Replacing the Specified Pod

Function

Replace the specified Pod.

The following fields can be updated:

  • metadata.labels

  • metadata.annotations

  • spec.initContainers[*].image

  • spec.containers[*].image

  • spec.activeDeadlineSeconds

  • spec.tolerations.tolerationSeconds

    Other fields cannot be updated.

Calling Method

For details, see Calling APIs.

URI

PUT /apis/cci/v2/namespaces/{namespace}/pods/{name}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

name

Yes

String

Name of the Pod.

namespace

Yes

String

Object name and auth scope, such as for teams and projects.

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

dryRun

No

String

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager

No

String

fieldManager is a name associated with the actor or entity that

is making these changes. The value must be less than or 128 characters long,

and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

pretty

No

String

If 'true', then the output is pretty printed.

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token.

It can be obtained through the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is the user token.

Content-Type

Yes

String

The type of the message body, with a default value of "application/JSON".

Table 4 Request body parameters

Parameter

Mandatory

Type

Description

apiVersion

No

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

kind

No

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

metadata

No

io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta object

Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

spec

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSpec object

Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

status

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodStatus object

Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Table 5 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSpec

Parameter

Mandatory

Type

Description

activeDeadlineSeconds

No

Long

Optional duration in seconds the pod may be active on the node

relative to StartTime before the system will actively try to mark it failed

and kill associated containers. Value must be a positive integer.

affinity

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.Affinity object

If specified, the pod's scheduling constraints

containers

Yes

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Container objects

List of containers belonging to the pod. Containers cannot currently

be added or removed. There must be at least one container in a Pod. Cannot

be updated.

dnsConfig

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfig object

Specifies the DNS parameters of a pod. Parameters specified here

will be merged to the generated DNS configuration based on DNSPolicy.

dnsPolicy

No

String

Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.

Possible enum values:

  • "ClusterFirst" indicates that the pod should use cluster DNS first unless hostNetwork is true, if it is available, then fall back on the default (as determined by kubelet) DNS settings.

  • "ClusterFirstWithHostNet" indicates that the pod should use cluster DNS first, if it is available, then fall back on the default (as determined by kubelet) DNS settings.

  • "Default" indicates that the pod should use the default (as determined by kubelet) DNS settings.

  • "None" indicates that the pod should use empty DNS settings. DNS parameters such as nameservers and search paths should be defined via DNSConfig.

ephemeralContainers

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralContainer objects

List of ephemeral containers run in this pod. Ephemeral containers

may be run in an existing pod to perform user-initiated actions such as

debugging. This list cannot be specified when creating a pod, and it cannot

be modified by updating the pod spec. In order to add an ephemeral container

to an existing pod, use the pod's ephemeralcontainers subresource.

hostAliases

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.HostAlias objects

HostAliases is an optional list of hosts and IPs that will be

injected into the pod's hosts file if specified. This is only valid for

non-hostNetwork pods.

hostname

No

String

Specifies the hostName of the Pod. If not specified, the pod's

hostname will be set to a system-defined value.

imagePullSecrets

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.LocalObjectReference objects

ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

initContainers

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Container objects

List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/

nodeName

No

String

NodeName is a request to schedule this pod onto a specific node.

If it is non-empty, the scheduler simply schedules this pod onto that node,

assuming that it fits resource requirements.

overhead

No

Map<String,String>

Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md

readinessGates

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodReadinessGate objects

If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates

restartPolicy

No

String

Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy

Possible enum values:

  • "Always"

  • "Never"

  • "OnFailure"

schedulerName

No

String

If specified, the pod will be dispatched by specified scheduler.

If not specified, the pod will be dispatched by default scheduler.

securityContext

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSecurityContext object

SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.

setHostnameAsFQDN

No

Boolean

If true the pod's hostname will be configured as the pod's FQDN,

rather than the leaf name (the default). In Linux containers, this means

setting the FQDN in the hostname field of the kernel (the nodename field

of struct utsname). In Windows containers, this means setting the registry

value of hostname for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

to FQDN. If a pod does not have FQDN, this has no effect. Default to false.

shareProcessNamespace

No

Boolean

Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false.

terminationGracePeriodSeconds

No

Long

Optional duration in seconds the pod needs to terminate gracefully.

May be decreased in delete request. Value must be non-negative integer.

The value zero indicates stop immediately via the kill signal (no opportunity

to shut down). If this value is nil, the default grace period will be used

instead. The grace period is the duration in seconds after the processes

running in the pod are sent a termination signal and the time when the processes

are forcibly halted with a kill signal. Set this value longer than the expected

cleanup time for your process. Defaults to 30 seconds.

topologySpreadConstraints

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.TopologySpreadConstraint objects

TopologySpreadConstraints describes how a group of pods ought

to spread across topology domains. Scheduler will schedule pods in a way

which abides by the constraints. All topologySpreadConstraints are ANDed.

volumes

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Volume objects

List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes

Table 6 io.cci.otc.api.pkg.apis.versioned.cci.v2.Affinity

Parameter

Mandatory

Type

Description

nodeAffinity

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeAffinity object

Describes node affinity scheduling rules for the pod.

podAntiAffinity

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAntiAffinity object

Describes pod anti-affinity scheduling rules (e.g. avoid putting

this pod in the same zone, etc. as some other pod(s)).

Table 7 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeAffinity

Parameter

Mandatory

Type

Description

requiredDuringSchedulingIgnoredDuringExecution

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelector object

If the affinity requirements specified by this field are not

met at scheduling time, the pod will not be scheduled onto the node. If

the affinity requirements specified by this field cease to be met at some

point during pod execution (e.g. due to an update), the system may or may

not try to eventually evict the pod from its node.

Table 8 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelector

Parameter

Mandatory

Type

Description

nodeSelectorTerms

Yes

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorTerm objects

Required. A list of node selector terms. The terms are ORed.

Table 9 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorTerm

Parameter

Mandatory

Type

Description

matchExpressions

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorRequirement objects

A list of node selector requirements by node's labels.

Table 10 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorRequirement

Parameter

Mandatory

Type

Description

key

Yes

String

The label key that the selector applies to.

operator

Yes

String

Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

Possible enum values:

  • "DoesNotExist"

  • "Exists"

  • "Gt"

  • "In"

  • "Lt"

  • "NotIn"

values

No

Array of strings

An array of string values. If the operator is In or NotIn, the

values array must be non-empty. If the operator is Exists or DoesNotExist,

the values array must be empty. If the operator is Gt or Lt, the values

array must have a single element, which will be interpreted as an integer.

This array is replaced during a strategic merge patch.

Table 11 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAntiAffinity

Parameter

Mandatory

Type

Description

preferredDuringSchedulingIgnoredDuringExecution

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.WeightedPodAffinityTerm objects

The scheduler will prefer to schedule pods to nodes that satisfy

the anti-affinity expressions specified by this field, but it may choose

a node that violates one or more of the expressions. The node that is most

preferred is the one with the greatest sum of weights, i.e. for each node

that meets all of the scheduling requirements (resource request, requiredDuringScheduling

anti-affinity expressions, etc.), compute a sum by iterating through the

elements of this field and adding "weight" to the sum if the node has pods

which matches the corresponding podAffinityTerm; the node(s) with the highest

sum are the most preferred.

requiredDuringSchedulingIgnoredDuringExecution

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAffinityTerm objects

If the anti-affinity requirements specified by this field are

not met at scheduling time, the pod will not be scheduled onto the node.

If the anti-affinity requirements specified by this field cease to be met

at some point during pod execution (e.g. due to a pod label update), the

system may or may not try to eventually evict the pod from its node. When

there are multiple elements, the lists of nodes corresponding to each podAffinityTerm

are intersected, i.e. all terms must be satisfied.

Table 12 io.cci.otc.api.pkg.apis.versioned.cci.v2.WeightedPodAffinityTerm

Parameter

Mandatory

Type

Description

podAffinityTerm

Yes

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAffinityTerm object

Required. A pod affinity term, associated with the corresponding

weight.

weight

Yes

Integer

weight associated with matching the corresponding podAffinityTerm,

in the range 1-100.

Table 13 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAffinityTerm

Parameter

Mandatory

Type

Description

labelSelector

No

io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector object

A label query over a set of resources, in this case pods.

namespaces

No

Array of strings

namespaces specifies a static list of namespace names that the

term applies to. The term is applied to the union of the namespaces listed

in this field and the ones selected by namespaceSelector. null or empty

namespaces list and null namespaceSelector means "this pod's namespace".

topologyKey

Yes

String

This pod should be co-located (affinity) or not co-located (anti-affinity)

with the pods matching the labelSelector in the specified namespaces, where

co-located is defined as running on a node whose value of the label with

key topologyKey matches that of any node on which any of the selected pods

is running. Empty topologyKey is not allowed.

Table 14 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfig

Parameter

Mandatory

Type

Description

nameservers

No

Array of strings

A list of DNS name server IP addresses. This will be appended

to the base nameservers generated from DNSPolicy. Duplicated nameservers

will be removed.

options

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfigOption objects

A list of DNS resolver options. This will be merged with the

base options generated from DNSPolicy. Duplicated entries will be removed.

Resolution options given in Options will override those that appear in the

base DNSPolicy.

searches

No

Array of strings

A list of DNS search domains for host-name lookup. This will

be appended to the base search paths generated from DNSPolicy. Duplicated

search paths will be removed.

Table 15 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfigOption

Parameter

Mandatory

Type

Description

name

No

String

Required.

value

No

String

Table 16 io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralContainer

Parameter

Mandatory

Type

Description

args

No

Array of strings

Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

command

No

Array of strings

Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

env

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVar objects

List of environment variables to set in the container. Cannot

be updated.

envFrom

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvFromSource objects

List of sources to populate environment variables in the container.

The keys defined within a source must be a C_IDENTIFIER. All invalid keys

will be reported as an event when the container is starting. When a key

exists in multiple sources, the value associated with the last source will

take precedence. Values defined by an Env with a duplicate key will take

precedence. Cannot be updated.

image

No

String

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images

lifecycle

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.Lifecycle object

Lifecycle is not allowed for ephemeral containers.

livenessProbe

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Probes are not allowed for ephemeral containers.

name

Yes

String

Name of the ephemeral container specified as a DNS_LABEL. This

name must be unique among all containers, init containers and ephemeral

containers.

ports

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerPort objects

Ports are not allowed for ephemeral containers.

readinessProbe

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Probes are not allowed for ephemeral containers.

resources

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements object

Resources are not allowed for ephemeral containers. Ephemeral

containers use spare resources already allocated to the pod.

securityContext

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecurityContext object

Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.

startupProbe

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Probes are not allowed for ephemeral containers.

stdin

No

Boolean

Whether this container should allocate a buffer for stdin in

the container runtime. If this is not set, reads from stdin in the container

will always result in EOF. Default is false.

stdinOnce

No

Boolean

Whether the container runtime should close the stdin channel

after it has been opened by a single attach. When stdin is true the stdin

stream will remain open across multiple attach sessions. If stdinOnce is

set to true, stdin is opened on container start, is empty until the first

client attaches to stdin, and then remains open and accepts data until the

client disconnects, at which time stdin is closed and remains closed until

the container is restarted. If this flag is false, a container processes

that reads from stdin will never receive an EOF. Default is false

targetContainerName

No

String

If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec.

The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined.

terminationMessagePath

No

String

Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

terminationMessagePolicy

No

String

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

Possible enum values:

  • "FallbackToLogsOnError" will read the most recent contents of the container logs for the container status message when the container exits with an error and the terminationMessagePath has no contents.

  • "File" is the default behavior and will set the container status message to the contents of the container's terminationMessagePath when the container exits.

tty

No

Boolean

Whether this container should allocate a TTY for itself, also

requires 'stdin' to be true. Default is false.

volumeMounts

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeMount objects

Pod volumes to mount into the container's filesystem. Subpath

mounts are not allowed for ephemeral containers. Cannot be updated.

workingDir

No

String

Container's working directory. If not specified, the container

runtime's default will be used, which might be configured in the container

image. Cannot be updated.

Table 17 io.cci.otc.api.pkg.apis.versioned.cci.v2.HostAlias

Parameter

Mandatory

Type

Description

hostnames

No

Array of strings

Hostnames for the above IP address.

ip

No

String

IP address of the host file entry.

Table 18 io.cci.otc.api.pkg.apis.versioned.cci.v2.LocalObjectReference

Parameter

Mandatory

Type

Description

name

No

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

Table 19 io.cci.otc.api.pkg.apis.versioned.cci.v2.Container

Parameter

Mandatory

Type

Description

args

No

Array of strings

Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

command

No

Array of strings

Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

env

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVar objects

List of environment variables to set in the container. Cannot

be updated.

envFrom

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvFromSource objects

List of sources to populate environment variables in the container.

The keys defined within a source must be a C_IDENTIFIER. All invalid keys

will be reported as an event when the container is starting. When a key

exists in multiple sources, the value associated with the last source will

take precedence. Values defined by an Env with a duplicate key will take

precedence. Cannot be updated.

image

No

String

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.

lifecycle

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.Lifecycle object

Actions that the management system should take in response to

container lifecycle events. Cannot be updated.

livenessProbe

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

name

Yes

String

Name of the container specified as a DNS_LABEL. Each container

in a pod must have a unique name (DNS_LABEL). Cannot be updated.

ports

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerPort objects

List of ports to expose from the container. Not specifying a

port here DOES NOT prevent that port from being exposed. Any port which

is listening on the default "0.0.0.0" address inside a container will be

accessible from the network. Modifying this array with strategic merge patch

may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.

Cannot be updated.

readinessProbe

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

resources

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements object

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

securityContext

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecurityContext object

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

startupProbe

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

stdin

No

Boolean

Whether this container should allocate a buffer for stdin in

the container runtime. If this is not set, reads from stdin in the container

will always result in EOF. Default is false.

stdinOnce

No

Boolean

Whether the container runtime should close the stdin channel

after it has been opened by a single attach. When stdin is true the stdin

stream will remain open across multiple attach sessions. If stdinOnce is

set to true, stdin is opened on container start, is empty until the first

client attaches to stdin, and then remains open and accepts data until the

client disconnects, at which time stdin is closed and remains closed until

the container is restarted. If this flag is false, a container processes

that reads from stdin will never receive an EOF. Default is false

terminationMessagePath

No

String

Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

terminationMessagePolicy

No

String

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

Possible enum values:

  • "FallbackToLogsOnError" will read the most recent contents of the container logs for the container status message when the container exits with an error and the terminationMessagePath has no contents.

  • "File" is the default behavior and will set the container status message to the contents of the container's terminationMessagePath when the container exits.

tty

No

Boolean

Whether this container should allocate a TTY for itself, also

requires 'stdin' to be true. Default is false.

volumeMounts

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeMount objects

Pod volumes to mount into the container's filesystem. Cannot

be updated.

workingDir

No

String

Container's working directory. If not specified, the container

runtime's default will be used, which might be configured in the container

image. Cannot be updated.

Table 20 io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVar

Parameter

Mandatory

Type

Description

name

Yes

String

Name of the environment variable. Must be a C_IDENTIFIER.

value

No

String

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

valueFrom

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVarSource object

Source for the environment variable's value. Cannot be used if

value is not empty.

Table 21 io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVarSource

Parameter

Mandatory

Type

Description

configMapKeyRef

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapKeySelector object

Selects a key of a ConfigMap.

fieldRef

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ObjectFieldSelector object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

resourceFieldRef

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceFieldSelector object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

secretKeyRef

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretKeySelector object

Selects a key of a secret in the pod's namespace

Table 22 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapKeySelector

Parameter

Mandatory

Type

Description

key

Yes

String

The key to select.

name

No

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

No

Boolean

Specify whether the ConfigMap or its key must be defined

Table 23 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretKeySelector

Parameter

Mandatory

Type

Description

key

Yes

String

The key of the secret to select from. Must be a valid secret

key.

name

No

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

No

Boolean

Specify whether the Secret or its key must be defined

Table 24 io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvFromSource

Parameter

Mandatory

Type

Description

configMapRef

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapEnvSource object

The ConfigMap to select from

prefix

No

String

An optional identifier to prepend to each key in the ConfigMap.

Must be a C_IDENTIFIER.

secretRef

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretEnvSource object

The Secret to select from

Table 25 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapEnvSource

Parameter

Mandatory

Type

Description

name

No

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

No

Boolean

Specify whether the ConfigMap must be defined

Table 26 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretEnvSource

Parameter

Mandatory

Type

Description

name

No

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

No

Boolean

Specify whether the Secret must be defined

Table 27 io.cci.otc.api.pkg.apis.versioned.cci.v2.Lifecycle

Parameter

Mandatory

Type

Description

postStart

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.LifecycleHandler object

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

preStop

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.LifecycleHandler object

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Table 28 io.cci.otc.api.pkg.apis.versioned.cci.v2.LifecycleHandler

Parameter

Mandatory

Type

Description

exec

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ExecAction object

Exec specifies the action to take.

httpGet

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPGetAction object

HTTPGet specifies the http request to perform.

Table 29 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerPort

Parameter

Mandatory

Type

Description

containerPort

Yes

Integer

Number of port to expose on the pod's IP address. This must be

a valid port number, 0 < x < 65536.

name

No

String

If specified, this must be an IANA_SVC_NAME and unique within

the pod. Each named port in a pod must have a unique name. Name for the

port that can be referred to by services.

protocol

No

String

Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

Possible enum values:

  • "SCTP" is the SCTP protocol.

  • "TCP" is the TCP protocol.

  • "UDP" is the UDP protocol.

