must be a scalar, an object with x-kubernetes-map-type atomic or an array with x-kubernetes-list-type atomic. 3) map: These lists are like maps in that their elements have a non-index key used to identify them. Order is preserved upon merge. The map tag must only be used on a list with elements of type object. Defaults to atomic for arrays.

property x_kubernetes_map_type

x_kubernetes_map_type: string;

x-kubernetes-map-type annotates an object to further describe its topology. This extension must only be used when type is object and may have 2 possible values:

1) granular: These maps are actual maps (key-value pairs) and each fields are independent from each other (they can each be manipulated by separate actors). This is the default behaviour for all maps. 2) atomic: the list is treated as a single entity, like a scalar. Atomic maps will be entirely replaced when updated.

property x_kubernetes_preserve_unknown_fields

x_kubernetes_preserve_unknown_fields: boolean;

x-kubernetes-preserve-unknown-fields stops the API server decoding step from pruning fields which are not specified in the validation schema. This affects fields recursively, but switches back to normal pruning behaviour if nested properties or additionalProperties are specified in the schema. This can either be true or undefined. False is forbidden.

interface ServiceReference

interface ServiceReference

ServiceReference holds a reference to Service.legacy.k8s.io

property name

name: string;

name is the name of the service. Required

property namespace

namespace: string;

namespace is the namespace of the service. Required

property path

path: string;

path is an optional URL path at which the webhook will be contacted.

property port

port: number;

port is an optional service port at which the webhook will be contacted. port should be a valid port number (1-65535, inclusive). Defaults to 443 for backward compatibility.

interface WebhookClientConfig

interface WebhookClientConfig

WebhookClientConfig contains the information to make a TLS connection with the webhook.

property caBundle

caBundle: string;

caBundle is a PEM encoded CA bundle which will be used to validate the webhook’s server certificate. If unspecified, system trust roots on the apiserver are used.

property service

service: ServiceReference;

service is a reference to the service for this webhook. Either service or url must be specified.

If the webhook is running within the cluster, then you should use service.

property url

url: string;

url gives the location of the webhook, in standard URL form (scheme://host:port/path). Exactly one of url or service must be specified.

The host should not refer to a service running in the cluster; use the service field instead. The host might be resolved via external DNS in some apiservers (e.g., kube-apiserver cannot resolve in-cluster DNS as that would be a layering violation). host may also be an IP address.

Please note that using localhost or 127.0.0.1 as a host is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.

The scheme must be “https”; the URL must begin with “https://“.

A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.

Attempting to use a user or basic auth e.g. “user:password@” is not allowed. Fragments (“#…”) and query parameters (“?…”) are not allowed, either.

interface WebhookConversion

interface WebhookConversion

WebhookConversion describes how to call a conversion webhook

property clientConfig

clientConfig: WebhookClientConfig;

clientConfig is the instructions for how to call the webhook if strategy is Webhook.

property conversionReviewVersions

conversionReviewVersions: string[];

conversionReviewVersions is an ordered list of preferred ConversionReview versions the Webhook expects. The API server will use the first version in the list which it supports. If none of the versions specified in this list are supported by API server, conversion will fail for the custom resource. If a persisted Webhook configuration specifies allowed versions and does not include any versions known to the API Server, calls to the webhook will fail.

namespace apiextensions.v1beta1

interface CustomResourceColumnDefinition

interface CustomResourceColumnDefinition

CustomResourceColumnDefinition specifies a column for server side printing.

property JSONPath

JSONPath: string;

JSONPath is a simple JSON path (i.e. with array notation) which is evaluated against each custom resource to produce the value for this column.

property description

description: string;

description is a human readable description of this column.

property format

format: string;

format is an optional OpenAPI type definition for this column. The ‘name’ format is applied to the primary identifier column to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for details.

property name

name: string;

name is a human readable name for the column.

property priority

priority: number;

priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a priority greater than 0.

property type

type: string;

type is an OpenAPI type definition for this column. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for details.

interface CustomResourceConversion

interface CustomResourceConversion

CustomResourceConversion describes how to convert different versions of a CR.

property conversionReviewVersions

conversionReviewVersions: string[];

conversionReviewVersions is an ordered list of preferred ConversionReview versions the Webhook expects. The API server will use the first version in the list which it supports. If none of the versions specified in this list are supported by API server, conversion will fail for the custom resource. If a persisted Webhook configuration specifies allowed versions and does not include any versions known to the API Server, calls to the webhook will fail. Defaults to ["v1beta1"].

property strategy

strategy: string;

strategy specifies how custom resources are converted between versions. Allowed values are: - None: The converter only change the apiVersion and would not touch any other field in the custom resource. - Webhook: API Server will call to an external webhook to do the conversion. Additional information is needed for this option. This requires spec.preserveUnknownFields to be false, and spec.conversion.webhookClientConfig to be set.

property webhookClientConfig

webhookClientConfig: WebhookClientConfig;

webhookClientConfig is the instructions for how to call the webhook if strategy is Webhook. Required when strategy is set to Webhook.

interface CustomResourceDefinition

interface CustomResourceDefinition

CustomResourceDefinition represents a resource that should be exposed on the API server. Its name MUST be in the format <.spec.name>.<.spec.group>. Deprecated in v1.16, planned for removal in v1.22. Use apiextensions.k8s.io/v1 CustomResourceDefinition instead.

property apiVersion

apiVersion: "apiextensions.k8s.io/v1beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "CustomResourceDefinition";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

property spec

spec: CustomResourceDefinitionSpec;

spec describes how the user wants the resources to appear

property status

status: CustomResourceDefinitionStatus;

status indicates the actual state of the CustomResourceDefinition

interface CustomResourceDefinitionCondition

interface CustomResourceDefinitionCondition

CustomResourceDefinitionCondition contains details for the current condition of this pod.

property lastTransitionTime

lastTransitionTime: string;

lastTransitionTime last time the condition transitioned from one status to another.

property message

message: string;

message is a human-readable message indicating details about last transition.

property reason

reason: string;

reason is a unique, one-word, CamelCase reason for the condition’s last transition.

property status

status: string;

status is the status of the condition. Can be True, False, Unknown.

property type

type: string;

type is the type of the condition. Types include Established, NamesAccepted and Terminating.

interface CustomResourceDefinitionNames

interface CustomResourceDefinitionNames

CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition

property categories

categories: string[];

categories is a list of grouped resources this custom resource belongs to (e.g. ‘all’). This is published in API discovery documents, and used by clients to support invocations like kubectl get all.

property kind

kind: string;

kind is the serialized kind of the resource. It is normally CamelCase and singular. Custom resource instances will use this value as the kind attribute in API calls.

property listKind

listKind: string;

listKind is the serialized kind of the list for this resource. Defaults to “kindList”.

property plural

plural: string;

plural is the plural name of the resource to serve. The custom resources are served under /apis/&lt;group&gt;/&lt;version&gt;/.../&lt;plural&gt;. Must match the name of the CustomResourceDefinition (in the form &lt;names.plural&gt;.&lt;group&gt;). Must be all lowercase.

property shortNames

shortNames: string[];

shortNames are short names for the resource, exposed in API discovery documents, and used by clients to support invocations like kubectl get &lt;shortname&gt;. It must be all lowercase.

property singular

singular: string;

singular is the singular name of the resource. It must be all lowercase. Defaults to lowercased kind.

interface CustomResourceDefinitionSpec

interface CustomResourceDefinitionSpec

CustomResourceDefinitionSpec describes how a user wants their resource to appear

property additionalPrinterColumns

additionalPrinterColumns: CustomResourceColumnDefinition[];

additionalPrinterColumns specifies additional columns returned in Table output. See https://kubernetes.io/docs/reference/using-api/api-concepts/#receiving-resources-as-tables for details. If present, this field configures columns for all versions. Top-level and per-version columns are mutually exclusive. If no top-level or per-version columns are specified, a single column displaying the age of the custom resource is used.

property conversion

conversion: CustomResourceConversion;

conversion defines conversion settings for the CRD.

property group

group: string;

group is the API group of the defined custom resource. The custom resources are served under /apis/&lt;group&gt;/.... Must match the name of the CustomResourceDefinition (in the form &lt;names.plural&gt;.&lt;group&gt;).

property names

names: CustomResourceDefinitionNames;

names specify the resource and kind names for the custom resource.

property preserveUnknownFields

preserveUnknownFields: boolean;

preserveUnknownFields indicates that object fields which are not specified in the OpenAPI schema should be preserved when persisting to storage. apiVersion, kind, metadata and known fields inside metadata are always preserved. If false, schemas must be defined for all versions. Defaults to true in v1beta for backwards compatibility. Deprecated: will be required to be false in v1. Preservation of unknown fields can be specified in the validation schema using the x-kubernetes-preserve-unknown-fields: true extension. See https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/#pruning-versus-preserving-unknown-fields for details.

property scope

scope: string;

scope indicates whether the defined custom resource is cluster- or namespace-scoped. Allowed values are Cluster and Namespaced. Default is Namespaced.

property subresources

subresources: CustomResourceSubresources;

subresources specify what subresources the defined custom resource has. If present, this field configures subresources for all versions. Top-level and per-version subresources are mutually exclusive.

property validation

validation: CustomResourceValidation;

validation describes the schema used for validation and pruning of the custom resource. If present, this validation schema is used to validate all versions. Top-level and per-version schemas are mutually exclusive.

property version

version: string;

version is the API version of the defined custom resource. The custom resources are served under /apis/&lt;group&gt;/&lt;version&gt;/.... Must match the name of the first item in the versions list if version and versions are both specified. Optional if versions is specified. Deprecated: use versions instead.

property versions

versions: CustomResourceDefinitionVersion[];

versions is the list of all API versions of the defined custom resource. Optional if version is specified. The name of the first item in the versions list must match the version field if version and versions are both specified. Version names are used to compute the order in which served versions are listed in API discovery. If the version string is “kube-like”, it will sort above non “kube-like” version strings, which are ordered lexicographically. “Kube-like” versions start with a “v”, then are followed by a number (the major version), then optionally the string “alpha” or “beta” and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.

interface CustomResourceDefinitionStatus

interface CustomResourceDefinitionStatus

CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition

property acceptedNames

acceptedNames: CustomResourceDefinitionNames;

acceptedNames are the names that are actually being used to serve discovery. They may be different than the names in spec.

property conditions

conditions: CustomResourceDefinitionCondition[];

conditions indicate state for particular aspects of a CustomResourceDefinition

property storedVersions

storedVersions: string[];

storedVersions lists all versions of CustomResources that were ever persisted. Tracking these versions allows a migration path for stored versions in etcd. The field is mutable so a migration controller can finish a migration to another version (ensuring no old objects are left in storage), and then remove the rest of the versions from this list. Versions may not be removed from spec.versions while they exist in this list.

interface CustomResourceDefinitionVersion

interface CustomResourceDefinitionVersion

CustomResourceDefinitionVersion describes a version for CRD.

property additionalPrinterColumns

additionalPrinterColumns: CustomResourceColumnDefinition[];

additionalPrinterColumns specifies additional columns returned in Table output. See https://kubernetes.io/docs/reference/using-api/api-concepts/#receiving-resources-as-tables for details. Top-level and per-version columns are mutually exclusive. Per-version columns must not all be set to identical values (top-level columns should be used instead). If no top-level or per-version columns are specified, a single column displaying the age of the custom resource is used.

property deprecated

deprecated: boolean;

deprecated indicates this version of the custom resource API is deprecated. When set to true, API requests to this version receive a warning header in the server response. Defaults to false.

property deprecationWarning

deprecationWarning: string;

deprecationWarning overrides the default warning returned to API clients. May only be set when deprecated is true. The default warning indicates this version is deprecated and recommends use of the newest served version of equal or greater stability, if one exists.

property name

name: string;

name is the version name, e.g. “v1”, “v2beta1”, etc. The custom resources are served under this version at /apis/&lt;group&gt;/&lt;version&gt;/... if served is true.

property schema

schema: CustomResourceValidation;

schema describes the schema used for validation and pruning of this version of the custom resource. Top-level and per-version schemas are mutually exclusive. Per-version schemas must not all be set to identical values (top-level validation schema should be used instead).

property served

served: boolean;

served is a flag enabling/disabling this version from being served via REST APIs

property storage

storage: boolean;

storage indicates this version should be used when persisting custom resources to storage. There must be exactly one version with storage=true.

property subresources

subresources: CustomResourceSubresources;

subresources specify what subresources this version of the defined custom resource have. Top-level and per-version subresources are mutually exclusive. Per-version subresources must not all be set to identical values (top-level subresources should be used instead).

interface CustomResourceSubresources

interface CustomResourceSubresources

CustomResourceSubresources defines the status and scale subresources for CustomResources.

property scale

scale: CustomResourceSubresourceScale;

scale indicates the custom resource should serve a /scale subresource that returns an autoscaling/v1 Scale object.

property status

status: any;

status indicates the custom resource should serve a /status subresource. When enabled: 1. requests to the custom resource primary endpoint ignore changes to the status stanza of the object. 2. requests to the custom resource /status subresource ignore changes to anything other than the status stanza of the object.

interface CustomResourceSubresourceScale

interface CustomResourceSubresourceScale

CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.

property labelSelectorPath

labelSelectorPath: string;

labelSelectorPath defines the JSON path inside of a custom resource that corresponds to Scale status.selector. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status or .spec. Must be set to work with HorizontalPodAutoscaler. The field pointed by this JSON path must be a string field (not a complex selector struct) which contains a serialized label selector in string form. More info: https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions#scale-subresource If there is no value under the given path in the custom resource, the status.selector value in the /scale subresource will default to the empty string.

property specReplicasPath

specReplicasPath: string;

specReplicasPath defines the JSON path inside of a custom resource that corresponds to Scale spec.replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .spec. If there is no value under the given path in the custom resource, the /scale subresource will return an error on GET.

property statusReplicasPath

statusReplicasPath: string;

statusReplicasPath defines the JSON path inside of a custom resource that corresponds to Scale status.replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status. If there is no value under the given path in the custom resource, the status.replicas value in the /scale subresource will default to 0.

interface CustomResourceValidation

interface CustomResourceValidation

CustomResourceValidation is a list of validation methods for CustomResources.

property openAPIV3Schema

openAPIV3Schema: JSONSchemaProps;

openAPIV3Schema is the OpenAPI v3 schema to use for validation and pruning.

interface ExternalDocumentation

interface ExternalDocumentation

ExternalDocumentation allows referencing an external resource for extended documentation.

property description

description: string;

property url

url: string;

interface JSONSchemaProps

interface JSONSchemaProps

JSONSchemaProps is a JSON-Schema following Specification Draft 4 (http://json-schema.org/).

property $ref

$ref: string;

property $schema

$schema: string;

property additionalItems

additionalItems: JSONSchemaProps | boolean;

property additionalProperties

additionalProperties: JSONSchemaProps | boolean;

property allOf

allOf: JSONSchemaProps[];

property anyOf

anyOf: JSONSchemaProps[];

property default

default: any;

default is a default value for undefined object fields. Defaulting is a beta feature under the CustomResourceDefaulting feature gate. CustomResourceDefinitions with defaults must be created using the v1 (or newer) CustomResourceDefinition API.

property definitions

definitions: {[key: string]: JSONSchemaProps};

property dependencies

dependencies: {[key: string]: JSONSchemaProps | string[]};

property description

description: string;

property enum

enum: any[];

property example

example: any;

property exclusiveMaximum

exclusiveMaximum: boolean;

property exclusiveMinimum

exclusiveMinimum: boolean;

property externalDocs

externalDocs: ExternalDocumentation;

property format

format: string;

format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:

  • bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)5{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)6{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)7{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)8{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like “0321751043” or “978-0321751041” - isbn10: an ISBN10 number string like “0321751043” - isbn13: an ISBN13 number string like “978-0321751041” - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\d{3}[- ]?\d{2}[- ]?\d{4}$ - hexcolor: an hexadecimal color code like “#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like “rgb(255,255,2559” - byte: base64 encoded binary data - password: any kind of string - date: a date string like “2006-01-02” as defined by full-date in RFC3339 - duration: a duration string like “22 ns” as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like “2014-12-15T19:30:20.000Z” as defined by date-time in RFC3339.

property id

id: string;

property items

items: JSONSchemaProps | any[];

property maxItems

maxItems: number;

property maxLength

maxLength: number;

property maxProperties

maxProperties: number;

property maximum

maximum: number;

property minItems

minItems: number;

property minLength

minLength: number;

property minProperties

minProperties: number;

property minimum

minimum: number;

property multipleOf

multipleOf: number;

property not

not: JSONSchemaProps;

property nullable

nullable: boolean;

property oneOf

oneOf: JSONSchemaProps[];

property pattern

pattern: string;

property patternProperties

patternProperties: {[key: string]: JSONSchemaProps};

property properties

properties: {[key: string]: JSONSchemaProps};

property required

required: string[];

property title

title: string;

property type

type: string;

property uniqueItems

uniqueItems: boolean;

property x_kubernetes_embedded_resource

x_kubernetes_embedded_resource: boolean;

x-kubernetes-embedded-resource defines that the value is an embedded Kubernetes runtime.Object, with TypeMeta and ObjectMeta. The type must be object. It is allowed to further restrict the embedded object. kind, apiVersion and metadata are validated automatically. x-kubernetes-preserve-unknown-fields is allowed to be true, but does not have to be if the object is fully specified (up to kind, apiVersion, metadata).

property x_kubernetes_int_or_string

x_kubernetes_int_or_string: boolean;

x-kubernetes-int-or-string specifies that this value is either an integer or a string. If this is true, an empty type is allowed and type as child of anyOf is permitted if following one of the following patterns:

1) anyOf: - type: integer - type: string 2) allOf: - anyOf: - type: integer - type: string - … zero or more

property x_kubernetes_list_map_keys

x_kubernetes_list_map_keys: string[];

x-kubernetes-list-map-keys annotates an array with the x-kubernetes-list-type map by specifying the keys used as the index of the map.

This tag MUST only be used on lists that have the “x-kubernetes-list-type” extension set to “map”. Also, the values specified for this attribute must be a scalar typed field of the child structure (no nesting is supported).

