Documentation ¶
Overview ¶
+k8s:deepcopy-gen=package +k8s:openapi-gen=true +gencrdrefdocs:force=true
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetOpenAPIDefinitions ¶
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition
Types ¶
type PodSpec ¶
type PodSpec struct { // List of volumes that can be mounted by containers belonging to the pod. // More info: https://kubernetes.io/docs/concepts/storage/volumes // +optional // +patchMergeKey=name // +patchStrategy=merge,retainKeys Volumes []v1.Volume `json:"volumes,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name"` // List of initialization containers belonging to the pod. // Init containers are executed in order prior to containers being started. If any // init container fails, the pod is considered to have failed and is handled according // to its restartPolicy. The name for an init container or normal container must be // unique among all containers. // Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. // The resourceRequirements of an init container are taken into account during scheduling // by finding the highest request/limit for each resource type, and then using the max of // of that value or the sum of the normal containers. Limits are applied to init containers // in a similar fashion. // Init containers cannot currently be added or removed. // Cannot be updated. // More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ // +patchMergeKey=name // +patchStrategy=merge InitContainers []core.Container `json:"initContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name"` // List of sidecar containers belonging to the pod. // Containers cannot currently be added or removed. // +patchMergeKey=name // +patchStrategy=merge Containers []core.Container `json:"containers,omitempty" patchStrategy:"merge" patchMergeKey:"name"` // List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing // pod to perform user-initiated actions such as debugging. This list cannot be specified when // creating a pod, and it cannot be modified by updating the pod spec. In order to add an // ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. // +optional // +patchMergeKey=name // +patchStrategy=merge EphemeralContainers []core.EphemeralContainer `json:"ephemeralContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name"` // Restart policy for all containers within the pod. // One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. // Default to Always. // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy // +optional RestartPolicy core.RestartPolicy `json:"restartPolicy,omitempty"` // Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. // Value must be non-negative integer. The value zero indicates stop immediately via // the kill signal (no opportunity to shut down). // If this value is nil, the default grace period will be used instead. // The grace period is the duration in seconds after the processes running in the pod are sent // a termination signal and the time when the processes are forcibly halted with a kill signal. // Set this value longer than the expected cleanup time for your process. // Defaults to 30 seconds. // +optional TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"` // Optional duration in seconds the pod may be active on the node relative to // StartTime before the system will actively try to mark it failed and kill associated containers. // Value must be a positive integer. // +optional ActiveDeadlineSeconds *int64 `json:"activeDeadlineSeconds,omitempty"` // Set DNS policy for the pod. // Defaults to "ClusterFirst". // Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. // DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. // To have DNS options set along with hostNetwork, you have to specify DNS policy // explicitly to 'ClusterFirstWithHostNet'. // +optional DNSPolicy core.DNSPolicy `json:"dnsPolicy,omitempty"` // NodeSelector is a selector which must be true for the pod to fit on a node. // Selector which must match a node's labels for the pod to be scheduled on that node. // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ // +optional // +mapType=atomic NodeSelector map[string]string `json:"nodeSelector,omitempty"` // ServiceAccountName is the name of the ServiceAccount to use to run this pod. // More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ // +optional ServiceAccountName string `json:"serviceAccountName,omitempty"` // AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. // +optional AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty"` // NodeName is a request to schedule this pod onto a specific node. If it is non-empty, // the scheduler simply schedules this pod onto that node, assuming that it fits resource // requirements. // +optional NodeName string `json:"nodeName,omitempty"` // Host networking requested for this pod. Use the host's network namespace. // If this option is set, the ports that will be used must be specified. // Default to false. // +optional HostNetwork bool `json:"hostNetwork,omitempty"` // Use the host's pid namespace. // Optional: Default to false. // +optional HostPID bool `json:"hostPID,omitempty"` // Use the host's ipc namespace. // Optional: Default to false. // +optional HostIPC bool `json:"hostIPC,omitempty"` // When this is set containers will be able to view and signal processes from other containers // in the same pod, and the first process in each container will not be assigned PID 1. // HostPID and ShareProcessNamespace cannot both be set. // Optional: Default to false. // +optional ShareProcessNamespace *bool `json:"shareProcessNamespace,omitempty"` // SecurityContext holds pod-level security attributes and common container settings. // Optional: Defaults to empty. See type description for default values of each field. // +optional SecurityContext *core.PodSecurityContext `json:"securityContext,omitempty"` // ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. // If specified, these secrets will be passed to individual puller implementations for them to use. // More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod // +optional // +patchMergeKey=name // +patchStrategy=merge ImagePullSecrets []core.LocalObjectReference `json:"imagePullSecrets,omitempty" patchStrategy:"merge" patchMergeKey:"name"` // If specified, the pod will be dispatched by specified scheduler. // If not specified, the pod will be dispatched by default scheduler. // +optional SchedulerName string `json:"schedulerName,omitempty"` // If specified, the pod's tolerations. // +optional Tolerations []core.Toleration `json:"tolerations,omitempty"` // HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts // file if specified. This is only valid for non-hostNetwork pods. // +optional // +patchMergeKey=ip // +patchStrategy=merge HostAliases []core.HostAlias `json:"hostAliases,omitempty" patchStrategy:"merge" patchMergeKey:"ip"` // If specified, indicates the pod's priority. "system-node-critical" and // "system-cluster-critical" are two special keywords which indicate the // highest priorities with the former being the highest priority. Any other // name must be defined by creating a PriorityClass object with that name. // If not specified, the pod priority will be default or zero if there is no // default. // +optional PriorityClassName string `json:"priorityClassName,omitempty"` // The priority value. Various system components use this field to find the // priority of the pod. When Priority Admission Controller is enabled, it // prevents users from setting this field. The admission controller populates // this field from PriorityClassName. // The higher the value, the higher the priority. // +optional Priority *int32 `json:"priority,omitempty"` // Specifies the DNS parameters of a pod. // Parameters specified here will be merged to the generated DNS // configuration based on DNSPolicy. // +optional DNSConfig *core.PodDNSConfig `json:"dnsConfig,omitempty"` // If specified, all readiness gates will be evaluated for pod readiness. // A pod is ready when all its containers are ready AND // all conditions specified in the readiness gates have status equal to "True" // More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates // +optional ReadinessGates []core.PodReadinessGate `json:"readinessGates,omitempty"` // RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used // to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. // If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an // empty definition that uses the default runtime handler. // More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class // +optional RuntimeClassName *string `json:"runtimeClassName,omitempty"` // EnableServiceLinks indicates whether information about services should be injected into pod's // environment variables, matching the syntax of Docker links. // Optional: Defaults to true. // +optional EnableServiceLinks *bool `json:"enableServiceLinks,omitempty"` // PreemptionPolicy is the Policy for preempting pods with lower priority. // One of Never, PreemptLowerPriority. // Defaults to PreemptLowerPriority if unset. // +optional PreemptionPolicy *core.PreemptionPolicy `json:"preemptionPolicy,omitempty"` // Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. // This field will be autopopulated at admission time by the RuntimeClass admission controller. If // the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. // The RuntimeClass admission controller will reject Pod create requests which have the overhead already // set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value // defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. // More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md // +optional Overhead core.ResourceList `json:"overhead,omitempty"` // If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). // In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). // In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. // If a pod does not have FQDN, this has no effect. // Default to false. // +optional SetHostnameAsFQDN *bool `json:"setHostnameAsFQDN,omitempty"` // Specifies the OS of the containers in the pod. // Some pod and container fields are restricted if this is set. // // If the OS field is set to linux, the following fields must be unset: // -securityContext.windowsOptions // // If the OS field is set to windows, following fields must be unset: // - spec.hostPID // - spec.hostIPC // - spec.hostUsers // - spec.securityContext.seLinuxOptions // - spec.securityContext.seccompProfile // - spec.securityContext.fsGroup // - spec.securityContext.fsGroupChangePolicy // - spec.securityContext.sysctls // - spec.shareProcessNamespace // - spec.securityContext.runAsUser // - spec.securityContext.runAsGroup // - spec.securityContext.supplementalGroups // - spec.containers[*].securityContext.seLinuxOptions // - spec.containers[*].securityContext.seccompProfile // - spec.containers[*].securityContext.capabilities // - spec.containers[*].securityContext.readOnlyRootFilesystem // - spec.containers[*].securityContext.privileged // - spec.containers[*].securityContext.allowPrivilegeEscalation // - spec.containers[*].securityContext.procMount // - spec.containers[*].securityContext.runAsUser // - spec.containers[*].securityContext.runAsGroup // +optional OS *core.PodOS `json:"os,omitempty"` // Use the host's user namespace. // Optional: Default to true. // If set to true or not present, the pod will be run in the host user namespace, useful // for when the pod needs a feature only available to the host user namespace, such as // loading a kernel module with CAP_SYS_MODULE. // When set to false, a new userns is created for the pod. Setting false is useful for // mitigating container breakout vulnerabilities even allowing users to run their // containers as root without actually having root privileges on the host. // This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. // +optional HostUsers *bool `json:"hostUsers,omitempty"` // PodPlacementPolicy is the reference of the podPlacementPolicy // +kubebuilder:default={name:"default"} // +optional PodPlacementPolicy *core.LocalObjectReference `json:"podPlacementPolicy,omitempty"` }
PodSpec is a description of a pod.
func (*PodSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSpec.
func (*PodSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PodTemplateSpec ¶
type PodTemplateSpec struct { // Standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata // +optional v1.ObjectMeta `json:"metadata,omitempty"` // Workload controller's metadata. // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata // +optional Controller v1.ObjectMeta `json:"controller,omitempty"` // Specification of the desired behavior of the pod. // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status // +optional Spec PodSpec `json:"spec,omitempty"` }
PodTemplateSpec describes the data a pod should have when created from a template
func (*PodTemplateSpec) DeepCopy ¶
func (in *PodTemplateSpec) DeepCopy() *PodTemplateSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodTemplateSpec.
func (*PodTemplateSpec) DeepCopyInto ¶
func (in *PodTemplateSpec) DeepCopyInto(out *PodTemplateSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Click to show internal directories.
Click to hide internal directories.