Table 30 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecurityContext

Parameter

Mandatory

Type

Description

capabilities

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.Capabilities object

The capabilities to add/drop when running containers. Defaults

to the default set of capabilities granted by the container runtime. Note

that this field cannot be set when spec.os.name is windows.

procMount

No

String

procMount denotes the type of proc mount to use for the containers.

The default is DefaultProcMount which uses the container runtime defaults

for readonly paths and masked paths. This requires the ProcMountType feature

flag to be enabled. Note that this field cannot be set when spec.os.name

is windows.

readOnlyRootFilesystem

No

Boolean

Whether this container has a read-only root filesystem. Default

is false. Note that this field cannot be set when spec.os.name is windows.

runAsGroup

No

Long

The GID to run the entrypoint of the container process. Uses

runtime default if unset. May also be set in PodSecurityContext. If set

in both SecurityContext and PodSecurityContext, the value specified in SecurityContext

takes precedence. Note that this field cannot be set when spec.os.name is

windows.

runAsNonRoot

No

Boolean

Indicates that the container must run as a non-root user. If

true, the Kubelet will validate the image at runtime to ensure that it does

not run as UID 0 (root) and fail to start the container if it does. If unset

or false, no such validation will be performed. May also be set in PodSecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence.

runAsUser

No

Long

The UID to run the entrypoint of the container process. Defaults

to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence. Note that this field cannot be set

when spec.os.name is windows.

Table 31 io.cci.otc.api.pkg.apis.versioned.cci.v2.Capabilities

Parameter

Mandatory

Type

Description

add

No

Array of strings

Added capabilities

drop

No

Array of strings

Removed capabilities

Table 32 io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe

Parameter

Mandatory

Type

Description

exec

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ExecAction object

Exec specifies the action to take.

failureThreshold

No

Integer

Minimum consecutive failures for the probe to be considered failed

after having succeeded. Defaults to 3. Minimum value is 1.

httpGet

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPGetAction object

HTTPGet specifies the http request to perform.

initialDelaySeconds

No

Integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

periodSeconds

No

Integer

How often (in seconds) to perform the probe. Default to 10 seconds.

Minimum value is 1.

successThreshold

No

Integer

Minimum consecutive successes for the probe to be considered

successful after having failed. Defaults to 1. Must be 1 for liveness and

startup. Minimum value is 1.

tcpSocket

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.TCPSocketAction object

TCPSocket specifies an action involving a TCP port.

terminationGracePeriodSeconds

No

Long

Optional duration in seconds the pod needs to terminate gracefully

upon probe failure. The grace period is the duration in seconds after the

processes running in the pod are sent a termination signal and the time

when the processes are forcibly halted with a kill signal. Set this value

longer than the expected cleanup time for your process. If this value is

nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this

value overrides the value provided by the pod spec. Value must be non-negative

integer. The value zero indicates stop immediately via the kill signal (no

opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod

feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is

used if unset.

timeoutSeconds

No

Integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Table 33 io.cci.otc.api.pkg.apis.versioned.cci.v2.ExecAction

Parameter

Mandatory

Type

Description

command

No

Array of strings

Command is the command line to execute inside the container,

the working directory for the command is root ('/') in the container's

filesystem. The command is simply exec'd, it is not run inside a shell,

so traditional shell instructions ('|', etc) won't work. To use a shell,

you need to explicitly call out to that shell. Exit status of 0 is treated

as live/healthy and non-zero is unhealthy.

Table 34 io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPGetAction

Parameter

Mandatory

Type

Description

host

No

String

Host name to connect to, defaults to the pod IP. You probably

want to set "Host" in httpHeaders instead.

httpHeaders

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPHeader objects

Custom headers to set in the request. HTTP allows repeated headers.

path

No

String

Path to access on the HTTP server.

port

Yes

String

Name or number of the port to access on the container. Number

must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

scheme

No

String

Scheme to use for connecting to the host. Defaults to HTTP.

Possible enum values:

  • "HTTP" means that the scheme used will be http://

  • "HTTPS" means that the scheme used will be https://

Table 35 io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPHeader

Parameter

Mandatory

Type

Description

name

Yes

String

The header field name

value

Yes

String

The header field value

Table 36 io.cci.otc.api.pkg.apis.versioned.cci.v2.TCPSocketAction

Parameter

Mandatory

Type

Description

host

No

String

Optional: Host name to connect to, defaults to the pod IP.

port

Yes

String

Number or name of the port to access on the container. Number

must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

Table 37 io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeMount

Parameter

Mandatory

Type

Description

extendPathMode

No

String

Extend the volume path by appending the pod metadata to the path

according to specified pattern. which provide a way of directory isolation

and help prevent the writing conflict between different pods.

mountPath

Yes

String

Path within the container at which the volume should be mounted. Must

not contain ':'.

name

Yes

String

This must match the Name of a Volume.

readOnly

No

Boolean

Mounted read-only if true, read-write otherwise (false or unspecified).

Defaults to false.

subPath

No

String

Path within the volume from which the container's volume should

be mounted. Defaults to "" (volume's root).

subPathExpr

No

String

Expanded path within the volume from which the container's volume

should be mounted. Behaves similarly to SubPath but environment variable

references $(VAR_NAME) are expanded using the container's environment. Defaults

to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.

Table 38 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodReadinessGate

Parameter

Mandatory

Type

Description

conditionType

Yes

String

ConditionType refers to a condition in the pod's condition list

with matching type.

Table 39 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSecurityContext

Parameter

Mandatory

Type

Description

fsGroup

No

Long

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

fsGroupChangePolicy

No

String

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

runAsGroup

No

Long

The GID to run the entrypoint of the container process. Uses

runtime default if unset. May also be set in SecurityContext. If set in

both SecurityContext and PodSecurityContext, the value specified in SecurityContext

takes precedence for that container. Note that this field cannot be set

when spec.os.name is windows.

runAsNonRoot

No

Boolean

Indicates that the container must run as a non-root user. If

true, the Kubelet will validate the image at runtime to ensure that it does

not run as UID 0 (root) and fail to start the container if it does. If unset

or false, no such validation will be performed. May also be set in SecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence.

runAsUser

No

Long

The UID to run the entrypoint of the container process. Defaults

to user specified in image metadata if unspecified. May also be set in SecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence for that container. Note that this field

cannot be set when spec.os.name is windows.

supplementalGroups

No

Array of longs

A list of groups applied to the first process run in each container,

in addition to the container's primary GID. If unspecified, no groups will

be added to any container. Note that this field cannot be set when spec.os.name

is windows.

sysctls

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Sysctl objects

Sysctls hold a list of namespaced sysctls used for the pod. Pods

with unsupported sysctls (by the container runtime) might fail to launch.

Note that this field cannot be set when spec.os.name is windows.

Table 40 io.cci.otc.api.pkg.apis.versioned.cci.v2.Sysctl

Parameter

Mandatory

Type

Description

name

Yes

String

Name of a property to set

value

Yes

String

Value of a property to set

Table 41 io.cci.otc.api.pkg.apis.versioned.cci.v2.TopologySpreadConstraint

Parameter

Mandatory

Type

Description

labelSelector

No

io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector object

LabelSelector is used to find matching pods. Pods that match

this label selector are counted to determine the number of pods in their

corresponding topology domain.

matchLabelKeys

No

Array of strings

MatchLabelKeys is a set of pod label keys to select the pods

over which spreading will be calculated. The keys are used to lookup values

from the incoming pod labels, those key-value labels are ANDed with labelSelector

to select the group of existing pods over which spreading will be calculated

for the incoming pod. Keys that don't exist in the incoming pod labels will

be ignored. A null or empty list means only match against labelSelector.

maxSkew

Yes

Integer

MaxSkew describes the degree to which pods may be unevenly distributed. When whenUnsatisfiable=DoNotSchedule, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When whenUnsatisfiable=ScheduleAnyway, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.

minDomains

No

Integer

MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.

For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.

This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).

nodeAffinityPolicy

No

String

NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.

If this value is nil, the behavior is equivalent to the Honor policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.

nodeTaintsPolicy

No

String

NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.

If this value is nil, the behavior is equivalent to the Ignore policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.

topologyKey

Yes

String

TopologyKey is the key of node labels. Nodes that have a label

with this key and identical values are considered to be in the same topology.

We consider each <key, value> as a "bucket", and try to put balanced number

of pods into each bucket. We define a domain as a particular instance of

a topology. Also, we define an eligible domain as a domain whose nodes meet

the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey

is "kubernetes.io/hostname", each Node is a domain of that topology. And,

if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of

that topology. It's a required field.

whenUnsatisfiable

Yes

String

WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location,

but giving higher precedence to topologies that would help reduce the

skew.

A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it more imbalanced. It's a required field.

Possible enum values:

  • "DoNotSchedule" instructs the scheduler not to schedule the pod when constraints are not satisfied.

  • "ScheduleAnyway" instructs the scheduler to schedule the pod even if constraints are not satisfied.

Table 42 io.cci.otc.api.pkg.apis.versioned.cci.v2.Volume

Parameter

Mandatory

Type

Description

configMap

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapVolumeSource object

configMap represents a configMap that should populate this volume

downwardAPI

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeSource object

downwardAPI represents downward API about the pod that should

populate this volume

emptyDir

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.EmptyDirVolumeSource object

emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

ephemeral

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralVolumeSource object

ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity

tracking are needed,

  1. the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through

a PersistentVolumeClaim (see EphemeralVolumeSource for more

information on the connection between this volume type

and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

name

Yes

String

name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

nfs

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.NFSVolumeSource object

nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

persistentVolumeClaim

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimVolumeSource object

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

projected

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ProjectedVolumeSource object

projected items for all in one resources secrets, configmaps,

and downward API

secret

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretVolumeSource object

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Table 43 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapVolumeSource

Parameter

Mandatory

Type

Description

defaultMode

No

Integer

defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

items

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items if unspecified, each key-value pair in the Data field of

the referenced ConfigMap will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the ConfigMap, the

volume setup will error unless it is marked optional. Paths must be relative

and may not contain the '..' path or start with '..'.

name

No

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

No

Boolean

optional specify whether the ConfigMap or its keys must be defined

Table 44 io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeSource

Parameter

Mandatory

Type

Description

defaultMode

No

Integer

Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

items

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeFile objects

Items is a list of downward API volume file

Table 45 io.cci.otc.api.pkg.apis.versioned.cci.v2.EmptyDirVolumeSource

Parameter

Mandatory

Type

Description

medium

No

String

medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

sizeLimit

No

String

sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir

Table 46 io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralVolumeSource

Parameter

Mandatory

Type

Description

volumeClaimTemplate

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimTemplate object

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

Table 47 io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimTemplate

Parameter

Mandatory

Type

Description

metadata

No

io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta object

May contain labels and annotations that will be copied into the

PVC when creating it. No other fields are allowed and will be rejected during

validation.

spec

Yes

io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimSpec object

The specification for the PersistentVolumeClaim. The entire content

is copied unchanged into the PVC that gets created from this template. The

same fields as in a PersistentVolumeClaim are also valid here.

Table 48 io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta

Parameter

Mandatory

Type

Description

annotations

No

Map<String,String>

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

clusterName

No

String

The name of the cluster which the object belongs to. This is

used to distinguish resources with same name and namespace in different

clusters. This field is not set anywhere right now and apiserver is going

to ignore it if set in create or update request.

creationTimestamp

No

String

CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.

Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

deletionGracePeriodSeconds

No

Long

Number of seconds allowed for this object to gracefully terminate

before it will be removed from the system. Only set when deletionTimestamp

is also set. May only be shortened. Read-only.

deletionTimestamp

No

String

DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.

Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

enable

No

Boolean

Enable identifies whether the resource is available

finalizers

No

Array of strings

Must be empty before the object is deleted from the registry.

Each entry is an identifier for the responsible component that will remove

the entry from the list. If the deletionTimestamp of the object is non-nil,

entries in this list can only be removed. Finalizers may be processed and

removed in any order. Order is NOT enforced because it introduces significant

risk of stuck finalizers. finalizers is a shared field, any actor with permission

can reorder it. If the finalizer list is processed in order, then this can

lead to a situation in which the component responsible for the first finalizer

in the list is waiting for a signal (field value, external system, or other)

produced by a component responsible for a finalizer later in the list, resulting

in a deadlock. Without enforced ordering finalizers are free to order amongst

themselves and are not vulnerable to ordering changes in the list.

generateName

No

String

GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.

If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).

Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency

generation

No

Long

A sequence number representing a specific generation of the desired

state. Populated by the system. Read-only.

labels

No

Map<String,String>

Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

managedFields

No

Array of io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry objects

ManagedFields maps workflow-id and version to the set of fields

that are managed by that workflow. This is mostly for internal housekeeping,

and users typically shouldn't need to set or understand this field. A workflow

can be the user's name, a controller's name, or the name of a specific apply

path like "ci-cd". The set of fields is always in the version that the workflow

used when modifying the object.

name

No

String

Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

namespace

No

String

Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.

Must be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

ownerReferences

No

Array of io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference objects

List of objects depended by this object. If ALL objects in the

list have been deleted, this object will be garbage collected. If this object

is managed by a controller, then an entry in this list will point to this

controller, with the controller field set to true. There cannot be more

than one managing controller.

resourceVersion

No

String

An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.

Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency

selfLink

No

String

SelfLink is a URL representing this object. Populated by the system. Read-only.

DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.

uid

No

String

UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.

Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids

Table 49 io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry

Parameter

Mandatory

Type

Description

apiVersion

No

String

APIVersion defines the version of this resource that this field

set applies to. The format is "group/version" just like the top-level APIVersion

field. It is necessary to track the version of a field set because it cannot

be automatically converted.

fieldsType

No

String

FieldsType is the discriminator for the different fields format and version. There is currently only one possible value: "FieldsV1"

fieldsV1

No

Object

FieldsV1 holds the first JSON version format as described in

the "FieldsV1" type.

manager

No

String

Manager is an identifier of the workflow managing these fields.

operation

No

String

Operation is the type of operation which lead to this ManagedFieldsEntry

being created. The only valid values for this field are 'Apply' and 'Update'.

time

No

String

Time is timestamp of when these fields were set. It should always

be empty if Operation is 'Apply'

Table 50 io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference

Parameter

Mandatory

Type

Description

apiVersion

Yes

String

API version of the referent.

blockOwnerDeletion

No

Boolean

If true, AND if the owner has the "foregroundDeletion" finalizer,

then the owner cannot be deleted from the key-value store until this reference

is removed. Defaults to false. To set this field, a user needs "delete"

permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.

controller

No

Boolean

If true, this reference points to the managing controller.

kind

Yes

String

Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

name

Yes

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

uid

Yes

String

UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids

Table 51 io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimSpec

Parameter

Mandatory

Type

Description

accessModes

No

Array of strings

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

dataSource

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.TypedLocalObjectReference object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.

dataSourceRef

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.TypedLocalObjectReference object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef

allows any non-core object, as well as PersistentVolumeClaim objects.

  • While DataSource ignores disallowed values (dropping them), DataSourceRef

    preserves all values, and generates an error if a disallowed value is

    specified.

    (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.

resources

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

selector

No

io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector object

selector is a label query over volumes to consider for binding.

storageClassName

No

String

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

volumeMode

No

String

volumeMode defines what type of volume is required by the claim.

Value of Filesystem is implied when not included in claim spec.

volumeName

No

String

volumeName is the binding reference to the PersistentVolume backing

this claim.

Table 52 io.cci.otc.api.pkg.apis.versioned.cci.v2.TypedLocalObjectReference

Parameter

Mandatory

Type

Description

apiGroup

No

String

APIGroup is the group for the resource being referenced. If APIGroup

is not specified, the specified Kind must be in the core API group. For

any other third-party types, APIGroup is required.

kind

Yes

String

Kind is the type of resource being referenced

name

Yes

String

Name is the name of resource being referenced

Table 53 io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements

Parameter

Mandatory

Type

Description

limits

No

Map<String,String>

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

requests

No

Map<String,String>

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

Table 54 io.k8s.apimachinery.pkg.api.resource.Quantity

Parameter

Mandatory

Type

Description

-

No

String

Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.

The serialization format is:

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br][/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]

(Note that [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] may be empty, from the "" case in [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br].)

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= 0 | 1 | ... | 9 [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br][/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br].[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]. | .[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= "+" | "-" [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br][/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= Ki | Mi | Gi | Ti | Pi | Ei

(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= m | "" | k | M | G | T | P | E

(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= "e" [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | "E" [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]

No matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.

When a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.

Before serializing, Quantity will be put in "canonical form". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:

  1. No precision is lost

  2. No fractional digits will be emitted

  3. The exponent (or suffix) is as large as possible.

The sign will be omitted unless the number is negative.

Examples:

1.5 will be serialized as "1500m"

1.5Gi will be serialized as "1536Mi"

Note that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.

Non-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)

This format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.

Table 55 io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector

Parameter

Mandatory

Type

Description

matchExpressions

No

Array of io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement objects

matchExpressions is a list of label selector requirements. The

requirements are ANDed.

matchLabels

No

Map<String,String>

matchLabels is a map of {key,value} pairs. A single {key,value}

in the matchLabels map is equivalent to an element of matchExpressions,

whose key field is "key", the operator is "In", and the values array contains

only "value". The requirements are ANDed.

Table 56 io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement

Parameter

Mandatory

Type

Description

key

Yes

String

key is the label key that the selector applies to.

operator

Yes

String

operator represents a key's relationship to a set of values.