The properties specified must either be required or have a default value, to ensure those properties are present for all list items.

property x_kubernetes_list_type

x_kubernetes_list_type: string;

x-kubernetes-list-type annotates an array to further describe its topology. This extension must only be used on lists and may have 3 possible values:

1) atomic: the list is treated as a single entity, like a scalar. Atomic lists will be entirely replaced when updated. This extension may be used on any type of list (struct, scalar, …). 2) set: Sets are lists that must not have multiple items with the same value. Each value must be a scalar, an object with x-kubernetes-map-type atomic or an array with x-kubernetes-list-type atomic. 3) map: These lists are like maps in that their elements have a non-index key used to identify them. Order is preserved upon merge. The map tag must only be used on a list with elements of type object. Defaults to atomic for arrays.

property x_kubernetes_map_type

x_kubernetes_map_type: string;

x-kubernetes-map-type annotates an object to further describe its topology. This extension must only be used when type is object and may have 2 possible values:

1) granular: These maps are actual maps (key-value pairs) and each fields are independent from each other (they can each be manipulated by separate actors). This is the default behaviour for all maps. 2) atomic: the list is treated as a single entity, like a scalar. Atomic maps will be entirely replaced when updated.

property x_kubernetes_preserve_unknown_fields

x_kubernetes_preserve_unknown_fields: boolean;

x-kubernetes-preserve-unknown-fields stops the API server decoding step from pruning fields which are not specified in the validation schema. This affects fields recursively, but switches back to normal pruning behaviour if nested properties or additionalProperties are specified in the schema. This can either be true or undefined. False is forbidden.

interface ServiceReference

interface ServiceReference

ServiceReference holds a reference to Service.legacy.k8s.io

property name

name: string;

name is the name of the service. Required

property namespace

namespace: string;

namespace is the namespace of the service. Required

property path

path: string;

path is an optional URL path at which the webhook will be contacted.

property port

port: number;

port is an optional service port at which the webhook will be contacted. port should be a valid port number (1-65535, inclusive). Defaults to 443 for backward compatibility.

interface WebhookClientConfig

interface WebhookClientConfig

WebhookClientConfig contains the information to make a TLS connection with the webhook.

property caBundle

caBundle: string;

caBundle is a PEM encoded CA bundle which will be used to validate the webhook’s server certificate. If unspecified, system trust roots on the apiserver are used.

property service

service: ServiceReference;

service is a reference to the service for this webhook. Either service or url must be specified.

If the webhook is running within the cluster, then you should use service.

property url

url: string;

url gives the location of the webhook, in standard URL form (scheme://host:port/path). Exactly one of url or service must be specified.

The host should not refer to a service running in the cluster; use the service field instead. The host might be resolved via external DNS in some apiservers (e.g., kube-apiserver cannot resolve in-cluster DNS as that would be a layering violation). host may also be an IP address.

Please note that using localhost or 127.0.0.1 as a host is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.

The scheme must be “https”; the URL must begin with “https://“.

A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.

Attempting to use a user or basic auth e.g. “user:password@” is not allowed. Fragments (“#…”) and query parameters (“?…”) are not allowed, either.

namespace apiregistration.v1

interface APIService

interface APIService

APIService represents a server for a particular GroupVersion. Name must be “version.group”.

property apiVersion

apiVersion: "apiregistration.k8s.io/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "APIService";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

property spec

spec: APIServiceSpec;

Spec contains information for locating and communicating with a server

property status

status: APIServiceStatus;

Status contains derived information about an API server

interface APIServiceCondition

interface APIServiceCondition

APIServiceCondition describes the state of an APIService at a particular point

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transitioned from one status to another.

property message

message: string;

Human-readable message indicating details about last transition.

property reason

reason: string;

Unique, one-word, CamelCase reason for the condition’s last transition.

property status

status: string;

Status is the status of the condition. Can be True, False, Unknown.

property type

type: string;

Type is the type of the condition.

interface APIServiceSpec

interface APIServiceSpec

APIServiceSpec contains information for locating and communicating with a server. Only https is supported, though you are able to disable certificate verification.

property caBundle

caBundle: string;

CABundle is a PEM encoded CA bundle which will be used to validate an API server’s serving certificate. If unspecified, system trust roots on the apiserver are used.

property group

group: string;

Group is the API group name this server hosts

property groupPriorityMinimum

groupPriorityMinimum: number;

GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones. Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority. The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10). The secondary sort is based on the alphabetical comparison of the name of the object. (v1.bar before v1.foo) We’d recommend something like: *.k8s.io (except extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended to be in the 2000s

property insecureSkipTLSVerify

insecureSkipTLSVerify: boolean;

InsecureSkipTLSVerify disables TLS certificate verification when communicating with this server. This is strongly discouraged. You should use the CABundle instead.

property service

service: ServiceReference;

Service is a reference to the service for this API server. It must communicate on port 443. If the Service is nil, that means the handling for the API groupversion is handled locally on this server. The call will simply delegate to the normal handler chain to be fulfilled.

property version

version: string;

Version is the API version this server hosts. For example, “v1”

property versionPriority

versionPriority: number;

VersionPriority controls the ordering of this API version inside of its group. Must be greater than zero. The primary sort is based on VersionPriority, ordered highest to lowest (20 before 10). Since it’s inside of a group, the number can be small, probably in the 10s. In case of equal version priorities, the version string will be used to compute the order inside a group. If the version string is “kube-like”, it will sort above non “kube-like” version strings, which are ordered lexicographically. “Kube-like” versions start with a “v”, then are followed by a number (the major version), then optionally the string “alpha” or “beta” and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.

interface APIServiceStatus

interface APIServiceStatus

APIServiceStatus contains derived information about an API server

property conditions

conditions: APIServiceCondition[];

Current service state of apiService.

interface ServiceReference

interface ServiceReference

ServiceReference holds a reference to Service.legacy.k8s.io

property name

name: string;

Name is the name of the service

property namespace

namespace: string;

Namespace is the namespace of the service

property port

port: number;

If specified, the port on the service that hosting webhook. Default to 443 for backward compatibility. port should be a valid port number (1-65535, inclusive).

namespace apiregistration.v1beta1

interface APIService

interface APIService

APIService represents a server for a particular GroupVersion. Name must be “version.group”.

property apiVersion

apiVersion: "apiregistration.k8s.io/v1beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "APIService";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

property spec

spec: APIServiceSpec;

Spec contains information for locating and communicating with a server

property status

status: APIServiceStatus;

Status contains derived information about an API server

interface APIServiceCondition

interface APIServiceCondition

APIServiceCondition describes the state of an APIService at a particular point

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transitioned from one status to another.

property message

message: string;

Human-readable message indicating details about last transition.

property reason

reason: string;

Unique, one-word, CamelCase reason for the condition’s last transition.

property status

status: string;

Status is the status of the condition. Can be True, False, Unknown.

property type

type: string;

Type is the type of the condition.

interface APIServiceSpec

interface APIServiceSpec

APIServiceSpec contains information for locating and communicating with a server. Only https is supported, though you are able to disable certificate verification.

property caBundle

caBundle: string;

CABundle is a PEM encoded CA bundle which will be used to validate an API server’s serving certificate. If unspecified, system trust roots on the apiserver are used.

property group

group: string;

Group is the API group name this server hosts

property groupPriorityMinimum

groupPriorityMinimum: number;

GroupPriorityMininum is the priority this group should have at least. Higher priority means that the group is preferred by clients over lower priority ones. Note that other versions of this group might specify even higher GroupPriorityMininum values such that the whole group gets a higher priority. The primary sort is based on GroupPriorityMinimum, ordered highest number to lowest (20 before 10). The secondary sort is based on the alphabetical comparison of the name of the object. (v1.bar before v1.foo) We’d recommend something like: *.k8s.io (except extensions) at 18000 and PaaSes (OpenShift, Deis) are recommended to be in the 2000s

property insecureSkipTLSVerify

insecureSkipTLSVerify: boolean;

InsecureSkipTLSVerify disables TLS certificate verification when communicating with this server. This is strongly discouraged. You should use the CABundle instead.

property service

service: ServiceReference;

Service is a reference to the service for this API server. It must communicate on port 443. If the Service is nil, that means the handling for the API groupversion is handled locally on this server. The call will simply delegate to the normal handler chain to be fulfilled.

property version

version: string;

Version is the API version this server hosts. For example, “v1”

property versionPriority

versionPriority: number;

VersionPriority controls the ordering of this API version inside of its group. Must be greater than zero. The primary sort is based on VersionPriority, ordered highest to lowest (20 before 10). Since it’s inside of a group, the number can be small, probably in the 10s. In case of equal version priorities, the version string will be used to compute the order inside a group. If the version string is “kube-like”, it will sort above non “kube-like” version strings, which are ordered lexicographically. “Kube-like” versions start with a “v”, then are followed by a number (the major version), then optionally the string “alpha” or “beta” and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.

interface APIServiceStatus

interface APIServiceStatus

APIServiceStatus contains derived information about an API server

property conditions

conditions: APIServiceCondition[];

Current service state of apiService.

interface ServiceReference

interface ServiceReference

ServiceReference holds a reference to Service.legacy.k8s.io

property name

name: string;

Name is the name of the service

property namespace

namespace: string;

Namespace is the namespace of the service

property port

port: number;

If specified, the port on the service that hosting webhook. Default to 443 for backward compatibility. port should be a valid port number (1-65535, inclusive).

namespace apps.v1

interface ControllerRevision

interface ControllerRevision

ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers.

property apiVersion

apiVersion: "apps/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property data

data: any;

Data is the serialized representation of the state.

property kind

kind: "ControllerRevision";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property revision

revision: number;

Revision indicates the revision of the state represented by Data.

interface DaemonSet

interface DaemonSet

DaemonSet represents the configuration of a daemon set.

property apiVersion

apiVersion: "apps/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "DaemonSet";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: DaemonSetSpec;

The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

property status

status: DaemonSetStatus;

The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

interface DaemonSetCondition

interface DaemonSetCondition

DaemonSetCondition describes the state of a DaemonSet at a certain point.

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transitioned from one status to another.

property message

message: string;

A human readable message indicating details about the transition.

property reason

reason: string;

The reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of DaemonSet condition.

interface DaemonSetSpec

interface DaemonSetSpec

DaemonSetSpec is the specification of a daemon set.

property minReadySeconds

minReadySeconds: number;

The minimum number of seconds for which a newly created DaemonSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).

property revisionHistoryLimit

revisionHistoryLimit: number;

The number of old history to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.

property selector

selector: LabelSelector;

A label query over pods that are managed by the daemon set. Must match in order to be controlled. It must match the pod template’s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors

property template

template: PodTemplateSpec;

An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template’s node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template

property updateStrategy

updateStrategy: DaemonSetUpdateStrategy;

An update strategy to replace existing DaemonSet pods with new pods.

interface DaemonSetStatus

interface DaemonSetStatus

DaemonSetStatus represents the current status of a daemon set.

property collisionCount

collisionCount: number;

Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.

property conditions

conditions: DaemonSetCondition[];

Represents the latest available observations of a DaemonSet’s current state.

property currentNumberScheduled

currentNumberScheduled: number;

The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/

property desiredNumberScheduled

desiredNumberScheduled: number;

The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/

property numberAvailable

numberAvailable: number;

The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)

property numberMisscheduled

numberMisscheduled: number;

The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/

property numberReady

numberReady: number;

The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.

property numberUnavailable

numberUnavailable: number;

The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)

property observedGeneration

observedGeneration: number;

The most recent generation observed by the daemon set controller.

property updatedNumberScheduled

updatedNumberScheduled: number;

The total number of nodes that are running updated daemon pod

interface DaemonSetUpdateStrategy

interface DaemonSetUpdateStrategy

DaemonSetUpdateStrategy is a struct used to control the update strategy for a DaemonSet.

property rollingUpdate

rollingUpdate: RollingUpdateDaemonSet;

Rolling update config params. Present only if type = “RollingUpdate”.

property type

type: string;

Type of daemon set update. Can be “RollingUpdate” or “OnDelete”. Default is RollingUpdate.

interface Deployment

interface Deployment

Deployment enables declarative updates for Pods and ReplicaSets.

This resource waits until its status is ready before registering success for create/update, and populating output properties from the current state of the resource. The following conditions are used to determine whether the resource creation has succeeded or failed:

  1. The Deployment has begun to be updated by the Deployment controller. If the current generation of the Deployment is > 1, then this means that the current generation must be different from the generation reported by the last outputs.
  2. There exists a ReplicaSet whose revision is equal to the current revision of the Deployment.
  3. The Deployment’s ‘.status.conditions’ has a status of type ‘Available’ whose ‘status’ member is set to ‘True’.
  4. If the Deployment has generation > 1, then ‘.status.conditions’ has a status of type ‘Progressing’, whose ‘status’ member is set to ‘True’, and whose ‘reason’ is ‘NewReplicaSetAvailable’. For generation <= 1, this status field does not exist, because it doesn’t do a rollout (i.e., it simply creates the Deployment and corresponding ReplicaSet), and therefore there is no rollout to mark as ‘Progressing’.

If the Deployment has not reached a Ready state after 10 minutes, it will time out and mark the resource update as Failed. You can override the default timeout value by setting the ‘customTimeouts’ option on the resource.

property apiVersion

apiVersion: "apps/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "Deployment";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object metadata.

property spec

spec: DeploymentSpec;

Specification of the desired behavior of the Deployment.

property status

status: DeploymentStatus;

Most recently observed status of the Deployment.

interface DeploymentCondition

interface DeploymentCondition

DeploymentCondition describes the state of a deployment at a certain point.

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transitioned from one status to another.

property lastUpdateTime

lastUpdateTime: string;

The last time this condition was updated.

property message

message: string;

A human readable message indicating details about the transition.

property reason

reason: string;

The reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of deployment condition.

interface DeploymentSpec

interface DeploymentSpec

DeploymentSpec is the specification of the desired behavior of the Deployment.

property minReadySeconds

minReadySeconds: number;

Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)

property paused

paused: boolean;

Indicates that the deployment is paused.

property progressDeadlineSeconds

progressDeadlineSeconds: number;

The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.

property replicas

replicas: number;

Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.

property revisionHistoryLimit

revisionHistoryLimit: number;

The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.

property selector

selector: LabelSelector;

Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment. It must match the pod template’s labels.

property strategy

strategy: DeploymentStrategy;

The deployment strategy to use to replace existing pods with new ones.

property template

template: PodTemplateSpec;

Template describes the pods that will be created.

interface DeploymentStatus

interface DeploymentStatus

DeploymentStatus is the most recently observed status of the Deployment.

property availableReplicas

availableReplicas: number;

Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.

property collisionCount

collisionCount: number;

Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.

property conditions

conditions: DeploymentCondition[];

Represents the latest available observations of a deployment’s current state.

property observedGeneration

observedGeneration: number;

The generation observed by the deployment controller.

property readyReplicas

readyReplicas: number;

Total number of ready pods targeted by this deployment.

property replicas

replicas: number;

Total number of non-terminated pods targeted by this deployment (their labels match the selector).

property unavailableReplicas

unavailableReplicas: number;

Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.

property updatedReplicas

updatedReplicas: number;

Total number of non-terminated pods targeted by this deployment that have the desired template spec.

interface DeploymentStrategy

interface DeploymentStrategy

DeploymentStrategy describes how to replace existing pods with new ones.

property rollingUpdate

rollingUpdate: RollingUpdateDeployment;

Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.

property type

type: string;

Type of deployment. Can be “Recreate” or “RollingUpdate”. Default is RollingUpdate.

interface ReplicaSet

interface ReplicaSet

ReplicaSet ensures that a specified number of pod replicas are running at any given time.

property apiVersion

apiVersion: "apps/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "ReplicaSet";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: ReplicaSetSpec;

Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

property status

status: ReplicaSetStatus;

Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

interface ReplicaSetCondition

interface ReplicaSetCondition

ReplicaSetCondition describes the state of a replica set at a certain point.

property lastTransitionTime

lastTransitionTime: string;

The last time the condition transitioned from one status to another.

property message

message: string;

A human readable message indicating details about the transition.

property reason

reason: string;

The reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of replica set condition.

interface ReplicaSetSpec

interface ReplicaSetSpec

ReplicaSetSpec is the specification of a ReplicaSet.

property minReadySeconds

minReadySeconds: number;

Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)

property replicas

replicas: number;

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller

property selector

selector: LabelSelector;

Selector is a label query over pods that should match the replica count. Label keys and values that must match in order to be controlled by this replica set. It must match the pod template’s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors

property template

template: PodTemplateSpec;

Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template

interface ReplicaSetStatus

interface ReplicaSetStatus

ReplicaSetStatus represents the current status of a ReplicaSet.

property availableReplicas

availableReplicas: number;

The number of available replicas (ready for at least minReadySeconds) for this replica set.

property conditions

conditions: ReplicaSetCondition[];

Represents the latest available observations of a replica set’s current state.

property fullyLabeledReplicas

fullyLabeledReplicas: number;

The number of pods that have labels matching the labels of the pod template of the replicaset.

property observedGeneration

observedGeneration: number;

ObservedGeneration reflects the generation of the most recently observed ReplicaSet.

property readyReplicas

readyReplicas: number;

The number of ready replicas for this replica set.

property replicas

replicas: number;

Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller

interface RollingUpdateDaemonSet

interface RollingUpdateDaemonSet

Spec to control the desired behavior of daemon set rolling update.

property maxUnavailable

maxUnavailable: number | string;

The maximum number of DaemonSet pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet pods at the start of the update (ex: 10%). Absolute number is calculated from percentage by rounding up. This cannot be 0. Default value is 1. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods stopped for an update at any given time. The update starts by stopping at most 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. Once the new pods are available, it then proceeds onto other DaemonSet pods, thus ensuring that at least 70% of original number of DaemonSet pods are available at all times during the update.

interface RollingUpdateDeployment

interface RollingUpdateDeployment

Spec to control the desired behavior of rolling update.

property maxSurge

maxSurge: number | string;

The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.

property maxUnavailable

maxUnavailable: number | string;

The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.

interface RollingUpdateStatefulSetStrategy

interface RollingUpdateStatefulSetStrategy

RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.

property partition

partition: number;

Partition indicates the ordinal at which the StatefulSet should be partitioned. Default value is 0.

interface StatefulSet

interface StatefulSet

StatefulSet represents a set of pods with consistent identities. Identities are defined as: - Network: A single stable DNS and hostname. - Storage: As many VolumeClaims as requested. The StatefulSet guarantees that a given network identity will always map to the same storage identity.

This resource waits until its status is ready before registering success for create/update, and populating output properties from the current state of the resource. The following conditions are used to determine whether the resource creation has succeeded or failed:

  1. The value of ‘spec.replicas’ matches ‘.status.replicas’, ‘.status.currentReplicas’, and ‘.status.readyReplicas’.
  2. The value of ‘.status.updateRevision’ matches ‘.status.currentRevision’.

If the StatefulSet has not reached a Ready state after 10 minutes, it will time out and mark the resource update as Failed. You can override the default timeout value by setting the ‘customTimeouts’ option on the resource.

property apiVersion

apiVersion: "apps/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "StatefulSet";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

property spec

spec: StatefulSetSpec;

Spec defines the desired identities of pods in this set.

property status

status: StatefulSetStatus;

Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time.

interface StatefulSetCondition

interface StatefulSetCondition

StatefulSetCondition describes the state of a statefulset at a certain point.

