From a4d36c11684d005f5af929c45505244555e0d57f Mon Sep 17 00:00:00 2001 From: zhangtao <111836083+sophon-zt@users.noreply.github.com> Date: Fri, 10 May 2024 21:33:18 +0800 Subject: [PATCH] chore: refine monitor-related api (#7279) --- apis/apps/v1alpha1/cluster_types.go | 43 +- apis/apps/v1alpha1/clusterdefinition_types.go | 83 +- apis/apps/v1alpha1/component_types.go | 11 +- .../v1alpha1/componentdefinition_types.go | 43 +- .../v1alpha1/configconstraint_conversion.go | 23 +- apis/apps/v1alpha1/configconstraint_types.go | 2 +- apis/apps/v1alpha1/type.go | 75 +- apis/apps/v1alpha1/zz_generated.deepcopy.go | 241 +- apis/apps/v1beta1/configconstraint_types.go | 34 +- apis/apps/v1beta1/meta.go | 11 +- apis/apps/v1beta1/zz_generated.deepcopy.go | 68 +- cmd/manager/main.go | 4 + ...apps.kubeblocks.io_clusterdefinitions.yaml | 1482 +- .../bases/apps.kubeblocks.io_clusters.yaml | 12056 ++++++++++------ ...ps.kubeblocks.io_componentdefinitions.yaml | 1408 +- .../bases/apps.kubeblocks.io_components.yaml | 2277 ++- .../apps.kubeblocks.io_configconstraints.yaml | 177 +- controllers/apps/cluster_plan_builder.go | 4 + .../componentSidecarContainerTransformer.go | 102 - controllers/apps/component_controller.go | 4 +- controllers/apps/component_controller_test.go | 45 + controllers/apps/component_utils.go | 9 - controllers/apps/configuration/config_util.go | 12 +- .../apps/configuration/sync_upgrade_policy.go | 7 +- .../configuration/sync_upgrade_policy_test.go | 8 +- controllers/apps/monitor_integration_utils.go | 90 + controllers/apps/suite_test.go | 15 +- .../apps/transformer_cluster_component.go | 4 +- ...ansformer_component_monitor_transformer.go | 66 + ...former_component_prometheus_integration.go | 150 + .../apps/transformer_component_validation.go | 42 +- ...apps.kubeblocks.io_clusterdefinitions.yaml | 1482 +- .../crds/apps.kubeblocks.io_clusters.yaml | 12056 ++++++++++------ ...ps.kubeblocks.io_componentdefinitions.yaml | 1408 +- .../crds/apps.kubeblocks.io_components.yaml | 2277 ++- .../apps.kubeblocks.io_configconstraints.yaml | 177 +- docs/developer_docs/api-reference/cluster.md | 848 +- go.mod | 112 +- go.sum | 243 +- pkg/common/monitor.go | 72 + pkg/common/types.go | 12 + pkg/configuration/config_manager/builder.go | 2 +- .../config_manager/builder_test.go | 4 +- .../config_manager/config_handler_test.go | 4 +- .../config_manager/handler_util.go | 2 +- pkg/configuration/config_manager/type.go | 2 +- pkg/configuration/validate/config_validate.go | 2 +- .../validate/config_validate_test.go | 4 +- pkg/controller/builder/builder_component.go | 8 +- .../builder/builder_monitor_service.go | 60 + .../builder/builder_monitor_service_test.go | 55 + pkg/controller/component/component.go | 23 +- .../component_definition_convertor.go | 16 +- .../component/synthesize_component.go | 67 +- pkg/controller/component/type.go | 31 +- pkg/controller/factory/builder.go | 56 +- pkg/controllerutil/config_util_test.go | 2 +- pkg/controllerutil/metrics.go | 52 - pkg/generics/type.go | 8 + pkg/testutil/apps/cluster_factory.go | 20 + pkg/testutil/apps/common_util.go | 14 +- pkg/testutil/apps/constant.go | 5 + test/testdata/config/config-constraint.yaml | 2 +- ...monitoring.coreos.com_servicemonitors.yaml | 742 + .../operations_config/config-constraint.yaml | 2 +- .../resources/mysql-config-constraint.yaml | 2 +- .../mysql-consensus-config-constraint.yaml | 2 +- 67 files changed, 23025 insertions(+), 15445 deletions(-) delete mode 100644 controllers/apps/componentSidecarContainerTransformer.go create mode 100644 controllers/apps/monitor_integration_utils.go create mode 100644 controllers/apps/transformer_component_monitor_transformer.go create mode 100644 controllers/apps/transformer_component_prometheus_integration.go create mode 100644 pkg/common/monitor.go create mode 100644 pkg/controller/builder/builder_monitor_service.go create mode 100644 pkg/controller/builder/builder_monitor_service_test.go create mode 100644 test/testdata/monitor/crd/monitoring.coreos.com_servicemonitors.yaml diff --git a/apis/apps/v1alpha1/cluster_types.go b/apis/apps/v1alpha1/cluster_types.go index fb80e62508f..8c7b97ef001 100644 --- a/apis/apps/v1alpha1/cluster_types.go +++ b/apis/apps/v1alpha1/cluster_types.go @@ -208,7 +208,7 @@ type ClusterSpec struct { // This field is maintained for backward compatibility and its use is discouraged. // Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. // - //+kubebuilder:deprecatedversion:warning="This field has been deprecated since 0.9.0" + // +kubebuilder:deprecatedversion:warning="This field has been deprecated since 0.9.0" // +optional Replicas *int32 `json:"replicas,omitempty"` @@ -841,14 +841,25 @@ type ClusterComponentSpec struct { // +optional OfflineInstances []string `json:"offlineInstances,omitempty"` - // Defines the sidecar containers that will be attached to the Component's main container. + // It supports prometheus/victoriametrics operator. // - // +kubebuilder:validation:MinItems=1 - // +kubebuilder:validation:MaxItems=32 - // +listType=set // +optional - Sidecars []string `json:"sidecars,omitempty"` + MetricsStoreIntegration *MetricsStoreIntegration `json:"metricsStoreIntegration,omitempty"` + // Determines whether metrics exporter information is annotated on the Component's headless Service. + // + // If set to true, the following annotations will not be patched into the Service: + // + // - "monitor.kubeblocks.io/path" + // - "monitor.kubeblocks.io/port" + // - "monitor.kubeblocks.io/scheme" + // + // These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. + // + // +optional + DisableExporter *bool `json:"disableExporter,omitempty"` + + // Deprecated since v0.9 // Determines whether metrics exporter information is annotated on the Component's headless Service. // // If set to true, the following annotations will be patched into the Service: @@ -860,7 +871,8 @@ type ClusterComponentSpec struct { // These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. // // +optional - MonitorEnabled *bool `json:"monitorEnabled,omitempty"` + // +kubebuilder:deprecatedversion:warning="This field has been deprecated since 0.10.0" + Monitor *bool `json:"monitor,omitempty"` } type ComponentMessageMap map[string]string @@ -1614,6 +1626,23 @@ func (r *ClusterComponentSpec) ToVolumeClaimTemplates() []corev1.PersistentVolum return ts } +func (r *ClusterComponentSpec) GetDisableExporter() *bool { + if r.DisableExporter != nil { + return r.DisableExporter + } + + toPointer := func(b bool) *bool { + p := b + return &p + } + + // Compatible with previous versions of kb + if r.Monitor != nil { + return toPointer(!*r.Monitor) + } + return nil +} + func (t *InstanceTemplate) GetName() string { return t.Name } diff --git a/apis/apps/v1alpha1/clusterdefinition_types.go b/apis/apps/v1alpha1/clusterdefinition_types.go index dd1117d0e3a..040adc1fde6 100644 --- a/apis/apps/v1alpha1/clusterdefinition_types.go +++ b/apis/apps/v1alpha1/clusterdefinition_types.go @@ -485,63 +485,31 @@ type ServiceRefDeclarationSpec struct { ServiceVersion string `json:"serviceVersion"` } -type PrometheusScrapeConfig struct { - // Specifies the http/https url path to scrape for metrics. - // If empty, Prometheus uses the default value (e.g. `/metrics`). - // - // +kubebuilder:validation:default="/metrics" - // +optional - MetricsPath string `json:"metricsPath,omitempty"` - - // Specifies the port name to scrape for metrics. - // - // +optional - MetricsPort string `json:"metricsPort,omitempty"` - - // Specifies the schema to use for scraping. - // `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. - // If empty, Prometheus uses the default value `http`. - // - // +kubebuilder:validation:default="http" - // +optional - Protocol PrometheusProtocol `json:"protocol,omitempty"` -} - -type MonitorSource struct { - // Defines the kind of monitor, such as metrics or logs. +type ExporterConfig struct { + // scrapePort is exporter port for Time Series Database to scrape metrics. // +kubebuilder:validation:Required - SidecarKind MonitorKind `json:"kind"` + // +kubebuilder:validation:XIntOrString + ScrapePort intstr.IntOrString `json:"scrapePort"` - // Defines the scrape configuration for the prometheus. - // + // scrapePath is exporter url path for Time Series Database to scrape metrics. + // +kubebuilder:validation:MaxLength=128 + // +kubebuilder:default="/metrics" // +optional - ScrapeConfig *PrometheusScrapeConfig `json:"scrapeConfig,omitempty"` + ScrapePath string `json:"scrapePath,omitempty"` } -type SidecarContainerSource struct { - // Defines the function or purpose of the container, such as the monitor type sidecar. - // +type MonitorConfig struct { + // builtIn is a switch to enable KubeBlocks builtIn monitoring. + // If BuiltIn is set to true, monitor metrics will be scraped automatically. + // If BuiltIn is set to false, the provider should set ExporterConfig and Sidecar container own. + // +kubebuilder:default=false // +optional - Monitor *MonitorSource `json:"monitor,omitempty"` -} - -type SidecarContainerSpec struct { - corev1.Container `json:",inline"` + BuiltIn bool `json:"builtIn,omitempty"` - // Define the function or purpose of the container, such as the monitor type sidecar. - // In order to allow prometheus to scrape metrics from the sidecar container, the schema, port, and url will be injected into the annotation of the service. - // + // exporterConfig provided by provider, which specify necessary information to Time Series Database. + // exporterConfig is valid when builtIn is false. // +optional - *SidecarContainerSource `json:",inline"` -} - -type BuiltinMonitorContainerRef struct { - // Specifies the name of the built-in metrics exporter container. - // - // +kubebuilder:validation:Required - Name string `json:"name"` - - PrometheusScrapeConfig `json:",inline"` + Exporter *ExporterConfig `json:"exporterConfig,omitempty"` } // ClusterComponentDefinition defines a Component within a ClusterDefinition but is deprecated and @@ -721,22 +689,17 @@ type ClusterComponentDefinition struct { // +optional ServiceRefDeclarations []ServiceRefDeclaration `json:"serviceRefDeclarations,omitempty"` - // Defines the sidecar containers that will be attached to the component's main container. + // Defines the metrics exporter. // - // +kubebuilder:pruning:PreserveUnknownFields - // +kubebuilder:validation:MinItems= 1 - // +kubebuilder:validation:MaxItems= 32 - // +patchMergeKey=name - // +patchStrategy=merge,retainKeys - // +listType=map - // +listMapKey=name // +optional - SidecarContainerSpecs []SidecarContainerSpec `json:"sidecarContainerSpecs,omitempty"` + Exporter *Exporter `json:"exporter,omitempty"` - // Defines the built-in metrics exporter container. + // Deprecated since v0.9 + // monitor is monitoring config which provided by provider. // + // +kubebuilder:deprecatedversion:warning="This field has been deprecated since 0.10.0" // +optional - BuiltinMonitorContainer *BuiltinMonitorContainerRef `json:"builtinMonitorContainer,omitempty"` + Monitor *MonitorConfig `json:"monitor,omitempty"` } func (r *ClusterComponentDefinition) GetStatefulSetWorkload() StatefulSetWorkload { diff --git a/apis/apps/v1alpha1/component_types.go b/apis/apps/v1alpha1/component_types.go index b6725aa9d4c..ed42ad64e43 100644 --- a/apis/apps/v1alpha1/component_types.go +++ b/apis/apps/v1alpha1/component_types.go @@ -216,17 +216,14 @@ type ComponentSpec struct { // +optional RuntimeClassName *string `json:"runtimeClassName,omitempty"` - // Defines the sidecar containers that will be attached to the Component's main container. + // It supports prometheus/victoriametrics operator. // - // +kubebuilder:validation:MinItems=1 - // +kubebuilder:validation:MaxItems=32 - // +listType=set // +optional - Sidecars []string `json:"sidecars,omitempty"` + MetricsStoreIntegration *MetricsStoreIntegration `json:"metricsStoreIntegration,omitempty"` // Determines whether metrics exporter information is annotated on the Component's headless Service. // - // If set to true, the following annotations will be patched into the Service: + // If set to true, the following annotations will not be patched into the Service: // // - "monitor.kubeblocks.io/path" // - "monitor.kubeblocks.io/port" @@ -235,7 +232,7 @@ type ComponentSpec struct { // These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter. // // +optional - MonitorEnabled *bool `json:"monitorEnabled,omitempty"` + DisableExporter *bool `json:"disableExporter,omitempty"` } // ComponentStatus represents the observed state of a Component within the Cluster. diff --git a/apis/apps/v1alpha1/componentdefinition_types.go b/apis/apps/v1alpha1/componentdefinition_types.go index d2067acec9e..cceee3c3647 100644 --- a/apis/apps/v1alpha1/componentdefinition_types.go +++ b/apis/apps/v1alpha1/componentdefinition_types.go @@ -193,23 +193,17 @@ type ComponentDefinitionSpec struct { // +kubebuilder:validation:Required Runtime corev1.PodSpec `json:"runtime"` - // Defines the sidecar containers that will be attached to the component's main container. + // Deprecated since v0.9 + // monitor is monitoring config which provided by provider. // - // +kubebuilder:pruning:PreserveUnknownFields - // +kubebuilder:validation:MinItems:= 1 - // +kubebuilder:validation:MaxItems:= 32 - // +patchMergeKey=name - // +patchStrategy=merge,retainKeys - // +listType=map - // +listMapKey=name + // +kubebuilder:deprecatedversion:warning="This field has been deprecated since 0.10.0" // +optional - // +optional - SidecarContainerSpecs []SidecarContainerSpec `json:"sidecarContainerSpecs,omitempty"` + Monitor *MonitorConfig `json:"monitor,omitempty"` // Defines the built-in metrics exporter container. // // +optional - BuiltinMonitorContainer *BuiltinMonitorContainerRef `json:"builtinMonitorContainer,omitempty"` + Exporter *Exporter `json:"exporter,omitempty"` // Defines variables which are determined after Cluster instantiation and reflect // dynamic or runtime attributes of instantiated Clusters. @@ -629,6 +623,33 @@ type SystemAccount struct { SecretRef *ProvisionSecretRef `json:"secretRef,omitempty"` } +type Exporter struct { + // Specifies the name of the built-in metrics exporter container. + // + // +optional + ContainerName string `json:"containerName,omitempty"` + + // Specifies the http/https url path to scrape for metrics. + // If empty, Prometheus uses the default value (e.g. `/metrics`). + // + // +kubebuilder:validation:default="/metrics" + // +optional + ScrapePath string `json:"scrapePath,omitempty"` + + // Specifies the port name to scrape for metrics. + // + // +optional + ScrapePort string `json:"scrapePort,omitempty"` + + // Specifies the schema to use for scraping. + // `http` and `https` are the expected values unless you rewrite the `__scheme__` label via relabeling. + // If empty, Prometheus uses the default value `http`. + // + // +kubebuilder:validation:default="http" + // +optional + ScrapeScheme PrometheusScheme `json:"scrapeScheme,omitempty"` +} + // RoleArbitrator defines how to arbitrate the role of replicas. // // Deprecated since v0.9 diff --git a/apis/apps/v1alpha1/configconstraint_conversion.go b/apis/apps/v1alpha1/configconstraint_conversion.go index 2194f23c0a6..dfcf4dfaa78 100644 --- a/apis/apps/v1alpha1/configconstraint_conversion.go +++ b/apis/apps/v1alpha1/configconstraint_conversion.go @@ -19,6 +19,7 @@ package v1alpha1 import ( "errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/conversion" logf "sigs.k8s.io/controller-runtime/pkg/log" @@ -60,13 +61,12 @@ func convertToImpl(cc *ConfigConstraint, ccv1 *appsv1beta1.ConfigConstraint) err func convertToConstraintSpec(cc *ConfigConstraintSpec, ccv1 *appsv1beta1.ConfigConstraintSpec) { ccv1.MergeReloadAndRestart = cc.DynamicActionCanBeMerged ccv1.ReloadStaticParamsBeforeRestart = cc.ReloadStaticParamsBeforeRestart - ccv1.DownwardAPITriggeredActions = cc.DownwardAPIOptions + ccv1.DownwardAPIChangeTriggeredActions = cc.DownwardAPIOptions ccv1.StaticParameters = cc.StaticParameters ccv1.DynamicParameters = cc.DynamicParameters ccv1.ImmutableParameters = cc.ImmutableParameters - ccv1.ReloadedPodSelector = cc.Selector ccv1.FileFormatConfig = cc.FormatterConfig - convertDynamicReloadAction(cc.ReloadOptions, ccv1, cc.ToolsImageSpec, cc.ScriptConfigs) + convertDynamicReloadAction(cc.ReloadOptions, ccv1, cc.ToolsImageSpec, cc.ScriptConfigs, cc.Selector) convertSchema(cc.ConfigurationSchema, cc.CfgSchemaTopLevelName, ccv1) } @@ -74,14 +74,14 @@ func convertSchema(schema *CustomParametersValidation, topLevelKey string, ccv1 if schema == nil { return } - ccv1.ConfigSchema = &appsv1beta1.ConfigSchema{ + ccv1.ParametersSchema = &appsv1beta1.ParametersSchema{ TopLevelKey: topLevelKey, CUE: schema.CUE, SchemaInJSON: schema.Schema, } } -func convertDynamicReloadAction(options *ReloadOptions, ccv1 *appsv1beta1.ConfigConstraintSpec, toolsSetup *appsv1beta1.ToolsSetup, configs []appsv1beta1.ScriptConfig) { +func convertDynamicReloadAction(options *ReloadOptions, ccv1 *appsv1beta1.ConfigConstraintSpec, toolsSetup *appsv1beta1.ToolsSetup, configs []appsv1beta1.ScriptConfig, selector *metav1.LabelSelector) { if options == nil { return } @@ -90,6 +90,7 @@ func convertDynamicReloadAction(options *ReloadOptions, ccv1 *appsv1beta1.Config ShellTrigger: options.ShellTrigger, TPLScriptTrigger: options.TPLScriptTrigger, AutoTrigger: options.AutoTrigger, + TargetPodSelector: selector, } if ccv1.ReloadAction.ShellTrigger != nil { ccv1.ReloadAction.ShellTrigger.ToolsSetup = toolsSetup @@ -120,12 +121,12 @@ func convertFromConstraintSpec(ccv1 *appsv1beta1.ConfigConstraintSpec, cc *Confi cc.DynamicActionCanBeMerged = ccv1.MergeReloadAndRestart cc.ReloadStaticParamsBeforeRestart = ccv1.ReloadStaticParamsBeforeRestart cc.ToolsImageSpec = ccv1.GetToolsSetup() - cc.DownwardAPIOptions = ccv1.DownwardAPITriggeredActions + cc.DownwardAPIOptions = ccv1.DownwardAPIChangeTriggeredActions cc.ScriptConfigs = ccv1.GetScriptConfigs() cc.StaticParameters = ccv1.StaticParameters cc.DynamicParameters = ccv1.DynamicParameters cc.ImmutableParameters = ccv1.ImmutableParameters - cc.Selector = ccv1.ReloadedPodSelector + cc.Selector = ccv1.GetPodSelector() cc.FormatterConfig = ccv1.FileFormatConfig if ccv1.ReloadAction != nil { @@ -136,11 +137,11 @@ func convertFromConstraintSpec(ccv1 *appsv1beta1.ConfigConstraintSpec, cc *Confi AutoTrigger: ccv1.ReloadAction.AutoTrigger, } } - if ccv1.ConfigSchema != nil { + if ccv1.ParametersSchema != nil { cc.ConfigurationSchema = &CustomParametersValidation{ - Schema: ccv1.ConfigSchema.SchemaInJSON, - CUE: ccv1.ConfigSchema.CUE, + Schema: ccv1.ParametersSchema.SchemaInJSON, + CUE: ccv1.ParametersSchema.CUE, } - cc.CfgSchemaTopLevelName = ccv1.ConfigSchema.TopLevelKey + cc.CfgSchemaTopLevelName = ccv1.ParametersSchema.TopLevelKey } } diff --git a/apis/apps/v1alpha1/configconstraint_types.go b/apis/apps/v1alpha1/configconstraint_types.go index 038de973da0..48feb9d2287 100644 --- a/apis/apps/v1alpha1/configconstraint_types.go +++ b/apis/apps/v1alpha1/configconstraint_types.go @@ -97,7 +97,7 @@ type ConfigConstraintSpec struct { // to reflect the new role. // // +optional - DownwardAPIOptions []appsv1beta1.DownwardAPITriggeredAction `json:"downwardAPIOptions,omitempty"` + DownwardAPIOptions []appsv1beta1.DownwardAPIChangeTriggeredAction `json:"downwardAPIOptions,omitempty"` // A list of ScriptConfig Object. // diff --git a/apis/apps/v1alpha1/type.go b/apis/apps/v1alpha1/type.go index 48d84923bee..825a16281f4 100644 --- a/apis/apps/v1alpha1/type.go +++ b/apis/apps/v1alpha1/type.go @@ -20,8 +20,11 @@ package v1alpha1 import ( "errors" + vmv1beta1 "github.com/VictoriaMetrics/operator/api/victoriametrics/v1beta1" + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/manager" ) @@ -1267,15 +1270,15 @@ type MultipleClusterObjectValueFormatFlatten struct { KeyValueDelimiter string `json:"keyValueDelimiter"` } -// PrometheusProtocol defines the protocol of prometheus scrape metrics. +// PrometheusScheme defines the protocol of prometheus scrape metrics. // // +enum // +kubebuilder:validation:Enum={http,https} -type PrometheusProtocol string +type PrometheusScheme string const ( - HTTPProtocol = "http" - HTTPSProtocol = "https" + HTTPProtocol PrometheusScheme = "http" + HTTPSProtocol PrometheusScheme = "https" ) // MonitorKind defines the kind of monitor. @@ -1288,3 +1291,67 @@ const ( LogsKind = "logs" TracesKind = "traces" ) + +type ServiceMonitorTemplate struct { + // Standard k8s object's metadata. + // + // +optional + metav1.ObjectMeta `json:",inline"` + + // ServiceMonitorSpec contains specification parameters for a ServiceMonitor + // + // +optional + ServiceMonitorSpec monitoringv1.ServiceMonitorSpec `json:"serviceMonitorSpec,omitempty"` +} + +type VMMonitorTemplate struct { + // Standard k8s object's metadata. + // + // +optional + metav1.ObjectMeta `json:",inline"` + + // VMServiceScrapeSpec defines the desired state of VMServiceScrape + // + // +optional + VMServiceScrapeSpec vmv1beta1.VMServiceScrapeSpec `json:"vmServiceScrapeSpec,omitempty"` +} + +type MetricsStoreIntegration struct { + // Specifies the ServiceMonitor template used in the Component. + // + // Example usage: + // ```yaml + // name: prometheus-scrape + // namespace: default + // labels: + // k8s-app: node-exporter + // serviceMonitorTemplate: + // selector: + // matchLabels: + // app: app-exporter + // k8s-app: app-exporter + // endpoints: + // - port: metrics_port + // jobLabel: k8s-app + // ``` + // + // +optional + ServiceMonitorTemplate *ServiceMonitorTemplate `json:"serviceMonitorTemplate,omitempty"` + + // VictoriaMetrics is currently not supported yet. + // Specifies the VMServiceScrape template used in the Component. + // + // ```yaml + // name: vm-scrape + // namespace: default + // labels: + // k8s-app: node-exporter + // vmServiceScrapeSpec: + // selector: + // matchLabels: + // app: app-exporter + // ``` + // + // +optional + VMMonitorTemplate *VMMonitorTemplate `json:"vmMonitorTemplate,omitempty"` +} diff --git a/apis/apps/v1alpha1/zz_generated.deepcopy.go b/apis/apps/v1alpha1/zz_generated.deepcopy.go index 771304ce1aa..59e3ccfa99c 100644 --- a/apis/apps/v1alpha1/zz_generated.deepcopy.go +++ b/apis/apps/v1alpha1/zz_generated.deepcopy.go @@ -313,22 +313,6 @@ func (in *BackupRefSpec) DeepCopy() *BackupRefSpec { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *BuiltinMonitorContainerRef) DeepCopyInto(out *BuiltinMonitorContainerRef) { - *out = *in - out.PrometheusScrapeConfig = in.PrometheusScrapeConfig -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BuiltinMonitorContainerRef. -func (in *BuiltinMonitorContainerRef) DeepCopy() *BuiltinMonitorContainerRef { - if in == nil { - return nil - } - out := new(BuiltinMonitorContainerRef) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Cluster) DeepCopyInto(out *Cluster) { *out = *in @@ -540,18 +524,16 @@ func (in *ClusterComponentDefinition) DeepCopyInto(out *ClusterComponentDefiniti (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.SidecarContainerSpecs != nil { - in, out := &in.SidecarContainerSpecs, &out.SidecarContainerSpecs - *out = make([]SidecarContainerSpec, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.BuiltinMonitorContainer != nil { - in, out := &in.BuiltinMonitorContainer, &out.BuiltinMonitorContainer - *out = new(BuiltinMonitorContainerRef) + if in.Exporter != nil { + in, out := &in.Exporter, &out.Exporter + *out = new(Exporter) **out = **in } + if in.Monitor != nil { + in, out := &in.Monitor, &out.Monitor + *out = new(MonitorConfig) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterComponentDefinition. @@ -677,13 +659,18 @@ func (in *ClusterComponentSpec) DeepCopyInto(out *ClusterComponentSpec) { *out = make([]string, len(*in)) copy(*out, *in) } - if in.Sidecars != nil { - in, out := &in.Sidecars, &out.Sidecars - *out = make([]string, len(*in)) - copy(*out, *in) + if in.MetricsStoreIntegration != nil { + in, out := &in.MetricsStoreIntegration, &out.MetricsStoreIntegration + *out = new(MetricsStoreIntegration) + (*in).DeepCopyInto(*out) } - if in.MonitorEnabled != nil { - in, out := &in.MonitorEnabled, &out.MonitorEnabled + if in.DisableExporter != nil { + in, out := &in.DisableExporter, &out.DisableExporter + *out = new(bool) + **out = **in + } + if in.Monitor != nil { + in, out := &in.Monitor, &out.Monitor *out = new(bool) **out = **in } @@ -1610,16 +1597,14 @@ func (in *ComponentDefinitionList) DeepCopyObject() runtime.Object { func (in *ComponentDefinitionSpec) DeepCopyInto(out *ComponentDefinitionSpec) { *out = *in in.Runtime.DeepCopyInto(&out.Runtime) - if in.SidecarContainerSpecs != nil { - in, out := &in.SidecarContainerSpecs, &out.SidecarContainerSpecs - *out = make([]SidecarContainerSpec, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + if in.Monitor != nil { + in, out := &in.Monitor, &out.Monitor + *out = new(MonitorConfig) + (*in).DeepCopyInto(*out) } - if in.BuiltinMonitorContainer != nil { - in, out := &in.BuiltinMonitorContainer, &out.BuiltinMonitorContainer - *out = new(BuiltinMonitorContainerRef) + if in.Exporter != nil { + in, out := &in.Exporter, &out.Exporter + *out = new(Exporter) **out = **in } if in.Vars != nil { @@ -2032,13 +2017,13 @@ func (in *ComponentSpec) DeepCopyInto(out *ComponentSpec) { *out = new(string) **out = **in } - if in.Sidecars != nil { - in, out := &in.Sidecars, &out.Sidecars - *out = make([]string, len(*in)) - copy(*out, *in) + if in.MetricsStoreIntegration != nil { + in, out := &in.MetricsStoreIntegration, &out.MetricsStoreIntegration + *out = new(MetricsStoreIntegration) + (*in).DeepCopyInto(*out) } - if in.MonitorEnabled != nil { - in, out := &in.MonitorEnabled, &out.MonitorEnabled + if in.DisableExporter != nil { + in, out := &in.DisableExporter, &out.DisableExporter *out = new(bool) **out = **in } @@ -2444,7 +2429,7 @@ func (in *ConfigConstraintSpec) DeepCopyInto(out *ConfigConstraintSpec) { } if in.DownwardAPIOptions != nil { in, out := &in.DownwardAPIOptions, &out.DownwardAPIOptions - *out = make([]v1beta1.DownwardAPITriggeredAction, len(*in)) + *out = make([]v1beta1.DownwardAPIChangeTriggeredAction, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -3153,6 +3138,37 @@ func (in *ExecAction) DeepCopy() *ExecAction { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Exporter) DeepCopyInto(out *Exporter) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Exporter. +func (in *Exporter) DeepCopy() *Exporter { + if in == nil { + return nil + } + out := new(Exporter) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExporterConfig) DeepCopyInto(out *ExporterConfig) { + *out = *in + out.ScrapePort = in.ScrapePort +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterConfig. +func (in *ExporterConfig) DeepCopy() *ExporterConfig { + if in == nil { + return nil + } + out := new(ExporterConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Expose) DeepCopyInto(out *Expose) { *out = *in @@ -3638,21 +3654,46 @@ func (in *MatchExpressions) DeepCopy() *MatchExpressions { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MonitorSource) DeepCopyInto(out *MonitorSource) { +func (in *MetricsStoreIntegration) DeepCopyInto(out *MetricsStoreIntegration) { + *out = *in + if in.ServiceMonitorTemplate != nil { + in, out := &in.ServiceMonitorTemplate, &out.ServiceMonitorTemplate + *out = new(ServiceMonitorTemplate) + (*in).DeepCopyInto(*out) + } + if in.VMMonitorTemplate != nil { + in, out := &in.VMMonitorTemplate, &out.VMMonitorTemplate + *out = new(VMMonitorTemplate) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricsStoreIntegration. +func (in *MetricsStoreIntegration) DeepCopy() *MetricsStoreIntegration { + if in == nil { + return nil + } + out := new(MetricsStoreIntegration) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MonitorConfig) DeepCopyInto(out *MonitorConfig) { *out = *in - if in.ScrapeConfig != nil { - in, out := &in.ScrapeConfig, &out.ScrapeConfig - *out = new(PrometheusScrapeConfig) + if in.Exporter != nil { + in, out := &in.Exporter, &out.Exporter + *out = new(ExporterConfig) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorSource. -func (in *MonitorSource) DeepCopy() *MonitorSource { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitorConfig. +func (in *MonitorConfig) DeepCopy() *MonitorConfig { if in == nil { return nil } - out := new(MonitorSource) + out := new(MonitorConfig) in.DeepCopyInto(out) return out } @@ -4621,21 +4662,6 @@ func (in *ProgressStatusDetail) DeepCopy() *ProgressStatusDetail { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PrometheusScrapeConfig) DeepCopyInto(out *PrometheusScrapeConfig) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusScrapeConfig. -func (in *PrometheusScrapeConfig) DeepCopy() *PrometheusScrapeConfig { - if in == nil { - return nil - } - out := new(PrometheusScrapeConfig) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ProtectedVolume) DeepCopyInto(out *ProtectedVolume) { *out = *in @@ -5318,6 +5344,23 @@ func (in *ServiceDescriptorStatus) DeepCopy() *ServiceDescriptorStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceMonitorTemplate) DeepCopyInto(out *ServiceMonitorTemplate) { + *out = *in + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.ServiceMonitorSpec.DeepCopyInto(&out.ServiceMonitorSpec) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceMonitorTemplate. +func (in *ServiceMonitorTemplate) DeepCopy() *ServiceMonitorTemplate { + if in == nil { + return nil + } + out := new(ServiceMonitorTemplate) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ServicePort) DeepCopyInto(out *ServicePort) { *out = *in @@ -5577,47 +5620,6 @@ func (in *ShardingSpec) DeepCopy() *ShardingSpec { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SidecarContainerSource) DeepCopyInto(out *SidecarContainerSource) { - *out = *in - if in.Monitor != nil { - in, out := &in.Monitor, &out.Monitor - *out = new(MonitorSource) - (*in).DeepCopyInto(*out) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SidecarContainerSource. -func (in *SidecarContainerSource) DeepCopy() *SidecarContainerSource { - if in == nil { - return nil - } - out := new(SidecarContainerSource) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SidecarContainerSpec) DeepCopyInto(out *SidecarContainerSpec) { - *out = *in - in.Container.DeepCopyInto(&out.Container) - if in.SidecarContainerSource != nil { - in, out := &in.SidecarContainerSource, &out.SidecarContainerSource - *out = new(SidecarContainerSource) - (*in).DeepCopyInto(*out) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SidecarContainerSpec. -func (in *SidecarContainerSpec) DeepCopy() *SidecarContainerSpec { - if in == nil { - return nil - } - out := new(SidecarContainerSpec) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SpecificOpsRequest) DeepCopyInto(out *SpecificOpsRequest) { *out = *in @@ -6088,6 +6090,23 @@ func (in *UserResourceRefs) DeepCopy() *UserResourceRefs { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VMMonitorTemplate) DeepCopyInto(out *VMMonitorTemplate) { + *out = *in + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.VMServiceScrapeSpec.DeepCopyInto(&out.VMServiceScrapeSpec) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VMMonitorTemplate. +func (in *VMMonitorTemplate) DeepCopy() *VMMonitorTemplate { + if in == nil { + return nil + } + out := new(VMMonitorTemplate) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ValueFrom) DeepCopyInto(out *ValueFrom) { *out = *in diff --git a/apis/apps/v1beta1/configconstraint_types.go b/apis/apps/v1beta1/configconstraint_types.go index 9c7aedc8827..e353424a2c2 100644 --- a/apis/apps/v1beta1/configconstraint_types.go +++ b/apis/apps/v1beta1/configconstraint_types.go @@ -87,13 +87,13 @@ type ConfigConstraintSpec struct { // to reflect the new role. // // +optional - DownwardAPITriggeredActions []DownwardAPITriggeredAction `json:"downwardAPITriggeredActions,omitempty"` + DownwardAPIChangeTriggeredActions []DownwardAPIChangeTriggeredAction `json:"downwardAPIChangeTriggeredActions,omitempty"` // Defines a list of parameters including their names, default values, descriptions, // types, and constraints (permissible values or the range of valid values). // // +optional - ConfigSchema *ConfigSchema `json:"configSchema,omitempty"` + ParametersSchema *ParametersSchema `json:"parametersSchema,omitempty"` // List static parameters. // Modifications to any of these parameters require a restart of the process to take effect. @@ -116,17 +116,6 @@ type ConfigConstraintSpec struct { // +optional ImmutableParameters []string `json:"immutableParameters,omitempty"` - // Used to match labels on the pod to determine whether a dynamic reload should be performed. - // - // In some scenarios, only specific pods (e.g., primary replicas) need to undergo a dynamic reload. - // The `reloadedPodSelector` allows you to specify label selectors to target the desired pods for the reload process. - // - // If the `reloadedPodSelector` is not specified or is nil, all pods managed by the workload will be considered for the dynamic - // reload. - // - // +optional - ReloadedPodSelector *metav1.LabelSelector `json:"reloadedPodSelector,omitempty"` - // Specifies the format of the configuration file and any associated parameters that are specific to the chosen format. // Supported formats include `ini`, `xml`, `yaml`, `json`, `hcl`, `dotenv`, `properties`, and `toml`. // @@ -165,9 +154,9 @@ type ConfigConstraintStatus struct { ObservedGeneration int64 `json:"observedGeneration,omitempty"` } -// ConfigSchema Defines a list of configuration items with their names, default values, descriptions, +// ParametersSchema Defines a list of configuration items with their names, default values, descriptions, // types, and constraints. -type ConfigSchema struct { +type ParametersSchema struct { // Specifies the top-level key in the 'configSchema.cue' that organizes the validation rules for parameters. // This key must exist within the CUE script defined in 'configSchema.cue'. // @@ -219,6 +208,17 @@ type ReloadAction struct { // // +optional AutoTrigger *AutoTrigger `json:"autoTrigger,omitempty"` + + // Used to match labels on the pod to determine whether a dynamic reload should be performed. + // + // In some scenarios, only specific pods (e.g., primary replicas) need to undergo a dynamic reload. + // The `reloadedPodSelector` allows you to specify label selectors to target the desired pods for the reload process. + // + // If the `reloadedPodSelector` is not specified or is nil, all pods managed by the workload will be considered for the dynamic + // reload. + // + // +optional + TargetPodSelector *metav1.LabelSelector `json:"targetPodSelector,omitempty"` } // UnixSignalTrigger is used to trigger a reload by sending a specific Unix signal to the process. @@ -343,9 +343,9 @@ type ToolConfig struct { Command []string `json:"command,omitempty"` } -// DownwardAPITriggeredAction defines an action that triggers specific commands in response to changes in Pod labels. +// DownwardAPIChangeTriggeredAction defines an action that triggers specific commands in response to changes in Pod labels. // For example, a command might be executed when the 'role' label of the Pod is updated. -type DownwardAPITriggeredAction struct { +type DownwardAPIChangeTriggeredAction struct { // Specifies the name of the field. It must be a string of maximum length 63. // The name should match the regex pattern `^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$`. // diff --git a/apis/apps/v1beta1/meta.go b/apis/apps/v1beta1/meta.go index 3f28cc9b878..829d5568933 100644 --- a/apis/apps/v1beta1/meta.go +++ b/apis/apps/v1beta1/meta.go @@ -16,6 +16,8 @@ limitations under the License. package v1beta1 +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + func (in *ConfigConstraintSpec) NeedDynamicReloadAction() bool { if in.MergeReloadAndRestart != nil { return !