Valid operators are In, NotIn, Exists and DoesNotExist.

values

No

Array of strings

values is an array of string values. If the operator is In or

NotIn, the values array must be non-empty. If the operator is Exists or

DoesNotExist, the values array must be empty. This array is replaced during

a strategic merge patch.

Table 57 io.cci.otc.api.pkg.apis.versioned.cci.v2.NFSVolumeSource

Parameter

Mandatory

Type

Description

path

Yes

String

path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

readOnly

No

Boolean

readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

server

Yes

String

server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

Table 58 io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimVolumeSource

Parameter

Mandatory

Type

Description

claimName

Yes

String

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

readOnly

No

Boolean

readOnly Will force the ReadOnly setting in VolumeMounts. Default

false.

Table 59 io.cci.otc.api.pkg.apis.versioned.cci.v2.ProjectedVolumeSource

Parameter

Mandatory

Type

Description

defaultMode

No

Integer

defaultMode are the mode bits used to set permissions on created

files by default. Must be an octal value between 0000 and 0777 or a decimal

value between 0 and 511. YAML accepts both octal and decimal values, JSON

requires decimal values for mode bits. Directories within the path are not

affected by this setting. This might be in conflict with other options that

affect the file mode, like fsGroup, and the result can be other mode bits

set.

sources

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeProjection objects

sources is the list of volume projections

Table 60 io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeProjection

Parameter

Mandatory

Type

Description

configMap

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapProjection object

configMap information about the configMap data to project

downwardAPI

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIProjection object

downwardAPI information about the downwardAPI data to project

secret

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretProjection object

secret information about the secret data to project

Table 61 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapProjection

Parameter

Mandatory

Type

Description

items

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items if unspecified, each key-value pair in the Data field of

the referenced ConfigMap will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the ConfigMap, the

volume setup will error unless it is marked optional. Paths must be relative

and may not contain the '..' path or start with '..'.

name

No

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

No

Boolean

optional specify whether the ConfigMap or its keys must be defined

Table 62 io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIProjection

Parameter

Mandatory

Type

Description

items

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeFile objects

Items is a list of DownwardAPIVolume file

Table 63 io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeFile

Parameter

Mandatory

Type

Description

fieldRef

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ObjectFieldSelector object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

mode

No

Integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

path

Yes

String

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

resourceFieldRef

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceFieldSelector object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Table 64 io.cci.otc.api.pkg.apis.versioned.cci.v2.ObjectFieldSelector

Parameter

Mandatory

Type

Description

apiVersion

No

String

Version of the schema the FieldPath is written in terms of, defaults

to "v1".

fieldPath

Yes

String

Path of the field to select in the specified API version.

Table 65 io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceFieldSelector

Parameter

Mandatory

Type

Description

containerName

No

String

Container name: required for volumes, optional for env vars

divisor

No

String

Specifies the output format of the exposed resources, defaults

to "1"

resource

Yes

String

Required: resource to select

Table 66 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretProjection

Parameter

Mandatory

Type

Description

items

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items if unspecified, each key-value pair in the Data field of

the referenced Secret will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the Secret, the volume

setup will error unless it is marked optional. Paths must be relative and

may not contain the '..' path or start with '..'.

name

No

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

No

Boolean

optional field specify whether the Secret or its key must be

defined

Table 67 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretVolumeSource

Parameter

Mandatory

Type

Description

defaultMode

No

Integer

defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

items

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items If unspecified, each key-value pair in the Data field of

the referenced Secret will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the Secret, the volume

setup will error unless it is marked optional. Paths must be relative and

may not contain the '..' path or start with '..'.

optional

No

Boolean

optional field specify whether the Secret or its keys must be

defined

secretName

No

String

secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Table 68 io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath

Parameter

Mandatory

Type

Description

key

Yes

String

key is the key to project.

mode

No

Integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

path

Yes

String

path is the relative path of the file to map the key to. May

not be an absolute path. May not contain the path element '..'. May not

start with the string '..'.

Table 69 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodStatus

Parameter

Mandatory

Type

Description

conditions

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodCondition objects

Current service state of pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions

containerStatuses

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus objects

The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status

ephemeralContainerStatuses

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus objects

Status for any ephemeral containers that have run in this pod.

hostIP

No

String

IP address of the host to which the pod is assigned. Empty if

not yet scheduled.

initContainerStatuses

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus objects

The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status

message

No

String

A human readable message indicating details about why the pod

is in this condition.

nominatedNodeName

No

String

nominatedNodeName is set only when this pod preempts other pods

on the node, but it cannot be scheduled right away as preemption victims

receive their graceful termination periods. This field does not guarantee

that the pod will be scheduled on this node. Scheduler may decide to place

the pod elsewhere if other nodes become available sooner. Scheduler may

also decide to give the resources on this node to a higher priority pod

that is created after preemption. As a result, this field may be different

than PodSpec.nodeName when the pod is scheduled.

phase

No

String

The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:

Pending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.

More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase

Possible enum values:

  • "Failed" means that all containers in the pod have terminated, and at least one container has terminated in a failure (exited with a non-zero exit code or was stopped by the system).

  • "Pending" means the pod has been accepted by the system, but one or more of the containers has not been started. This includes time before being bound to a node, as well as time spent pulling images onto the host.

  • "Running" means the pod has been bound to a node and all of the containers have been started. At least one container is still running or is in the process of being restarted.

  • "Succeeded" means that all containers in the pod have voluntarily terminated with a container exit code of 0, and the system is not going to restart any of these containers.

  • "Unknown" means that for some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod. Deprecated: It isn't being set since 2015 (74da3b14b0c0f658b3bb8d2def5094686d0e9095)

podIP

No

String

IP address allocated to the pod. Routable at least within the

cluster. Empty if not yet allocated.

podIPs

No

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodIP objects

podIPs holds the IP addresses allocated to the pod. If this field

is specified, the 0th entry must match the podIP field. Pods may be allocated

at most 1 value for each of IPv4 and IPv6. This list is empty if no IPs

have been allocated yet.

qosClass

No

String

The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md

Possible enum values:

  • "BestEffort" is the BestEffort qos class.

  • "Burstable" is the Burstable qos class.

  • "Guaranteed" is the Guaranteed qos class.

reason

No

String

A brief CamelCase message indicating details about why the pod

is in this state. e.g. 'Evicted'

startTime

No

String

RFC 3339 date and time at which the object was acknowledged by

the Kubelet. This is before the Kubelet pulled the container image(s) for

the pod.

Table 70 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodCondition

Parameter

Mandatory

Type

Description

lastProbeTime

No

String

Last time we probed the condition.

lastTransitionTime

No

String

Last time the condition transitioned from one status to another.

message

No

String

Human-readable message indicating details about last transition.

reason

No

String

Unique, one-word, CamelCase reason for the condition's last transition.

status

Yes

String

Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions

type

Yes

String

Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions

Table 71 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus

Parameter

Mandatory

Type

Description

containerID

No

String

Container's ID in the format '[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]://<container_id>'.

image

Yes

String

The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images.

imageID

Yes

String

ImageID of the container's image.

lastState

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerState object

Details about the container's last termination condition.

name

Yes

String

This must be a DNS_LABEL. Each container in a pod must have a

unique name. Cannot be updated.

ready

Yes

Boolean

Specifies whether the container has passed its readiness probe.

restartCount

Yes

Integer

The number of times the container has been restarted.

started

No

Boolean

Specifies whether the container has passed its startup probe.

Initialized as false, becomes true after startupProbe is considered successful.

Resets to false when the container is restarted, or if kubelet loses state

temporarily. Is always true when no startupProbe is defined.

state

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerState object

Details about the container's current condition.

Table 72 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerState

Parameter

Mandatory

Type

Description

running

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateRunning object

Details about a running container

terminated

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateTerminated object

Details about a terminated container

waiting

No

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateWaiting object

Details about a waiting container

Table 73 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateRunning

Parameter

Mandatory

Type

Description

startedAt

No

String

Time at which the container was last (re-)started

Table 74 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateTerminated

Parameter

Mandatory

Type

Description

containerID

No

String

Container's ID in the format '[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]://<container_id>'

exitCode

Yes

Integer

Exit status from the last termination of the container

finishedAt

No

String

Time at which the container last terminated

message

No

String

Message regarding the last termination of the container

reason

No

String

(brief) reason from the last termination of the container

signal

No

Integer

Signal from the last termination of the container

startedAt

No

String

Time at which previous execution of the container started

Table 75 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateWaiting

Parameter

Mandatory

Type

Description

message

No

String

Message regarding why the container is not yet running.

reason

No

String

(brief) reason the container is not yet running.

Table 76 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodIP

Parameter

Mandatory

Type

Description

ip

No

String

ip is an IP address (IPv4 or IPv6) assigned to the pod

Response Parameters

Status code: 200

Table 77 Response body parameters

Parameter

Type

Description

apiVersion

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

kind

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

metadata

io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta object

Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

spec

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSpec object

Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

status

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodStatus object

Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Table 78 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSpec

Parameter

Type

Description

activeDeadlineSeconds

Long

Optional duration in seconds the pod may be active on the node

relative to StartTime before the system will actively try to mark it failed

and kill associated containers. Value must be a positive integer.

affinity

io.cci.otc.api.pkg.apis.versioned.cci.v2.Affinity object

If specified, the pod's scheduling constraints

containers

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Container objects

List of containers belonging to the pod. Containers cannot currently

be added or removed. There must be at least one container in a Pod. Cannot

be updated.

dnsConfig

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfig object

Specifies the DNS parameters of a pod. Parameters specified here

will be merged to the generated DNS configuration based on DNSPolicy.

dnsPolicy

String

Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.

Possible enum values:

  • "ClusterFirst" indicates that the pod should use cluster DNS first unless hostNetwork is true, if it is available, then fall back on the default (as determined by kubelet) DNS settings.

  • "ClusterFirstWithHostNet" indicates that the pod should use cluster DNS first, if it is available, then fall back on the default (as determined by kubelet) DNS settings.

  • "Default" indicates that the pod should use the default (as determined by kubelet) DNS settings.

  • "None" indicates that the pod should use empty DNS settings. DNS parameters such as nameservers and search paths should be defined via DNSConfig.

ephemeralContainers

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralContainer objects

List of ephemeral containers run in this pod. Ephemeral containers

may be run in an existing pod to perform user-initiated actions such as

debugging. This list cannot be specified when creating a pod, and it cannot

be modified by updating the pod spec. In order to add an ephemeral container

to an existing pod, use the pod's ephemeralcontainers subresource.

hostAliases

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.HostAlias objects

HostAliases is an optional list of hosts and IPs that will be

injected into the pod's hosts file if specified. This is only valid for

non-hostNetwork pods.

hostname

String

Specifies the hostName of the Pod. If not specified, the pod's

hostname will be set to a system-defined value.

imagePullSecrets

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.LocalObjectReference objects

ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

initContainers

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Container objects

List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/

nodeName

String

NodeName is a request to schedule this pod onto a specific node.

If it is non-empty, the scheduler simply schedules this pod onto that node,

assuming that it fits resource requirements.

overhead

Map<String,String>

Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md

readinessGates

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodReadinessGate objects

If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates

restartPolicy

String

Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy

Possible enum values:

  • "Always"

  • "Never"

  • "OnFailure"

schedulerName

String

If specified, the pod will be dispatched by specified scheduler.

If not specified, the pod will be dispatched by default scheduler.

securityContext

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSecurityContext object

SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.

setHostnameAsFQDN

Boolean

If true the pod's hostname will be configured as the pod's FQDN,

rather than the leaf name (the default). In Linux containers, this means

setting the FQDN in the hostname field of the kernel (the nodename field

of struct utsname). In Windows containers, this means setting the registry

value of hostname for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

to FQDN. If a pod does not have FQDN, this has no effect. Default to false.

shareProcessNamespace

Boolean

Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false.

terminationGracePeriodSeconds

Long

Optional duration in seconds the pod needs to terminate gracefully.

May be decreased in delete request. Value must be non-negative integer.

The value zero indicates stop immediately via the kill signal (no opportunity

to shut down). If this value is nil, the default grace period will be used

instead. The grace period is the duration in seconds after the processes

running in the pod are sent a termination signal and the time when the processes

are forcibly halted with a kill signal. Set this value longer than the expected

cleanup time for your process. Defaults to 30 seconds.

topologySpreadConstraints

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.TopologySpreadConstraint objects

TopologySpreadConstraints describes how a group of pods ought

to spread across topology domains. Scheduler will schedule pods in a way

which abides by the constraints. All topologySpreadConstraints are ANDed.

volumes

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Volume objects

List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes

Table 79 io.cci.otc.api.pkg.apis.versioned.cci.v2.Affinity

Parameter

Type

Description

nodeAffinity

io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeAffinity object

Describes node affinity scheduling rules for the pod.

podAntiAffinity

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAntiAffinity object

Describes pod anti-affinity scheduling rules (e.g. avoid putting

this pod in the same zone, etc. as some other pod(s)).

Table 80 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeAffinity

Parameter

Type

Description

requiredDuringSchedulingIgnoredDuringExecution

io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelector object

If the affinity requirements specified by this field are not

met at scheduling time, the pod will not be scheduled onto the node. If

the affinity requirements specified by this field cease to be met at some

point during pod execution (e.g. due to an update), the system may or may

not try to eventually evict the pod from its node.

Table 81 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelector

Parameter

Type

Description

nodeSelectorTerms

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorTerm objects

Required. A list of node selector terms. The terms are ORed.

Table 82 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorTerm

Parameter

Type

Description

matchExpressions

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorRequirement objects

A list of node selector requirements by node's labels.

Table 83 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorRequirement

Parameter

Type

Description

key

String

The label key that the selector applies to.

operator

String

Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

Possible enum values:

  • "DoesNotExist"

  • "Exists"

  • "Gt"

  • "In"

  • "Lt"

  • "NotIn"

values

Array of strings

An array of string values. If the operator is In or NotIn, the

values array must be non-empty. If the operator is Exists or DoesNotExist,

the values array must be empty. If the operator is Gt or Lt, the values

array must have a single element, which will be interpreted as an integer.

This array is replaced during a strategic merge patch.

Table 84 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAntiAffinity

Parameter

Type

Description

preferredDuringSchedulingIgnoredDuringExecution

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.WeightedPodAffinityTerm objects

The scheduler will prefer to schedule pods to nodes that satisfy

the anti-affinity expressions specified by this field, but it may choose

a node that violates one or more of the expressions. The node that is most

preferred is the one with the greatest sum of weights, i.e. for each node

that meets all of the scheduling requirements (resource request, requiredDuringScheduling

anti-affinity expressions, etc.), compute a sum by iterating through the

elements of this field and adding "weight" to the sum if the node has pods

which matches the corresponding podAffinityTerm; the node(s) with the highest

sum are the most preferred.

requiredDuringSchedulingIgnoredDuringExecution

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAffinityTerm objects

If the anti-affinity requirements specified by this field are

not met at scheduling time, the pod will not be scheduled onto the node.

If the anti-affinity requirements specified by this field cease to be met

at some point during pod execution (e.g. due to a pod label update), the

system may or may not try to eventually evict the pod from its node. When

there are multiple elements, the lists of nodes corresponding to each podAffinityTerm

are intersected, i.e. all terms must be satisfied.

Table 85 io.cci.otc.api.pkg.apis.versioned.cci.v2.WeightedPodAffinityTerm

Parameter

Type

Description

podAffinityTerm

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAffinityTerm object

Required. A pod affinity term, associated with the corresponding

weight.

weight

Integer

weight associated with matching the corresponding podAffinityTerm,

in the range 1-100.

Table 86 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAffinityTerm

Parameter

Type

Description

labelSelector

io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector object

A label query over a set of resources, in this case pods.

namespaces

Array of strings

namespaces specifies a static list of namespace names that the

term applies to. The term is applied to the union of the namespaces listed

in this field and the ones selected by namespaceSelector. null or empty

namespaces list and null namespaceSelector means "this pod's namespace".

topologyKey

String

This pod should be co-located (affinity) or not co-located (anti-affinity)

with the pods matching the labelSelector in the specified namespaces, where

co-located is defined as running on a node whose value of the label with

key topologyKey matches that of any node on which any of the selected pods

is running. Empty topologyKey is not allowed.

Table 87 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfig

Parameter

Type

Description

nameservers

Array of strings

A list of DNS name server IP addresses. This will be appended

to the base nameservers generated from DNSPolicy. Duplicated nameservers

will be removed.

options

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfigOption objects

A list of DNS resolver options. This will be merged with the

base options generated from DNSPolicy. Duplicated entries will be removed.

Resolution options given in Options will override those that appear in the

base DNSPolicy.

searches

Array of strings

A list of DNS search domains for host-name lookup. This will

be appended to the base search paths generated from DNSPolicy. Duplicated

search paths will be removed.

Table 88 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfigOption

Parameter

Type

Description

name

String

Required.

value

String

Table 89 io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralContainer

Parameter

Type

Description

args

Array of strings

Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

command

Array of strings

Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

env

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVar objects

List of environment variables to set in the container. Cannot

be updated.

envFrom

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvFromSource objects

List of sources to populate environment variables in the container.