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transitioned from one status to another.

property message

message: string;

A human readable message indicating details about the transition.

property reason

reason: string;

The reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of statefulset condition.

interface StatefulSetSpec

interface StatefulSetSpec

A StatefulSetSpec is the specification of a StatefulSet.

property podManagementPolicy

podManagementPolicy: string;

podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is OrderedReady, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is Parallel which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.

property replicas

replicas: number;

replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.

property revisionHistoryLimit

revisionHistoryLimit: number;

revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet’s revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.

property selector

selector: LabelSelector;

selector is a label query over pods that should match the replica count. It must match the pod template’s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors

property serviceName

serviceName: string;

serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where “pod-specific-string” is managed by the StatefulSet controller.

property template

template: PodTemplateSpec;

template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet.

property updateStrategy

updateStrategy: StatefulSetUpdateStrategy;

updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.

property volumeClaimTemplates

volumeClaimTemplates: PersistentVolumeClaim[];

volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.

interface StatefulSetStatus

interface StatefulSetStatus

StatefulSetStatus represents the current state of a StatefulSet.

property collisionCount

collisionCount: number;

collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.

property conditions

conditions: StatefulSetCondition[];

Represents the latest available observations of a statefulset’s current state.

property currentReplicas

currentReplicas: number;

currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.

property currentRevision

currentRevision: string;

currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).

property observedGeneration

observedGeneration: number;

observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the StatefulSet’s generation, which is updated on mutation by the API Server.

property readyReplicas

readyReplicas: number;

readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.

property replicas

replicas: number;

replicas is the number of Pods created by the StatefulSet controller.

property updateRevision

updateRevision: string;

updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)

property updatedReplicas

updatedReplicas: number;

updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.

interface StatefulSetUpdateStrategy

interface StatefulSetUpdateStrategy

StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.

property rollingUpdate

rollingUpdate: RollingUpdateStatefulSetStrategy;

RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.

property type

type: string;

Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.

namespace apps.v1beta1

interface ControllerRevision

interface ControllerRevision

ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers.

property apiVersion

apiVersion: "apps/v1beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property data

data: any;

Data is the serialized representation of the state.

property kind

kind: "ControllerRevision";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property revision

revision: number;

Revision indicates the revision of the state represented by Data.

interface Deployment

interface Deployment

Deployment enables declarative updates for Pods and ReplicaSets.

This resource waits until its status is ready before registering success for create/update, and populating output properties from the current state of the resource. The following conditions are used to determine whether the resource creation has succeeded or failed:

  1. The Deployment has begun to be updated by the Deployment controller. If the current generation of the Deployment is > 1, then this means that the current generation must be different from the generation reported by the last outputs.
  2. There exists a ReplicaSet whose revision is equal to the current revision of the Deployment.
  3. The Deployment’s ‘.status.conditions’ has a status of type ‘Available’ whose ‘status’ member is set to ‘True’.
  4. If the Deployment has generation > 1, then ‘.status.conditions’ has a status of type ‘Progressing’, whose ‘status’ member is set to ‘True’, and whose ‘reason’ is ‘NewReplicaSetAvailable’. For generation <= 1, this status field does not exist, because it doesn’t do a rollout (i.e., it simply creates the Deployment and corresponding ReplicaSet), and therefore there is no rollout to mark as ‘Progressing’.

If the Deployment has not reached a Ready state after 10 minutes, it will time out and mark the resource update as Failed. You can override the default timeout value by setting the ‘customTimeouts’ option on the resource.

property apiVersion

apiVersion: "apps/v1beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "Deployment";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object metadata.

property spec

spec: DeploymentSpec;

Specification of the desired behavior of the Deployment.

property status

status: DeploymentStatus;

Most recently observed status of the Deployment.

interface DeploymentCondition

interface DeploymentCondition

DeploymentCondition describes the state of a deployment at a certain point.

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transitioned from one status to another.

property lastUpdateTime

lastUpdateTime: string;

The last time this condition was updated.

property message

message: string;

A human readable message indicating details about the transition.

property reason

reason: string;

The reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of deployment condition.

interface DeploymentSpec

interface DeploymentSpec

DeploymentSpec is the specification of the desired behavior of the Deployment.

property minReadySeconds

minReadySeconds: number;

Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)

property paused

paused: boolean;

Indicates that the deployment is paused.

property progressDeadlineSeconds

progressDeadlineSeconds: number;

The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.

property replicas

replicas: number;

Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.

property revisionHistoryLimit

revisionHistoryLimit: number;

The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 2.

property rollbackTo

rollbackTo: RollbackConfig;

DEPRECATED. The config this deployment is rolling back to. Will be cleared after rollback is done.

property selector

selector: LabelSelector;

Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment.

property strategy

strategy: DeploymentStrategy;

The deployment strategy to use to replace existing pods with new ones.

property template

template: PodTemplateSpec;

Template describes the pods that will be created.

interface DeploymentStatus

interface DeploymentStatus

DeploymentStatus is the most recently observed status of the Deployment.

property availableReplicas

availableReplicas: number;

Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.

property collisionCount

collisionCount: number;

Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.

property conditions

conditions: DeploymentCondition[];

Represents the latest available observations of a deployment’s current state.

property observedGeneration

observedGeneration: number;

The generation observed by the deployment controller.

property readyReplicas

readyReplicas: number;

Total number of ready pods targeted by this deployment.

property replicas

replicas: number;

Total number of non-terminated pods targeted by this deployment (their labels match the selector).

property unavailableReplicas

unavailableReplicas: number;

Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.

property updatedReplicas

updatedReplicas: number;

Total number of non-terminated pods targeted by this deployment that have the desired template spec.

interface DeploymentStrategy

interface DeploymentStrategy

DeploymentStrategy describes how to replace existing pods with new ones.

property rollingUpdate

rollingUpdate: RollingUpdateDeployment;

Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.

property type

type: string;

Type of deployment. Can be “Recreate” or “RollingUpdate”. Default is RollingUpdate.

interface RollbackConfig

interface RollbackConfig

DEPRECATED.

property revision

revision: number;

The revision to rollback to. If set to 0, rollback to the last revision.

interface RollingUpdateDeployment

interface RollingUpdateDeployment

Spec to control the desired behavior of rolling update.

property maxSurge

maxSurge: number | string;

The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.

property maxUnavailable

maxUnavailable: number | string;

The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.

interface RollingUpdateStatefulSetStrategy

interface RollingUpdateStatefulSetStrategy

RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.

property partition

partition: number;

Partition indicates the ordinal at which the StatefulSet should be partitioned.

interface StatefulSet

interface StatefulSet

StatefulSet represents a set of pods with consistent identities. Identities are defined as: - Network: A single stable DNS and hostname. - Storage: As many VolumeClaims as requested. The StatefulSet guarantees that a given network identity will always map to the same storage identity.

This resource waits until its status is ready before registering success for create/update, and populating output properties from the current state of the resource. The following conditions are used to determine whether the resource creation has succeeded or failed:

  1. The value of ‘spec.replicas’ matches ‘.status.replicas’, ‘.status.currentReplicas’, and ‘.status.readyReplicas’.
  2. The value of ‘.status.updateRevision’ matches ‘.status.currentRevision’.

If the StatefulSet has not reached a Ready state after 10 minutes, it will time out and mark the resource update as Failed. You can override the default timeout value by setting the ‘customTimeouts’ option on the resource.

property apiVersion

apiVersion: "apps/v1beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "StatefulSet";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

property spec

spec: StatefulSetSpec;

Spec defines the desired identities of pods in this set.

property status

status: StatefulSetStatus;

Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time.

interface StatefulSetCondition

interface StatefulSetCondition

StatefulSetCondition describes the state of a statefulset at a certain point.

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transitioned from one status to another.

property message

message: string;

A human readable message indicating details about the transition.

property reason

reason: string;

The reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of statefulset condition.

interface StatefulSetSpec

interface StatefulSetSpec

A StatefulSetSpec is the specification of a StatefulSet.

property podManagementPolicy

podManagementPolicy: string;

podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is OrderedReady, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is Parallel which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.

property replicas

replicas: number;

replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.

property revisionHistoryLimit

revisionHistoryLimit: number;

revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet’s revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.

property selector

selector: LabelSelector;

selector is a label query over pods that should match the replica count. If empty, defaulted to labels on the pod template. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors

property serviceName

serviceName: string;

serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where “pod-specific-string” is managed by the StatefulSet controller.

property template

template: PodTemplateSpec;

template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet.

property updateStrategy

updateStrategy: StatefulSetUpdateStrategy;

updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.

property volumeClaimTemplates

volumeClaimTemplates: PersistentVolumeClaim[];

volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.

interface StatefulSetStatus

interface StatefulSetStatus

StatefulSetStatus represents the current state of a StatefulSet.

property collisionCount

collisionCount: number;

collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.

property conditions

conditions: StatefulSetCondition[];

Represents the latest available observations of a statefulset’s current state.

property currentReplicas

currentReplicas: number;

currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.

property currentRevision

currentRevision: string;

currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).

property observedGeneration

observedGeneration: number;

observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the StatefulSet’s generation, which is updated on mutation by the API Server.

property readyReplicas

readyReplicas: number;

readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.

property replicas

replicas: number;

replicas is the number of Pods created by the StatefulSet controller.

property updateRevision

updateRevision: string;

updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)

property updatedReplicas

updatedReplicas: number;

updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.

interface StatefulSetUpdateStrategy

interface StatefulSetUpdateStrategy

StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.

property rollingUpdate

rollingUpdate: RollingUpdateStatefulSetStrategy;

RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.

property type

type: string;

Type indicates the type of the StatefulSetUpdateStrategy.

namespace apps.v1beta2

interface ControllerRevision

interface ControllerRevision

ControllerRevision implements an immutable snapshot of state data. Clients are responsible for serializing and deserializing the objects that contain their internal state. Once a ControllerRevision has been successfully created, it can not be updated. The API Server will fail validation of all requests that attempt to mutate the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However, it may be subject to name and representation changes in future releases, and clients should not depend on its stability. It is primarily for internal use by controllers.

property apiVersion

apiVersion: "apps/v1beta2";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property data

data: any;

Data is the serialized representation of the state.

property kind

kind: "ControllerRevision";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property revision

revision: number;

Revision indicates the revision of the state represented by Data.

interface DaemonSet

interface DaemonSet

DaemonSet represents the configuration of a daemon set.

property apiVersion

apiVersion: "apps/v1beta2";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "DaemonSet";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: DaemonSetSpec;

The desired behavior of this daemon set. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

property status

status: DaemonSetStatus;

The current status of this daemon set. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

interface DaemonSetCondition

interface DaemonSetCondition

DaemonSetCondition describes the state of a DaemonSet at a certain point.

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transitioned from one status to another.

property message

message: string;

A human readable message indicating details about the transition.

property reason

reason: string;

The reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of DaemonSet condition.

interface DaemonSetSpec

interface DaemonSetSpec

DaemonSetSpec is the specification of a daemon set.

property minReadySeconds

minReadySeconds: number;

The minimum number of seconds for which a newly created DaemonSet pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready).

property revisionHistoryLimit

revisionHistoryLimit: number;

The number of old history to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.

property selector

selector: LabelSelector;

A label query over pods that are managed by the daemon set. Must match in order to be controlled. It must match the pod template’s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors

property template

template: PodTemplateSpec;

An object that describes the pod that will be created. The DaemonSet will create exactly one copy of this pod on every node that matches the template’s node selector (or on every node if no node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template

property updateStrategy

updateStrategy: DaemonSetUpdateStrategy;

An update strategy to replace existing DaemonSet pods with new pods.

interface DaemonSetStatus

interface DaemonSetStatus

DaemonSetStatus represents the current status of a daemon set.

property collisionCount

collisionCount: number;

Count of hash collisions for the DaemonSet. The DaemonSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.

property conditions

conditions: DaemonSetCondition[];

Represents the latest available observations of a DaemonSet’s current state.

property currentNumberScheduled

currentNumberScheduled: number;

The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/

property desiredNumberScheduled

desiredNumberScheduled: number;

The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/

property numberAvailable

numberAvailable: number;

The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and available (ready for at least spec.minReadySeconds)

property numberMisscheduled

numberMisscheduled: number;

The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/

property numberReady

numberReady: number;

The number of nodes that should be running the daemon pod and have one or more of the daemon pod running and ready.

property numberUnavailable

numberUnavailable: number;

The number of nodes that should be running the daemon pod and have none of the daemon pod running and available (ready for at least spec.minReadySeconds)

property observedGeneration

observedGeneration: number;

The most recent generation observed by the daemon set controller.

property updatedNumberScheduled

updatedNumberScheduled: number;

The total number of nodes that are running updated daemon pod

interface DaemonSetUpdateStrategy

interface DaemonSetUpdateStrategy

DaemonSetUpdateStrategy is a struct used to control the update strategy for a DaemonSet.

property rollingUpdate

rollingUpdate: RollingUpdateDaemonSet;

Rolling update config params. Present only if type = “RollingUpdate”.

property type

type: string;

Type of daemon set update. Can be “RollingUpdate” or “OnDelete”. Default is RollingUpdate.

interface Deployment

interface Deployment

Deployment enables declarative updates for Pods and ReplicaSets.

This resource waits until its status is ready before registering success for create/update, and populating output properties from the current state of the resource. The following conditions are used to determine whether the resource creation has succeeded or failed:

  1. The Deployment has begun to be updated by the Deployment controller. If the current generation of the Deployment is > 1, then this means that the current generation must be different from the generation reported by the last outputs.
  2. There exists a ReplicaSet whose revision is equal to the current revision of the Deployment.
  3. The Deployment’s ‘.status.conditions’ has a status of type ‘Available’ whose ‘status’ member is set to ‘True’.
  4. If the Deployment has generation > 1, then ‘.status.conditions’ has a status of type ‘Progressing’, whose ‘status’ member is set to ‘True’, and whose ‘reason’ is ‘NewReplicaSetAvailable’. For generation <= 1, this status field does not exist, because it doesn’t do a rollout (i.e., it simply creates the Deployment and corresponding ReplicaSet), and therefore there is no rollout to mark as ‘Progressing’.

If the Deployment has not reached a Ready state after 10 minutes, it will time out and mark the resource update as Failed. You can override the default timeout value by setting the ‘customTimeouts’ option on the resource.

property apiVersion

apiVersion: "apps/v1beta2";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "Deployment";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object metadata.

property spec

spec: DeploymentSpec;

Specification of the desired behavior of the Deployment.

property status

status: DeploymentStatus;

Most recently observed status of the Deployment.

interface DeploymentCondition

interface DeploymentCondition

DeploymentCondition describes the state of a deployment at a certain point.

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transitioned from one status to another.

property lastUpdateTime

lastUpdateTime: string;

The last time this condition was updated.

property message

message: string;

A human readable message indicating details about the transition.

property reason

reason: string;

The reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of deployment condition.

interface DeploymentSpec

interface DeploymentSpec

DeploymentSpec is the specification of the desired behavior of the Deployment.

property minReadySeconds

minReadySeconds: number;

Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)

property paused

paused: boolean;

Indicates that the deployment is paused.

property progressDeadlineSeconds

progressDeadlineSeconds: number;

The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.

property replicas

replicas: number;

Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.

property revisionHistoryLimit

revisionHistoryLimit: number;

The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 10.

property selector

selector: LabelSelector;

Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment. It must match the pod template’s labels.

property strategy

strategy: DeploymentStrategy;

The deployment strategy to use to replace existing pods with new ones.

property template

template: PodTemplateSpec;

Template describes the pods that will be created.

interface DeploymentStatus

interface DeploymentStatus

DeploymentStatus is the most recently observed status of the Deployment.

property availableReplicas

availableReplicas: number;

Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.

property collisionCount

collisionCount: number;

Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.

property conditions

conditions: DeploymentCondition[];

Represents the latest available observations of a deployment’s current state.

property observedGeneration

observedGeneration: number;

The generation observed by the deployment controller.

property readyReplicas

readyReplicas: number;

Total number of ready pods targeted by this deployment.

property replicas

replicas: number;

Total number of non-terminated pods targeted by this deployment (their labels match the selector).

property unavailableReplicas

unavailableReplicas: number;

Total number of unavailable pods targeted by this deployment. This is the total number of pods that are still required for the deployment to have 100% available capacity. They may either be pods that are running but not yet available or pods that still have not been created.

property updatedReplicas

updatedReplicas: number;

Total number of non-terminated pods targeted by this deployment that have the desired template spec.

interface DeploymentStrategy

interface DeploymentStrategy

DeploymentStrategy describes how to replace existing pods with new ones.

property rollingUpdate

rollingUpdate: RollingUpdateDeployment;

Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.

property type

type: string;

Type of deployment. Can be “Recreate” or “RollingUpdate”. Default is RollingUpdate.

interface ReplicaSet

interface ReplicaSet

ReplicaSet ensures that a specified number of pod replicas are running at any given time.

property apiVersion

apiVersion: "apps/v1beta2";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "ReplicaSet";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

If the Labels of a ReplicaSet are empty, they are defaulted to be the same as the Pod(s) that the ReplicaSet manages. Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: ReplicaSetSpec;

Spec defines the specification of the desired behavior of the ReplicaSet. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

property status

status: ReplicaSetStatus;

Status is the most recently observed status of the ReplicaSet. This data may be out of date by some window of time. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

interface ReplicaSetCondition

interface ReplicaSetCondition

ReplicaSetCondition describes the state of a replica set at a certain point.

property lastTransitionTime

lastTransitionTime: string;

The last time the condition transitioned from one status to another.

property message

message: string;

A human readable message indicating details about the transition.

property reason

reason: string;

The reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of replica set condition.

interface ReplicaSetSpec

interface ReplicaSetSpec

ReplicaSetSpec is the specification of a ReplicaSet.

property minReadySeconds

minReadySeconds: number;

Minimum number of seconds for which a newly created pod should be ready without any of its container crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)

property replicas

replicas: number;

Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller

property selector

selector: LabelSelector;

Selector is a label query over pods that should match the replica count. Label keys and values that must match in order to be controlled by this replica set. It must match the pod template’s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors

property template

template: PodTemplateSpec;

Template is the object that describes the pod that will be created if insufficient replicas are detected. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template

interface ReplicaSetStatus

interface ReplicaSetStatus

ReplicaSetStatus represents the current status of a ReplicaSet.

property availableReplicas

availableReplicas: number;

The number of available replicas (ready for at least minReadySeconds) for this replica set.

property conditions

conditions: ReplicaSetCondition[];

Represents the latest available observations of a replica set’s current state.

property fullyLabeledReplicas

fullyLabeledReplicas: number;

The number of pods that have labels matching the labels of the pod template of the replicaset.

property observedGeneration

observedGeneration: number;

ObservedGeneration reflects the generation of the most recently observed ReplicaSet.

property readyReplicas

readyReplicas: number;

The number of ready replicas for this replica set.

property replicas

replicas: number;

Replicas is the most recently oberved number of replicas. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller

interface RollingUpdateDaemonSet

interface RollingUpdateDaemonSet

Spec to control the desired behavior of daemon set rolling update.

property maxUnavailable

maxUnavailable: number | string;

The maximum number of DaemonSet pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of total number of DaemonSet pods at the start of the update (ex: 10%). Absolute number is calculated from percentage by rounding up. This cannot be 0. Default value is 1. Example: when this is set to 30%, at most 30% of the total number of nodes that should be running the daemon pod (i.e. status.desiredNumberScheduled) can have their pods stopped for an update at any given time. The update starts by stopping at most 30% of those DaemonSet pods and then brings up new DaemonSet pods in their place. Once the new pods are available, it then proceeds onto other DaemonSet pods, thus ensuring that at least 70% of original number of DaemonSet pods are available at all times during the update.

interface RollingUpdateDeployment

interface RollingUpdateDeployment

Spec to control the desired behavior of rolling update.

property maxSurge

maxSurge: number | string;

The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.

property maxUnavailable

maxUnavailable: number | string;

The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old ReplicaSet can be scaled down further, followed by scaling up the new ReplicaSet, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.

interface RollingUpdateStatefulSetStrategy

interface RollingUpdateStatefulSetStrategy

RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.

property partition

partition: number;

Partition indicates the ordinal at which the StatefulSet should be partitioned. Default value is 0.

interface StatefulSet

interface StatefulSet

StatefulSet represents a set of pods with consistent identities. Identities are defined as: - Network: A single stable DNS and hostname. - Storage: As many VolumeClaims as requested. The StatefulSet guarantees that a given network identity will always map to the same storage identity.