*in.MergeReloadAndRestart @@ -39,7 +41,7 @@ func (in *ConfigConstraintSpec) GetToolsSetup() *ToolsSetup { func (in *ConfigConstraintSpec) GetScriptConfigs() []ScriptConfig { scriptConfigs := make([]ScriptConfig, 0) - for _, action := range in.DownwardAPITriggeredActions { + for _, action := range in.DownwardAPIChangeTriggeredActions { if action.ScriptConfig != nil { scriptConfigs = append(scriptConfigs, *action.ScriptConfig) } @@ -63,6 +65,13 @@ func (in *ConfigConstraintSpec) BatchReload() bool { *in.ReloadAction.ShellTrigger.BatchReload } +func (in *ConfigConstraintSpec) GetPodSelector() *metav1.LabelSelector { + if in.ReloadAction != nil { + return in.ReloadAction.TargetPodSelector + } + return nil +} + func (cs *ConfigConstraintStatus) ConfigConstraintTerminalPhases() bool { return cs.Phase == CCAvailablePhase } diff --git a/apis/apps/v1beta1/zz_generated.deepcopy.go b/apis/apps/v1beta1/zz_generated.deepcopy.go index 826f05ad56b..ec7ef4ab59f 100644 --- a/apis/apps/v1beta1/zz_generated.deepcopy.go +++ b/apis/apps/v1beta1/zz_generated.deepcopy.go @@ -122,16 +122,16 @@ func (in *ConfigConstraintSpec) DeepCopyInto(out *ConfigConstraintSpec) { *out = new(bool) **out = **in } - if in.DownwardAPITriggeredActions != nil { - in, out := &in.DownwardAPITriggeredActions, &out.DownwardAPITriggeredActions - *out = make([]DownwardAPITriggeredAction, len(*in)) + if in.DownwardAPIChangeTriggeredActions != nil { + in, out := &in.DownwardAPIChangeTriggeredActions, &out.DownwardAPIChangeTriggeredActions + *out = make([]DownwardAPIChangeTriggeredAction, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } - if in.ConfigSchema != nil { - in, out := &in.ConfigSchema, &out.ConfigSchema - *out = new(ConfigSchema) + if in.ParametersSchema != nil { + in, out := &in.ParametersSchema, &out.ParametersSchema + *out = new(ParametersSchema) (*in).DeepCopyInto(*out) } if in.StaticParameters != nil { @@ -149,11 +149,6 @@ func (in *ConfigConstraintSpec) DeepCopyInto(out *ConfigConstraintSpec) { *out = make([]string, len(*in)) copy(*out, *in) } - if in.ReloadedPodSelector != nil { - in, out := &in.ReloadedPodSelector, &out.ReloadedPodSelector - *out = new(v1.LabelSelector) - (*in).DeepCopyInto(*out) - } if in.FileFormatConfig != nil { in, out := &in.FileFormatConfig, &out.FileFormatConfig *out = new(FileFormatConfig) @@ -187,26 +182,7 @@ func (in *ConfigConstraintStatus) DeepCopy() *ConfigConstraintStatus { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ConfigSchema) DeepCopyInto(out *ConfigSchema) { - *out = *in - if in.SchemaInJSON != nil { - in, out := &in.SchemaInJSON, &out.SchemaInJSON - *out = (*in).DeepCopy() - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigSchema. -func (in *ConfigSchema) DeepCopy() *ConfigSchema { - if in == nil { - return nil - } - out := new(ConfigSchema) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DownwardAPITriggeredAction) DeepCopyInto(out *DownwardAPITriggeredAction) { +func (in *DownwardAPIChangeTriggeredAction) DeepCopyInto(out *DownwardAPIChangeTriggeredAction) { *out = *in if in.Items != nil { in, out := &in.Items, &out.Items @@ -227,12 +203,12 @@ func (in *DownwardAPITriggeredAction) DeepCopyInto(out *DownwardAPITriggeredActi } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DownwardAPITriggeredAction. -func (in *DownwardAPITriggeredAction) DeepCopy() *DownwardAPITriggeredAction { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DownwardAPIChangeTriggeredAction. +func (in *DownwardAPIChangeTriggeredAction) DeepCopy() *DownwardAPIChangeTriggeredAction { if in == nil { return nil } - out := new(DownwardAPITriggeredAction) + out := new(DownwardAPIChangeTriggeredAction) in.DeepCopyInto(out) return out } @@ -288,6 +264,25 @@ func (in *IniConfig) DeepCopy() *IniConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ParametersSchema) DeepCopyInto(out *ParametersSchema) { + *out = *in + if in.SchemaInJSON != nil { + in, out := &in.SchemaInJSON, &out.SchemaInJSON + *out = (*in).DeepCopy() + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ParametersSchema. +func (in *ParametersSchema) DeepCopy() *ParametersSchema { + if in == nil { + return nil + } + out := new(ParametersSchema) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ReloadAction) DeepCopyInto(out *ReloadAction) { *out = *in @@ -311,6 +306,11 @@ func (in *ReloadAction) DeepCopyInto(out *ReloadAction) { *out = new(AutoTrigger) **out = **in } + if in.TargetPodSelector != nil { + in, out := &in.TargetPodSelector, &out.TargetPodSelector + *out = new(v1.LabelSelector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReloadAction. diff --git a/cmd/manager/main.go b/cmd/manager/main.go index 24a309d87bb..019ca67cb6c 100644 --- a/cmd/manager/main.go +++ b/cmd/manager/main.go @@ -27,11 +27,13 @@ import ( "strings" "time" + vmv1beta1 "github.com/VictoriaMetrics/operator/api/victoriametrics/v1beta1" // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) // to ensure that exec-entrypoint and run can make use of them. "github.com/fsnotify/fsnotify" snapshotv1beta1 "github.com/kubernetes-csi/external-snapshotter/client/v3/apis/volumesnapshot/v1beta1" snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" "github.com/spf13/pflag" corev1 "k8s.io/api/core/v1" apiextv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" @@ -112,6 +114,8 @@ func init() { utilruntime.Must(legacy.AddToScheme(scheme)) utilruntime.Must(apiextv1.AddToScheme(scheme)) utilruntime.Must(experimentalv1alpha1.AddToScheme(scheme)) + utilruntime.Must(monitoringv1.AddToScheme(scheme)) + utilruntime.Must(vmv1beta1.AddToScheme(scheme)) // +kubebuilder:scaffold:scheme viper.SetConfigName("config") // name of config file (without extension) diff --git a/config/crd/bases/apps.kubeblocks.io_clusterdefinitions.yaml b/config/crd/bases/apps.kubeblocks.io_clusterdefinitions.yaml index 1267c63d4c2..1714dd3773f 100644 --- a/config/crd/bases/apps.kubeblocks.io_clusterdefinitions.yaml +++ b/config/crd/bases/apps.kubeblocks.io_clusterdefinitions.yaml @@ -77,33 +77,6 @@ spec: ComponentDefinition. \n Deprecated: Use ComponentDefinition instead. This type is deprecated as of version 0.8." properties: - builtinMonitorContainer: - description: Defines the built-in metrics exporter container. - properties: - metricsPath: - description: Specifies the http/https url path to scrape - for metrics. If empty, Prometheus uses the default value - (e.g. `/metrics`). - type: string - metricsPort: - description: Specifies the port name to scrape for metrics. - type: string - name: - description: Specifies the name of the built-in metrics - exporter container. - type: string - protocol: - description: Specifies the schema to use for scraping. `http` - and `https` are the expected values unless you rewrite - the `__scheme__` label via relabeling. If empty, Prometheus - uses the default value `http`. - enum: - - http - - https - type: string - required: - - name - type: object characterType: description: Defines well-known database component name, such as mongos(mongodb), proxy(redis), mariadb(mysql). @@ -582,6 +555,31 @@ spec: description: description: Description of the component definition. type: string + exporter: + description: Defines the metrics exporter. + properties: + containerName: + description: Specifies the name of the built-in metrics + exporter container. + type: string + scrapePath: + description: Specifies the http/https url path to scrape + for metrics. If empty, Prometheus uses the default value + (e.g. `/metrics`). + type: string + scrapePort: + description: Specifies the port name to scrape for metrics. + type: string + scrapeScheme: + description: Specifies the schema to use for scraping. `http` + and `https` are the expected values unless you rewrite + the `__scheme__` label via relabeling. If empty, Prometheus + uses the default value `http`. + enum: + - http + - https + type: string + type: object horizontalScalePolicy: description: Defines the behavior of horizontal scale. properties: @@ -638,6 +636,40 @@ spec: x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map + monitor: + description: Deprecated since v0.9 monitor is monitoring config + which provided by provider. + properties: + builtIn: + default: false + description: builtIn is a switch to enable KubeBlocks builtIn + monitoring. If BuiltIn is set to true, monitor metrics + will be scraped automatically. If BuiltIn is set to false, + the provider should set ExporterConfig and Sidecar container + own. + type: boolean + exporterConfig: + description: exporterConfig provided by provider, which + specify necessary information to Time Series Database. + exporterConfig is valid when builtIn is false. + properties: + scrapePath: + default: /metrics + description: scrapePath is exporter url path for Time + Series Database to scrape metrics. + maxLength: 128 + type: string + scrapePort: + anyOf: + - type: integer + - type: string + description: scrapePort is exporter port for Time Series + Database to scrape metrics. + x-kubernetes-int-or-string: true + required: + - scrapePort + type: object + type: object name: description: This name could be used as default name of `cluster.spec.componentSpecs.name`, and needs to conform with same validation rules as `cluster.spec.componentSpecs.name`, @@ -9221,1402 +9253,6 @@ spec: - serviceRefDeclarationSpecs type: object type: array - sidecarContainerSpecs: - description: Defines the sidecar containers that will be attached - to the component's main container. - items: - properties: - args: - description: 'Arguments to the entrypoint. The container - image''s CMD is used if this is not provided. Variable - references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are - reduced to a single $, which allows for escaping the - $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce - the string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - command: - description: 'Entrypoint array. Not executed within a - shell. The container image''s ENTRYPOINT is used if - this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If - a variable cannot be resolved, the reference in the - input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - env: - description: List of environment variables to set in the - container. Cannot be updated. - items: - description: EnvVar represents an environment variable - present in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults - to "".' - type: string - valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' - properties: - containerName: - description: 'Container name: required for - volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the - pod's namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must - be a C_IDENTIFIER. All invalid keys will be reported - as an event when the container is starting. When a key - exists in multiple sources, the value associated with - the last source will take precedence. Values defined - by an Env with a duplicate key will take precedence. - Cannot be updated. - items: - description: EnvFromSource represents the source of - a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must - be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to - each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the Secret must - be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config - management to default or override container images in - workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, - IfNotPresent. Defaults to Always if :latest tag is specified, - or IfNotPresent otherwise. Cannot be updated. More info: - https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should - take in response to container lifecycle events. Cannot - be updated. - properties: - postStart: - description: 'PostStart is called immediately after - a container is created. If the handler fails, the - container is terminated and restarted according - to its restart policy. Other management of the container - blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set - "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name. - This will be canonicalized upon output, - so case-variant names will be understood - as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before - a container is terminated due to an API request - or management event such as liveness/startup probe - failure, preemption, resource contention, etc. The - handler is not called if the container crashes or - exits. The Pod''s termination grace period countdown - begins before the PreStop hook is executed. Regardless - of the outcome of the handler, the container will - eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other - management of the container blocks until the hook - completes or until the termination grace period - is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set - "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name. - This will be canonicalized upon output, - so case-variant names will be understood - as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a - GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see - https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to - perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the - probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - monitor: - description: Defines the function or purpose of the container, - such as the monitor type sidecar. - properties: - kind: - description: Defines the kind of monitor, such as - metrics or logs. - enum: - - metrics - - logs - - traces - type: string - scrapeConfig: - description: Defines the scrape configuration for - the prometheus. - properties: - metricsPath: - description: Specifies the http/https url path - to scrape for metrics. If empty, Prometheus - uses the default value (e.g. `/metrics`). - type: string - metricsPort: - description: Specifies the port name to scrape - for metrics. - type: string - protocol: - description: Specifies the schema to use for scraping. - `http` and `https` are the expected values unless - you rewrite the `__scheme__` label via relabeling. - If empty, Prometheus uses the default value - `http`. - enum: - - http - - https - type: string - type: object - required: - - kind - type: object - name: - description: Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. - Not specifying a port here DOES NOT prevent that port - from being exposed. Any port which is listening on the - default "0.0.0.0" address inside a container will be - accessible from the network. Modifying this array with - strategic merge patch may corrupt the data. For more - information See https://github.com/kubernetes/kubernetes/issues/108255. - Cannot be updated. - items: - description: ContainerPort represents a network port - in a single container. - properties: - containerPort: - description: Number of port to expose on the pod's - IP address. This must be a valid port number, - 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external port - to. - type: string - hostPort: - description: Number of port to expose on the host. - If specified, this must be a valid port number, - 0 < x < 65536. If HostNetwork is specified, this - must match ContainerPort. Most containers do not - need this. - format: int32 - type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in - a pod must have a unique name. Name for the port - that can be referred to by services. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, TCP, - or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if - the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a - GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see - https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to - perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the - probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resizePolicy: - description: Resources resize policy for the container. - items: - description: ContainerResizePolicy represents resource - resize policy for the container. - properties: - resourceName: - description: 'Name of the resource to which this - resource resize policy applies. Supported values: - cpu, memory.' - type: string - restartPolicy: - description: Restart policy to apply when specified - resource is resized. If not specified, it defaults - to NotRequired. - type: string - required: - - resourceName - - restartPolicy - type: object - type: array - x-kubernetes-list-type: atomic - resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - properties: - claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used by - this container. \n This is an alpha field and requires - enabling the DynamicResourceAllocation feature gate. - \n This field is immutable. It can only be set for - containers." - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - restartPolicy: - description: 'RestartPolicy defines the restart behavior - of individual containers in a pod. This field may only - be set for init containers, and the only allowed value - is "Always". For non-init containers or when this field - is not specified, the restart behavior is defined by - the Pod''s restart policy and the container type. Setting - the RestartPolicy as "Always" for the init container - will have the following effect: this init container - will be continually restarted on exit until all regular - containers have terminated. Once all regular containers - have completed, all init containers with restartPolicy - "Always" will be shut down. This lifecycle differs from - normal init containers and is often referred to as a - "sidecar" container. Although this init container still - starts in the init container sequence, it does not wait - for the container to complete before proceeding to the - next init container. Instead, the next init container - starts immediately after this init container is started, - or after any startupProbe has successfully completed.' - type: string - securityContext: - description: 'SecurityContext defines the security options - the container should be run with. If set, the fields - of SecurityContext override the equivalent fields of - PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent - process. This bool directly controls if the no_new_privs - flag will be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as - Privileged 2) has CAP_SYS_ADMIN Note that this field - cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running - containers. Defaults to the default set of capabilities - granted by the container runtime. Note that this - field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent - to root on the host. Defaults to false. Note that - this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: procMount denotes the type of proc mount - to use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field - cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only - root filesystem. Default is false. Note that this - field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the - container process. Uses runtime default if unset. - May also be set in PodSecurityContext. If set in - both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name - is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run - as a non-root user. If true, the Kubelet will validate - the image at runtime to ensure that it does not - run as UID 0 (root) and fail to start the container - if it does. If unset or false, no such validation - will be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the - container process. Defaults to user specified in - image metadata if unspecified. May also be set in - PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be - set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to - the container. If unspecified, the container runtime - will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name - is windows. - properties: - level: - description: Level is SELinux level label that - applies to the container. - type: string - role: - description: Role is a SELinux role label that - applies to the container. - type: string - type: - description: Type is a SELinux type label that - applies to the container. - type: string - user: - description: User is a SELinux user label that - applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod - & container level, the container options override - the pod options. Note that this field cannot be - set when spec.os.name is windows. - properties: - localhostProfile: - description: localhostProfile indicates a profile - defined in a file on the node should be used. - The profile must be preconfigured on the node - to work. Must be a descending path, relative - to the kubelet's configured seccomp profile - location. Must be set if type is "Localhost". - Must NOT be set for any other type. - type: string - type: - description: "type indicates which kind of seccomp - profile will be applied. Valid options are: - \n Localhost - a profile defined in a file on - the node should be used. RuntimeDefault - the - container runtime default profile should be - used. Unconfined - no profile should be applied." - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings applied - to all containers. If unspecified, the options from - the PodSecurityContext will be used. If set in both - SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name - is linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA - admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name - of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container - should be run as a 'Host Process' container. - All of a Pod's containers must have the same - effective HostProcess value (it is not allowed - to have a mix of HostProcess containers and - non-HostProcess containers). In addition, if - HostProcess is true then HostNetwork must also - be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows to run the - entrypoint of the container process. Defaults - to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. - type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has - successfully initialized. If specified, no other probes - are executed until this completes successfully. If this - probe fails, the Pod will be restarted, just as if the - livenessProbe failed. This can be used to provide different - probe parameters at the beginning of a Pod''s lifecycle, - when it might take a long time to load data or warm - a cache, than during steady-state operation. This cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a - GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see - https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to - perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the - probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a - buffer for stdin in the container runtime. If this is - not set, reads from stdin in the container will always - result in EOF. Default is false. - type: boolean - stdinOnce: - description: Whether the container runtime should close - the stdin channel after it has been opened by a single - attach. When stdin is true the stdin stream will remain - open across multiple attach sessions. If stdinOnce is - set to true, stdin is opened on container start, is - empty until the first client