The keys defined within a source must be a C_IDENTIFIER. All invalid keys

will be reported as an event when the container is starting. When a key

exists in multiple sources, the value associated with the last source will

take precedence. Values defined by an Env with a duplicate key will take

precedence. Cannot be updated.

image

String

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images

lifecycle

io.cci.otc.api.pkg.apis.versioned.cci.v2.Lifecycle object

Lifecycle is not allowed for ephemeral containers.

livenessProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Probes are not allowed for ephemeral containers.

name

String

Name of the ephemeral container specified as a DNS_LABEL. This

name must be unique among all containers, init containers and ephemeral

containers.

ports

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerPort objects

Ports are not allowed for ephemeral containers.

readinessProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Probes are not allowed for ephemeral containers.

resources

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements object

Resources are not allowed for ephemeral containers. Ephemeral

containers use spare resources already allocated to the pod.

securityContext

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecurityContext object

Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.

startupProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Probes are not allowed for ephemeral containers.

stdin

Boolean

Whether this container should allocate a buffer for stdin in

the container runtime. If this is not set, reads from stdin in the container

will always result in EOF. Default is false.

stdinOnce

Boolean

Whether the container runtime should close the stdin channel

after it has been opened by a single attach. When stdin is true the stdin

stream will remain open across multiple attach sessions. If stdinOnce is

set to true, stdin is opened on container start, is empty until the first

client attaches to stdin, and then remains open and accepts data until the

client disconnects, at which time stdin is closed and remains closed until

the container is restarted. If this flag is false, a container processes

that reads from stdin will never receive an EOF. Default is false

targetContainerName

String

If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec.

The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined.

terminationMessagePath

String

Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

terminationMessagePolicy

String

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

Possible enum values:

  • "FallbackToLogsOnError" will read the most recent contents of the container logs for the container status message when the container exits with an error and the terminationMessagePath has no contents.

  • "File" is the default behavior and will set the container status message to the contents of the container's terminationMessagePath when the container exits.

tty

Boolean

Whether this container should allocate a TTY for itself, also

requires 'stdin' to be true. Default is false.

volumeMounts

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeMount objects

Pod volumes to mount into the container's filesystem. Subpath

mounts are not allowed for ephemeral containers. Cannot be updated.

workingDir

String

Container's working directory. If not specified, the container

runtime's default will be used, which might be configured in the container

image. Cannot be updated.

Table 90 io.cci.otc.api.pkg.apis.versioned.cci.v2.HostAlias

Parameter

Type

Description

hostnames

Array of strings

Hostnames for the above IP address.

ip

String

IP address of the host file entry.

Table 91 io.cci.otc.api.pkg.apis.versioned.cci.v2.LocalObjectReference

Parameter

Type

Description

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

Table 92 io.cci.otc.api.pkg.apis.versioned.cci.v2.Container

Parameter

Type

Description

args

Array of strings

Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

command

Array of strings

Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

env

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVar objects

List of environment variables to set in the container. Cannot

be updated.

envFrom

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvFromSource objects

List of sources to populate environment variables in the container.

The keys defined within a source must be a C_IDENTIFIER. All invalid keys

will be reported as an event when the container is starting. When a key

exists in multiple sources, the value associated with the last source will

take precedence. Values defined by an Env with a duplicate key will take

precedence. Cannot be updated.

image

String

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.

lifecycle

io.cci.otc.api.pkg.apis.versioned.cci.v2.Lifecycle object

Actions that the management system should take in response to

container lifecycle events. Cannot be updated.

livenessProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

name

String

Name of the container specified as a DNS_LABEL. Each container

in a pod must have a unique name (DNS_LABEL). Cannot be updated.

ports

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerPort objects

List of ports to expose from the container. Not specifying a

port here DOES NOT prevent that port from being exposed. Any port which

is listening on the default "0.0.0.0" address inside a container will be

accessible from the network. Modifying this array with strategic merge patch

may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.

Cannot be updated.

readinessProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

resources

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements object

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

securityContext

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecurityContext object

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

startupProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

stdin

Boolean

Whether this container should allocate a buffer for stdin in

the container runtime. If this is not set, reads from stdin in the container

will always result in EOF. Default is false.

stdinOnce

Boolean

Whether the container runtime should close the stdin channel

after it has been opened by a single attach. When stdin is true the stdin

stream will remain open across multiple attach sessions. If stdinOnce is

set to true, stdin is opened on container start, is empty until the first

client attaches to stdin, and then remains open and accepts data until the

client disconnects, at which time stdin is closed and remains closed until

the container is restarted. If this flag is false, a container processes

that reads from stdin will never receive an EOF. Default is false

terminationMessagePath

String

Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

terminationMessagePolicy

String

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

Possible enum values:

  • "FallbackToLogsOnError" will read the most recent contents of the container logs for the container status message when the container exits with an error and the terminationMessagePath has no contents.

  • "File" is the default behavior and will set the container status message to the contents of the container's terminationMessagePath when the container exits.

tty

Boolean

Whether this container should allocate a TTY for itself, also

requires 'stdin' to be true. Default is false.

volumeMounts

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeMount objects

Pod volumes to mount into the container's filesystem. Cannot

be updated.

workingDir

String

Container's working directory. If not specified, the container

runtime's default will be used, which might be configured in the container

image. Cannot be updated.

Table 93 io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVar

Parameter

Type

Description

name

String

Name of the environment variable. Must be a C_IDENTIFIER.

value

String

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

valueFrom

io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVarSource object

Source for the environment variable's value. Cannot be used if

value is not empty.

Table 94 io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVarSource

Parameter

Type

Description

configMapKeyRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapKeySelector object

Selects a key of a ConfigMap.

fieldRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ObjectFieldSelector object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

resourceFieldRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceFieldSelector object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

secretKeyRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretKeySelector object

Selects a key of a secret in the pod's namespace

Table 95 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapKeySelector

Parameter

Type

Description

key

String

The key to select.

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

Specify whether the ConfigMap or its key must be defined

Table 96 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretKeySelector

Parameter

Type

Description

key

String

The key of the secret to select from. Must be a valid secret

key.

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

Specify whether the Secret or its key must be defined

Table 97 io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvFromSource

Parameter

Type

Description

configMapRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapEnvSource object

The ConfigMap to select from

prefix

String

An optional identifier to prepend to each key in the ConfigMap.

Must be a C_IDENTIFIER.

secretRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretEnvSource object

The Secret to select from

Table 98 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapEnvSource

Parameter

Type

Description

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

Specify whether the ConfigMap must be defined

Table 99 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretEnvSource

Parameter

Type

Description

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

Specify whether the Secret must be defined

Table 100 io.cci.otc.api.pkg.apis.versioned.cci.v2.Lifecycle

Parameter

Type

Description

postStart

io.cci.otc.api.pkg.apis.versioned.cci.v2.LifecycleHandler object

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

preStop

io.cci.otc.api.pkg.apis.versioned.cci.v2.LifecycleHandler object

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Table 101 io.cci.otc.api.pkg.apis.versioned.cci.v2.LifecycleHandler

Parameter

Type

Description

exec

io.cci.otc.api.pkg.apis.versioned.cci.v2.ExecAction object

Exec specifies the action to take.

httpGet

io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPGetAction object

HTTPGet specifies the http request to perform.

Table 102 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerPort

Parameter

Type

Description

containerPort

Integer

Number of port to expose on the pod's IP address. This must be

a valid port number, 0 < x < 65536.

name

String

If specified, this must be an IANA_SVC_NAME and unique within

the pod. Each named port in a pod must have a unique name. Name for the

port that can be referred to by services.

protocol

String

Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

Possible enum values:

  • "SCTP" is the SCTP protocol.

  • "TCP" is the TCP protocol.

  • "UDP" is the UDP protocol.

Table 103 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecurityContext

Parameter

Type

Description

capabilities

io.cci.otc.api.pkg.apis.versioned.cci.v2.Capabilities object

The capabilities to add/drop when running containers. Defaults

to the default set of capabilities granted by the container runtime. Note

that this field cannot be set when spec.os.name is windows.

procMount

String

procMount denotes the type of proc mount to use for the containers.

The default is DefaultProcMount which uses the container runtime defaults

for readonly paths and masked paths. This requires the ProcMountType feature

flag to be enabled. Note that this field cannot be set when spec.os.name

is windows.

readOnlyRootFilesystem

Boolean

Whether this container has a read-only root filesystem. Default

is false. Note that this field cannot be set when spec.os.name is windows.

runAsGroup

Long

The GID to run the entrypoint of the container process. Uses

runtime default if unset. May also be set in PodSecurityContext. If set

in both SecurityContext and PodSecurityContext, the value specified in SecurityContext

takes precedence. Note that this field cannot be set when spec.os.name is

windows.

runAsNonRoot

Boolean

Indicates that the container must run as a non-root user. If

true, the Kubelet will validate the image at runtime to ensure that it does

not run as UID 0 (root) and fail to start the container if it does. If unset

or false, no such validation will be performed. May also be set in PodSecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence.

runAsUser

Long

The UID to run the entrypoint of the container process. Defaults

to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence. Note that this field cannot be set

when spec.os.name is windows.

Table 104 io.cci.otc.api.pkg.apis.versioned.cci.v2.Capabilities

Parameter

Type

Description

add

Array of strings

Added capabilities

drop

Array of strings

Removed capabilities

Table 105 io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe

Parameter

Type

Description

exec

io.cci.otc.api.pkg.apis.versioned.cci.v2.ExecAction object

Exec specifies the action to take.

failureThreshold

Integer

Minimum consecutive failures for the probe to be considered failed

after having succeeded. Defaults to 3. Minimum value is 1.

httpGet

io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPGetAction object

HTTPGet specifies the http request to perform.

initialDelaySeconds

Integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

periodSeconds

Integer

How often (in seconds) to perform the probe. Default to 10 seconds.

Minimum value is 1.

successThreshold

Integer

Minimum consecutive successes for the probe to be considered

successful after having failed. Defaults to 1. Must be 1 for liveness and

startup. Minimum value is 1.

tcpSocket

io.cci.otc.api.pkg.apis.versioned.cci.v2.TCPSocketAction object

TCPSocket specifies an action involving a TCP port.

terminationGracePeriodSeconds

Long

Optional duration in seconds the pod needs to terminate gracefully

upon probe failure. The grace period is the duration in seconds after the

processes running in the pod are sent a termination signal and the time

when the processes are forcibly halted with a kill signal. Set this value

longer than the expected cleanup time for your process. If this value is

nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this

value overrides the value provided by the pod spec. Value must be non-negative

integer. The value zero indicates stop immediately via the kill signal (no

opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod

feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is

used if unset.

timeoutSeconds

Integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Table 106 io.cci.otc.api.pkg.apis.versioned.cci.v2.ExecAction

Parameter

Type

Description

command

Array of strings

Command is the command line to execute inside the container,

the working directory for the command is root ('/') in the container's

filesystem. The command is simply exec'd, it is not run inside a shell,

so traditional shell instructions ('|', etc) won't work. To use a shell,

you need to explicitly call out to that shell. Exit status of 0 is treated

as live/healthy and non-zero is unhealthy.

Table 107 io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPGetAction

Parameter

Type

Description

host

String

Host name to connect to, defaults to the pod IP. You probably

want to set "Host" in httpHeaders instead.

httpHeaders

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPHeader objects

Custom headers to set in the request. HTTP allows repeated headers.

path

String

Path to access on the HTTP server.

port

String

Name or number of the port to access on the container. Number

must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

scheme

String

Scheme to use for connecting to the host. Defaults to HTTP.

Possible enum values:

  • "HTTP" means that the scheme used will be http://

  • "HTTPS" means that the scheme used will be https://

Table 108 io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPHeader

Parameter

Type

Description

name

String

The header field name

value

String

The header field value

Table 109 io.cci.otc.api.pkg.apis.versioned.cci.v2.TCPSocketAction

Parameter

Type

Description

host

String

Optional: Host name to connect to, defaults to the pod IP.

port

String

Number or name of the port to access on the container. Number

must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

Table 110 io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeMount

Parameter

Type

Description

extendPathMode

String

Extend the volume path by appending the pod metadata to the path

according to specified pattern. which provide a way of directory isolation

and help prevent the writing conflict between different pods.

mountPath

String

Path within the container at which the volume should be mounted. Must

not contain ':'.

name

String

This must match the Name of a Volume.

readOnly

Boolean

Mounted read-only if true, read-write otherwise (false or unspecified).

Defaults to false.

subPath

String

Path within the volume from which the container's volume should

be mounted. Defaults to "" (volume's root).

subPathExpr

String

Expanded path within the volume from which the container's volume

should be mounted. Behaves similarly to SubPath but environment variable

references $(VAR_NAME) are expanded using the container's environment. Defaults

to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.

Table 111 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodReadinessGate

Parameter

Type

Description

conditionType

String

ConditionType refers to a condition in the pod's condition list

with matching type.

Table 112 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSecurityContext

Parameter

Type

Description

fsGroup

Long

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

fsGroupChangePolicy

String

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

runAsGroup

Long

The GID to run the entrypoint of the container process. Uses

runtime default if unset. May also be set in SecurityContext. If set in

both SecurityContext and PodSecurityContext, the value specified in SecurityContext

takes precedence for that container. Note that this field cannot be set

when spec.os.name is windows.

runAsNonRoot

Boolean

Indicates that the container must run as a non-root user. If

true, the Kubelet will validate the image at runtime to ensure that it does

not run as UID 0 (root) and fail to start the container if it does. If unset

or false, no such validation will be performed. May also be set in SecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence.

runAsUser

Long

The UID to run the entrypoint of the container process. Defaults

to user specified in image metadata if unspecified. May also be set in SecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence for that container. Note that this field

cannot be set when spec.os.name is windows.

supplementalGroups

Array of longs

A list of groups applied to the first process run in each container,

in addition to the container's primary GID. If unspecified, no groups will

be added to any container. Note that this field cannot be set when spec.os.name

is windows.

sysctls

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Sysctl objects

Sysctls hold a list of namespaced sysctls used for the pod. Pods

with unsupported sysctls (by the container runtime) might fail to launch.

Note that this field cannot be set when spec.os.name is windows.

Table 113 io.cci.otc.api.pkg.apis.versioned.cci.v2.Sysctl

Parameter

Type

Description

name

String

Name of a property to set

value

String

Value of a property to set

Table 114 io.cci.otc.api.pkg.apis.versioned.cci.v2.TopologySpreadConstraint

Parameter

Type

Description

labelSelector

io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector object

LabelSelector is used to find matching pods. Pods that match

this label selector are counted to determine the number of pods in their

corresponding topology domain.

matchLabelKeys

Array of strings

MatchLabelKeys is a set of pod label keys to select the pods

over which spreading will be calculated. The keys are used to lookup values

from the incoming pod labels, those key-value labels are ANDed with labelSelector

to select the group of existing pods over which spreading will be calculated

for the incoming pod. Keys that don't exist in the incoming pod labels will

be ignored. A null or empty list means only match against labelSelector.

maxSkew

Integer

MaxSkew describes the degree to which pods may be unevenly distributed. When whenUnsatisfiable=DoNotSchedule, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When whenUnsatisfiable=ScheduleAnyway, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.

minDomains

Integer

MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.

For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.

This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).

nodeAffinityPolicy

String

NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.

If this value is nil, the behavior is equivalent to the Honor policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.

nodeTaintsPolicy

String

NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.

If this value is nil, the behavior is equivalent to the Ignore policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.

topologyKey

String

TopologyKey is the key of node labels. Nodes that have a label

with this key and identical values are considered to be in the same topology.

We consider each <key, value> as a "bucket", and try to put balanced number

of pods into each bucket. We define a domain as a particular instance of

a topology. Also, we define an eligible domain as a domain whose nodes meet

the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey

is "kubernetes.io/hostname", each Node is a domain of that topology. And,

if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of

that topology. It's a required field.

whenUnsatisfiable

String

WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location,

but giving higher precedence to topologies that would help reduce the

skew.

A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it more imbalanced. It's a required field.

Possible enum values:

  • "DoNotSchedule" instructs the scheduler not to schedule the pod when constraints are not satisfied.

  • "ScheduleAnyway" instructs the scheduler to schedule the pod even if constraints are not satisfied.

Table 115 io.cci.otc.api.pkg.apis.versioned.cci.v2.Volume

Parameter

Type

Description

configMap

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapVolumeSource object

configMap represents a configMap that should populate this volume

downwardAPI

io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeSource object

downwardAPI represents downward API about the pod that should

populate this volume

emptyDir

io.cci.otc.api.pkg.apis.versioned.cci.v2.EmptyDirVolumeSource object

emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

ephemeral

io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralVolumeSource object

ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity

tracking are needed,

  1. the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through

a PersistentVolumeClaim (see EphemeralVolumeSource for more

information on the connection between this volume type

and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

name

String

name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

nfs

io.cci.otc.api.pkg.apis.versioned.cci.v2.NFSVolumeSource object

nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

persistentVolumeClaim

io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimVolumeSource object

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

projected

io.cci.otc.api.pkg.apis.versioned.cci.v2.ProjectedVolumeSource object

projected items for all in one resources secrets, configmaps,

and downward API

secret

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretVolumeSource object

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Table 116 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapVolumeSource

Parameter

Type

Description

defaultMode

Integer

defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items if unspecified, each key-value pair in the Data field of

the referenced ConfigMap will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the ConfigMap, the

volume setup will error unless it is marked optional. Paths must be relative

and may not contain the '..' path or start with '..'.

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

optional specify whether the ConfigMap or its keys must be defined

Table 117 io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeSource

Parameter

Type

Description

defaultMode

Integer

Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeFile objects

Items is a list of downward API volume file

Table 118 io.cci.otc.api.pkg.apis.versioned.cci.v2.EmptyDirVolumeSource

Parameter

Type

Description

medium

String

medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

sizeLimit

String

sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir

Table 119 io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralVolumeSource

Parameter

Type

Description

volumeClaimTemplate

io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimTemplate object

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

Table 120 io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimTemplate

Parameter

Type

Description

metadata

io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta object

May contain labels and annotations that will be copied into the

PVC when creating it. No other fields are allowed and will be rejected during

validation.

spec

io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimSpec object

The specification for the PersistentVolumeClaim. The entire content

is copied unchanged into the PVC that gets created from this template. The

same fields as in a PersistentVolumeClaim are also valid here.