This resource waits until its status is ready before registering success for create/update, and populating output properties from the current state of the resource. The following conditions are used to determine whether the resource creation has succeeded or failed:

  1. The value of ‘spec.replicas’ matches ‘.status.replicas’, ‘.status.currentReplicas’, and ‘.status.readyReplicas’.
  2. The value of ‘.status.updateRevision’ matches ‘.status.currentRevision’.

If the StatefulSet has not reached a Ready state after 10 minutes, it will time out and mark the resource update as Failed. You can override the default timeout value by setting the ‘customTimeouts’ option on the resource.

property apiVersion

apiVersion: "apps/v1beta2";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "StatefulSet";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

property spec

spec: StatefulSetSpec;

Spec defines the desired identities of pods in this set.

property status

status: StatefulSetStatus;

Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time.

interface StatefulSetCondition

interface StatefulSetCondition

StatefulSetCondition describes the state of a statefulset at a certain point.

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transitioned from one status to another.

property message

message: string;

A human readable message indicating details about the transition.

property reason

reason: string;

The reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of statefulset condition.

interface StatefulSetSpec

interface StatefulSetSpec

A StatefulSetSpec is the specification of a StatefulSet.

property podManagementPolicy

podManagementPolicy: string;

podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down. The default policy is OrderedReady, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order. The alternative policy is Parallel which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.

property replicas

replicas: number;

replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.

property revisionHistoryLimit

revisionHistoryLimit: number;

revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet’s revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.

property selector

selector: LabelSelector;

selector is a label query over pods that should match the replica count. It must match the pod template’s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors

property serviceName

serviceName: string;

serviceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where “pod-specific-string” is managed by the StatefulSet controller.

property template

template: PodTemplateSpec;

template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet.

property updateStrategy

updateStrategy: StatefulSetUpdateStrategy;

updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.

property volumeClaimTemplates

volumeClaimTemplates: PersistentVolumeClaim[];

volumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.

interface StatefulSetStatus

interface StatefulSetStatus

StatefulSetStatus represents the current state of a StatefulSet.

property collisionCount

collisionCount: number;

collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision.

property conditions

conditions: StatefulSetCondition[];

Represents the latest available observations of a statefulset’s current state.

property currentReplicas

currentReplicas: number;

currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.

property currentRevision

currentRevision: string;

currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).

property observedGeneration

observedGeneration: number;

observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the StatefulSet’s generation, which is updated on mutation by the API Server.

property readyReplicas

readyReplicas: number;

readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.

property replicas

replicas: number;

replicas is the number of Pods created by the StatefulSet controller.

property updateRevision

updateRevision: string;

updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)

property updatedReplicas

updatedReplicas: number;

updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.

interface StatefulSetUpdateStrategy

interface StatefulSetUpdateStrategy

StatefulSetUpdateStrategy indicates the strategy that the StatefulSet controller will use to perform updates. It includes any additional parameters necessary to perform the update for the indicated strategy.

property rollingUpdate

rollingUpdate: RollingUpdateStatefulSetStrategy;

RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.

property type

type: string;

Type indicates the type of the StatefulSetUpdateStrategy. Default is RollingUpdate.

namespace auditregistration.v1alpha1

interface AuditSink

interface AuditSink

AuditSink represents a cluster level audit sink

property apiVersion

apiVersion: "auditregistration.k8s.io/v1alpha1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "AuditSink";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

property spec

spec: AuditSinkSpec;

Spec defines the audit configuration spec

interface AuditSinkSpec

interface AuditSinkSpec

AuditSinkSpec holds the spec for the audit sink

property policy

policy: Policy;

Policy defines the policy for selecting which events should be sent to the webhook required

property webhook

webhook: Webhook;

Webhook to send events required

interface Policy

interface Policy

Policy defines the configuration of how audit events are logged

property level

level: string;

The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required

property stages

stages: string[];

Stages is a list of stages for which events are created.

interface ServiceReference

interface ServiceReference

ServiceReference holds a reference to Service.legacy.k8s.io

property name

name: string;

name is the name of the service. Required

property namespace

namespace: string;

namespace is the namespace of the service. Required

property path

path: string;

path is an optional URL path which will be sent in any request to this service.

property port

port: number;

If specified, the port on the service that hosting webhook. Default to 443 for backward compatibility. port should be a valid port number (1-65535, inclusive).

interface Webhook

interface Webhook

Webhook holds the configuration of the webhook

property clientConfig

clientConfig: WebhookClientConfig;

ClientConfig holds the connection parameters for the webhook required

property throttle

throttle: WebhookThrottleConfig;

Throttle holds the options for throttling the webhook

interface WebhookClientConfig

interface WebhookClientConfig

WebhookClientConfig contains the information to make a connection with the webhook

property caBundle

caBundle: string;

caBundle is a PEM encoded CA bundle which will be used to validate the webhook’s server certificate. If unspecified, system trust roots on the apiserver are used.

property service

service: ServiceReference;

service is a reference to the service for this webhook. Either service or url must be specified.

If the webhook is running within the cluster, then you should use service.

property url

url: string;

url gives the location of the webhook, in standard URL form (scheme://host:port/path). Exactly one of url or service must be specified.

The host should not refer to a service running in the cluster; use the service field instead. The host might be resolved via external DNS in some apiservers (e.g., kube-apiserver cannot resolve in-cluster DNS as that would be a layering violation). host may also be an IP address.

Please note that using localhost or 127.0.0.1 as a host is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.

The scheme must be “https”; the URL must begin with “https://“.

A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.

Attempting to use a user or basic auth e.g. “user:password@” is not allowed. Fragments (“#…”) and query parameters (“?…”) are not allowed, either.

interface WebhookThrottleConfig

interface WebhookThrottleConfig

WebhookThrottleConfig holds the configuration for throttling events

property burst

burst: number;

ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS

property qps

qps: number;

ThrottleQPS maximum number of batches per second default 10 QPS

namespace authentication.v1

interface BoundObjectReference

interface BoundObjectReference

BoundObjectReference is a reference to an object that a token is bound to.

property apiVersion

apiVersion: string;

API version of the referent.

property kind

kind: string;

Kind of the referent. Valid kinds are ‘Pod’ and ‘Secret’.

property name

name: string;

Name of the referent.

property uid

uid: string;

UID of the referent.

interface TokenRequestSpec

interface TokenRequestSpec

TokenRequestSpec contains client provided parameters of a token request.

property audiences

audiences: string[];

Audiences are the intendend audiences of the token. A recipient of a token must identitfy themself with an identifier in the list of audiences of the token, and otherwise should reject the token. A token issued for multiple audiences may be used to authenticate against any of the audiences listed but implies a high degree of trust between the target audiences.

property boundObjectRef

boundObjectRef: BoundObjectReference;

BoundObjectRef is a reference to an object that the token will be bound to. The token will only be valid for as long as the bound object exists. NOTE: The API server’s TokenReview endpoint will validate the BoundObjectRef, but other audiences may not. Keep ExpirationSeconds small if you want prompt revocation.

property expirationSeconds

expirationSeconds: number;

ExpirationSeconds is the requested duration of validity of the request. The token issuer may return a token with a different validity duration so a client needs to check the ‘expiration’ field in a response.

interface TokenRequestStatus

interface TokenRequestStatus

TokenRequestStatus is the result of a token request.

property expirationTimestamp

expirationTimestamp: string;

ExpirationTimestamp is the time of expiration of the returned token.

property token

token: string;

Token is the opaque bearer token.

interface TokenReviewSpec

interface TokenReviewSpec

TokenReviewSpec is a description of the token authentication request.

property audiences

audiences: string[];

Audiences is a list of the identifiers that the resource server presented with the token identifies as. Audience-aware token authenticators will verify that the token was intended for at least one of the audiences in this list. If no audiences are provided, the audience will default to the audience of the Kubernetes apiserver.

property token

token: string;

Token is the opaque bearer token.

interface TokenReviewStatus

interface TokenReviewStatus

TokenReviewStatus is the result of the token authentication request.

property audiences

audiences: string[];

Audiences are audience identifiers chosen by the authenticator that are compatible with both the TokenReview and token. An identifier is any identifier in the intersection of the TokenReviewSpec audiences and the token’s audiences. A client of the TokenReview API that sets the spec.audiences field should validate that a compatible audience identifier is returned in the status.audiences field to ensure that the TokenReview server is audience aware. If a TokenReview returns an empty status.audience field where status.authenticated is “true”, the token is valid against the audience of the Kubernetes API server.

property authenticated

authenticated: boolean;

Authenticated indicates that the token was associated with a known user.

property error

error: string;

Error indicates that the token couldn’t be checked

property user

user: UserInfo;

User is the UserInfo associated with the provided token.

interface UserInfo

interface UserInfo

UserInfo holds the information about the user needed to implement the user.Info interface.

property extra

extra: {[key: string]: string[]};

Any additional information provided by the authenticator.

property groups

groups: string[];

The names of groups this user is a part of.

property uid

uid: string;

A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.

property username

username: string;

The name that uniquely identifies this user among all active users.

namespace authentication.v1beta1

interface TokenReviewSpec

interface TokenReviewSpec

TokenReviewSpec is a description of the token authentication request.

property audiences

audiences: string[];

Audiences is a list of the identifiers that the resource server presented with the token identifies as. Audience-aware token authenticators will verify that the token was intended for at least one of the audiences in this list. If no audiences are provided, the audience will default to the audience of the Kubernetes apiserver.

property token

token: string;

Token is the opaque bearer token.

interface TokenReviewStatus

interface TokenReviewStatus

TokenReviewStatus is the result of the token authentication request.

property audiences

audiences: string[];

Audiences are audience identifiers chosen by the authenticator that are compatible with both the TokenReview and token. An identifier is any identifier in the intersection of the TokenReviewSpec audiences and the token’s audiences. A client of the TokenReview API that sets the spec.audiences field should validate that a compatible audience identifier is returned in the status.audiences field to ensure that the TokenReview server is audience aware. If a TokenReview returns an empty status.audience field where status.authenticated is “true”, the token is valid against the audience of the Kubernetes API server.

property authenticated

authenticated: boolean;

Authenticated indicates that the token was associated with a known user.

property error

error: string;

Error indicates that the token couldn’t be checked

property user

user: UserInfo;

User is the UserInfo associated with the provided token.

interface UserInfo

interface UserInfo

UserInfo holds the information about the user needed to implement the user.Info interface.

property extra

extra: {[key: string]: string[]};

Any additional information provided by the authenticator.

property groups

groups: string[];

The names of groups this user is a part of.

property uid

uid: string;

A unique value that identifies this user across time. If this user is deleted and another user by the same name is added, they will have different UIDs.

property username

username: string;

The name that uniquely identifies this user among all active users.

namespace authorization.v1

interface NonResourceAttributes

interface NonResourceAttributes

NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface

property path

path: string;

Path is the URL path of the request

property verb

verb: string;

Verb is the standard HTTP verb

interface NonResourceRule

interface NonResourceRule

NonResourceRule holds information that describes a rule for the non-resource

property nonResourceURLs

nonResourceURLs: string[];

NonResourceURLs is a set of partial urls that a user should have access to. s are allowed, but only as the full, final step in the path. “” means all.

property verbs

verbs: string[];

Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. “*” means all.

interface ResourceAttributes

interface ResourceAttributes

ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface

property group

group: string;

Group is the API Group of the Resource. “*” means all.

property name

name: string;

Name is the name of the resource being requested for a “get” or deleted for a “delete”. “” (empty) means all.

property namespace

namespace: string;

Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces “” (empty) is defaulted for LocalSubjectAccessReviews “” (empty) is empty for cluster-scoped resources “” (empty) means “all” for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview

property resource

resource: string;

Resource is one of the existing resource types. “*” means all.

property subresource

subresource: string;

Subresource is one of the existing resource types. “” means none.

property verb

verb: string;

Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy. “*” means all.

property version

version: string;

Version is the API Version of the Resource. “*” means all.

interface ResourceRule

interface ResourceRule

ResourceRule is the list of actions the subject is allowed to perform on resources. The list ordering isn’t significant, may contain duplicates, and possibly be incomplete.

property apiGroups

apiGroups: string[];

APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. “*” means all.

property resourceNames

resourceNames: string[];

ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. “*” means all.

property resources

resources: string[];

Resources is a list of resources this rule applies to. “” means all in the specified apiGroups. “/foo” represents the subresource ‘foo’ for all resources in the specified apiGroups.

property verbs

verbs: string[];

Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. “*” means all.

interface SelfSubjectAccessReviewSpec

interface SelfSubjectAccessReviewSpec

SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set

property nonResourceAttributes

nonResourceAttributes: NonResourceAttributes;

NonResourceAttributes describes information for a non-resource access request

property resourceAttributes

resourceAttributes: ResourceAttributes;

ResourceAuthorizationAttributes describes information for a resource access request

interface SelfSubjectRulesReviewSpec

interface SelfSubjectRulesReviewSpec

property namespace

namespace: string;

Namespace to evaluate rules for. Required.

interface SubjectAccessReviewSpec

interface SubjectAccessReviewSpec

SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set

property extra

extra: {[key: string]: string[]};

Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here.

property groups

groups: string[];

Groups is the groups you’re testing for.

property nonResourceAttributes

nonResourceAttributes: NonResourceAttributes;

NonResourceAttributes describes information for a non-resource access request

property resourceAttributes

resourceAttributes: ResourceAttributes;

ResourceAuthorizationAttributes describes information for a resource access request

property uid

uid: string;

UID information about the requesting user.

property user

user: string;

User is the user you’re testing for. If you specify “User” but not “Groups”, then is it interpreted as “What if User were not a member of any groups

interface SubjectAccessReviewStatus

interface SubjectAccessReviewStatus

SubjectAccessReviewStatus

property allowed

allowed: boolean;

Allowed is required. True if the action would be allowed, false otherwise.

property denied

denied: boolean;

Denied is optional. True if the action would be denied, otherwise false. If both allowed is false and denied is false, then the authorizer has no opinion on whether to authorize the action. Denied may not be true if Allowed is true.

property evaluationError

evaluationError: string;

EvaluationError is an indication that some error occurred during the authorization check. It is entirely possible to get an error and be able to continue determine authorization status in spite of it. For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.

property reason

reason: string;

Reason is optional. It indicates why a request was allowed or denied.

interface SubjectRulesReviewStatus

interface SubjectRulesReviewStatus

SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on the set of authorizers the server is configured with and any errors experienced during evaluation. Because authorization rules are additive, if a rule appears in a list it’s safe to assume the subject has that permission, even if that list is incomplete.

property evaluationError

evaluationError: string;

EvaluationError can appear in combination with Rules. It indicates an error occurred during rule evaluation, such as an authorizer that doesn’t support rule evaluation, and that ResourceRules and/or NonResourceRules may be incomplete.

property incomplete

incomplete: boolean;

Incomplete is true when the rules returned by this call are incomplete. This is most commonly encountered when an authorizer, such as an external authorizer, doesn’t support rules evaluation.

property nonResourceRules

nonResourceRules: NonResourceRule[];

NonResourceRules is the list of actions the subject is allowed to perform on non-resources. The list ordering isn’t significant, may contain duplicates, and possibly be incomplete.

property resourceRules

resourceRules: ResourceRule[];

ResourceRules is the list of actions the subject is allowed to perform on resources. The list ordering isn’t significant, may contain duplicates, and possibly be incomplete.

namespace authorization.v1beta1

interface NonResourceAttributes

interface NonResourceAttributes

NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface

property path

path: string;

Path is the URL path of the request

property verb

verb: string;

Verb is the standard HTTP verb

interface NonResourceRule

interface NonResourceRule

NonResourceRule holds information that describes a rule for the non-resource

property nonResourceURLs

nonResourceURLs: string[];

NonResourceURLs is a set of partial urls that a user should have access to. s are allowed, but only as the full, final step in the path. “” means all.

property verbs

verbs: string[];

Verb is a list of kubernetes non-resource API verbs, like: get, post, put, delete, patch, head, options. “*” means all.

interface ResourceAttributes

interface ResourceAttributes

ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface

property group

group: string;

Group is the API Group of the Resource. “*” means all.

property name

name: string;

Name is the name of the resource being requested for a “get” or deleted for a “delete”. “” (empty) means all.

property namespace

namespace: string;

Namespace is the namespace of the action being requested. Currently, there is no distinction between no namespace and all namespaces “” (empty) is defaulted for LocalSubjectAccessReviews “” (empty) is empty for cluster-scoped resources “” (empty) means “all” for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview

property resource

resource: string;

Resource is one of the existing resource types. “*” means all.

property subresource

subresource: string;

Subresource is one of the existing resource types. “” means none.

property verb

verb: string;

Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy. “*” means all.

property version

version: string;

Version is the API Version of the Resource. “*” means all.

interface ResourceRule

interface ResourceRule

ResourceRule is the list of actions the subject is allowed to perform on resources. The list ordering isn’t significant, may contain duplicates, and possibly be incomplete.

property apiGroups

apiGroups: string[];

APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. “*” means all.

property resourceNames

resourceNames: string[];

ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. “*” means all.

property resources

resources: string[];

Resources is a list of resources this rule applies to. “” means all in the specified apiGroups. “/foo” represents the subresource ‘foo’ for all resources in the specified apiGroups.

property verbs

verbs: string[];

Verb is a list of kubernetes resource API verbs, like: get, list, watch, create, update, delete, proxy. “*” means all.

interface SelfSubjectAccessReviewSpec

interface SelfSubjectAccessReviewSpec

SelfSubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set

property nonResourceAttributes

nonResourceAttributes: NonResourceAttributes;

NonResourceAttributes describes information for a non-resource access request

property resourceAttributes

resourceAttributes: ResourceAttributes;

ResourceAuthorizationAttributes describes information for a resource access request

interface SelfSubjectRulesReviewSpec

interface SelfSubjectRulesReviewSpec

property namespace

namespace: string;

Namespace to evaluate rules for. Required.

interface SubjectAccessReviewSpec

interface SubjectAccessReviewSpec

SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAuthorizationAttributes and NonResourceAuthorizationAttributes must be set

property extra

extra: {[key: string]: string[]};

Extra corresponds to the user.Info.GetExtra() method from the authenticator. Since that is input to the authorizer it needs a reflection here.

property group

group: string[];

Groups is the groups you’re testing for.

property nonResourceAttributes

nonResourceAttributes: NonResourceAttributes;

NonResourceAttributes describes information for a non-resource access request

property resourceAttributes

resourceAttributes: ResourceAttributes;

ResourceAuthorizationAttributes describes information for a resource access request

property uid

uid: string;

UID information about the requesting user.

property user

user: string;