attaches to stdin, and - then remains open and accepts data until the client - disconnects, at which time stdin is closed and remains - closed until the container is restarted. If this flag - is false, a container processes that reads from stdin - will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which - the container''s termination message will be written - is mounted into the container''s filesystem. Message - written is intended to be brief final status, such as - an assertion failure message. Will be truncated by the - node if greater than 4096 bytes. The total message length - across all containers will be limited to 12kb. Defaults - to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should - be populated. File will use the contents of terminationMessagePath - to populate the container status message on both success - and failure. FallbackToLogsOnError will use the last - chunk of container log output if the termination message - file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, - whichever is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a - TTY for itself, also requires 'stdin' to be true. Default - is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices - to be used by the container. - items: - description: volumeDevice describes a mapping of a raw - block device within a container. - properties: - devicePath: - description: devicePath is the path inside of the - container that the device will be mapped to. - type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume - within a container. - properties: - mountPath: - description: Path within the container at which - the volume should be mounted. Must not contain - ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts - are propagated from the host to container and - the other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to - false. - type: boolean - subPath: - description: Path within the volume from which the - container's volume should be mounted. Defaults - to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from - which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable - references $(VAR_NAME) are expanded using the - container's environment. Defaults to "" (volume's - root). SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which - might be configured in the container image. Cannot be - updated. - type: string - required: - - name - type: object - maxItems: 32 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - x-kubernetes-preserve-unknown-fields: true statefulSpec: description: Defines spec for `Stateful` workloads. properties: diff --git a/config/crd/bases/apps.kubeblocks.io_clusters.yaml b/config/crd/bases/apps.kubeblocks.io_clusters.yaml index 6918b28e994..fd9444330d6 100644 --- a/config/crd/bases/apps.kubeblocks.io_clusters.yaml +++ b/config/crd/bases/apps.kubeblocks.io_clusters.yaml @@ -445,6 +445,15 @@ spec: type: string type: object type: array + disableExporter: + description: "Determines whether metrics exporter information + is annotated on the Component's headless Service. \n If set + to true, the following annotations will not be patched into + the Service: \n - \"monitor.kubeblocks.io/path\" - \"monitor.kubeblocks.io/port\" + - \"monitor.kubeblocks.io/scheme\" \n These annotations allow + the Prometheus installed by KubeBlocks to discover and scrape + metrics from the exporter." + type: boolean enabledLogs: description: "Specifies which types of logs should be collected for the Component. The log types are defined in the `componentDefinition.spec.logConfigs` @@ -2777,3016 +2786,4936 @@ spec: required: - name type: object - monitorEnabled: - description: "Determines whether metrics exporter information - is annotated on the Component's headless Service. \n If set - to true, the following annotations will be patched into the - Service: \n - \"monitor.kubeblocks.io/path\" - \"monitor.kubeblocks.io/port\" - - \"monitor.kubeblocks.io/scheme\" \n These annotations allow - the Prometheus installed by KubeBlocks to discover and scrape - metrics from the exporter." - type: boolean - name: - description: "Specifies the Component's name. It's part of the - Service DNS name and must comply with the IANA service naming - rule. The name is optional when ClusterComponentSpec is used - as a template (e.g., in `shardingSpec`), but required otherwise. - \n TODO +kubebuilder:validation:XValidation:rule=\"self == - oldSelf\",message=\"name is immutable\"" - maxLength: 22 - pattern: ^[a-z]([a-z0-9\-]*[a-z0-9])?$ - type: string - offlineInstances: - description: "Specifies the names of instances to be transitioned - to offline status. \n Marking an instance as offline results - in the following: \n 1. The associated Pod is stopped, and - its PersistentVolumeClaim (PVC) is retained for potential - future reuse or data recovery, but it is no longer actively - used. 2. The ordinal number assigned to this instance is preserved, - ensuring it remains unique and avoiding conflicts with new - instances. \n Setting instances to offline allows for a controlled - scale-in process, preserving their data and maintaining ordinal - consistency within the Cluster. Note that offline instances - and their associated resources, such as PVCs, are not automatically - deleted. The administrator must manually manage the cleanup - and removal of these resources when they are no longer needed." - items: - type: string - type: array - replicas: - default: 1 - description: Specifies the desired number of replicas in the - Component for enhancing availability and durability, or load - balancing. - format: int32 - minimum: 0 - type: integer - resources: - description: Specifies the resources required by the Component. - It allows defining the CPU, memory requirements and limits - for the Component's containers. - properties: - claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only - be set for containers." - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - x-kubernetes-preserve-unknown-fields: true - schedulingPolicy: - description: Specifies the scheduling policy for the Component. + metricsStoreIntegration: + description: It supports prometheus/victoriametrics operator. properties: - affinity: - description: Specifies a group of affinity scheduling rules - of the Cluster, including NodeAffinity, PodAffinity, and - PodAntiAffinity. + serviceMonitorTemplate: + description: "Specifies the ServiceMonitor template used + in the Component. \n Example usage: ```yaml name: prometheus-scrape + namespace: default labels: k8s-app: node-exporter serviceMonitorTemplate: + selector: matchLabels: app: app-exporter k8s-app: app-exporter + endpoints: - port: metrics_port jobLabel: k8s-app ```" properties: - nodeAffinity: - description: Describes node affinity scheduling rules - for the pod. + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + serviceMonitorSpec: + description: ServiceMonitorSpec contains specification + parameters for a ServiceMonitor properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified by this field, but it may choose a node - that violates one or more of the expressions. - The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node - that meets all of the scheduling requirements - (resource request, requiredDuringScheduling affinity - expressions, etc.), compute a sum by iterating - through the elements of this field and adding - "weight" to the sum if the node matches the corresponding - matchExpressions; the node(s) with the highest - sum are the most preferred. + attachMetadata: + description: "`attachMetadata` defines additional + metadata which is added to the discovered targets. + \n It requires Prometheus >= v2.37.0." + properties: + node: + description: When set to true, Prometheus must + have the `get` permission on the `Nodes` objects. + type: boolean + type: object + endpoints: + description: List of endpoints part of this ServiceMonitor. items: - description: An empty preferred scheduling term - matches all objects with implicit weight 0 (i.e. - it's a no-op). A null preferred scheduling term - matches no objects (i.e. is also a no-op). + description: Endpoint defines an endpoint serving + Prometheus metrics to be scraped by Prometheus. properties: - preference: - description: A node selector term, associated - with the corresponding weight. + authorization: + description: "`authorization` configures the + Authorization header credentials to use + when scraping the target. \n Cannot be set + at the same time as `basicAuth`, or `oauth2`." properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. If - the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. If - the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array + credentials: + description: Selects a key of a Secret + in the namespace that contains the credentials + for authentication. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication + type. The value is case-insensitive. + \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" + type: string type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching - the corresponding nodeSelectorTerm, in the - range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified - by this field are not met at scheduling time, - the pod will not be scheduled onto the node. If - the affinity requirements specified by this field - cease to be met at some point during pod execution - (e.g. due to an update), the system may or may - not try to eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector - terms. The terms are ORed. - items: - description: A null or empty node selector - term matches no objects. The requirements - of them are ANDed. The TopologySelectorTerm - type implements a subset of the NodeSelectorTerm. + basicAuth: + description: "`basicAuth` configures the Basic + Authentication credentials to use when scraping + the target. \n Cannot be set at the same + time as `authorization`, or `oauth2`." properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. If - the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. If - the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array + password: + description: '`password` specifies a key + of a Secret containing the password + for authentication.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key + of a Secret containing the username + for authentication.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: "File to read bearer token for + scraping the target. \n Deprecated: use + `authorization` instead." + type: string + bearerTokenSecret: + description: "`bearerTokenSecret` specifies + a key of a Secret containing the bearer + token for scraping targets. The secret needs + to be in the same namespace as the ServiceMonitor + object and readable by the Prometheus Operator. + \n Deprecated: use `authorization` instead." + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - type: array - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules - (e.g. co-locate this pod in the same node, zone, etc. - as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified by this field, but it may choose a node - that violates one or more of the expressions. - The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node - that meets all of the scheduling requirements - (resource request, requiredDuringScheduling affinity - expressions, etc.), compute a sum by iterating - through the elements of this field and adding - "weight" to the sum if the node has pods which - matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added per-node - to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. + enableHttp2: + description: '`enableHttp2` can be used to + disable HTTP2 when scraping the target.' + type: boolean + filterRunning: + description: "When true, the pods which are + not running (e.g. either in Failed or Succeeded + state) are dropped during the target discovery. + \n If unset, the filtering is enabled. \n + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" + type: boolean + followRedirects: + description: '`followRedirects` defines whether + the scrape requests should follow HTTP 3xx + redirects.' + type: boolean + honorLabels: + description: When true, `honorLabels` preserves + the metric's labels when they collide with + the target's labels. + type: boolean + honorTimestamps: + description: '`honorTimestamps` controls whether + Prometheus preserves the timestamps when + exposed by the target.' + type: boolean + interval: + description: "Interval at which Prometheus + scrapes the metrics from the target. \n + If empty, Prometheus uses the global scrape + interval." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + metricRelabelings: + description: '`metricRelabelings` configures + the relabeling rules to apply to the samples + before ingestion.' + items: + description: "RelabelConfig allows dynamic + rewriting of the label set for targets, + alerts, scraped samples and remote write + samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based + on the regex matching. \n `Uppercase` + and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` + actions require Prometheus >= v2.41.0. + \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the + hash of the source label values. \n + Only applicable when the action is + `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against + which the extracted value is matched. + type: string + replacement: + description: "Replacement value against + which a Replace action is performed + if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string + between concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using the + configured Separator and matched against + the configured regular expression. + items: + description: LabelName is a valid + Prometheus label name which may + only contain ASCII letters, numbers, + as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting + string is written in a replacement. + \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. + \n Regex capture groups are available." + type: string + type: object + type: array + oauth2: + description: "`oauth2` configures the OAuth2 + settings to use when scraping the target. + \n It requires Prometheus >= 2.27.0. \n + Cannot be set at the same time as `authorization`, + or `basicAuth`." properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. + clientId: + description: '`clientId` specifies a key + of a Secret or ConfigMap containing + the OAuth2 client''s ID.' properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set - of namespaces that the term applies - to. The term is applied to the union - of the namespaces selected by this field - and the ones listed in the namespaces - field. null selector and null or empty - namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies + a key of a Secret containing the OAuth2 + client''s secret.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static - list of namespace names that the term - applies to. The term is applied to the - union of the namespaces listed in this - field and the ones selected by namespaceSelector. - null or empty namespaces list and null - namespaceSelector means "this pod's - namespace". + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures + the HTTP parameters to append to the + token URL.' + type: object + scopes: + description: '`scopes` defines the OAuth2 + scopes used for the token request.' items: type: string type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose - value of the label with key topologyKey - matches that of any node on which any - of the selected pods is running. Empty - topologyKey is not allowed. + tokenUrl: + description: '`tokenURL` configures the + URL to fetch the token from.' + minLength: 1 type: string required: - - topologyKey + - clientId + - clientSecret + - tokenUrl type: object - weight: - description: weight associated with matching - the corresponding podAffinityTerm, in the - range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified - by this field are not met at scheduling time, - the pod will not be scheduled onto the node. If - the affinity requirements specified by this field - cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may - or may not try to eventually evict the pod from - its node. When there are multiple elements, the - lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those - matching the labelSelector relative to the given - namespace(s)) that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object + params: + additionalProperties: + items: + type: string + type: array + description: params define optional HTTP URL + parameters. type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of - namespaces that the term applies to. The - term is applied to the union of the namespaces - selected by this field and the ones listed - in the namespaces field. null selector and - null or empty namespaces list means "this - pod's namespace". An empty selector ({}) - matches all namespaces. + path: + description: "HTTP path from which to scrape + for metrics. \n If empty, Prometheus uses + the default value (e.g. `/metrics`)." + type: string + port: + description: "Name of the Service port which + this endpoint refers to. \n It takes precedence + over `targetPort`." + type: string + proxyUrl: + description: '`proxyURL` configures the HTTP + Proxy URL (e.g. "http://proxyserver:2195") + to go through when scraping the target.' + type: string + relabelings: + description: "`relabelings` configures the + relabeling rules to apply the target's metadata + labels. \n The Operator automatically adds + relabelings for a few standard Kubernetes + fields. \n The original scrape job's name + is available via the `__tmp_prometheus_job_name` + label. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + items: + description: "RelabelConfig allows dynamic + rewriting of the label set for targets, + alerts, scraped samples and remote write + samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based + on the regex matching. \n `Uppercase` + and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` + actions require Prometheus >= v2.41.0. + \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the + hash of the source label values. \n + Only applicable when the action is + `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against + which the extracted value is matched. + type: string + replacement: + description: "Replacement value against + which a Replace action is performed + if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string + between concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using the + configured Separator and matched against + the configured regular expression. + items: + description: LabelName is a valid + Prometheus label name which may + only contain ASCII letters, numbers, + as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting + string is written in a replacement. + \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. + \n Regex capture groups are available." + type: string + type: object + type: array + scheme: + description: "HTTP scheme to use for scraping. + \n `http` and `https` are the expected values + unless you rewrite the `__scheme__` label + via relabeling. \n If empty, Prometheus + uses the default value `http`." + enum: + - http + - https + type: string + scrapeTimeout: + description: "Timeout after which Prometheus + considers the scrape to be failed. \n If + empty, Prometheus uses the global scrape + timeout unless it is less than the target's + scrape interval value in which the latter + is used." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: "Name or number of the target + port of the `Pod` object behind the Service, + the port must be specified with container + port property. \n Deprecated: use `port` + instead." + x-kubernetes-int-or-string: true + tlsConfig: + description: TLS configuration to use when + scraping the target. properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. - items: + ca: + description: Certificate authority used + when verifying server certificates. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the + Prometheus container to use for the + targets. + type: string + cert: + description: Client certificate to present + when doing client-authentication. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file + in the Prometheus container for the + targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client key file + in the Prometheus container for the + targets. + type: string + keySecret: + description: Secret containing the client + key file for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname + for the targets. + type: string type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static - list of namespace names that the term applies - to. The term is applied to the union of - the namespaces listed in this field and - the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector - means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose value - of the label with key topologyKey matches - that of any node on which any of the selected - pods is running. Empty topologyKey is not - allowed. - type: string - required: - - topologyKey + trackTimestampsStaleness: + description: "`trackTimestampsStaleness` defines + whether Prometheus tracks staleness of the + metrics that have an explicit timestamp + present in scraped data. Has no effect if + `honorTimestamps` is false. \n It requires + Prometheus >= v2.48.0." + type: boolean type: object type: array + jobLabel: + description: "`jobLabel` selects the label from + the associated Kubernetes `Service` object which + will be used as the `job` label for all metrics. + \n For example if `jobLabel` is set to `foo` and + the Kubernetes `Service` object is labeled with + `foo: bar`, then Prometheus adds the `job=\"bar\"` + label to all ingested metrics. \n If the value + of this field is empty or if the label doesn't + exist for the given Service, the `job` label of + the metrics defaults to the name of the associated + Kubernetes `Service`." + type: string + keepDroppedTargets: + description: "Per-scrape limit on the number of + targets dropped by relabeling that will be kept + in memory. 