Table 121 io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta

Parameter

Type

Description

annotations

Map<String,String>

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

clusterName

String

The name of the cluster which the object belongs to. This is

used to distinguish resources with same name and namespace in different

clusters. This field is not set anywhere right now and apiserver is going

to ignore it if set in create or update request.

creationTimestamp

String

CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.

Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

deletionGracePeriodSeconds

Long

Number of seconds allowed for this object to gracefully terminate

before it will be removed from the system. Only set when deletionTimestamp

is also set. May only be shortened. Read-only.

deletionTimestamp

String

DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.

Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

enable

Boolean

Enable identifies whether the resource is available

finalizers

Array of strings

Must be empty before the object is deleted from the registry.

Each entry is an identifier for the responsible component that will remove

the entry from the list. If the deletionTimestamp of the object is non-nil,

entries in this list can only be removed. Finalizers may be processed and

removed in any order. Order is NOT enforced because it introduces significant

risk of stuck finalizers. finalizers is a shared field, any actor with permission

can reorder it. If the finalizer list is processed in order, then this can

lead to a situation in which the component responsible for the first finalizer

in the list is waiting for a signal (field value, external system, or other)

produced by a component responsible for a finalizer later in the list, resulting

in a deadlock. Without enforced ordering finalizers are free to order amongst

themselves and are not vulnerable to ordering changes in the list.

generateName

String

GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.

If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).

Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency

generation

Long

A sequence number representing a specific generation of the desired

state. Populated by the system. Read-only.

labels

Map<String,String>

Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

managedFields

Array of io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry objects

ManagedFields maps workflow-id and version to the set of fields

that are managed by that workflow. This is mostly for internal housekeeping,

and users typically shouldn't need to set or understand this field. A workflow

can be the user's name, a controller's name, or the name of a specific apply

path like "ci-cd". The set of fields is always in the version that the workflow

used when modifying the object.

name

String

Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

namespace

String

Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.

Must be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

ownerReferences

Array of io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference objects

List of objects depended by this object. If ALL objects in the

list have been deleted, this object will be garbage collected. If this object

is managed by a controller, then an entry in this list will point to this

controller, with the controller field set to true. There cannot be more

than one managing controller.

resourceVersion

String

An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.

Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency

selfLink

String

SelfLink is a URL representing this object. Populated by the system. Read-only.

DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.

uid

String

UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.

Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids

Table 122 io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry

Parameter

Type

Description

apiVersion

String

APIVersion defines the version of this resource that this field

set applies to. The format is "group/version" just like the top-level APIVersion

field. It is necessary to track the version of a field set because it cannot

be automatically converted.

fieldsType

String

FieldsType is the discriminator for the different fields format and version. There is currently only one possible value: "FieldsV1"

fieldsV1

Object

FieldsV1 holds the first JSON version format as described in

the "FieldsV1" type.

manager

String

Manager is an identifier of the workflow managing these fields.

operation

String

Operation is the type of operation which lead to this ManagedFieldsEntry

being created. The only valid values for this field are 'Apply' and 'Update'.

time

String

Time is timestamp of when these fields were set. It should always

be empty if Operation is 'Apply'

Table 123 io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference

Parameter

Type

Description

apiVersion

String

API version of the referent.

blockOwnerDeletion

Boolean

If true, AND if the owner has the "foregroundDeletion" finalizer,

then the owner cannot be deleted from the key-value store until this reference

is removed. Defaults to false. To set this field, a user needs "delete"

permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.

controller

Boolean

If true, this reference points to the managing controller.

kind

String

Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

uid

String

UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids

Table 124 io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimSpec

Parameter

Type

Description

accessModes

Array of strings

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

dataSource

io.cci.otc.api.pkg.apis.versioned.cci.v2.TypedLocalObjectReference object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.

dataSourceRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.TypedLocalObjectReference object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef

allows any non-core object, as well as PersistentVolumeClaim objects.

  • While DataSource ignores disallowed values (dropping them), DataSourceRef

    preserves all values, and generates an error if a disallowed value is

    specified.

    (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.

resources

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

selector

io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector object

selector is a label query over volumes to consider for binding.

storageClassName

String

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

volumeMode

String

volumeMode defines what type of volume is required by the claim.

Value of Filesystem is implied when not included in claim spec.

volumeName

String

volumeName is the binding reference to the PersistentVolume backing

this claim.

Table 125 io.cci.otc.api.pkg.apis.versioned.cci.v2.TypedLocalObjectReference

Parameter

Type

Description

apiGroup

String

APIGroup is the group for the resource being referenced. If APIGroup

is not specified, the specified Kind must be in the core API group. For

any other third-party types, APIGroup is required.

kind

String

Kind is the type of resource being referenced

name

String

Name is the name of resource being referenced

Table 126 io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements

Parameter

Type

Description

limits

Map<String,String>

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

requests

Map<String,String>

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

Table 127 io.k8s.apimachinery.pkg.api.resource.Quantity

Parameter

Type

Description

-

String

Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.

The serialization format is:

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br][/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]

(Note that [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] may be empty, from the "" case in [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br].)

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= 0 | 1 | ... | 9 [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br][/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br].[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]. | .[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= "+" | "-" [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br][/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= Ki | Mi | Gi | Ti | Pi | Ei

(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= m | "" | k | M | G | T | P | E

(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= "e" [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | "E" [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]

No matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.

When a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.

Before serializing, Quantity will be put in "canonical form". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:

  1. No precision is lost

  2. No fractional digits will be emitted

  3. The exponent (or suffix) is as large as possible.

The sign will be omitted unless the number is negative.

Examples:

1.5 will be serialized as "1500m"

1.5Gi will be serialized as "1536Mi"

Note that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.

Non-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)

This format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.

Table 128 io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector

Parameter

Type

Description

matchExpressions

Array of io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement objects

matchExpressions is a list of label selector requirements. The

requirements are ANDed.

matchLabels

Map<String,String>

matchLabels is a map of {key,value} pairs. A single {key,value}

in the matchLabels map is equivalent to an element of matchExpressions,

whose key field is "key", the operator is "In", and the values array contains

only "value". The requirements are ANDed.

Table 129 io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement

Parameter

Type

Description

key

String

key is the label key that the selector applies to.

operator

String

operator represents a key's relationship to a set of values.

Valid operators are In, NotIn, Exists and DoesNotExist.

values

Array of strings

values is an array of string values. If the operator is In or

NotIn, the values array must be non-empty. If the operator is Exists or

DoesNotExist, the values array must be empty. This array is replaced during

a strategic merge patch.

Table 130 io.cci.otc.api.pkg.apis.versioned.cci.v2.NFSVolumeSource

Parameter

Type

Description

path

String

path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

readOnly

Boolean

readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

server

String

server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

Table 131 io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimVolumeSource

Parameter

Type

Description

claimName

String

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

readOnly

Boolean

readOnly Will force the ReadOnly setting in VolumeMounts. Default

false.

Table 132 io.cci.otc.api.pkg.apis.versioned.cci.v2.ProjectedVolumeSource

Parameter

Type

Description

defaultMode

Integer

defaultMode are the mode bits used to set permissions on created

files by default. Must be an octal value between 0000 and 0777 or a decimal

value between 0 and 511. YAML accepts both octal and decimal values, JSON

requires decimal values for mode bits. Directories within the path are not

affected by this setting. This might be in conflict with other options that

affect the file mode, like fsGroup, and the result can be other mode bits

set.

sources

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeProjection objects

sources is the list of volume projections

Table 133 io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeProjection

Parameter

Type

Description

configMap

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapProjection object

configMap information about the configMap data to project

downwardAPI

io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIProjection object

downwardAPI information about the downwardAPI data to project

secret

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretProjection object

secret information about the secret data to project

Table 134 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapProjection

Parameter

Type

Description

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items if unspecified, each key-value pair in the Data field of

the referenced ConfigMap will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the ConfigMap, the

volume setup will error unless it is marked optional. Paths must be relative

and may not contain the '..' path or start with '..'.

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

optional specify whether the ConfigMap or its keys must be defined

Table 135 io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIProjection

Parameter

Type

Description

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeFile objects

Items is a list of DownwardAPIVolume file

Table 136 io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeFile

Parameter

Type

Description

fieldRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ObjectFieldSelector object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

mode

Integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

path

String

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

resourceFieldRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceFieldSelector object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Table 137 io.cci.otc.api.pkg.apis.versioned.cci.v2.ObjectFieldSelector

Parameter

Type

Description

apiVersion

String

Version of the schema the FieldPath is written in terms of, defaults

to "v1".

fieldPath

String

Path of the field to select in the specified API version.

Table 138 io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceFieldSelector

Parameter

Type

Description

containerName

String

Container name: required for volumes, optional for env vars

divisor

String

Specifies the output format of the exposed resources, defaults

to "1"

resource

String

Required: resource to select

Table 139 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretProjection

Parameter

Type

Description

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items if unspecified, each key-value pair in the Data field of

the referenced Secret will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the Secret, the volume

setup will error unless it is marked optional. Paths must be relative and

may not contain the '..' path or start with '..'.

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

optional field specify whether the Secret or its key must be

defined

Table 140 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretVolumeSource

Parameter

Type

Description

defaultMode

Integer

defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items If unspecified, each key-value pair in the Data field of

the referenced Secret will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the Secret, the volume

setup will error unless it is marked optional. Paths must be relative and

may not contain the '..' path or start with '..'.

optional

Boolean

optional field specify whether the Secret or its keys must be

defined

secretName

String

secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Table 141 io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath

Parameter

Type

Description

key

String

key is the key to project.

mode

Integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

path

String

path is the relative path of the file to map the key to. May

not be an absolute path. May not contain the path element '..'. May not

start with the string '..'.

Table 142 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodStatus

Parameter

Type

Description

conditions

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodCondition objects

Current service state of pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions

containerStatuses

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus objects

The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status

ephemeralContainerStatuses

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus objects

Status for any ephemeral containers that have run in this pod.

hostIP

String

IP address of the host to which the pod is assigned. Empty if

not yet scheduled.

initContainerStatuses

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus objects

The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status

message

String

A human readable message indicating details about why the pod

is in this condition.

nominatedNodeName

String

nominatedNodeName is set only when this pod preempts other pods

on the node, but it cannot be scheduled right away as preemption victims

receive their graceful termination periods. This field does not guarantee

that the pod will be scheduled on this node. Scheduler may decide to place

the pod elsewhere if other nodes become available sooner. Scheduler may

also decide to give the resources on this node to a higher priority pod

that is created after preemption. As a result, this field may be different

than PodSpec.nodeName when the pod is scheduled.

phase

String

The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:

Pending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.

More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase

Possible enum values:

  • "Failed" means that all containers in the pod have terminated, and at least one container has terminated in a failure (exited with a non-zero exit code or was stopped by the system).

  • "Pending" means the pod has been accepted by the system, but one or more of the containers has not been started. This includes time before being bound to a node, as well as time spent pulling images onto the host.

  • "Running" means the pod has been bound to a node and all of the containers have been started. At least one container is still running or is in the process of being restarted.

  • "Succeeded" means that all containers in the pod have voluntarily terminated with a container exit code of 0, and the system is not going to restart any of these containers.

  • "Unknown" means that for some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod. Deprecated: It isn't being set since 2015 (74da3b14b0c0f658b3bb8d2def5094686d0e9095)

podIP

String

IP address allocated to the pod. Routable at least within the

cluster. Empty if not yet allocated.

podIPs

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodIP objects

podIPs holds the IP addresses allocated to the pod. If this field

is specified, the 0th entry must match the podIP field. Pods may be allocated

at most 1 value for each of IPv4 and IPv6. This list is empty if no IPs

have been allocated yet.

qosClass

String

The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md

Possible enum values:

  • "BestEffort" is the BestEffort qos class.

  • "Burstable" is the Burstable qos class.

  • "Guaranteed" is the Guaranteed qos class.

reason

String

A brief CamelCase message indicating details about why the pod

is in this state. e.g. 'Evicted'

startTime

String

RFC 3339 date and time at which the object was acknowledged by

the Kubelet. This is before the Kubelet pulled the container image(s) for

the pod.

Table 143 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodCondition

Parameter

Type

Description

lastProbeTime

String

Last time we probed the condition.

lastTransitionTime

String

Last time the condition transitioned from one status to another.

message

String

Human-readable message indicating details about last transition.

reason

String

Unique, one-word, CamelCase reason for the condition's last transition.

status

String

Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions

type

String

Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions

Table 144 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus

Parameter

Type

Description

containerID

String

Container's ID in the format '[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]://<container_id>'.

image

String

The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images.

imageID

String

ImageID of the container's image.

lastState

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerState object

Details about the container's last termination condition.

name

String

This must be a DNS_LABEL. Each container in a pod must have a

unique name. Cannot be updated.

ready

Boolean

Specifies whether the container has passed its readiness probe.

restartCount

Integer

The number of times the container has been restarted.

started

Boolean

Specifies whether the container has passed its startup probe.

Initialized as false, becomes true after startupProbe is considered successful.

Resets to false when the container is restarted, or if kubelet loses state

temporarily. Is always true when no startupProbe is defined.

state

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerState object

Details about the container's current condition.

Table 145 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerState

Parameter

Type

Description

running

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateRunning object

Details about a running container

terminated

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateTerminated object

Details about a terminated container

waiting

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateWaiting object

Details about a waiting container

Table 146 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateRunning

Parameter

Type

Description

startedAt

String

Time at which the container was last (re-)started

Table 147 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateTerminated

Parameter

Type

Description

containerID

String

Container's ID in the format '[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]://<container_id>'

exitCode

Integer

Exit status from the last termination of the container

finishedAt

String

Time at which the container last terminated

message

String

Message regarding the last termination of the container

reason

String

(brief) reason from the last termination of the container

signal

Integer

Signal from the last termination of the container

startedAt

String

Time at which previous execution of the container started

Table 148 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateWaiting

Parameter

Type

Description

message

String

Message regarding why the container is not yet running.

reason

String

(brief) reason the container is not yet running.

Table 149 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodIP

Parameter

Type

Description

ip

String

ip is an IP address (IPv4 or IPv6) assigned to the pod

Status code: 201

Table 150 Response body parameters

Parameter

Type

Description

apiVersion

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

kind

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

metadata

io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta object

Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

spec

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSpec object

Specification of the desired behavior of the pod. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

status

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodStatus object

Most recently observed status of the pod. This data may not be up to date. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

Table 151 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSpec

Parameter

Type

Description

activeDeadlineSeconds

Long

Optional duration in seconds the pod may be active on the node

relative to StartTime before the system will actively try to mark it failed

and kill associated containers. Value must be a positive integer.

affinity

io.cci.otc.api.pkg.apis.versioned.cci.v2.Affinity object

If specified, the pod's scheduling constraints

containers

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Container objects

List of containers belonging to the pod. Containers cannot currently

be added or removed. There must be at least one container in a Pod. Cannot

be updated.

dnsConfig

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfig object

Specifies the DNS parameters of a pod. Parameters specified here

will be merged to the generated DNS configuration based on DNSPolicy.

dnsPolicy

String

Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.

Possible enum values:

  • "ClusterFirst" indicates that the pod should use cluster DNS first unless hostNetwork is true, if it is available, then fall back on the default (as determined by kubelet) DNS settings.

  • "ClusterFirstWithHostNet" indicates that the pod should use cluster DNS first, if it is available, then fall back on the default (as determined by kubelet) DNS settings.

  • "Default" indicates that the pod should use the default (as determined by kubelet) DNS settings.

  • "None" indicates that the pod should use empty DNS settings. DNS parameters such as nameservers and search paths should be defined via DNSConfig.

ephemeralContainers

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralContainer objects

List of ephemeral containers run in this pod. Ephemeral containers

may be run in an existing pod to perform user-initiated actions such as

debugging. This list cannot be specified when creating a pod, and it cannot

be modified by updating the pod spec. In order to add an ephemeral container

to an existing pod, use the pod's ephemeralcontainers subresource.

hostAliases

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.HostAlias objects

HostAliases is an optional list of hosts and IPs that will be

injected into the pod's hosts file if specified. This is only valid for

non-hostNetwork pods.

hostname

String

Specifies the hostName of the Pod. If not specified, the pod's

hostname will be set to a system-defined value.

imagePullSecrets

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.LocalObjectReference objects

ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

initContainers

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Container objects

List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/

nodeName

String

NodeName is a request to schedule this pod onto a specific node.

If it is non-empty, the scheduler simply schedules this pod onto that node,

assuming that it fits resource requirements.

overhead

Map<String,String>

Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md

readinessGates

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodReadinessGate objects

If specified, all readiness gates will be evaluated for pod readiness. A pod is ready when all its containers are ready AND all conditions specified in the readiness gates have status equal to "True" More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates

restartPolicy

String

Restart policy for all containers within the pod. One of Always, OnFailure, Never. Default to Always. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy

Possible enum values:

  • "Always"

  • "Never"

  • "OnFailure"

schedulerName

String

If specified, the pod will be dispatched by specified scheduler.