User is the user you’re testing for. If you specify “User” but not “Group”, then is it interpreted as “What if User were not a member of any groups

interface SubjectAccessReviewStatus

interface SubjectAccessReviewStatus

SubjectAccessReviewStatus

property allowed

allowed: boolean;

Allowed is required. True if the action would be allowed, false otherwise.

property denied

denied: boolean;

Denied is optional. True if the action would be denied, otherwise false. If both allowed is false and denied is false, then the authorizer has no opinion on whether to authorize the action. Denied may not be true if Allowed is true.

property evaluationError

evaluationError: string;

EvaluationError is an indication that some error occurred during the authorization check. It is entirely possible to get an error and be able to continue determine authorization status in spite of it. For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.

property reason

reason: string;

Reason is optional. It indicates why a request was allowed or denied.

interface SubjectRulesReviewStatus

interface SubjectRulesReviewStatus

SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on the set of authorizers the server is configured with and any errors experienced during evaluation. Because authorization rules are additive, if a rule appears in a list it’s safe to assume the subject has that permission, even if that list is incomplete.

property evaluationError

evaluationError: string;

EvaluationError can appear in combination with Rules. It indicates an error occurred during rule evaluation, such as an authorizer that doesn’t support rule evaluation, and that ResourceRules and/or NonResourceRules may be incomplete.

property incomplete

incomplete: boolean;

Incomplete is true when the rules returned by this call are incomplete. This is most commonly encountered when an authorizer, such as an external authorizer, doesn’t support rules evaluation.

property nonResourceRules

nonResourceRules: NonResourceRule[];

NonResourceRules is the list of actions the subject is allowed to perform on non-resources. The list ordering isn’t significant, may contain duplicates, and possibly be incomplete.

property resourceRules

resourceRules: ResourceRule[];

ResourceRules is the list of actions the subject is allowed to perform on resources. The list ordering isn’t significant, may contain duplicates, and possibly be incomplete.

namespace autoscaling.v1

interface CrossVersionObjectReference

interface CrossVersionObjectReference

CrossVersionObjectReference contains enough information to let you identify the referred resource.

property apiVersion

apiVersion: string;

API version of the referent

property kind

kind: string;

Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"

property name

name: string;

Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names

interface HorizontalPodAutoscaler

interface HorizontalPodAutoscaler

configuration of a horizontal pod autoscaler.

property apiVersion

apiVersion: "autoscaling/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "HorizontalPodAutoscaler";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: HorizontalPodAutoscalerSpec;

behaviour of autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.

property status

status: HorizontalPodAutoscalerStatus;

current information about the autoscaler.

interface HorizontalPodAutoscalerSpec

interface HorizontalPodAutoscalerSpec

specification of a horizontal pod autoscaler.

property maxReplicas

maxReplicas: number;

upper limit for the number of pods that can be set by the autoscaler; cannot be smaller than MinReplicas.

property minReplicas

minReplicas: number;

minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available.

property scaleTargetRef

scaleTargetRef: CrossVersionObjectReference;

reference to scaled resource; horizontal pod autoscaler will learn the current resource consumption and will set the desired number of pods by using its Scale subresource.

property targetCPUUtilizationPercentage

targetCPUUtilizationPercentage: number;

target average CPU utilization (represented as a percentage of requested CPU) over all the pods; if not specified the default autoscaling policy will be used.

interface HorizontalPodAutoscalerStatus

interface HorizontalPodAutoscalerStatus

current status of a horizontal pod autoscaler

property currentCPUUtilizationPercentage

currentCPUUtilizationPercentage: number;

current average CPU utilization over all pods, represented as a percentage of requested CPU, e.g. 70 means that an average pod is using now 70% of its requested CPU.

property currentReplicas

currentReplicas: number;

current number of replicas of pods managed by this autoscaler.

property desiredReplicas

desiredReplicas: number;

desired number of replicas of pods managed by this autoscaler.

property lastScaleTime

lastScaleTime: string;

last time the HorizontalPodAutoscaler scaled the number of pods; used by the autoscaler to control how often the number of pods is changed.

property observedGeneration

observedGeneration: number;

most recent generation observed by this autoscaler.

namespace autoscaling.v2beta1

interface CrossVersionObjectReference

interface CrossVersionObjectReference

CrossVersionObjectReference contains enough information to let you identify the referred resource.

property apiVersion

apiVersion: string;

API version of the referent

property kind

kind: string;

Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"

property name

name: string;

Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names

interface ExternalMetricSource

interface ExternalMetricSource

ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster). Exactly one “target” type should be set.

property metricName

metricName: string;

metricName is the name of the metric in question.

property metricSelector

metricSelector: LabelSelector;

metricSelector is used to identify a specific time series within a given metric.

property targetAverageValue

targetAverageValue: string;

targetAverageValue is the target per-pod value of global metric (as a quantity). Mutually exclusive with TargetValue.

property targetValue

targetValue: string;

targetValue is the target value of the metric (as a quantity). Mutually exclusive with TargetAverageValue.

interface ExternalMetricStatus

interface ExternalMetricStatus

ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.

property currentAverageValue

currentAverageValue: string;

currentAverageValue is the current value of metric averaged over autoscaled pods.

property currentValue

currentValue: string;

currentValue is the current value of the metric (as a quantity)

property metricName

metricName: string;

metricName is the name of a metric used for autoscaling in metric system.

property metricSelector

metricSelector: LabelSelector;

metricSelector is used to identify a specific time series within a given metric.

interface HorizontalPodAutoscaler

interface HorizontalPodAutoscaler

HorizontalPodAutoscaler is the configuration for a horizontal pod autoscaler, which automatically manages the replica count of any resource implementing the scale subresource based on the metrics specified.

property apiVersion

apiVersion: "autoscaling/v2beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "HorizontalPodAutoscaler";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

metadata is the standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: HorizontalPodAutoscalerSpec;

spec is the specification for the behaviour of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.

property status

status: HorizontalPodAutoscalerStatus;

status is the current information about the autoscaler.

interface HorizontalPodAutoscalerCondition

interface HorizontalPodAutoscalerCondition

HorizontalPodAutoscalerCondition describes the state of a HorizontalPodAutoscaler at a certain point.

property lastTransitionTime

lastTransitionTime: string;

lastTransitionTime is the last time the condition transitioned from one status to another

property message

message: string;

message is a human-readable explanation containing details about the transition

property reason

reason: string;

reason is the reason for the condition’s last transition.

property status

status: string;

status is the status of the condition (True, False, Unknown)

property type

type: string;

type describes the current condition

interface HorizontalPodAutoscalerSpec

interface HorizontalPodAutoscalerSpec

HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler.

property maxReplicas

maxReplicas: number;

maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas.

property metrics

metrics: MetricSpec[];

metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond.

property minReplicas

minReplicas: number;

minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available.

property scaleTargetRef

scaleTargetRef: CrossVersionObjectReference;

scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count.

interface HorizontalPodAutoscalerStatus

interface HorizontalPodAutoscalerStatus

HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler.

property conditions

conditions: HorizontalPodAutoscalerCondition[];

conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met.

property currentMetrics

currentMetrics: MetricStatus[];

currentMetrics is the last read state of the metrics used by this autoscaler.

property currentReplicas

currentReplicas: number;

currentReplicas is current number of replicas of pods managed by this autoscaler, as last seen by the autoscaler.

property desiredReplicas

desiredReplicas: number;

desiredReplicas is the desired number of replicas of pods managed by this autoscaler, as last calculated by the autoscaler.

property lastScaleTime

lastScaleTime: string;

lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods, used by the autoscaler to control how often the number of pods is changed.

property observedGeneration

observedGeneration: number;

observedGeneration is the most recent generation observed by this autoscaler.

interface MetricSpec

interface MetricSpec

MetricSpec specifies how to scale based on a single metric (only type and one other matching field should be set at once).

property external

external: ExternalMetricSource;

external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).

property object

object: ObjectMetricSource;

object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).

property pods

pods: PodsMetricSource;

pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.

property resource

resource: ResourceMetricSource;

resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the “pods” source.

property type

type: string;

type is the type of metric source. It should be one of “Object”, “Pods” or “Resource”, each mapping to a matching field in the object.

interface MetricStatus

interface MetricStatus

MetricStatus describes the last-read state of a single metric.

property external

external: ExternalMetricStatus;

external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).

property object

object: ObjectMetricStatus;

object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).

property pods

pods: PodsMetricStatus;

pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.

property resource

resource: ResourceMetricStatus;

resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the “pods” source.

property type

type: string;

type is the type of metric source. It will be one of “Object”, “Pods” or “Resource”, each corresponds to a matching field in the object.

interface ObjectMetricSource

interface ObjectMetricSource

ObjectMetricSource indicates how to scale on a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).

property averageValue

averageValue: string;

averageValue is the target value of the average of the metric across all relevant pods (as a quantity)

property metricName

metricName: string;

metricName is the name of the metric in question.

property selector

selector: LabelSelector;

selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping When unset, just the metricName will be used to gather metrics.

property target

target: CrossVersionObjectReference;

target is the described Kubernetes object.

property targetValue

targetValue: string;

targetValue is the target value of the metric (as a quantity).

interface ObjectMetricStatus

interface ObjectMetricStatus

ObjectMetricStatus indicates the current value of a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).

property averageValue

averageValue: string;

averageValue is the current value of the average of the metric across all relevant pods (as a quantity)

property currentValue

currentValue: string;

currentValue is the current value of the metric (as a quantity).

property metricName

metricName: string;

metricName is the name of the metric in question.

property selector

selector: LabelSelector;

selector is the string-encoded form of a standard kubernetes label selector for the given metric When set in the ObjectMetricSource, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.

property target

target: CrossVersionObjectReference;

target is the described Kubernetes object.

interface PodsMetricSource

interface PodsMetricSource

PodsMetricSource indicates how to scale on a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.

property metricName

metricName: string;

metricName is the name of the metric in question

property selector

selector: LabelSelector;

selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping When unset, just the metricName will be used to gather metrics.

property targetAverageValue

targetAverageValue: string;

targetAverageValue is the target value of the average of the metric across all relevant pods (as a quantity)

interface PodsMetricStatus

interface PodsMetricStatus

PodsMetricStatus indicates the current value of a metric describing each pod in the current scale target (for example, transactions-processed-per-second).

property currentAverageValue

currentAverageValue: string;

currentAverageValue is the current value of the average of the metric across all relevant pods (as a quantity)

property metricName

metricName: string;

metricName is the name of the metric in question

property selector

selector: LabelSelector;

selector is the string-encoded form of a standard kubernetes label selector for the given metric When set in the PodsMetricSource, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.

interface ResourceMetricSource

interface ResourceMetricSource

ResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). The values will be averaged together before being compared to the target. Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the “pods” source. Only one “target” type should be set.

property name

name: string;

name is the name of the resource in question.

property targetAverageUtilization

targetAverageUtilization: number;

targetAverageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods.

property targetAverageValue

targetAverageValue: string;

targetAverageValue is the target value of the average of the resource metric across all relevant pods, as a raw value (instead of as a percentage of the request), similar to the “pods” metric source type.

interface ResourceMetricStatus

interface ResourceMetricStatus

ResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the “pods” source.

property currentAverageUtilization

currentAverageUtilization: number;

currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. It will only be present if targetAverageValue was set in the corresponding metric specification.

property currentAverageValue

currentAverageValue: string;

currentAverageValue is the current value of the average of the resource metric across all relevant pods, as a raw value (instead of as a percentage of the request), similar to the “pods” metric source type. It will always be set, regardless of the corresponding metric specification.

property name

name: string;

name is the name of the resource in question.

namespace autoscaling.v2beta2

interface CrossVersionObjectReference

interface CrossVersionObjectReference

CrossVersionObjectReference contains enough information to let you identify the referred resource.

property apiVersion

apiVersion: string;

API version of the referent

property kind

kind: string;

Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"

property name

name: string;

Name of the referent; More info: http://kubernetes.io/docs/user-guide/identifiers#names

interface ExternalMetricSource

interface ExternalMetricSource

ExternalMetricSource indicates how to scale on a metric not associated with any Kubernetes object (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).

property metric

metric: MetricIdentifier;

metric identifies the target metric by name and selector

property target

target: MetricTarget;

target specifies the target value for the given metric

interface ExternalMetricStatus

interface ExternalMetricStatus

ExternalMetricStatus indicates the current value of a global metric not associated with any Kubernetes object.

property current

current: MetricValueStatus;

current contains the current value for the given metric

property metric

metric: MetricIdentifier;

metric identifies the target metric by name and selector

interface HorizontalPodAutoscaler

interface HorizontalPodAutoscaler

HorizontalPodAutoscaler is the configuration for a horizontal pod autoscaler, which automatically manages the replica count of any resource implementing the scale subresource based on the metrics specified.

property apiVersion

apiVersion: "autoscaling/v2beta2";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "HorizontalPodAutoscaler";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

metadata is the standard object metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: HorizontalPodAutoscalerSpec;

spec is the specification for the behaviour of the autoscaler. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.

property status

status: HorizontalPodAutoscalerStatus;

status is the current information about the autoscaler.

interface HorizontalPodAutoscalerBehavior

interface HorizontalPodAutoscalerBehavior

HorizontalPodAutoscalerBehavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively).

property scaleDown

scaleDown: HPAScalingRules;

scaleDown is scaling policy for scaling Down. If not set, the default value is to allow to scale down to minReplicas pods, with a 300 second stabilization window (i.e., the highest recommendation for the last 300sec is used).

property scaleUp

scaleUp: HPAScalingRules;

scaleUp is scaling policy for scaling Up. If not set, the default value is the higher of: * increase no more than 4 pods per 60 seconds * double the number of pods per 60 seconds No stabilization is used.

interface HorizontalPodAutoscalerCondition

interface HorizontalPodAutoscalerCondition

HorizontalPodAutoscalerCondition describes the state of a HorizontalPodAutoscaler at a certain point.

property lastTransitionTime

lastTransitionTime: string;

lastTransitionTime is the last time the condition transitioned from one status to another

property message

message: string;

message is a human-readable explanation containing details about the transition

property reason

reason: string;

reason is the reason for the condition’s last transition.

property status

status: string;

status is the status of the condition (True, False, Unknown)

property type

type: string;

type describes the current condition

interface HorizontalPodAutoscalerSpec

interface HorizontalPodAutoscalerSpec

HorizontalPodAutoscalerSpec describes the desired functionality of the HorizontalPodAutoscaler.

property behavior

behavior: HorizontalPodAutoscalerBehavior;

behavior configures the scaling behavior of the target in both Up and Down directions (scaleUp and scaleDown fields respectively). If not set, the default HPAScalingRules for scale up and scale down are used.

property maxReplicas

maxReplicas: number;

maxReplicas is the upper limit for the number of replicas to which the autoscaler can scale up. It cannot be less that minReplicas.

property metrics

metrics: MetricSpec[];

metrics contains the specifications for which to use to calculate the desired replica count (the maximum replica count across all metrics will be used). The desired replica count is calculated multiplying the ratio between the target value and the current value by the current number of pods. Ergo, metrics used must decrease as the pod count is increased, and vice-versa. See the individual metric source types for more information about how each type of metric must respond. If not set, the default metric will be set to 80% average CPU utilization.

property minReplicas

minReplicas: number;

minReplicas is the lower limit for the number of replicas to which the autoscaler can scale down. It defaults to 1 pod. minReplicas is allowed to be 0 if the alpha feature gate HPAScaleToZero is enabled and at least one Object or External metric is configured. Scaling is active as long as at least one metric value is available.

property scaleTargetRef

scaleTargetRef: CrossVersionObjectReference;

scaleTargetRef points to the target resource to scale, and is used to the pods for which metrics should be collected, as well as to actually change the replica count.

interface HorizontalPodAutoscalerStatus

interface HorizontalPodAutoscalerStatus

HorizontalPodAutoscalerStatus describes the current status of a horizontal pod autoscaler.

property conditions

conditions: HorizontalPodAutoscalerCondition[];

conditions is the set of conditions required for this autoscaler to scale its target, and indicates whether or not those conditions are met.

property currentMetrics

currentMetrics: MetricStatus[];

currentMetrics is the last read state of the metrics used by this autoscaler.

property currentReplicas

currentReplicas: number;

currentReplicas is current number of replicas of pods managed by this autoscaler, as last seen by the autoscaler.

property desiredReplicas

desiredReplicas: number;

desiredReplicas is the desired number of replicas of pods managed by this autoscaler, as last calculated by the autoscaler.

property lastScaleTime

lastScaleTime: string;

lastScaleTime is the last time the HorizontalPodAutoscaler scaled the number of pods, used by the autoscaler to control how often the number of pods is changed.

property observedGeneration

observedGeneration: number;

observedGeneration is the most recent generation observed by this autoscaler.

interface HPAScalingPolicy

interface HPAScalingPolicy

HPAScalingPolicy is a single policy which must hold true for a specified past interval.

property periodSeconds

periodSeconds: number;

PeriodSeconds specifies the window of time for which the policy should hold true. PeriodSeconds must be greater than zero and less than or equal to 1800 (30 min).

property type

type: string;

Type is used to specify the scaling policy.

property value

value: number;

Value contains the amount of change which is permitted by the policy. It must be greater than zero

interface HPAScalingRules

interface HPAScalingRules

HPAScalingRules configures the scaling behavior for one direction. These Rules are applied after calculating DesiredReplicas from metrics for the HPA. They can limit the scaling velocity by specifying scaling policies. They can prevent flapping by specifying the stabilization window, so that the number of replicas is not set instantly, instead, the safest value from the stabilization window is chosen.

property policies

policies: HPAScalingPolicy[];

policies is a list of potential scaling polices which can be used during scaling. At least one policy must be specified, otherwise the HPAScalingRules will be discarded as invalid

property selectPolicy

selectPolicy: string;

selectPolicy is used to specify which policy should be used. If not set, the default value MaxPolicySelect is used.

property stabilizationWindowSeconds

stabilizationWindowSeconds: number;

StabilizationWindowSeconds is the number of seconds for which past recommendations should be considered while scaling up or scaling down. StabilizationWindowSeconds must be greater than or equal to zero and less than or equal to 3600 (one hour). If not set, use the default values: - For scale up: 0 (i.e. no stabilization is done). - For scale down: 300 (i.e. the stabilization window is 300 seconds long).

interface MetricIdentifier

interface MetricIdentifier

MetricIdentifier defines the name and optionally selector for a metric

property name

name: string;

name is the name of the given metric

property selector

selector: LabelSelector;

selector is the string-encoded form of a standard kubernetes label selector for the given metric When set, it is passed as an additional parameter to the metrics server for more specific metrics scoping. When unset, just the metricName will be used to gather metrics.

interface MetricSpec

interface MetricSpec

MetricSpec specifies how to scale based on a single metric (only type and one other matching field should be set at once).

property external

external: ExternalMetricSource;

external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).

property object

object: ObjectMetricSource;

object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).

property pods

pods: PodsMetricSource;

pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.

property resource

resource: ResourceMetricSource;

resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the “pods” source.

property type

type: string;

type is the type of metric source. It should be one of “Object”, “Pods” or “Resource”, each mapping to a matching field in the object.

interface MetricStatus

interface MetricStatus

MetricStatus describes the last-read state of a single metric.

property external

external: ExternalMetricStatus;

external refers to a global metric that is not associated with any Kubernetes object. It allows autoscaling based on information coming from components running outside of cluster (for example length of queue in cloud messaging service, or QPS from loadbalancer running outside of cluster).

property object

object: ObjectMetricStatus;

object refers to a metric describing a single kubernetes object (for example, hits-per-second on an Ingress object).

property pods

pods: PodsMetricStatus;

pods refers to a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.

property resource

resource: ResourceMetricStatus;

resource refers to a resource metric (such as those specified in requests and limits) known to Kubernetes describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the “pods” source.

property type

type: string;

type is the type of metric source. It will be one of “Object”, “Pods” or “Resource”, each corresponds to a matching field in the object.

interface MetricTarget

interface MetricTarget

MetricTarget defines the target value, average value, or average utilization of a specific metric

property averageUtilization

averageUtilization: number;

averageUtilization is the target value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods. Currently only valid for Resource metric source type

property averageValue

averageValue: string;

averageValue is the target value of the average of the metric across all relevant pods (as a quantity)

property type

type: string;

type represents whether the metric type is Utilization, Value, or AverageValue

property value

value: string;

value is the target value of the metric (as a quantity).

interface MetricValueStatus

interface MetricValueStatus

MetricValueStatus holds the current value for a metric

property averageUtilization

averageUtilization: number;

currentAverageUtilization is the current value of the average of the resource metric across all relevant pods, represented as a percentage of the requested value of the resource for the pods.

property averageValue

averageValue: string;

averageValue is the current value of the average of the metric across all relevant pods (as a quantity)

property value

value: string;

value is the current value of the metric (as a quantity).

interface ObjectMetricSource

interface ObjectMetricSource

ObjectMetricSource indicates how to scale on a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).

property describedObject

describedObject: CrossVersionObjectReference;

property metric

metric: MetricIdentifier;

metric identifies the target metric by name and selector

property target

target: MetricTarget;

target specifies the target value for the given metric

interface ObjectMetricStatus

interface ObjectMetricStatus

ObjectMetricStatus indicates the current value of a metric describing a kubernetes object (for example, hits-per-second on an Ingress object).

property current

current: MetricValueStatus;

current contains the current value for the given metric

property describedObject

describedObject: CrossVersionObjectReference;

property metric

metric: MetricIdentifier;

metric identifies the target metric by name and selector

interface PodsMetricSource

interface PodsMetricSource

PodsMetricSource indicates how to scale on a metric describing each pod in the current scale target (for example, transactions-processed-per-second). The values will be averaged together before being compared to the target value.

property metric

metric: MetricIdentifier;

metric identifies the target metric by name and selector

property target

target: MetricTarget;

target specifies the target value for the given metric

interface PodsMetricStatus

interface PodsMetricStatus

PodsMetricStatus indicates the current value of a metric describing each pod in the current scale target (for example, transactions-processed-per-second).

property current

current: MetricValueStatus;

current contains the current value for the given metric

property metric

metric: MetricIdentifier;

metric identifies the target metric by name and selector

interface ResourceMetricSource

interface ResourceMetricSource

ResourceMetricSource indicates how to scale on a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). The values will be averaged together before being compared to the target. Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the “pods” source. Only one “target” type should be set.

property name

name: string;

name is the name of the resource in question.

property target

target: MetricTarget;

target specifies the target value for the given metric

interface ResourceMetricStatus

interface ResourceMetricStatus

ResourceMetricStatus indicates the current value of a resource metric known to Kubernetes, as specified in requests and limits, describing each pod in the current scale target (e.g. CPU or memory). Such metrics are built in to Kubernetes, and have special scaling options on top of those available to normal per-pod metrics using the “pods” source.

property current

current: MetricValueStatus;

current contains the current value for the given metric

property name

name: string;

Name is the name of the resource in question.

namespace batch.v1

interface Job

interface Job

Job represents the configuration of a single job.

This resource waits until its status is ready before registering success for create/update, and populating output properties from the current state of the resource. The following conditions are used to determine whether the resource creation has succeeded or failed:

  1. The Job’s ‘.status.startTime’ is set, which indicates that the Job has started running.
  2. The Job’s ‘.status.conditions’ has a status of type ‘Complete’, and a ‘status’ set to ‘True’.
  3. The Job’s ‘.status.conditions’ do not have a status of type ‘Failed’, with a ‘status’ set to ‘True’. If this condition is set, we should fail the Job immediately.

If the Job has not reached a Ready state after 10 minutes, it will time out and mark the resource update as Failed. You can override the default timeout value by setting the ‘customTimeouts’ option on the resource.

property apiVersion

apiVersion: "batch/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "Job";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: JobSpec;

Specification of the desired behavior of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

property status

status: JobStatus;

Current status of a job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

interface JobCondition

interface JobCondition

JobCondition describes current state of a job.

property lastProbeTime

lastProbeTime: string;

Last time the condition was checked.

property lastTransitionTime

lastTransitionTime: string;

Last time the condition transit from one status to another.

property message

message: string;

Human readable message indicating details about last transition.

property reason

reason: string;

(brief) reason for the condition’s last transition.

property status

status: string;

Status of the condition, one of True, False, Unknown.

property type

type: string;

Type of job condition, Complete or Failed.

interface JobSpec

interface JobSpec

JobSpec describes how the job execution will look like.

property activeDeadlineSeconds

activeDeadlineSeconds: number;

Specifies the duration in seconds relative to the startTime that the job may be active before the system tries to terminate it; value must be positive integer

property backoffLimit

backoffLimit: number;

Specifies the number of retries before marking this job failed. Defaults to 6

property completions

completions: number;

Specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/

property manualSelector

manualSelector: boolean;

manualSelector controls generation of pod labels and pod selectors. Leave manualSelector unset unless you are certain what you are doing. When false or unset, the system pick labels unique to this job and appends those labels to the pod template. When true, the user is responsible for picking unique labels and specifying the selector. Failure to pick a unique label may cause this and other jobs to not function correctly. However, You may see manualSelector=true in jobs that were created with the old extensions/v1beta1 API. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector

property parallelism

parallelism: number;

Specifies the maximum desired number of pods the job should run at any given time. The actual number of pods running in steady state will be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism), i.e. when the work left to do is less than max parallelism. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/

property selector

selector: LabelSelector;

A label query over pods that should match the pod count. Normally, the system sets this field for you. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors

property template

template: PodTemplateSpec;

Describes the pod that will be created when executing a job. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/

property ttlSecondsAfterFinished

ttlSecondsAfterFinished: number;

ttlSecondsAfterFinished limits the lifetime of a Job that has finished execution (either Complete or Failed). If this field is set, ttlSecondsAfterFinished after the Job finishes, it is eligible to be automatically deleted. When the Job is being deleted, its lifecycle guarantees (e.g. finalizers) will be honored. If this field is unset, the Job won’t be automatically deleted. If this field is set to zero, the Job becomes eligible to be deleted immediately after it finishes. This field is alpha-level and is only honored by servers that enable the TTLAfterFinished feature.

interface JobStatus

interface JobStatus

JobStatus represents the current state of a Job.

property active

active: number;

The number of actively running pods.

property completionTime

completionTime: string;

Represents time when the job was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.

property conditions

conditions: JobCondition[];

The latest available observations of an object’s current state. More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/

property failed

failed: number;

The number of pods which reached phase Failed.

property startTime

startTime: string;

Represents time when the job was acknowledged by the job controller. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.

property succeeded

succeeded: number;

The number of pods which reached phase Succeeded.

namespace batch.v1beta1

interface CronJob

interface CronJob

CronJob represents the configuration of a single cron job.

property apiVersion

apiVersion: "batch/v1beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "CronJob";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: CronJobSpec;

Specification of the desired behavior of a cron job, including the schedule. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

property status

status: CronJobStatus;

Current status of a cron job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

interface CronJobSpec

interface CronJobSpec

CronJobSpec describes how the job execution will look like and when it will actually run.

property concurrencyPolicy

concurrencyPolicy: string;

Specifies how to treat concurrent executions of a Job. Valid values are: - “Allow” (default): allows CronJobs to run concurrently; - “Forbid”: forbids concurrent runs, skipping next run if previous run hasn’t finished yet; - “Replace”: cancels currently running job and replaces it with a new one

property failedJobsHistoryLimit

failedJobsHistoryLimit: number;

The number of failed finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.

property jobTemplate

jobTemplate: JobTemplateSpec;

Specifies the job that will be created when executing a CronJob.

property schedule

schedule: string;

The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron.

property startingDeadlineSeconds

startingDeadlineSeconds: number;

Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones.

property successfulJobsHistoryLimit

successfulJobsHistoryLimit: number;

The number of successful finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified. Defaults to 3.

property suspend

suspend: boolean;

This flag tells the controller to suspend subsequent executions, it does not apply to already started executions. Defaults to false.

interface CronJobStatus

interface CronJobStatus

CronJobStatus represents the current state of a cron job.

property active

active: ObjectReference[];

A list of pointers to currently running jobs.

property lastScheduleTime

lastScheduleTime: string;

Information when was the last time the job was successfully scheduled.

interface JobTemplateSpec

interface JobTemplateSpec

JobTemplateSpec describes the data a Job should have when created from a template

property metadata

metadata: ObjectMeta;

Standard object’s metadata of the jobs created from this template. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: JobSpec;

Specification of the desired behavior of the job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

namespace batch.v2alpha1

interface CronJob

interface CronJob

CronJob represents the configuration of a single cron job.

property apiVersion

apiVersion: "batch/v2alpha1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "CronJob";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: CronJobSpec;

Specification of the desired behavior of a cron job, including the schedule. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

property status

status: CronJobStatus;

Current status of a cron job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

interface CronJobSpec

interface CronJobSpec

CronJobSpec describes how the job execution will look like and when it will actually run.

property concurrencyPolicy

concurrencyPolicy: string;

Specifies how to treat concurrent executions of a Job. Valid values are: - “Allow” (default): allows CronJobs to run concurrently; - “Forbid”: forbids concurrent runs, skipping next run if previous run hasn’t finished yet; - “Replace”: cancels currently running job and replaces it with a new one

property failedJobsHistoryLimit

failedJobsHistoryLimit: number;

The number of failed finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified.

property jobTemplate

jobTemplate: JobTemplateSpec;

Specifies the job that will be created when executing a CronJob.

property schedule

schedule: string;

The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron.

property startingDeadlineSeconds

startingDeadlineSeconds: number;

Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones.

property successfulJobsHistoryLimit

successfulJobsHistoryLimit: number;

The number of successful finished jobs to retain. This is a pointer to distinguish between explicit zero and not specified.

property suspend

suspend: boolean;

This flag tells the controller to suspend subsequent executions, it does not apply to already started executions. Defaults to false.

interface CronJobStatus

interface CronJobStatus

CronJobStatus represents the current state of a cron job.

property active

active: ObjectReference[];

A list of pointers to currently running jobs.

property lastScheduleTime

lastScheduleTime: string;

Information when was the last time the job was successfully scheduled.

interface JobTemplateSpec

interface JobTemplateSpec

JobTemplateSpec describes the data a Job should have when created from a template

property metadata

metadata: ObjectMeta;

Standard object’s metadata of the jobs created from this template. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: JobSpec;

Specification of the desired behavior of the job. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

namespace certificates.v1

interface CertificateSigningRequest

interface CertificateSigningRequest

CertificateSigningRequest objects provide a mechanism to obtain x509 certificates by submitting a certificate signing request, and having it asynchronously approved and issued.

Kubelets use this API to obtain: 1. client certificates to authenticate to kube-apiserver (with the “kubernetes.io/kube-apiserver-client-kubelet” signerName). 2. serving certificates for TLS endpoints kube-apiserver can connect to securely (with the “kubernetes.io/kubelet-serving” signerName).

This API can be used to request client certificates to authenticate to kube-apiserver (with the “kubernetes.io/kube-apiserver-client” signerName), or to obtain certificates from custom non-Kubernetes signers.

property apiVersion

apiVersion: "certificates.k8s.io/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "CertificateSigningRequest";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

property spec

spec: CertificateSigningRequestSpec;

spec contains the certificate request, and is immutable after creation. Only the request, signerName, and usages fields can be set on creation. Other fields are derived by Kubernetes and cannot be modified by users.

property status

status: CertificateSigningRequestStatus;

status contains information about whether the request is approved or denied, and the certificate issued by the signer, or the failure condition indicating signer failure.

interface CertificateSigningRequestCondition

interface CertificateSigningRequestCondition

CertificateSigningRequestCondition describes a condition of a CertificateSigningRequest object

property lastTransitionTime

lastTransitionTime: string;

lastTransitionTime is the time the condition last transitioned from one status to another. If unset, when a new condition type is added or an existing condition’s status is changed, the server defaults this to the current time.

property lastUpdateTime

lastUpdateTime: string;

lastUpdateTime is the time of the last update to this condition

property message

message: string;

message contains a human readable message with details about the request state

property reason

reason: string;

reason indicates a brief reason for the request state

property status

status: string;

status of the condition, one of True, False, Unknown. Approved, Denied, and Failed conditions may not be “False” or “Unknown”.

property type

type: string;

type of the condition. Known conditions are “Approved”, “Denied”, and “Failed”.

An “Approved” condition is added via the /approval subresource, indicating the request was approved and should be issued by the signer.

A “Denied” condition is added via the /approval subresource, indicating the request was denied and should not be issued by the signer.

A “Failed” condition is added via the /status subresource, indicating the signer failed to issue the certificate.

Approved and Denied conditions are mutually exclusive. Approved, Denied, and Failed conditions cannot be removed once added.

Only one condition of a given type is allowed.

interface CertificateSigningRequestSpec

interface CertificateSigningRequestSpec

CertificateSigningRequestSpec contains the certificate request.

property extra

extra: {[key: string]: string[]};

extra contains extra attributes of the user that created the CertificateSigningRequest. Populated by the API server on creation and immutable.

property groups

groups: string[];

groups contains group membership of the user that created the CertificateSigningRequest. Populated by the API server on creation and immutable.

property request

request: string;

request contains an x509 certificate signing request encoded in a “CERTIFICATE REQUEST” PEM block. When serialized as JSON or YAML, the data is additionally base64-encoded.

property signerName

signerName: string;

signerName indicates the requested signer, and is a qualified name.

List/watch requests for CertificateSigningRequests can filter on this field using a “spec.signerName=NAME” fieldSelector.

Well-known Kubernetes signers are: 1. “kubernetes.io/kube-apiserver-client”: issues client certificates that can be used to authenticate to kube-apiserver. Requests for this signer are never auto-approved by kube-controller-manager, can be issued by the “csrsigning” controller in kube-controller-manager. 2. “kubernetes.io/kube-apiserver-client-kubelet”: issues client certificates that kubelets use to authenticate to kube-apiserver. Requests for this signer can be auto-approved by the “csrapproving” controller in kube-controller-manager, and can be issued by the “csrsigning” controller in kube-controller-manager. 3. “kubernetes.io/kubelet-serving” issues serving certificates that kubelets use to serve TLS endpoints, which kube-apiserver can connect to securely. Requests for this signer are never auto-approved by kube-controller-manager, and can be issued by the “csrsigning” controller in kube-controller-manager.

More details are available at https://k8s.io/docs/reference/access-authn-authz/certificate-signing-requests/#kubernetes-signers

Custom signerNames can also be specified. The signer defines: 1. Trust distribution: how trust (CA bundles) are distributed. 2. Permitted subjects: and behavior when a disallowed subject is requested. 3. Required, permitted, or forbidden x509 extensions in the request (including whether subjectAltNames are allowed, which types, restrictions on allowed values) and behavior when a disallowed extension is requested. 4. Required, permitted, or forbidden key usages / extended key usages. 5. Expiration/certificate lifetime: whether it is fixed by the signer, configurable by the admin. 6. Whether or not requests for CA certificates are allowed.

property uid

uid: string;

uid contains the uid of the user that created the CertificateSigningRequest. Populated by the API server on creation and immutable.

property usages

usages: string[];

usages specifies a set of key usages requested in the issued certificate.

Requests for TLS client certificates typically request: “digital signature”, “key encipherment”, “client auth”.

Requests for TLS serving certificates typically request: “key encipherment”, “digital signature”, “server auth”.

Valid values are: “signing”, “digital signature”, “content commitment”, “key encipherment”, “key agreement”, “data encipherment”, “cert sign”, “crl sign”, “encipher only”, “decipher only”, “any”, “server auth”, “client auth”, “code signing”, “email protection”, “s/mime”, “ipsec end system”, “ipsec tunnel”, “ipsec user”, “timestamping”, “ocsp signing”, “microsoft sgc”, “netscape sgc”

property username

username: string;

username contains the name of the user that created the CertificateSigningRequest. Populated by the API server on creation and immutable.

interface CertificateSigningRequestStatus

interface CertificateSigningRequestStatus

CertificateSigningRequestStatus contains conditions used to indicate approved/denied/failed status of the request, and the issued certificate.

property certificate

certificate: string;

certificate is populated with an issued certificate by the signer after an Approved condition is present. This field is set via the /status subresource. Once populated, this field is immutable.

If the certificate signing request is denied, a condition of type “Denied” is added and this field remains empty. If the signer cannot issue the certificate, a condition of type “Failed” is added and this field remains empty.

Validation requirements: 1. certificate must contain one or more PEM blocks. 2. All PEM blocks must have the “CERTIFICATE” label, contain no headers, and the encoded data must be a BER-encoded ASN.1 Certificate structure as described in section 4 of RFC5280. 3. Non-PEM content may appear before or after the “CERTIFICATE” PEM blocks and is unvalidated, to allow for explanatory text as described in section 5.2 of RFC7468.

If more than one PEM block is present, and the definition of the requested spec.signerName does not indicate otherwise, the first block is the issued certificate, and subsequent blocks should be treated as intermediate certificates and presented in TLS handshakes.

The certificate is encoded in PEM format.