If not specified, the pod will be dispatched by default scheduler.

securityContext

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSecurityContext object

SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.

setHostnameAsFQDN

Boolean

If true the pod's hostname will be configured as the pod's FQDN,

rather than the leaf name (the default). In Linux containers, this means

setting the FQDN in the hostname field of the kernel (the nodename field

of struct utsname). In Windows containers, this means setting the registry

value of hostname for the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

to FQDN. If a pod does not have FQDN, this has no effect. Default to false.

shareProcessNamespace

Boolean

Share a single process namespace between all of the containers in a pod. When this is set containers will be able to view and signal processes from other containers in the same pod, and the first process in each container will not be assigned PID 1. HostPID and ShareProcessNamespace cannot both be set. Optional: Default to false.

terminationGracePeriodSeconds

Long

Optional duration in seconds the pod needs to terminate gracefully.

May be decreased in delete request. Value must be non-negative integer.

The value zero indicates stop immediately via the kill signal (no opportunity

to shut down). If this value is nil, the default grace period will be used

instead. The grace period is the duration in seconds after the processes

running in the pod are sent a termination signal and the time when the processes

are forcibly halted with a kill signal. Set this value longer than the expected

cleanup time for your process. Defaults to 30 seconds.

topologySpreadConstraints

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.TopologySpreadConstraint objects

TopologySpreadConstraints describes how a group of pods ought

to spread across topology domains. Scheduler will schedule pods in a way

which abides by the constraints. All topologySpreadConstraints are ANDed.

volumes

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Volume objects

List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes

Table 152 io.cci.otc.api.pkg.apis.versioned.cci.v2.Affinity

Parameter

Type

Description

nodeAffinity

io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeAffinity object

Describes node affinity scheduling rules for the pod.

podAntiAffinity

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAntiAffinity object

Describes pod anti-affinity scheduling rules (e.g. avoid putting

this pod in the same zone, etc. as some other pod(s)).

Table 153 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeAffinity

Parameter

Type

Description

requiredDuringSchedulingIgnoredDuringExecution

io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelector object

If the affinity requirements specified by this field are not

met at scheduling time, the pod will not be scheduled onto the node. If

the affinity requirements specified by this field cease to be met at some

point during pod execution (e.g. due to an update), the system may or may

not try to eventually evict the pod from its node.

Table 154 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelector

Parameter

Type

Description

nodeSelectorTerms

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorTerm objects

Required. A list of node selector terms. The terms are ORed.

Table 155 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorTerm

Parameter

Type

Description

matchExpressions

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorRequirement objects

A list of node selector requirements by node's labels.

Table 156 io.cci.otc.api.pkg.apis.versioned.cci.v2.NodeSelectorRequirement

Parameter

Type

Description

key

String

The label key that the selector applies to.

operator

String

Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

Possible enum values:

  • "DoesNotExist"

  • "Exists"

  • "Gt"

  • "In"

  • "Lt"

  • "NotIn"

values

Array of strings

An array of string values. If the operator is In or NotIn, the

values array must be non-empty. If the operator is Exists or DoesNotExist,

the values array must be empty. If the operator is Gt or Lt, the values

array must have a single element, which will be interpreted as an integer.

This array is replaced during a strategic merge patch.

Table 157 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAntiAffinity

Parameter

Type

Description

preferredDuringSchedulingIgnoredDuringExecution

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.WeightedPodAffinityTerm objects

The scheduler will prefer to schedule pods to nodes that satisfy

the anti-affinity expressions specified by this field, but it may choose

a node that violates one or more of the expressions. The node that is most

preferred is the one with the greatest sum of weights, i.e. for each node

that meets all of the scheduling requirements (resource request, requiredDuringScheduling

anti-affinity expressions, etc.), compute a sum by iterating through the

elements of this field and adding "weight" to the sum if the node has pods

which matches the corresponding podAffinityTerm; the node(s) with the highest

sum are the most preferred.

requiredDuringSchedulingIgnoredDuringExecution

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAffinityTerm objects

If the anti-affinity requirements specified by this field are

not met at scheduling time, the pod will not be scheduled onto the node.

If the anti-affinity requirements specified by this field cease to be met

at some point during pod execution (e.g. due to a pod label update), the

system may or may not try to eventually evict the pod from its node. When

there are multiple elements, the lists of nodes corresponding to each podAffinityTerm

are intersected, i.e. all terms must be satisfied.

Table 158 io.cci.otc.api.pkg.apis.versioned.cci.v2.WeightedPodAffinityTerm

Parameter

Type

Description

podAffinityTerm

io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAffinityTerm object

Required. A pod affinity term, associated with the corresponding

weight.

weight

Integer

weight associated with matching the corresponding podAffinityTerm,

in the range 1-100.

Table 159 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodAffinityTerm

Parameter

Type

Description

labelSelector

io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector object

A label query over a set of resources, in this case pods.

namespaces

Array of strings

namespaces specifies a static list of namespace names that the

term applies to. The term is applied to the union of the namespaces listed

in this field and the ones selected by namespaceSelector. null or empty

namespaces list and null namespaceSelector means "this pod's namespace".

topologyKey

String

This pod should be co-located (affinity) or not co-located (anti-affinity)

with the pods matching the labelSelector in the specified namespaces, where

co-located is defined as running on a node whose value of the label with

key topologyKey matches that of any node on which any of the selected pods

is running. Empty topologyKey is not allowed.

Table 160 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfig

Parameter

Type

Description

nameservers

Array of strings

A list of DNS name server IP addresses. This will be appended

to the base nameservers generated from DNSPolicy. Duplicated nameservers

will be removed.

options

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfigOption objects

A list of DNS resolver options. This will be merged with the

base options generated from DNSPolicy. Duplicated entries will be removed.

Resolution options given in Options will override those that appear in the

base DNSPolicy.

searches

Array of strings

A list of DNS search domains for host-name lookup. This will

be appended to the base search paths generated from DNSPolicy. Duplicated

search paths will be removed.

Table 161 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodDNSConfigOption

Parameter

Type

Description

name

String

Required.

value

String

Table 162 io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralContainer

Parameter

Type

Description

args

Array of strings

Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

command

Array of strings

Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

env

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVar objects

List of environment variables to set in the container. Cannot

be updated.

envFrom

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvFromSource objects

List of sources to populate environment variables in the container.

The keys defined within a source must be a C_IDENTIFIER. All invalid keys

will be reported as an event when the container is starting. When a key

exists in multiple sources, the value associated with the last source will

take precedence. Values defined by an Env with a duplicate key will take

precedence. Cannot be updated.

image

String

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images

lifecycle

io.cci.otc.api.pkg.apis.versioned.cci.v2.Lifecycle object

Lifecycle is not allowed for ephemeral containers.

livenessProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Probes are not allowed for ephemeral containers.

name

String

Name of the ephemeral container specified as a DNS_LABEL. This

name must be unique among all containers, init containers and ephemeral

containers.

ports

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerPort objects

Ports are not allowed for ephemeral containers.

readinessProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Probes are not allowed for ephemeral containers.

resources

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements object

Resources are not allowed for ephemeral containers. Ephemeral

containers use spare resources already allocated to the pod.

securityContext

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecurityContext object

Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.

startupProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Probes are not allowed for ephemeral containers.

stdin

Boolean

Whether this container should allocate a buffer for stdin in

the container runtime. If this is not set, reads from stdin in the container

will always result in EOF. Default is false.

stdinOnce

Boolean

Whether the container runtime should close the stdin channel

after it has been opened by a single attach. When stdin is true the stdin

stream will remain open across multiple attach sessions. If stdinOnce is

set to true, stdin is opened on container start, is empty until the first

client attaches to stdin, and then remains open and accepts data until the

client disconnects, at which time stdin is closed and remains closed until

the container is restarted. If this flag is false, a container processes

that reads from stdin will never receive an EOF. Default is false

targetContainerName

String

If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec.

The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined.

terminationMessagePath

String

Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

terminationMessagePolicy

String

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

Possible enum values:

  • "FallbackToLogsOnError" will read the most recent contents of the container logs for the container status message when the container exits with an error and the terminationMessagePath has no contents.

  • "File" is the default behavior and will set the container status message to the contents of the container's terminationMessagePath when the container exits.

tty

Boolean

Whether this container should allocate a TTY for itself, also

requires 'stdin' to be true. Default is false.

volumeMounts

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeMount objects

Pod volumes to mount into the container's filesystem. Subpath

mounts are not allowed for ephemeral containers. Cannot be updated.

workingDir

String

Container's working directory. If not specified, the container

runtime's default will be used, which might be configured in the container

image. Cannot be updated.

Table 163 io.cci.otc.api.pkg.apis.versioned.cci.v2.HostAlias

Parameter

Type

Description

hostnames

Array of strings

Hostnames for the above IP address.

ip

String

IP address of the host file entry.

Table 164 io.cci.otc.api.pkg.apis.versioned.cci.v2.LocalObjectReference

Parameter

Type

Description

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

Table 165 io.cci.otc.api.pkg.apis.versioned.cci.v2.Container

Parameter

Type

Description

args

Array of strings

Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

command

Array of strings

Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

env

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVar objects

List of environment variables to set in the container. Cannot

be updated.

envFrom

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvFromSource objects

List of sources to populate environment variables in the container.

The keys defined within a source must be a C_IDENTIFIER. All invalid keys

will be reported as an event when the container is starting. When a key

exists in multiple sources, the value associated with the last source will

take precedence. Values defined by an Env with a duplicate key will take

precedence. Cannot be updated.

image

String

Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.

lifecycle

io.cci.otc.api.pkg.apis.versioned.cci.v2.Lifecycle object

Actions that the management system should take in response to

container lifecycle events. Cannot be updated.

livenessProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

name

String

Name of the container specified as a DNS_LABEL. Each container

in a pod must have a unique name (DNS_LABEL). Cannot be updated.

ports

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerPort objects

List of ports to expose from the container. Not specifying a

port here DOES NOT prevent that port from being exposed. Any port which

is listening on the default "0.0.0.0" address inside a container will be

accessible from the network. Modifying this array with strategic merge patch

may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255.

Cannot be updated.

readinessProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

resources

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements object

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

securityContext

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecurityContext object

SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

startupProbe

io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe object

StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

stdin

Boolean

Whether this container should allocate a buffer for stdin in

the container runtime. If this is not set, reads from stdin in the container

will always result in EOF. Default is false.

stdinOnce

Boolean

Whether the container runtime should close the stdin channel

after it has been opened by a single attach. When stdin is true the stdin

stream will remain open across multiple attach sessions. If stdinOnce is

set to true, stdin is opened on container start, is empty until the first

client attaches to stdin, and then remains open and accepts data until the

client disconnects, at which time stdin is closed and remains closed until

the container is restarted. If this flag is false, a container processes

that reads from stdin will never receive an EOF. Default is false

terminationMessagePath

String

Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

terminationMessagePolicy

String

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

Possible enum values:

  • "FallbackToLogsOnError" will read the most recent contents of the container logs for the container status message when the container exits with an error and the terminationMessagePath has no contents.

  • "File" is the default behavior and will set the container status message to the contents of the container's terminationMessagePath when the container exits.

tty

Boolean

Whether this container should allocate a TTY for itself, also

requires 'stdin' to be true. Default is false.

volumeMounts

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeMount objects

Pod volumes to mount into the container's filesystem. Cannot

be updated.

workingDir

String

Container's working directory. If not specified, the container

runtime's default will be used, which might be configured in the container

image. Cannot be updated.

Table 166 io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVar

Parameter

Type

Description

name

String

Name of the environment variable. Must be a C_IDENTIFIER.

value

String

Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

valueFrom

io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVarSource object

Source for the environment variable's value. Cannot be used if

value is not empty.

Table 167 io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvVarSource

Parameter

Type

Description

configMapKeyRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapKeySelector object

Selects a key of a ConfigMap.

fieldRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ObjectFieldSelector object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

resourceFieldRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceFieldSelector object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

secretKeyRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretKeySelector object

Selects a key of a secret in the pod's namespace

Table 168 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapKeySelector

Parameter

Type

Description

key

String

The key to select.

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

Specify whether the ConfigMap or its key must be defined

Table 169 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretKeySelector

Parameter

Type

Description

key

String

The key of the secret to select from. Must be a valid secret

key.

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

Specify whether the Secret or its key must be defined

Table 170 io.cci.otc.api.pkg.apis.versioned.cci.v2.EnvFromSource

Parameter

Type

Description

configMapRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapEnvSource object

The ConfigMap to select from

prefix

String

An optional identifier to prepend to each key in the ConfigMap.

Must be a C_IDENTIFIER.

secretRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretEnvSource object

The Secret to select from

Table 171 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapEnvSource

Parameter

Type

Description

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

Specify whether the ConfigMap must be defined

Table 172 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretEnvSource

Parameter

Type

Description

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

Specify whether the Secret must be defined

Table 173 io.cci.otc.api.pkg.apis.versioned.cci.v2.Lifecycle

Parameter

Type

Description

postStart

io.cci.otc.api.pkg.apis.versioned.cci.v2.LifecycleHandler object

PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

preStop

io.cci.otc.api.pkg.apis.versioned.cci.v2.LifecycleHandler object

PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks

Table 174 io.cci.otc.api.pkg.apis.versioned.cci.v2.LifecycleHandler

Parameter

Type

Description

exec

io.cci.otc.api.pkg.apis.versioned.cci.v2.ExecAction object

Exec specifies the action to take.

httpGet

io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPGetAction object

HTTPGet specifies the http request to perform.

Table 175 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerPort

Parameter

Type

Description

containerPort

Integer

Number of port to expose on the pod's IP address. This must be

a valid port number, 0 < x < 65536.

name

String

If specified, this must be an IANA_SVC_NAME and unique within

the pod. Each named port in a pod must have a unique name. Name for the

port that can be referred to by services.

protocol

String

Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".

Possible enum values:

  • "SCTP" is the SCTP protocol.

  • "TCP" is the TCP protocol.

  • "UDP" is the UDP protocol.

Table 176 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecurityContext

Parameter

Type

Description

capabilities

io.cci.otc.api.pkg.apis.versioned.cci.v2.Capabilities object

The capabilities to add/drop when running containers. Defaults

to the default set of capabilities granted by the container runtime. Note

that this field cannot be set when spec.os.name is windows.

procMount

String

procMount denotes the type of proc mount to use for the containers.

The default is DefaultProcMount which uses the container runtime defaults

for readonly paths and masked paths. This requires the ProcMountType feature

flag to be enabled. Note that this field cannot be set when spec.os.name

is windows.

readOnlyRootFilesystem

Boolean

Whether this container has a read-only root filesystem. Default

is false. Note that this field cannot be set when spec.os.name is windows.

runAsGroup

Long

The GID to run the entrypoint of the container process. Uses

runtime default if unset. May also be set in PodSecurityContext. If set

in both SecurityContext and PodSecurityContext, the value specified in SecurityContext

takes precedence. Note that this field cannot be set when spec.os.name is

windows.

runAsNonRoot

Boolean

Indicates that the container must run as a non-root user. If

true, the Kubelet will validate the image at runtime to ensure that it does

not run as UID 0 (root) and fail to start the container if it does. If unset

or false, no such validation will be performed. May also be set in PodSecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence.

runAsUser

Long

The UID to run the entrypoint of the container process. Defaults

to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence. Note that this field cannot be set

when spec.os.name is windows.

Table 177 io.cci.otc.api.pkg.apis.versioned.cci.v2.Capabilities

Parameter

Type

Description

add

Array of strings

Added capabilities

drop

Array of strings

Removed capabilities

Table 178 io.cci.otc.api.pkg.apis.versioned.cci.v2.Probe

Parameter

Type

Description

exec

io.cci.otc.api.pkg.apis.versioned.cci.v2.ExecAction object

Exec specifies the action to take.

failureThreshold

Integer

Minimum consecutive failures for the probe to be considered failed

after having succeeded. Defaults to 3. Minimum value is 1.

httpGet

io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPGetAction object

HTTPGet specifies the http request to perform.

initialDelaySeconds

Integer

Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

periodSeconds

Integer

How often (in seconds) to perform the probe. Default to 10 seconds.

Minimum value is 1.

successThreshold

Integer

Minimum consecutive successes for the probe to be considered

successful after having failed. Defaults to 1. Must be 1 for liveness and

startup. Minimum value is 1.

tcpSocket

io.cci.otc.api.pkg.apis.versioned.cci.v2.TCPSocketAction object

TCPSocket specifies an action involving a TCP port.

terminationGracePeriodSeconds

Long

Optional duration in seconds the pod needs to terminate gracefully

upon probe failure. The grace period is the duration in seconds after the

processes running in the pod are sent a termination signal and the time

when the processes are forcibly halted with a kill signal. Set this value

longer than the expected cleanup time for your process. If this value is

nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this

value overrides the value provided by the pod spec. Value must be non-negative

integer. The value zero indicates stop immediately via the kill signal (no

opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod

feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is

used if unset.

timeoutSeconds

Integer

Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

Table 179 io.cci.otc.api.pkg.apis.versioned.cci.v2.ExecAction

Parameter

Type

Description

command

Array of strings

Command is the command line to execute inside the container,

the working directory for the command is root ('/') in the container's

filesystem. The command is simply exec'd, it is not run inside a shell,

so traditional shell instructions ('|', etc) won't work. To use a shell,

you need to explicitly call out to that shell. Exit status of 0 is treated

as live/healthy and non-zero is unhealthy.

Table 180 io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPGetAction

Parameter

Type

Description

host

String

Host name to connect to, defaults to the pod IP. You probably

want to set "Host" in httpHeaders instead.

httpHeaders

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPHeader objects

Custom headers to set in the request. HTTP allows repeated headers.

path

String

Path to access on the HTTP server.

port

String

Name or number of the port to access on the container. Number

must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

scheme

String

Scheme to use for connecting to the host. Defaults to HTTP.