When serialized as JSON or YAML, the data is additionally base64-encoded, so it consists of:

base64(
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
)

property conditions

conditions: CertificateSigningRequestCondition[];

conditions applied to the request. Known conditions are “Approved”, “Denied”, and “Failed”.

namespace certificates.v1beta1

interface CertificateSigningRequest

interface CertificateSigningRequest

Describes a certificate signing request

property apiVersion

apiVersion: "certificates.k8s.io/v1beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "CertificateSigningRequest";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

property spec

spec: CertificateSigningRequestSpec;

The certificate request itself and any additional information.

property status

status: CertificateSigningRequestStatus;

Derived information about the request.

interface CertificateSigningRequestCondition

interface CertificateSigningRequestCondition

property lastTransitionTime

lastTransitionTime: string;

lastTransitionTime is the time the condition last transitioned from one status to another. If unset, when a new condition type is added or an existing condition’s status is changed, the server defaults this to the current time.

property lastUpdateTime

lastUpdateTime: string;

timestamp for the last update to this condition

property message

message: string;

human readable message with details about the request state

property reason

reason: string;

brief reason for the request state

property status

status: string;

Status of the condition, one of True, False, Unknown. Approved, Denied, and Failed conditions may not be “False” or “Unknown”. Defaults to “True”. If unset, should be treated as “True”.

property type

type: string;

type of the condition. Known conditions include “Approved”, “Denied”, and “Failed”.

interface CertificateSigningRequestSpec

interface CertificateSigningRequestSpec

This information is immutable after the request is created. Only the Request and Usages fields can be set on creation, other fields are derived by Kubernetes and cannot be modified by users.

property extra

extra: {[key: string]: string[]};

Extra information about the requesting user. See user.Info interface for details.

property groups

groups: string[];

Group information about the requesting user. See user.Info interface for details.

property request

request: string;

Base64-encoded PKCS#10 CSR data

property signerName

signerName: string;

Requested signer for the request. It is a qualified name in the form: scope-hostname.io/name. If empty, it will be defaulted: 1. If it’s a kubelet client certificate, it is assigned “kubernetes.io/kube-apiserver-client-kubelet”. 2. If it’s a kubelet serving certificate, it is assigned “kubernetes.io/kubelet-serving”. 3. Otherwise, it is assigned “kubernetes.io/legacy-unknown”. Distribution of trust for signers happens out of band. You can select on this field using spec.signerName.

property uid

uid: string;

UID information about the requesting user. See user.Info interface for details.

property usages

usages: string[];

allowedUsages specifies a set of usage contexts the key will be valid for. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid values are: “signing”, “digital signature”, “content commitment”, “key encipherment”, “key agreement”, “data encipherment”, “cert sign”, “crl sign”, “encipher only”, “decipher only”, “any”, “server auth”, “client auth”, “code signing”, “email protection”, “s/mime”, “ipsec end system”, “ipsec tunnel”, “ipsec user”, “timestamping”, “ocsp signing”, “microsoft sgc”, “netscape sgc”

property username

username: string;

Information about the requesting user. See user.Info interface for details.

interface CertificateSigningRequestStatus

interface CertificateSigningRequestStatus

property certificate

certificate: string;

If request was approved, the controller will place the issued certificate here.

property conditions

conditions: CertificateSigningRequestCondition[];

Conditions applied to the request, such as approval or denial.

namespace coordination.v1

interface Lease

interface Lease

Lease defines a lease concept.

property apiVersion

apiVersion: "coordination.k8s.io/v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "Lease";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: LeaseSpec;

Specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

interface LeaseSpec

interface LeaseSpec

LeaseSpec is a specification of a Lease.

property acquireTime

acquireTime: string;

acquireTime is a time when the current lease was acquired.

property holderIdentity

holderIdentity: string;

holderIdentity contains the identity of the holder of a current lease.

property leaseDurationSeconds

leaseDurationSeconds: number;

leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed RenewTime.

property leaseTransitions

leaseTransitions: number;

leaseTransitions is the number of transitions of a lease between holders.

property renewTime

renewTime: string;

renewTime is a time when the current holder of a lease has last updated the lease.

namespace coordination.v1beta1

interface Lease

interface Lease

Lease defines a lease concept.

property apiVersion

apiVersion: "coordination.k8s.io/v1beta1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "Lease";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: LeaseSpec;

Specification of the Lease. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

interface LeaseSpec

interface LeaseSpec

LeaseSpec is a specification of a Lease.

property acquireTime

acquireTime: string;

acquireTime is a time when the current lease was acquired.

property holderIdentity

holderIdentity: string;

holderIdentity contains the identity of the holder of a current lease.

property leaseDurationSeconds

leaseDurationSeconds: number;

leaseDurationSeconds is a duration that candidates for a lease need to wait to force acquire it. This is measure against time of last observed RenewTime.

property leaseTransitions

leaseTransitions: number;

leaseTransitions is the number of transitions of a lease between holders.

property renewTime

renewTime: string;

renewTime is a time when the current holder of a lease has last updated the lease.

namespace core.v1

interface Affinity

interface Affinity

Affinity is a group of affinity scheduling rules.

property nodeAffinity

nodeAffinity: NodeAffinity;

Describes node affinity scheduling rules for the pod.

property podAffinity

podAffinity: PodAffinity;

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

property podAntiAffinity

podAntiAffinity: PodAntiAffinity;

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

interface AttachedVolume

interface AttachedVolume

AttachedVolume describes a volume attached to a node

property devicePath

devicePath: string;

DevicePath represents the device path where the volume should be available

property name

name: string;

Name of the attached volume

interface AWSElasticBlockStoreVolumeSource

interface AWSElasticBlockStoreVolumeSource

Represents a Persistent Disk resource in AWS.

An AWS EBS disk must exist before mounting to a container. The disk must also be in the same AWS zone as the kubelet. An AWS EBS disk can only be mounted as read/write once. AWS EBS volumes support ownership management and SELinux relabeling.

property fsType

fsType: string;

Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: “ext4”, “xfs”, “ntfs”. Implicitly inferred to be “ext4” if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

property partition

partition: number;

The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as “1”. Similarly, the volume partition for /dev/sda is “0” (or you can leave the property empty).

property readOnly

readOnly: boolean;

Specify “true” to force and set the ReadOnly property in VolumeMounts to “true”. If omitted, the default is “false”. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

property volumeID

volumeID: string;

Unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore

interface AzureDiskVolumeSource

interface AzureDiskVolumeSource

AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.

property cachingMode

cachingMode: string;

Host Caching mode: None, Read Only, Read Write.

property diskName

diskName: string;

The Name of the data disk in the blob storage

property diskURI

diskURI: string;

The URI the data disk in the blob storage

property fsType

fsType: string;

Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. “ext4”, “xfs”, “ntfs”. Implicitly inferred to be “ext4” if unspecified.

property kind

kind: string;

Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared

property readOnly

readOnly: boolean;

Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

interface AzureFilePersistentVolumeSource

interface AzureFilePersistentVolumeSource

AzureFile represents an Azure File Service mount on the host and bind mount to the pod.

property readOnly

readOnly: boolean;

Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

property secretName

secretName: string;

the name of secret that contains Azure Storage Account Name and Key

property secretNamespace

secretNamespace: string;

the namespace of the secret that contains Azure Storage Account Name and Key default is the same as the Pod

property shareName

shareName: string;

Share Name

interface AzureFileVolumeSource

interface AzureFileVolumeSource

AzureFile represents an Azure File Service mount on the host and bind mount to the pod.

property readOnly

readOnly: boolean;

Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

property secretName

secretName: string;

the name of secret that contains Azure Storage Account Name and Key

property shareName

shareName: string;

Share Name

interface Capabilities

interface Capabilities

Adds and removes POSIX capabilities from running containers.

property add

add: string[];

Added capabilities

property drop

drop: string[];

Removed capabilities

interface CephFSPersistentVolumeSource

interface CephFSPersistentVolumeSource

Represents a Ceph Filesystem mount that lasts the lifetime of a pod Cephfs volumes do not support ownership management or SELinux relabeling.

property monitors

monitors: string[];

Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

property path

path: string;

Optional: Used as the mounted root, rather than the full Ceph tree, default is /

property readOnly

readOnly: boolean;

Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

property secretFile

secretFile: string;

Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

property secretRef

secretRef: SecretReference;

Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

property user

user: string;

Optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

interface CephFSVolumeSource

interface CephFSVolumeSource

Represents a Ceph Filesystem mount that lasts the lifetime of a pod Cephfs volumes do not support ownership management or SELinux relabeling.

property monitors

monitors: string[];

Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

property path

path: string;

Optional: Used as the mounted root, rather than the full Ceph tree, default is /

property readOnly

readOnly: boolean;

Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

property secretFile

secretFile: string;

Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

property secretRef

secretRef: LocalObjectReference;

Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

property user

user: string;

Optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it

interface CinderPersistentVolumeSource

interface CinderPersistentVolumeSource

Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.

property fsType

fsType: string;

Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: “ext4”, “xfs”, “ntfs”. Implicitly inferred to be “ext4” if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

property readOnly

readOnly: boolean;

Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

property secretRef

secretRef: SecretReference;

Optional: points to a secret object containing parameters used to connect to OpenStack.

property volumeID

volumeID: string;

volume id used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

interface CinderVolumeSource

interface CinderVolumeSource

Represents a cinder volume resource in Openstack. A Cinder volume must exist before mounting to a container. The volume must also be in the same region as the kubelet. Cinder volumes support ownership management and SELinux relabeling.

property fsType

fsType: string;

Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: “ext4”, “xfs”, “ntfs”. Implicitly inferred to be “ext4” if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

property readOnly

readOnly: boolean;

Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

property secretRef

secretRef: LocalObjectReference;

Optional: points to a secret object containing parameters used to connect to OpenStack.

property volumeID

volumeID: string;

volume id used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md

interface ClientIPConfig

interface ClientIPConfig

ClientIPConfig represents the configurations of Client IP based session affinity.

property timeoutSeconds

timeoutSeconds: number;

timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == “ClientIP”. Default value is 10800(for 3 hours).

interface ConfigMap

interface ConfigMap

ConfigMap holds configuration data for pods to consume.

property apiVersion

apiVersion: "v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property binaryData

binaryData: {[key: string]: string};

BinaryData contains the binary data. Each key must consist of alphanumeric characters, ‘-’, ‘_’ or ‘.’. BinaryData can contain byte sequences that are not in the UTF-8 range. The keys stored in BinaryData must not overlap with the ones in the Data field, this is enforced during validation process. Using this field will require 1.10+ apiserver and kubelet.

property data

data: {[key: string]: string};

Data contains the configuration data. Each key must consist of alphanumeric characters, ‘-’, ‘_’ or ‘.’. Values with non-UTF-8 byte sequences must use the BinaryData field. The keys stored in Data must not overlap with the keys in the BinaryData field, this is enforced during validation process.

property immutable

immutable: boolean;

Immutable, if set to true, ensures that data stored in the ConfigMap cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil. This is a beta field enabled by ImmutableEphemeralVolumes feature gate.

property kind

kind: "ConfigMap";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

interface ConfigMapEnvSource

interface ConfigMapEnvSource

ConfigMapEnvSource selects a ConfigMap to populate the environment variables with.

The contents of the target ConfigMap’s Data field will represent the key-value pairs as environment variables.

property name

name: string;

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

property optional

optional: boolean;

Specify whether the ConfigMap must be defined

interface ConfigMapKeySelector

interface ConfigMapKeySelector

Selects a key from a ConfigMap.

property key

key: string;

The key to select.

property name

name: string;

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

property optional

optional: boolean;

Specify whether the ConfigMap or its key must be defined

interface ConfigMapNodeConfigSource

interface ConfigMapNodeConfigSource

ConfigMapNodeConfigSource contains the information to reference a ConfigMap as a config source for the Node.

property kubeletConfigKey

kubeletConfigKey: string;

KubeletConfigKey declares which key of the referenced ConfigMap corresponds to the KubeletConfiguration structure This field is required in all cases.

property name

name: string;

Name is the metadata.name of the referenced ConfigMap. This field is required in all cases.

property namespace

namespace: string;

Namespace is the metadata.namespace of the referenced ConfigMap. This field is required in all cases.

property resourceVersion

resourceVersion: string;

ResourceVersion is the metadata.ResourceVersion of the referenced ConfigMap. This field is forbidden in Node.Spec, and required in Node.Status.

property uid

uid: string;

UID is the metadata.UID of the referenced ConfigMap. This field is forbidden in Node.Spec, and required in Node.Status.

interface ConfigMapProjection

interface ConfigMapProjection

Adapts a ConfigMap into a projected volume.

The contents of the target ConfigMap’s Data field will be presented in a projected volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. Note that this is identical to a configmap volume source without the default mode.

property items

items: KeyToPath[];

If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the ‘..’ path or start with ‘..’.

property name

name: string;

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

property optional

optional: boolean;

Specify whether the ConfigMap or its keys must be defined

interface ConfigMapVolumeSource

interface ConfigMapVolumeSource

Adapts a ConfigMap into a volume.

The contents of the target ConfigMap’s Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. ConfigMap volumes support ownership management and SELinux relabeling.

property defaultMode

defaultMode: number;

Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

property items

items: KeyToPath[];

If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the ‘..’ path or start with ‘..’.

property name

name: string;

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

property optional

optional: boolean;

Specify whether the ConfigMap or its keys must be defined

interface Container

interface Container

A single application container that you want to run within a pod.

property args

args: string[];

Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

property command

command: string[];

Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

property env

env: EnvVar[];

List of environment variables to set in the container. Cannot be updated.

property envFrom

envFrom: EnvFromSource[];

List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.

property image

image: string;

Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.

property imagePullPolicy

imagePullPolicy: string;

Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

property lifecycle

lifecycle: Lifecycle;

Actions that the management system should take in response to container lifecycle events. Cannot be updated.

property livenessProbe

livenessProbe: Probe;

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

property name

name: string;

Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.

property ports

ports: ContainerPort[];

List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default “0.0.0.0” address inside a container will be accessible from the network. Cannot be updated.

property readinessProbe

readinessProbe: Probe;

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

property resources

resources: ResourceRequirements;

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/

property securityContext

securityContext: SecurityContext;

Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

property startupProbe

startupProbe: Probe;

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod’s lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. This is a beta feature enabled by the StartupProbe feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

property stdin

stdin: boolean;

Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.

property stdinOnce

stdinOnce: boolean;

Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false

property terminationMessagePath

terminationMessagePath: string;

Optional: Path at which the file to which the container’s termination message will be written is mounted into the container’s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

property terminationMessagePolicy

terminationMessagePolicy: string;

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

property tty

tty: boolean;

Whether this container should allocate a TTY for itself, also requires ‘stdin’ to be true. Default is false.

property volumeDevices

volumeDevices: VolumeDevice[];

volumeDevices is the list of block devices to be used by the container.

property volumeMounts

volumeMounts: VolumeMount[];

Pod volumes to mount into the container’s filesystem. Cannot be updated.

property workingDir

workingDir: string;

Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.

interface ContainerImage

interface ContainerImage

Describe a container image

property names

names: string[];

Names by which this image is known. e.g. [“k8s.gcr.io/hyperkube:v1.0.7”, “dockerhub.io/google_containers/hyperkube:v1.0.7”]

property sizeBytes

sizeBytes: number;

The size of the image in bytes.

interface ContainerPort

interface ContainerPort

ContainerPort represents a network port in a single container.

property containerPort

containerPort: number;

Number of port to expose on the pod’s IP address. This must be a valid port number, 0 < x < 65536.

property hostIP

hostIP: string;

What host IP to bind the external port to.

property hostPort

hostPort: number;

Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.

property name

name: string;

If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.

property protocol

protocol: string;

Protocol for port. Must be UDP, TCP, or SCTP. Defaults to “TCP”.

interface ContainerState

interface ContainerState

ContainerState holds a possible state of container. Only one of its members may be specified. If none of them is specified, the default one is ContainerStateWaiting.

property running

running: ContainerStateRunning;

Details about a running container

property terminated

terminated: ContainerStateTerminated;

Details about a terminated container

property waiting

waiting: ContainerStateWaiting;

Details about a waiting container

interface ContainerStateRunning

interface ContainerStateRunning

ContainerStateRunning is a running state of a container.

property startedAt

startedAt: string;

Time at which the container was last (re-)started

interface ContainerStateTerminated

interface ContainerStateTerminated

ContainerStateTerminated is a terminated state of a container.

property containerID

containerID: string;

Container’s ID in the format ‘docker://<container_id>‘

property exitCode

exitCode: number;

Exit status from the last termination of the container

property finishedAt

finishedAt: string;

Time at which the container last terminated

property message

message: string;

Message regarding the last termination of the container

property reason

reason: string;

(brief) reason from the last termination of the container

property signal

signal: number;

Signal from the last termination of the container

property startedAt

startedAt: string;

Time at which previous execution of the container started

interface ContainerStateWaiting

interface ContainerStateWaiting

ContainerStateWaiting is a waiting state of a container.

property message

message: string;

Message regarding why the container is not yet running.

property reason

reason: string;

(brief) reason the container is not yet running.

interface ContainerStatus

interface ContainerStatus

ContainerStatus contains details for the current status of this container.

property containerID

containerID: string;

Container’s ID in the format ‘docker://<container_id>’.

property image

image: string;

The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images

property imageID

imageID: string;

ImageID of the container’s image.

property lastState

lastState: ContainerState;

Details about the container’s last termination condition.

property name

name: string;

This must be a DNS_LABEL. Each container in a pod must have a unique name. Cannot be updated.

property ready

ready: boolean;

Specifies whether the container has passed its readiness probe.

property restartCount

restartCount: number;

The number of times the container has been restarted, currently based on the number of dead containers that have not yet been removed. Note that this is calculated from dead containers. But those containers are subject to garbage collection. This value will get capped at 5 by GC.

property started

started: boolean;

Specifies whether the container has passed its startup probe. Initialized as false, becomes true after startupProbe is considered successful. Resets to false when the container is restarted, or if kubelet loses state temporarily. Is always true when no startupProbe is defined.

property state

state: ContainerState;

Details about the container’s current condition.

interface CSIPersistentVolumeSource

interface CSIPersistentVolumeSource

Represents storage that is managed by an external CSI volume driver (Beta feature)

property controllerExpandSecretRef

controllerExpandSecretRef: SecretReference;

ControllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This is an alpha field and requires enabling ExpandCSIVolumes feature gate. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.

property controllerPublishSecretRef

controllerPublishSecretRef: SecretReference;

ControllerPublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerPublishVolume and ControllerUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.

property driver

driver: string;

Driver is the name of the driver to use for this volume. Required.

property fsType

fsType: string;

Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. “ext4”, “xfs”, “ntfs”.

property nodePublishSecretRef

nodePublishSecretRef: SecretReference;

NodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.

property nodeStageSecretRef

nodeStageSecretRef: SecretReference;

NodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.

property readOnly

readOnly: boolean;

Optional: The value to pass to ControllerPublishVolumeRequest. Defaults to false (read/write).

property volumeAttributes

volumeAttributes: {[key: string]: string};

Attributes of the volume to publish.

property volumeHandle

volumeHandle: string;

VolumeHandle is the unique volume name returned by the CSI volume plugin’s CreateVolume to refer to the volume on all subsequent calls. Required.

interface CSIVolumeSource

interface CSIVolumeSource

Represents a source location of a volume to mount, managed by an external CSI driver

property driver

driver: string;

Driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster.

property fsType

fsType: string;

Filesystem type to mount. Ex. “ext4”, “xfs”, “ntfs”. If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply.

property nodePublishSecretRef

nodePublishSecretRef: LocalObjectReference;

NodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.

property readOnly

readOnly: boolean;

Specifies a read-only configuration for the volume. Defaults to false (read/write).

property volumeAttributes

volumeAttributes: {[key: string]: string};

VolumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver’s documentation for supported values.

interface DaemonEndpoint

interface DaemonEndpoint

DaemonEndpoint contains information about a single Daemon endpoint.

property Port

Port: number;

Port number of the given endpoint.

interface DownwardAPIProjection

interface DownwardAPIProjection

Represents downward API info for projecting into a projected volume. Note that this is identical to a downwardAPI volume source without the default mode.

property items

items: DownwardAPIVolumeFile[];

Items is a list of DownwardAPIVolume file

interface DownwardAPIVolumeFile

interface DownwardAPIVolumeFile

DownwardAPIVolumeFile represents information to create the file containing the pod field

property fieldRef

fieldRef: ObjectFieldSelector;

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

property mode

mode: number;

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

property path

path: string;

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ‘..’ path. Must be utf-8 encoded. The first item of the relative path must not start with ‘..’

property resourceFieldRef

resourceFieldRef: ResourceFieldSelector;

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

interface DownwardAPIVolumeSource

interface DownwardAPIVolumeSource

DownwardAPIVolumeSource represents a volume containing downward API info. Downward API volumes support ownership management and SELinux relabeling.

property defaultMode

defaultMode: number;

Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

property items

items: DownwardAPIVolumeFile[];

Items is a list of downward API volume file

interface EmptyDirVolumeSource

interface EmptyDirVolumeSource

Represents an empty directory for a pod. Empty directory volumes support ownership management and SELinux relabeling.

property medium

medium: string;

What type of storage medium should back this directory. The default is “” which means to use the node’s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

property sizeLimit

sizeLimit: string;

Total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir

interface EndpointAddress

interface EndpointAddress

EndpointAddress is a tuple that describes single IP address.

property hostname

hostname: string;

The Hostname of this endpoint

property ip

ip: string;

The IP of this endpoint. May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), or link-local multicast ((224.0.0.0/24). IPv6 is also accepted but not fully supported on all platforms. Also, certain kubernetes components, like kube-proxy, are not IPv6 ready.

property nodeName

nodeName: string;

Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.

property targetRef

targetRef: ObjectReference;

Reference to object providing the endpoint.

interface EndpointPort

interface EndpointPort

EndpointPort is a tuple that describes a single port.

property appProtocol

appProtocol: string;

The application protocol for this port. This field follows standard Kubernetes label syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and http://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed names such as mycompany.com/my-custom-protocol. This is a beta field that is guarded by the ServiceAppProtocol feature gate and enabled by default.

property name

name: string;

The name of this port. This must match the ‘name’ field in the corresponding ServicePort. Must be a DNS_LABEL. Optional only if one port is defined.

property port

port: number;

The port number of the endpoint.

property protocol

protocol: string;

The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.

interface Endpoints

interface Endpoints

Endpoints is a collection of endpoints that implement the actual service. Example: Name: “mysvc”, Subsets: [ { Addresses: [{“ip”: “10.10.1.1”}, {“ip”: “10.10.2.2”}], Ports: [{“name”: “a”, “port”: 8675}, {“name”: “b”, “port”: 309}] }, { Addresses: [{“ip”: “10.10.3.3”}], Ports: [{“name”: “a”, “port”: 93}, {“name”: “b”, “port”: 76}] }, ]

property apiVersion

apiVersion: "v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "Endpoints";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property subsets

subsets: EndpointSubset[];

The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different containers) will result in the address being displayed in different subsets for the different ports. No address will appear in both Addresses and NotReadyAddresses in the same subset. Sets of addresses and ports that comprise a service.

interface EndpointSubset

interface EndpointSubset

EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports. For example, given: { Addresses: [{“ip”: “10.10.1.1”}, {“ip”: “10.10.2.2”}], Ports: [{“name”: “a”, “port”: 8675}, {“name”: “b”, “port”: 309}] } The resulting set of endpoints can be viewed as: a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], b: [ 10.10.1.1:309, 10.10.2.2:309 ]

property addresses

addresses: EndpointAddress[];

IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.

property notReadyAddresses

notReadyAddresses: EndpointAddress[];

IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.

property ports

ports: EndpointPort[];

Port numbers available on the related IP addresses.

interface EnvFromSource

interface EnvFromSource

EnvFromSource represents the source of a set of ConfigMaps

property configMapRef

configMapRef: ConfigMapEnvSource;

The ConfigMap to select from

property prefix

prefix: string;

An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.

property secretRef

secretRef: SecretEnvSource;

The Secret to select from

interface EnvVar

interface EnvVar

EnvVar represents an environment variable present in a Container.

property name

name: string;

Name of the environment variable. Must be a C_IDENTIFIER.

property value

value: string;

Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to “”.

property valueFrom

valueFrom: EnvVarSource;

Source for the environment variable’s value. Cannot be used if value is not empty.

interface EnvVarSource

interface EnvVarSource

EnvVarSource represents a source for the value of an EnvVar.

property configMapKeyRef

configMapKeyRef: ConfigMapKeySelector;

Selects a key of a ConfigMap.

property fieldRef

fieldRef: ObjectFieldSelector;

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['&lt;KEY&gt;'], metadata.annotations['&lt;KEY&gt;'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

property resourceFieldRef

resourceFieldRef: ResourceFieldSelector;

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

property secretKeyRef

secretKeyRef: SecretKeySelector;

Selects a key of a secret in the pod’s namespace

interface EphemeralContainer

interface EphemeralContainer

An EphemeralContainer is a container that may be added temporarily to an existing pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a pod is removed or restarted. If an ephemeral container causes a pod to exceed its resource allocation, the pod may be evicted. Ephemeral containers may not be added by directly updating the pod spec. They must be added via the pod’s ephemeralcontainers subresource, and they will appear in the pod spec once added. This is an alpha feature enabled by the EphemeralContainers feature flag.

property args

args: string[];

Arguments to the entrypoint. The docker image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

property command

command: string[];

Entrypoint array. Not executed within a shell. The docker image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

property env

env: EnvVar[];

List of environment variables to set in the container. Cannot be updated.

property envFrom

envFrom: EnvFromSource[];

List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.

property image

image: string;

Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images

property imagePullPolicy

imagePullPolicy: string;

Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

property lifecycle

lifecycle: Lifecycle;

Lifecycle is not allowed for ephemeral containers.

property livenessProbe

livenessProbe: Probe;

Probes are not allowed for ephemeral containers.

property name

name: string;

Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers.

property ports

ports: ContainerPort[];

Ports are not allowed for ephemeral containers.

property readinessProbe

readinessProbe: Probe;

Probes are not allowed for ephemeral containers.

property resources

resources: ResourceRequirements;

Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod.

property securityContext

securityContext: SecurityContext;

SecurityContext is not allowed for ephemeral containers.

property startupProbe

startupProbe: Probe;

Probes are not allowed for ephemeral containers.

property stdin

stdin: boolean;

Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.

property stdinOnce

stdinOnce: boolean;

Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false

property targetContainerName

targetContainerName: string;

If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container is run in whatever namespaces are shared for the pod. Note that the container runtime must support this feature.

property terminationMessagePath

terminationMessagePath: string;

Optional: Path at which the file to which the container’s termination message will be written is mounted into the container’s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

property terminationMessagePolicy

terminationMessagePolicy: string;

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

property tty

tty: boolean;

Whether this container should allocate a TTY for itself, also requires ‘stdin’ to be true. Default is false.

property volumeDevices

volumeDevices: VolumeDevice[];

volumeDevices is the list of block devices to be used by the container.

property volumeMounts

volumeMounts: VolumeMount[];

Pod volumes to mount into the container’s filesystem. Cannot be updated.

property workingDir

workingDir: string;

Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.

interface EphemeralVolumeSource

interface EphemeralVolumeSource

Represents an ephemeral volume that is handled by a normal storage driver.

property readOnly

readOnly: boolean;

Specifies a read-only configuration for the volume. Defaults to false (read/write).

property volumeClaimTemplate

volumeClaimTemplate: PersistentVolumeClaimTemplate;

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be &lt;pod name&gt;-&lt;volume name&gt; where &lt;volume name&gt; is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

interface Event

interface Event

Event is a report of an event somewhere in the cluster.

property action

action: string;

What action was taken/failed regarding to the Regarding object.

property apiVersion

apiVersion: "v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property count

count: number;

The number of times this event has occurred.

property eventTime

eventTime: string;

Time when this Event was first observed.

property firstTimestamp

firstTimestamp: string;

The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)

property involvedObject

involvedObject: ObjectReference;

The object that this event is about.

property kind

kind: "Event";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property lastTimestamp

lastTimestamp: string;

The time at which the most recent occurrence of this event was recorded.

property message

message: string;

A human-readable description of the status of this operation.

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property reason

reason: string;

This should be a short, machine understandable string that gives the reason for the transition into the object’s current status.

related: ObjectReference;

Optional secondary object for more complex actions.

property reportingComponent

reportingComponent: string;

Name of the controller that emitted this Event, e.g. kubernetes.io/kubelet.

property reportingInstance

reportingInstance: string;

ID of the controller instance, e.g. kubelet-xyzf.

property series

series: EventSeries;

Data about the Event series this event represents or nil if it’s a singleton Event.

property source

source: EventSource;

The component reporting this event. Should be a short machine understandable string.

property type

type: string;

Type of this event (Normal, Warning), new types could be added in the future

interface EventSeries

interface EventSeries

EventSeries contain information on series of events, i.e. thing that was/is happening continuously for some time.

property count

count: number;

Number of occurrences in this series up to the last heartbeat time

property lastObservedTime

lastObservedTime: string;

Time of the last occurrence observed

property state

state: string;

State of this Series: Ongoing or Finished Deprecated. Planned removal for 1.18

interface EventSource

interface EventSource

EventSource contains information for an event.

property component

component: string;

Component from which the event is generated.

property host

host: string;

Node name on which the event is generated.

interface ExecAction

interface ExecAction

ExecAction describes a “run in container” action.

property command

command: string[];

Command is the command line to execute inside the container, the working directory for the command is root (‘/’) in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions (‘|’, etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

interface FCVolumeSource

interface FCVolumeSource

Represents a Fibre Channel volume. Fibre Channel volumes can only be mounted as read/write once. Fibre Channel volumes support ownership management and SELinux relabeling.

property fsType

fsType: string;

Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. “ext4”, “xfs”, “ntfs”. Implicitly inferred to be “ext4” if unspecified.

property lun

lun: number;

Optional: FC target lun number

property readOnly

readOnly: boolean;

Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

property targetWWNs

targetWWNs: string[];

Optional: FC target worldwide names (WWNs)

property wwids

wwids: string[];

Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.

interface FlexPersistentVolumeSource

interface FlexPersistentVolumeSource

FlexPersistentVolumeSource represents a generic persistent volume resource that is provisioned/attached using an exec based plugin.

property driver

driver: string;

Driver is the name of the driver to use for this volume.

property fsType

fsType: string;

Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. “ext4”, “xfs”, “ntfs”. The default filesystem depends on FlexVolume script.

property options

options: {[key: string]: string};

Optional: Extra command options if any.

property readOnly

readOnly: boolean;

Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

property secretRef

secretRef: SecretReference;

Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

interface FlexVolumeSource

interface FlexVolumeSource

FlexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin.

property driver

driver: string;

Driver is the name of the driver to use for this volume.

property fsType

fsType: string;

Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. “ext4”, “xfs”, “ntfs”. The default filesystem depends on FlexVolume script.

property options

options: {[key: string]: string};

Optional: Extra command options if any.

property readOnly

readOnly: boolean;

Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.

property secretRef

secretRef: LocalObjectReference;

Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.

interface FlockerVolumeSource

interface FlockerVolumeSource

Represents a Flocker volume mounted by the Flocker agent. One and only one of datasetName and datasetUUID should be set. Flocker volumes do not support ownership management or SELinux relabeling.

property datasetName

datasetName: string;

Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated

property datasetUUID

datasetUUID: string;

UUID of the dataset. This is unique identifier of a Flocker dataset

interface GCEPersistentDiskVolumeSource

interface GCEPersistentDiskVolumeSource

Represents a Persistent Disk resource in Google Compute Engine.

A GCE PD must exist before mounting to a container. The disk must also be in the same GCE project and zone as the kubelet. A GCE PD can only be mounted as read/write once or read-only many times. GCE PDs support ownership management and SELinux relabeling.

property fsType

fsType: string;

Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: “ext4”, “xfs”, “ntfs”. Implicitly inferred to be “ext4” if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

property partition

partition: number;

The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as “1”. Similarly, the volume partition for /dev/sda is “0” (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

property pdName

pdName: string;

Unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

property readOnly

readOnly: boolean;

ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk

interface GitRepoVolumeSource

interface GitRepoVolumeSource

Represents a volume that is populated with the contents of a git repository. Git repo volumes do not support ownership management. Git repo volumes support SELinux relabeling.

DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod’s container.

property directory

directory: string;

Target directory name. Must not contain or start with ‘..’. If ‘.’ is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name.

property repository

repository: string;

Repository URL

property revision

revision: string;

Commit hash for the specified revision.

interface GlusterfsPersistentVolumeSource

interface GlusterfsPersistentVolumeSource

Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.

property endpoints

endpoints: string;

EndpointsName is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

property endpointsNamespace

endpointsNamespace: string;

EndpointsNamespace is the namespace that contains Glusterfs endpoint. If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

property path

path: string;

Path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

property readOnly

readOnly: boolean;

ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

interface GlusterfsVolumeSource

interface GlusterfsVolumeSource

Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.

property endpoints

endpoints: string;

EndpointsName is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

property path

path: string;

Path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

property readOnly

readOnly: boolean;

ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

interface Handler

interface Handler

Handler defines a specific action that should be taken

property exec

exec: ExecAction;

One and only one of the following should be specified. Exec specifies the action to take.

property httpGet

httpGet: HTTPGetAction;

HTTPGet specifies the http request to perform.

property tcpSocket

tcpSocket: TCPSocketAction;

TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported

interface HostAlias

interface HostAlias

HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.

property hostnames

hostnames: string[];

Hostnames for the above IP address.

property ip

ip: string;

IP address of the host file entry.

interface HostPathVolumeSource

interface HostPathVolumeSource

Represents a host path mapped into a pod. Host path volumes do not support ownership management or SELinux relabeling.

property path

path: string;

Path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

property type

type: string;

Type for HostPath Volume Defaults to “” More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath

interface HTTPGetAction

interface HTTPGetAction

HTTPGetAction describes an action based on HTTP Get requests.

property host

host: string;

Host name to connect to, defaults to the pod IP. You probably want to set “Host” in httpHeaders instead.

property httpHeaders

httpHeaders: HTTPHeader[];

Custom headers to set in the request. HTTP allows repeated headers.

property path

path: string;

Path to access on the HTTP server.

property port

port: number | string;

Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

property scheme

scheme: string;

Scheme to use for connecting to the host. Defaults to HTTP.

interface HTTPHeader

interface HTTPHeader

HTTPHeader describes a custom header to be used in HTTP probes

property name

name: string;

The header field name

property value

value: string;

The header field value

interface ISCSIPersistentVolumeSource

interface ISCSIPersistentVolumeSource

ISCSIPersistentVolumeSource represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.

property chapAuthDiscovery

chapAuthDiscovery: boolean;

whether support iSCSI Discovery CHAP authentication

property chapAuthSession

chapAuthSession: boolean;

whether support iSCSI Session CHAP authentication

property fsType

fsType: string;

Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: “ext4”, “xfs”, “ntfs”. Implicitly inferred to be “ext4” if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi

property initiatorName

initiatorName: string;

Custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.

property iqn

iqn: string;

Target iSCSI Qualified Name.

property iscsiInterface

iscsiInterface: string;

iSCSI Interface Name that uses an iSCSI transport. Defaults to ‘default’ (tcp).

property lun

lun: number;

iSCSI Target Lun number.

property portals

portals: string[];

iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

property readOnly

readOnly: boolean;

ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.

property secretRef

secretRef: SecretReference;

CHAP Secret for iSCSI target and initiator authentication

property targetPortal

targetPortal: string;

iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

interface ISCSIVolumeSource

interface ISCSIVolumeSource

Represents an ISCSI disk. ISCSI volumes can only be mounted as read/write once. ISCSI volumes support ownership management and SELinux relabeling.

property chapAuthDiscovery

chapAuthDiscovery: boolean;

whether support iSCSI Discovery CHAP authentication

property chapAuthSession

chapAuthSession: boolean;

whether support iSCSI Session CHAP authentication

property fsType

fsType: string;

Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: “ext4”, “xfs”, “ntfs”. Implicitly inferred to be “ext4” if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi

property initiatorName

initiatorName: string;

Custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface <target portal>:<volume name> will be created for the connection.

property iqn

iqn: string;

Target iSCSI Qualified Name.

property iscsiInterface

iscsiInterface: string;

iSCSI Interface Name that uses an iSCSI transport. Defaults to ‘default’ (tcp).

property lun

lun: number;

iSCSI Target Lun number.

property portals

portals: string[];

iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

property readOnly

readOnly: boolean;

ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false.

property secretRef

secretRef: LocalObjectReference;

CHAP Secret for iSCSI target and initiator authentication

property targetPortal

targetPortal: string;

iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).

interface KeyToPath

interface KeyToPath

Maps a string key to a path within a volume.

property key

key: string;

The key to project.

property mode

mode: number;

Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

property path

path: string;

The relative path of the file to map the key to. May not be an absolute path. May not contain the path element ‘..’. May not start with the string ‘..’.

interface Lifecycle

interface Lifecycle

Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted.

property postStart

postStart: Handler;

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

property preStop

preStop: Handler;

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The reason for termination is passed to the handler. The Pod’s termination grace period countdown begins before the PreStop hooked is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod’s termination grace period. Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

interface LimitRange

interface LimitRange

LimitRange sets resource usage limits for each kind of resource in a Namespace.

property apiVersion

apiVersion: "v1";

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property kind

kind: "LimitRange";

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

metadata: ObjectMeta;

Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

property spec

spec: LimitRangeSpec;

Spec defines the limits enforced. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

interface LimitRangeItem

interface LimitRangeItem

LimitRangeItem defines a min/max usage limit for any resource that matches on kind.

property default

default: {[key: string]: string};

Default resource requirement limit value by resource name if resource limit is omitted.

property defaultRequest

defaultRequest: {[key: string]: string};

DefaultRequest is the default resource requirement request value by resource name if resource request is omitted.

property max

max: {[key: string]: string};

Max usage constraints on this kind by resource name.

property maxLimitRequestRatio

maxLimitRequestRatio: {[key: string]: string};

MaxLimitRequestRatio if specified, the named resource must have a request and limit that are both non-zero where limit divided by request is less than or equal to the enumerated value; this represents the max burst for the named resource.

property min

min: {[key: string]: string};

Min usage constraints on this kind by resource name.

property type

type: string;

Type of resource that this limit applies to.

interface LimitRangeSpec

interface LimitRangeSpec

LimitRangeSpec defines a min/max usage limit for resources that match on kind.

property limits

limits: LimitRangeItem[];

Limits is the list of LimitRangeItem objects that are enforced.

interface LoadBalancerIngress

interface LoadBalancerIngress

LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.

property hostname

hostname: string;

Hostname is set for load-balancer ingress points that are DNS based (typically AWS load-balancers)

property ip

ip: string;

IP is set for load-balancer ingress points that are IP based (typically GCE or OpenStack load-balancers)

interface LoadBalancerStatus

interface LoadBalancerStatus

LoadBalancerStatus represents the status of a load-balancer.

property ingress

ingress: LoadBalancerIngress[];

Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.

interface LocalObjectReference

interface LocalObjectReference

LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.

property name

name: string;

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

interface LocalVolumeSource

interface LocalVolumeSource

Local represents directly-attached storage with node affinity (Beta feature)