Possible enum values:

  • "HTTP" means that the scheme used will be http://

  • "HTTPS" means that the scheme used will be https://

Table 181 io.cci.otc.api.pkg.apis.versioned.cci.v2.HTTPHeader

Parameter

Type

Description

name

String

The header field name

value

String

The header field value

Table 182 io.cci.otc.api.pkg.apis.versioned.cci.v2.TCPSocketAction

Parameter

Type

Description

host

String

Optional: Host name to connect to, defaults to the pod IP.

port

String

Number or name of the port to access on the container. Number

must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

Table 183 io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeMount

Parameter

Type

Description

extendPathMode

String

Extend the volume path by appending the pod metadata to the path

according to specified pattern. which provide a way of directory isolation

and help prevent the writing conflict between different pods.

mountPath

String

Path within the container at which the volume should be mounted. Must

not contain ':'.

name

String

This must match the Name of a Volume.

readOnly

Boolean

Mounted read-only if true, read-write otherwise (false or unspecified).

Defaults to false.

subPath

String

Path within the volume from which the container's volume should

be mounted. Defaults to "" (volume's root).

subPathExpr

String

Expanded path within the volume from which the container's volume

should be mounted. Behaves similarly to SubPath but environment variable

references $(VAR_NAME) are expanded using the container's environment. Defaults

to "" (volume's root). SubPathExpr and SubPath are mutually exclusive.

Table 184 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodReadinessGate

Parameter

Type

Description

conditionType

String

ConditionType refers to a condition in the pod's condition list

with matching type.

Table 185 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodSecurityContext

Parameter

Type

Description

fsGroup

Long

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

  1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.

fsGroupChangePolicy

String

fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. Note that this field cannot be set when spec.os.name is windows.

runAsGroup

Long

The GID to run the entrypoint of the container process. Uses

runtime default if unset. May also be set in SecurityContext. If set in

both SecurityContext and PodSecurityContext, the value specified in SecurityContext

takes precedence for that container. Note that this field cannot be set

when spec.os.name is windows.

runAsNonRoot

Boolean

Indicates that the container must run as a non-root user. If

true, the Kubelet will validate the image at runtime to ensure that it does

not run as UID 0 (root) and fail to start the container if it does. If unset

or false, no such validation will be performed. May also be set in SecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence.

runAsUser

Long

The UID to run the entrypoint of the container process. Defaults

to user specified in image metadata if unspecified. May also be set in SecurityContext. If

set in both SecurityContext and PodSecurityContext, the value specified

in SecurityContext takes precedence for that container. Note that this field

cannot be set when spec.os.name is windows.

supplementalGroups

Array of longs

A list of groups applied to the first process run in each container,

in addition to the container's primary GID. If unspecified, no groups will

be added to any container. Note that this field cannot be set when spec.os.name

is windows.

sysctls

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.Sysctl objects

Sysctls hold a list of namespaced sysctls used for the pod. Pods

with unsupported sysctls (by the container runtime) might fail to launch.

Note that this field cannot be set when spec.os.name is windows.

Table 186 io.cci.otc.api.pkg.apis.versioned.cci.v2.Sysctl

Parameter

Type

Description

name

String

Name of a property to set

value

String

Value of a property to set

Table 187 io.cci.otc.api.pkg.apis.versioned.cci.v2.TopologySpreadConstraint

Parameter

Type

Description

labelSelector

io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector object

LabelSelector is used to find matching pods. Pods that match

this label selector are counted to determine the number of pods in their

corresponding topology domain.

matchLabelKeys

Array of strings

MatchLabelKeys is a set of pod label keys to select the pods

over which spreading will be calculated. The keys are used to lookup values

from the incoming pod labels, those key-value labels are ANDed with labelSelector

to select the group of existing pods over which spreading will be calculated

for the incoming pod. Keys that don't exist in the incoming pod labels will

be ignored. A null or empty list means only match against labelSelector.

maxSkew

Integer

MaxSkew describes the degree to which pods may be unevenly distributed. When whenUnsatisfiable=DoNotSchedule, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When whenUnsatisfiable=ScheduleAnyway, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.

minDomains

Integer

MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule.

For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.

This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).

nodeAffinityPolicy

String

NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.

If this value is nil, the behavior is equivalent to the Honor policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.

nodeTaintsPolicy

String

NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included.

If this value is nil, the behavior is equivalent to the Ignore policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.

topologyKey

String

TopologyKey is the key of node labels. Nodes that have a label

with this key and identical values are considered to be in the same topology.

We consider each <key, value> as a "bucket", and try to put balanced number

of pods into each bucket. We define a domain as a particular instance of

a topology. Also, we define an eligible domain as a domain whose nodes meet

the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey

is "kubernetes.io/hostname", each Node is a domain of that topology. And,

if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of

that topology. It's a required field.

whenUnsatisfiable

String

WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location,

but giving higher precedence to topologies that would help reduce the

skew.

A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it more imbalanced. It's a required field.

Possible enum values:

  • "DoNotSchedule" instructs the scheduler not to schedule the pod when constraints are not satisfied.

  • "ScheduleAnyway" instructs the scheduler to schedule the pod even if constraints are not satisfied.

Table 188 io.cci.otc.api.pkg.apis.versioned.cci.v2.Volume

Parameter

Type

Description

configMap

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapVolumeSource object

configMap represents a configMap that should populate this volume

downwardAPI

io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeSource object

downwardAPI represents downward API about the pod that should

populate this volume

emptyDir

io.cci.otc.api.pkg.apis.versioned.cci.v2.EmptyDirVolumeSource object

emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

ephemeral

io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralVolumeSource object

ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed.

Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity

tracking are needed,

  1. the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through

a PersistentVolumeClaim (see EphemeralVolumeSource for more

information on the connection between this volume type

and PersistentVolumeClaim).

Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod.

Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information.

A pod can use both types of ephemeral volumes and persistent volumes at the same time.

name

String

name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

nfs

io.cci.otc.api.pkg.apis.versioned.cci.v2.NFSVolumeSource object

nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

persistentVolumeClaim

io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimVolumeSource object

persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

projected

io.cci.otc.api.pkg.apis.versioned.cci.v2.ProjectedVolumeSource object

projected items for all in one resources secrets, configmaps,

and downward API

secret

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretVolumeSource object

secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Table 189 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapVolumeSource

Parameter

Type

Description

defaultMode

Integer

defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items if unspecified, each key-value pair in the Data field of

the referenced ConfigMap will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the ConfigMap, the

volume setup will error unless it is marked optional. Paths must be relative

and may not contain the '..' path or start with '..'.

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

optional specify whether the ConfigMap or its keys must be defined

Table 190 io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeSource

Parameter

Type

Description

defaultMode

Integer

Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeFile objects

Items is a list of downward API volume file

Table 191 io.cci.otc.api.pkg.apis.versioned.cci.v2.EmptyDirVolumeSource

Parameter

Type

Description

medium

String

medium represents what type of storage medium should back this directory. The default is "" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir

sizeLimit

String

sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir

Table 192 io.cci.otc.api.pkg.apis.versioned.cci.v2.EphemeralVolumeSource

Parameter

Type

Description

volumeClaimTemplate

io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimTemplate object

Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be <pod name>-<volume name> where <volume name> is the name from the PodSpec.Volumes array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long).

An existing PVC with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster.

This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created.

Required, must not be nil.

Table 193 io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimTemplate

Parameter

Type

Description

metadata

io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta object

May contain labels and annotations that will be copied into the

PVC when creating it. No other fields are allowed and will be rejected during

validation.

spec

io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimSpec object

The specification for the PersistentVolumeClaim. The entire content

is copied unchanged into the PVC that gets created from this template. The

same fields as in a PersistentVolumeClaim are also valid here.

Table 194 io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta

Parameter

Type

Description

annotations

Map<String,String>

Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/

clusterName

String

The name of the cluster which the object belongs to. This is

used to distinguish resources with same name and namespace in different

clusters. This field is not set anywhere right now and apiserver is going

to ignore it if set in create or update request.

creationTimestamp

String

CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.

Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

deletionGracePeriodSeconds

Long

Number of seconds allowed for this object to gracefully terminate

before it will be removed from the system. Only set when deletionTimestamp

is also set. May only be shortened. Read-only.

deletionTimestamp

String

DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.

Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

enable

Boolean

Enable identifies whether the resource is available

finalizers

Array of strings

Must be empty before the object is deleted from the registry.

Each entry is an identifier for the responsible component that will remove

the entry from the list. If the deletionTimestamp of the object is non-nil,

entries in this list can only be removed. Finalizers may be processed and

removed in any order. Order is NOT enforced because it introduces significant

risk of stuck finalizers. finalizers is a shared field, any actor with permission

can reorder it. If the finalizer list is processed in order, then this can

lead to a situation in which the component responsible for the first finalizer

in the list is waiting for a signal (field value, external system, or other)

produced by a component responsible for a finalizer later in the list, resulting

in a deadlock. Without enforced ordering finalizers are free to order amongst

themselves and are not vulnerable to ordering changes in the list.

generateName

String

GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.

If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).

Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency

generation

Long

A sequence number representing a specific generation of the desired

state. Populated by the system. Read-only.

labels

Map<String,String>

Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

managedFields

Array of io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry objects

ManagedFields maps workflow-id and version to the set of fields

that are managed by that workflow. This is mostly for internal housekeeping,

and users typically shouldn't need to set or understand this field. A workflow

can be the user's name, a controller's name, or the name of a specific apply

path like "ci-cd". The set of fields is always in the version that the workflow

used when modifying the object.

name

String

Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

namespace

String

Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.

Must be a DNS_LABEL. Cannot be updated. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

ownerReferences

Array of io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference objects

List of objects depended by this object. If ALL objects in the

list have been deleted, this object will be garbage collected. If this object

is managed by a controller, then an entry in this list will point to this

controller, with the controller field set to true. There cannot be more

than one managing controller.

resourceVersion

String

An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.

Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency

selfLink

String

SelfLink is a URL representing this object. Populated by the system. Read-only.

DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.

uid

String

UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.

Populated by the system. Read-only. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids

Table 195 io.k8s.apimachinery.pkg.apis.meta.v1.ManagedFieldsEntry

Parameter

Type

Description

apiVersion

String

APIVersion defines the version of this resource that this field

set applies to. The format is "group/version" just like the top-level APIVersion

field. It is necessary to track the version of a field set because it cannot

be automatically converted.

fieldsType

String

FieldsType is the discriminator for the different fields format and version. There is currently only one possible value: "FieldsV1"

fieldsV1

Object

FieldsV1 holds the first JSON version format as described in

the "FieldsV1" type.

manager

String

Manager is an identifier of the workflow managing these fields.

operation

String

Operation is the type of operation which lead to this ManagedFieldsEntry

being created. The only valid values for this field are 'Apply' and 'Update'.

time

String

Time is timestamp of when these fields were set. It should always

be empty if Operation is 'Apply'

Table 196 io.k8s.apimachinery.pkg.apis.meta.v1.OwnerReference

Parameter

Type

Description

apiVersion

String

API version of the referent.

blockOwnerDeletion

Boolean

If true, AND if the owner has the "foregroundDeletion" finalizer,

then the owner cannot be deleted from the key-value store until this reference

is removed. Defaults to false. To set this field, a user needs "delete"

permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.

controller

Boolean

If true, this reference points to the managing controller.

kind

String

Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

uid

String

UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids

Table 197 io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimSpec

Parameter

Type

Description

accessModes

Array of strings

accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1

dataSource

io.cci.otc.api.pkg.apis.versioned.cci.v2.TypedLocalObjectReference object

dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. If the AnyVolumeDataSource feature gate is enabled, this field will always have the same contents as the DataSourceRef field.

dataSourceRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.TypedLocalObjectReference object

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any local object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the DataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, both fields (DataSource and DataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. There are two important differences between DataSource and DataSourceRef: * While DataSource only allows two specific types of objects, DataSourceRef

allows any non-core object, as well as PersistentVolumeClaim objects.

  • While DataSource ignores disallowed values (dropping them), DataSourceRef

    preserves all values, and generates an error if a disallowed value is

    specified.

    (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.

resources

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements object

resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

selector

io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector object

selector is a label query over volumes to consider for binding.

storageClassName

String

storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1

volumeMode

String

volumeMode defines what type of volume is required by the claim.

Value of Filesystem is implied when not included in claim spec.

volumeName

String

volumeName is the binding reference to the PersistentVolume backing

this claim.

Table 198 io.cci.otc.api.pkg.apis.versioned.cci.v2.TypedLocalObjectReference

Parameter

Type

Description

apiGroup

String

APIGroup is the group for the resource being referenced. If APIGroup

is not specified, the specified Kind must be in the core API group. For

any other third-party types, APIGroup is required.

kind

String

Kind is the type of resource being referenced

name

String

Name is the name of resource being referenced

Table 199 io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceRequirements

Parameter

Type

Description

limits

Map<String,String>

Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

requests

Map<String,String>

Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

Table 200 io.k8s.apimachinery.pkg.api.resource.Quantity

Parameter

Type

Description

-

String

Quantity is a fixed-point representation of a number. It provides convenient marshaling/unmarshaling in JSON and YAML, in addition to String() and AsInt64() accessors.

The serialization format is:

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br][/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]

(Note that [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] may be empty, from the "" case in [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br].)

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= 0 | 1 | ... | 9 [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br][/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br].[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]. | .[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= "+" | "-" [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br][/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= Ki | Mi | Gi | Ti | Pi | Ei

(International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= m | "" | k | M | G | T | P | E

(Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)

[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] ::= "e" [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br] | "E" [/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]

No matter which of the three exponent forms is used, no quantity may represent a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal places. Numbers larger or more precise will be capped or rounded up. (E.g.: 0.1m will rounded up to 1m.) This may be extended in the future if we require larger or smaller quantities.

When a Quantity is parsed from a string, it will remember the type of suffix it had, and will use the same type again when it is serialized.

Before serializing, Quantity will be put in "canonical form". This means that Exponent/suffix will be adjusted up or down (with a corresponding increase or decrease in Mantissa) such that:

  1. No precision is lost

  2. No fractional digits will be emitted

  3. The exponent (or suffix) is as large as possible.

The sign will be omitted unless the number is negative.

Examples:

1.5 will be serialized as "1500m"

1.5Gi will be serialized as "1536Mi"

Note that the quantity will NEVER be internally represented by a floating point number. That is the whole point of this exercise.

Non-canonical values will still parse as long as they are well formed, but will be re-emitted in their canonical form. (So always use canonical form, or don't diff.)

This format is intended to make it difficult to use these numbers without writing some sort of special handling code in the hopes that that will cause implementors to also use a fixed point implementation.

Table 201 io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelector

Parameter

Type

Description

matchExpressions

Array of io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement objects

matchExpressions is a list of label selector requirements. The

requirements are ANDed.

matchLabels

Map<String,String>

matchLabels is a map of {key,value} pairs. A single {key,value}

in the matchLabels map is equivalent to an element of matchExpressions,

whose key field is "key", the operator is "In", and the values array contains

only "value". The requirements are ANDed.

Table 202 io.k8s.apimachinery.pkg.apis.meta.v1.LabelSelectorRequirement

Parameter

Type

Description

key

String

key is the label key that the selector applies to.

operator

String

operator represents a key's relationship to a set of values.

Valid operators are In, NotIn, Exists and DoesNotExist.

values

Array of strings

values is an array of string values. If the operator is In or

NotIn, the values array must be non-empty. If the operator is Exists or

DoesNotExist, the values array must be empty. This array is replaced during

a strategic merge patch.

Table 203 io.cci.otc.api.pkg.apis.versioned.cci.v2.NFSVolumeSource

Parameter

Type

Description

path

String

path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

readOnly

Boolean

readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

server

String

server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs

Table 204 io.cci.otc.api.pkg.apis.versioned.cci.v2.PersistentVolumeClaimVolumeSource

Parameter

Type

Description

claimName

String

claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims

readOnly

Boolean

readOnly Will force the ReadOnly setting in VolumeMounts. Default

false.

Table 205 io.cci.otc.api.pkg.apis.versioned.cci.v2.ProjectedVolumeSource

Parameter

Type

Description

defaultMode

Integer

defaultMode are the mode bits used to set permissions on created

files by default. Must be an octal value between 0000 and 0777 or a decimal

value between 0 and 511. YAML accepts both octal and decimal values, JSON

requires decimal values for mode bits. Directories within the path are not

affected by this setting. This might be in conflict with other options that

affect the file mode, like fsGroup, and the result can be other mode bits

set.

sources

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeProjection objects

sources is the list of volume projections

Table 206 io.cci.otc.api.pkg.apis.versioned.cci.v2.VolumeProjection

Parameter

Type

Description

configMap

io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapProjection object

configMap information about the configMap data to project

downwardAPI

io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIProjection object

downwardAPI information about the downwardAPI data to project

secret

io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretProjection object

secret information about the secret data to project

Table 207 io.cci.otc.api.pkg.apis.versioned.cci.v2.ConfigMapProjection

Parameter

Type

Description

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items if unspecified, each key-value pair in the Data field of

the referenced ConfigMap will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the ConfigMap, the

volume setup will error unless it is marked optional. Paths must be relative

and may not contain the '..' path or start with '..'.

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

optional specify whether the ConfigMap or its keys must be defined

Table 208 io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIProjection

Parameter

Type

Description

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeFile objects

Items is a list of DownwardAPIVolume file

Table 209 io.cci.otc.api.pkg.apis.versioned.cci.v2.DownwardAPIVolumeFile

Parameter

Type

Description

fieldRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ObjectFieldSelector object

Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

mode

Integer

Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

path

String

Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

resourceFieldRef

io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceFieldSelector object

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

Table 210 io.cci.otc.api.pkg.apis.versioned.cci.v2.ObjectFieldSelector

Parameter

Type

Description

apiVersion

String

Version of the schema the FieldPath is written in terms of, defaults

to "v1".

fieldPath

String

Path of the field to select in the specified API version.

Table 211 io.cci.otc.api.pkg.apis.versioned.cci.v2.ResourceFieldSelector

Parameter

Type

Description

containerName

String

Container name: required for volumes, optional for env vars

divisor

String

Specifies the output format of the exposed resources, defaults

to "1"

resource

String

Required: resource to select

Table 212 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretProjection

Parameter

Type

Description

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items if unspecified, each key-value pair in the Data field of

the referenced Secret will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the Secret, the volume

setup will error unless it is marked optional. Paths must be relative and

may not contain the '..' path or start with '..'.

name

String

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

optional

Boolean

optional field specify whether the Secret or its key must be

defined

Table 213 io.cci.otc.api.pkg.apis.versioned.cci.v2.SecretVolumeSource

Parameter

Type

Description

defaultMode

Integer

defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

items

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath objects

items If unspecified, each key-value pair in the Data field of

the referenced Secret will be projected into the volume as a file whose

name is the key and content is the value. If specified, the listed keys

will be projected into the specified paths, and unlisted keys will not be

present. If a key is specified which is not present in the Secret, the volume

setup will error unless it is marked optional. Paths must be relative and

may not contain the '..' path or start with '..'.

optional

Boolean

optional field specify whether the Secret or its keys must be

defined

secretName

String

secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

Table 214 io.cci.otc.api.pkg.apis.versioned.cci.v2.KeyToPath

Parameter

Type

Description

key

String

key is the key to project.

mode

Integer

mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

path

String

path is the relative path of the file to map the key to. May

not be an absolute path. May not contain the path element '..'. May not

start with the string '..'.

Table 215 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodStatus

Parameter

Type

Description

conditions

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodCondition objects

Current service state of pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions

containerStatuses

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus objects

The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status

ephemeralContainerStatuses

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus objects

Status for any ephemeral containers that have run in this pod.

hostIP

String

IP address of the host to which the pod is assigned. Empty if

not yet scheduled.

initContainerStatuses

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus objects

The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status

message

String

A human readable message indicating details about why the pod

is in this condition.

nominatedNodeName

String

nominatedNodeName is set only when this pod preempts other pods

on the node, but it cannot be scheduled right away as preemption victims

receive their graceful termination periods. This field does not guarantee

that the pod will be scheduled on this node. Scheduler may decide to place

the pod elsewhere if other nodes become available sooner. Scheduler may

also decide to give the resources on this node to a higher priority pod

that is created after preemption. As a result, this field may be different

than PodSpec.nodeName when the pod is scheduled.

phase

String

The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. The conditions array, the reason and message fields, and the individual container status arrays contain more detail about the pod's status. There are five possible phase values:

Pending: The pod has been accepted by the Kubernetes system, but one or more of the container images has not been created. This includes time before being scheduled as well as time spent downloading images over the network, which could take a while. Running: The pod has been bound to a node, and all of the containers have been created. At least one container is still running, or is in the process of starting or restarting. Succeeded: All containers in the pod have terminated in success, and will not be restarted. Failed: All containers in the pod have terminated, and at least one container has terminated in failure. The container either exited with non-zero status or was terminated by the system. Unknown: For some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod.

More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase

Possible enum values:

  • "Failed" means that all containers in the pod have terminated, and at least one container has terminated in a failure (exited with a non-zero exit code or was stopped by the system).

  • "Pending" means the pod has been accepted by the system, but one or more of the containers has not been started. This includes time before being bound to a node, as well as time spent pulling images onto the host.

  • "Running" means the pod has been bound to a node and all of the containers have been started. At least one container is still running or is in the process of being restarted.

  • "Succeeded" means that all containers in the pod have voluntarily terminated with a container exit code of 0, and the system is not going to restart any of these containers.

  • "Unknown" means that for some reason the state of the pod could not be obtained, typically due to an error in communicating with the host of the pod. Deprecated: It isn't being set since 2015 (74da3b14b0c0f658b3bb8d2def5094686d0e9095)

podIP

String

IP address allocated to the pod. Routable at least within the

cluster. Empty if not yet allocated.

podIPs

Array of io.cci.otc.api.pkg.apis.versioned.cci.v2.PodIP objects

podIPs holds the IP addresses allocated to the pod. If this field

is specified, the 0th entry must match the podIP field. Pods may be allocated

at most 1 value for each of IPv4 and IPv6. This list is empty if no IPs

have been allocated yet.

qosClass

String

The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md

Possible enum values:

  • "BestEffort" is the BestEffort qos class.

  • "Burstable" is the Burstable qos class.

  • "Guaranteed" is the Guaranteed qos class.

reason

String

A brief CamelCase message indicating details about why the pod

is in this state. e.g. 'Evicted'

startTime

String

RFC 3339 date and time at which the object was acknowledged by

the Kubelet. This is before the Kubelet pulled the container image(s) for

the pod.

Table 216 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodCondition

Parameter

Type

Description

lastProbeTime

String

Last time we probed the condition.

lastTransitionTime

String

Last time the condition transitioned from one status to another.

message

String

Human-readable message indicating details about last transition.

reason

String

Unique, one-word, CamelCase reason for the condition's last transition.

status

String

Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions

type

String

Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions

Table 217 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStatus

Parameter

Type

Description

containerID

String

Container's ID in the format '[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]://<container_id>'.

image

String

The image the container is running. More info: https://kubernetes.io/docs/concepts/containers/images.

imageID

String

ImageID of the container's image.

lastState

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerState object

Details about the container's last termination condition.

name

String

This must be a DNS_LABEL. Each container in a pod must have a

unique name. Cannot be updated.

ready

Boolean

Specifies whether the container has passed its readiness probe.

restartCount

Integer

The number of times the container has been restarted.

started

Boolean

Specifies whether the container has passed its startup probe.

Initialized as false, becomes true after startupProbe is considered successful.

Resets to false when the container is restarted, or if kubelet loses state

temporarily. Is always true when no startupProbe is defined.

state

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerState object

Details about the container's current condition.

Table 218 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerState

Parameter

Type

Description

running

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateRunning object

Details about a running container

terminated

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateTerminated object

Details about a terminated container

waiting

io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateWaiting object

Details about a waiting container

Table 219 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateRunning

Parameter

Type

Description

startedAt

String

Time at which the container was last (re-)started

Table 220 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateTerminated

Parameter

Type

Description

containerID

String

Container's ID in the format '[/topic/body/section/table/tgroup/tbody/row/entry/p/br {""}) (br]://<container_id>'

exitCode

Integer

Exit status from the last termination of the container

finishedAt

String

Time at which the container last terminated

message

String

Message regarding the last termination of the container

reason

String

(brief) reason from the last termination of the container

signal

Integer

Signal from the last termination of the container

startedAt

String

Time at which previous execution of the container started

Table 221 io.cci.otc.api.pkg.apis.versioned.cci.v2.ContainerStateWaiting

Parameter

Type

Description

message

String

Message regarding why the container is not yet running.

reason

String

(brief) reason the container is not yet running.

Table 222 io.cci.otc.api.pkg.apis.versioned.cci.v2.PodIP

Parameter

Type

Description

ip

String

ip is an IP address (IPv4 or IPv6) assigned to the pod

Example Requests

{
  "apiVersion" : "cci/v2",
  "kind" : "Pod",
  "metadata" : {
    "annotations" : {
      "cni.yangtse.io/network-status" : "[{\"macAddress\":\"fa:16:3e:1d:75:3a\",\"ipv4Info\":{\"subnet\":\"192.168.0.0/24\",\"ipAddress\":\"192.168.0.197\",\"gateway\":\"192.168.0.1\"},\"name\":\"test-api\",\"portID\":\"b471658c-caac-4377-94f4-2eeff1192d2b\",\"ips\":[\"192.168.0.197\"],\"vlanID\":3687}]",
      "networking.cci.io/vm-network-info" : "{\"vmID\":\"fda21659-a816-4449-abcf-193ac5a47b4a\",\"eniID\":\"ec9f8fae-ae74-445b-b8bb-b533e5342dbd\",\"maxEniNum\":2,\"maxSubEniNum\":16}",
      "openvessel.io/monitoring-aominfo" : "08a2*************************c03:4257ecf3-7c47-43a3-86d2-d2b4d4aa3a20",
      "resource.cci.io/pod-size-specs" : "2.00_4.0",
      "resource.cci.io/size" : "2.00_4.0",
      "scheduling.k8s.io/group-name" : "podgroup-ade5799e-9371-4c9f-ab77-0472e97211f8",
      "tenant.cci.io/tenant-id" : "08a2*************************c03",
      "topology.kubernetes.io/region" : "region1",
      "topology.kubernetes.io/zone" : "region1c"
    },
    "creationTimestamp" : "2024-10-09T16:11:23Z",
    "finalizers" : [ "billing.kubernetes.io/podbilling-finalizer" ],
    "labels" : {
      "scheduling.cci.io/vmid" : "fda21659-a816-4449-abcf-193ac5a47b4a",
      "sys_enterprise_project_id" : "0",
      "tenant.cci.io/tenant-id" : "08a2*************************c03",
      "tenant.kubernetes.io/domain-id" : "08a*************************ee60",
      "tenant.kubernetes.io/project-id" : "08a2*************************c03"
    },
    "name" : "test",
    "namespace" : "test-api",
    "resourceVersion" : "391095556",
    "uid" : "ade5799e-9371-4c9f-ab77-0472e97211f8"
  },
  "spec" : {
    "containers" : [ {
      "env" : [ {
        "name" : "ENV1",
        "value" : "false"
      }, {
        "name" : "ENV2",
        "value" : "xxx"
      } ],
      "image" : "nginx:latest",
      "name" : "deploy-example",
      "resources" : {
        "limits" : {
          "cpu" : "500m",
          "memory" : "1Gi"
        },
        "requests" : {
          "cpu" : "500m",
          "memory" : "1Gi"
        }
      },
      "terminationMessagePath" : "/dev/termination-log",
      "terminationMessagePolicy" : "File"
    } ],
    "dnsPolicy" : "Default",
    "imagePullSecrets" : [ {
      "name" : "imagepull-secret"
    } ],
    "nodeName" : "compute-cell-001",
    "restartPolicy" : "Always",
    "schedulerName" : "volcano",
    "securityContext" : { },
    "terminationGracePeriodSeconds" : 30
  },
  "status" : {
    "conditions" : [ {
      "lastProbeTime" : null,
      "lastTransitionTime" : "2024-10-09T16:11:24Z",
      "status" : "True",
      "type" : "Initialized"
    }, {
      "lastProbeTime" : null,
      "lastTransitionTime" : "2024-10-09T16:11:28Z",
      "status" : "True",
      "type" : "Ready"
    }, {
      "lastProbeTime" : null,
      "lastTransitionTime" : "2024-10-09T16:11:28Z",
      "status" : "True",
      "type" : "ContainersReady"
    }, {
      "lastProbeTime" : null,
      "lastTransitionTime" : "2024-10-09T16:11:23Z",
      "status" : "True",
      "type" : "PodScheduled"
    } ],
    "containerStatuses" : [ {
      "containerID" : "containerd://a44eef6b753babaff802d212e78afef2422959e90bd79ab5b385adb302aa3d1e",
      "image" : "nginx:latest",
      "imageID" : "docker.io/library/nginx@sha256:416d511ffa63777489af47f250b70d1570e428b67666567085f2bece3571ad83",
      "lastState" : { },
      "name" : "deploy-example",
      "ready" : true,
      "restartCount" : 0,
      "started" : true,
      "state" : {
        "running" : {
          "startedAt" : "2024-10-09T16:11:27Z"
        }
      }
    } ],
    "phase" : "Running",
    "podIP" : "192.168.0.197",
    "podIPs" : [ {
      "ip" : "192.168.0.197"
    } ],
    "qosClass" : "Guaranteed",
    "startTime" : "2024-10-09T16:11:24Z"
  }
}

Example Responses

Status code: 200

OK

{
  "apiVersion" : "cci/v2",
  "kind" : "Pod",
  "metadata" : {
    "annotations" : {
      "cni.yangtse.io/network-status" : "[{\"macAddress\":\"fa:16:3e:1d:75:3a\",\"ipv4Info\":{\"subnet\":\"192.168.0.0/24\",\"ipAddress\":\"192.168.0.197\",\"gateway\":\"192.168.0.1\"},\"name\":\"test-api\",\"portID\":\"b471658c-caac-4377-94f4-2eeff1192d2b\",\"ips\":[\"192.168.0.197\"],\"vlanID\":3687}]",
      "networking.cci.io/vm-network-info" : "{\"vmID\":\"fda21659-a816-4449-abcf-193ac5a47b4a\",\"eniID\":\"ec9f8fae-ae74-445b-b8bb-b533e5342dbd\",\"maxEniNum\":2,\"maxSubEniNum\":16}",
      "openvessel.io/monitoring-aominfo" : "08a2*************************c03:4257ecf3-7c47-43a3-86d2-d2b4d4aa3a20",
      "resource.cci.io/pod-size-specs" : "2.00_4.0",
      "resource.cci.io/size" : "2.00_4.0",
      "scheduling.k8s.io/group-name" : "podgroup-ade5799e-9371-4c9f-ab77-0472e97211f8",
      "tenant.cci.io/tenant-id" : "08a2*************************c03",
      "topology.kubernetes.io/region" : "region1",
      "topology.kubernetes.io/zone" : "region1c"
    },
    "creationTimestamp" : "2024-10-09T16:11:23Z",
    "finalizers" : [ "billing.kubernetes.io/podbilling-finalizer" ],
    "labels" : {
      "scheduling.cci.io/vmid" : "fda21659-a816-4449-abcf-193ac5a47b4a",
      "sys_enterprise_project_id" : "0",
      "tenant.cci.io/tenant-id" : "08a2*************************c03",
      "tenant.kubernetes.io/domain-id" : "08a*************************ee60",
      "tenant.kubernetes.io/project-id" : "08a2*************************c03"
    },
    "name" : "test",
    "namespace" : "test-api",
    "resourceVersion" : "391095556",
    "uid" : "ade5799e-9371-4c9f-ab77-0472e97211f8"
  },
  "spec" : {
    "containers" : [ {
      "env" : [ {
        "name" : "ENV1",
        "value" : "false"
      }, {
        "name" : "ENV2",
        "value" : "xxx"
      } ],
      "image" : "nginx:latest",
      "name" : "deploy-example",
      "resources" : {
        "limits" : {
          "cpu" : "500m",
          "memory" : "1Gi"
        },
        "requests" : {
          "cpu" : "500m",
          "memory" : "1Gi"
        }
      },
      "terminationMessagePath" : "/dev/termination-log",
      "terminationMessagePolicy" : "File"
    } ],
    "dnsPolicy" : "Default",
    "imagePullSecrets" : [ {
      "name" : "imagepull-secret"
    } ],
    "nodeName" : "compute-cell-001",
    "restartPolicy" : "Always",
    "schedulerName" : "volcano",
    "securityContext" : { },
    "terminationGracePeriodSeconds" : 30
  },
  "status" : {
    "conditions" : [ {
      "lastProbeTime" : null,
      "lastTransitionTime" : "2024-10-09T16:11:24Z",
      "status" : "True",
      "type" : "Initialized"
    }, {
      "lastProbeTime" : null,
      "lastTransitionTime" : "2024-10-09T16:11:28Z",
      "status" : "True",
      "type" : "Ready"
    }, {
      "lastProbeTime" : null,
      "lastTransitionTime" : "2024-10-09T16:11:28Z",
      "status" : "True",
      "type" : "ContainersReady"
    }, {
      "lastProbeTime" : null,
      "lastTransitionTime" : "2024-10-09T16:11:23Z",
      "status" : "True",
      "type" : "PodScheduled"
    } ],
    "containerStatuses" : [ {
      "containerID" : "containerd://a44eef6b753babaff802d212e78afef2422959e90bd79ab5b385adb302aa3d1e",
      "image" : "nginx:latest",
      "imageID" : "docker.io/library/nginx@sha256:416d511ffa63777489af47f250b70d1570e428b67666567085f2bece3571ad83",
      "lastState" : { },
      "name" : "deploy-example",
      "ready" : true,
      "restartCount" : 0,
      "started" : true,
      "state" : {
        "running" : {
          "startedAt" : "2024-10-09T16:11:27Z"
        }
      }
    } ],
    "phase" : "Running",
    "podIP" : "192.168.0.197",
    "podIPs" : [ {
      "ip" : "192.168.0.197"
    } ],
    "qosClass" : "Guaranteed",
    "startTime" : "2024-10-09T16:11:24Z"
  }
}

Status Codes

Status Code

Description

200

OK

201

Created

400

BadRequest

401

Unauthorized

403

Forbidden

404

NotFound

405

MethodNotAllowed

406

NotAcceptable

409

Conflict

415

UnsupportedMediaType

422

Invalid

429

TooManyRequests

500

InternalError

503

ServiceUnavailable

504

ServerTimeout

last updated: 2024-10-15 06:11 UTC - commit: 0a182d98f6a28eec4d85bdd059da233532fd08e3