0 means no limit. \n It requires Prometheus + >= v2.47.0." + format: int64 + type: integer + labelLimit: + description: "Per-scrape limit on number of labels + that will be accepted for a sample. \n It requires + Prometheus >= v2.27.0." + format: int64 + type: integer + labelNameLengthLimit: + description: "Per-scrape limit on length of labels + name that will be accepted for a sample. \n It + requires Prometheus >= v2.27.0." + format: int64 + type: integer + labelValueLengthLimit: + description: "Per-scrape limit on length of labels + value that will be accepted for a sample. \n It + requires Prometheus >= v2.27.0." + format: int64 + type: integer + namespaceSelector: + description: Selector to select which namespaces + the Kubernetes `Endpoints` objects are discovered + from. + properties: + any: + description: Boolean describing whether all + namespaces are selected in contrast to a list + restricting them. + type: boolean + matchNames: + description: List of namespace names to select + from. + items: + type: string + type: array + type: object + podTargetLabels: + description: '`podTargetLabels` defines the labels + which are transferred from the associated Kubernetes + `Pod` object onto the ingested metrics.' + items: + type: string + type: array + sampleLimit: + description: '`sampleLimit` defines a per-scrape + limit on the number of scraped samples that will + be accepted.' + format: int64 + type: integer + selector: + description: Label selector to select the Kubernetes + `Endpoints` objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + targetLabels: + description: '`targetLabels` defines the labels + which are transferred from the associated Kubernetes + `Service` object onto the ingested metrics.' + items: + type: string + type: array + targetLimit: + description: '`targetLimit` defines a limit on the + number of scraped targets that will be accepted.' + format: int64 + type: integer + required: + - selector type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. avoid putting this pod in the same node, - zone, etc. as some other pod(s)). + type: object + vmMonitorTemplate: + description: "VictoriaMetrics is currently not supported + yet. Specifies the VMServiceScrape template used in the + Component. \n ```yaml name: vm-scrape namespace: default + labels: k8s-app: node-exporter vmServiceScrapeSpec: selector: + matchLabels: app: app-exporter ```" + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + vmServiceScrapeSpec: + description: VMServiceScrapeSpec defines the desired + state of VMServiceScrape properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the anti-affinity expressions - specified by this field, but it may choose a node - that violates one or more of the expressions. - The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node - that meets all of the scheduling requirements - (resource request, requiredDuringScheduling anti-affinity - expressions, etc.), compute a sum by iterating - through the elements of this field and adding - "weight" to the sum if the node has pods which - matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. + attach_metadata: + description: AttachMetadata configures metadata + attaching from service discovery + properties: + node: + description: 'Node instructs vmagent to add + node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice.' + type: boolean + type: object + discoveryRole: + description: 'DiscoveryRole - defines kubernetes_sd + role for objects discovery. by default, its endpoints. + can be changed to service or endpointslices. note, + that with service setting, you have to use port: + "name" and cannot use targetPort for endpoints.' + enum: + - endpoints + - service + - endpointslices + type: string + endpoints: + description: A list of endpoints allowed as part + of this ServiceScrape. items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added per-node - to find the most preferred node(s) + description: Endpoint defines a scrapeable endpoint + serving Prometheus metrics. properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. + attach_metadata: + description: AttachMetadata configures metadata + attaching from service discovery properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. + node: + description: 'Node instructs vmagent to + add node specific metadata from service + discovery Valid for roles: pod, endpoints, + endpointslice.' + type: boolean + type: object + authorization: + description: Authorization with http header + Authorization + properties: + credentials: + description: Reference to the secret with + value for authorization properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. - type: object + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set - of namespaces that the term applies - to. The term is applied to the union - of the namespaces selected by this field - and the ones listed in the namespaces - field. null selector and null or empty - namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default + to bearer + type: string + type: object + basicAuth: + description: 'BasicAuth allow an endpoint + to authenticate over basic authentication + More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: The secret in the service + scrape namespace that contains the password + for authentication. It must be at them + same namespace as CRD properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile defines path + to password file at disk + type: string + username: + description: The secret in the service + scrape namespace that contains the username + for authentication. It must be at them + same namespace as CRD + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for + scraping targets. + type: string + bearerTokenSecret: + description: Secret to mount to read bearer + token for scraping targets. The secret needs + to be in the same namespace as the service + scrape and accessible by the victoria-metrics + operator. + nullable: true + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects + for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's + labels on collisions with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether + vmagent respects the timestamps present + in scraped data. + type: boolean + interval: + description: Interval at which metrics should + be scraped + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply + to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic + rewriting of the label set, being applied + to samples before ingestion. It defines + ``-section of + configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based + on regex matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL + match expression (or list of expressions): + ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together + with Match for `action: graphite`' + type: object + match: + description: 'Match is used together + with Labels for `action: graphite`' + type: string + modulus: + description: Modulus to take of the + hash of the source label values. + format: int64 + type: integer + regex: + description: Regular expression against + which the extracted value is matched. + Default is '(.*)' victoriaMetrics + supports multiline regex joined with + | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against + which a regex replace is performed + if the regular expression matches. + Regex capture groups are available. + Default is '$1' + type: string + separator: + description: Separator placed between + concatenated source label values. + default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels + - additional form of source labels + source_labels for compatibility with + original relabel config. if set both + sourceLabels and source_labels, sourceLabels + has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using the + configured separator and matched against + the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel - + additional form of target label - + target_label for compatibility with + original relabel config. if set both + targetLabel and target_label, targetLabel + has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the resulting + value is written in a replace action. + It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the + OAuth2 client secret + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static - list of namespace names that the term - applies to. The term is applied to the - union of the namespaces listed in this - field and the ones selected by namespaceSelector. - null or empty namespaces list and null - namespaceSelector means "this pod's - namespace". + client_secret_file: + description: ClientSecretFile defines + path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the + token URL + type: object + scopes: + description: OAuth2 scopes used for the + token request items: type: string type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose - value of the label with key topologyKey - matches that of any node on which any - of the selected pods is running. Empty - topologyKey is not allowed. + token_url: + description: The URL to fetch the token + from + minLength: 1 type: string required: - - topologyKey + - client_id + - token_url type: object - weight: - description: weight associated with matching - the corresponding podAffinityTerm, in the - range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified - by this field are not met at scheduling time, - the pod will not be scheduled onto the node. If - the anti-affinity requirements specified by this - field cease to be met at some point during pod - execution (e.g. due to a pod label update), the - system may or may not try to eventually evict - the pod from its node. When there are multiple - elements, the lists of nodes corresponding to - each podAffinityTerm are intersected, i.e. all - terms must be satisfied. - items: - description: Defines a set of pods (namely those - matching the labelSelector relative to the given - namespace(s)) that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this + endpoint refers to. Mutually exclusive with + targetPort. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 + Directs scrapes to proxy through this endpoint. + type: string + relabelConfigs: + description: 'RelabelConfigs to apply to samples + before scraping. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic + rewriting of the label set, being applied + to samples before ingestion. It defines + ``-section of + configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based + on regex matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL + match expression (or list of expressions): + ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together + with Match for `action: graphite`' type: object - type: array - matchLabels: - additionalProperties: + match: + description: 'Match is used together + with Labels for `action: graphite`' type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. + modulus: + description: Modulus to take of the + hash of the source label values. + format: int64 + type: integer + regex: + description: Regular expression against + which the extracted value is matched. + Default is '(.*)' victoriaMetrics + supports multiline regex joined with + | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against + which a regex replace is performed + if the regular expression matches. + Regex capture groups are available. + Default is '$1' + type: string + separator: + description: Separator placed between + concatenated source label values. + default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels + - additional form of source labels + source_labels for compatibility with + original relabel config. if set both + sourceLabels and source_labels, sourceLabels + has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using the + configured separator and matched against + the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel - + additional form of target label - + target_label for compatibility with + original relabel config. if set both + targetLabel and target_label, targetLabel + has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the resulting + value is written in a replace action. + It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-endpoint + limit on number of scraped samples that + will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + type: string + scrape_interval: + description: ScrapeInterval is the same as + Interval and has priority over it. one of + scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape + is ended + type: string + seriesLimit: + description: SeriesLimit defines per-scrape + limit on number of unique time series a + single target can expose during all the + scrapes on the time window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: Name or number of the pod port + this endpoint refers to. Mutually exclusive + with port. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to use + when scraping the endpoint + properties: + ca: + description: Stuct containing the CA cert + to use for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the + container to use for the targets. + type: string + cert: + description: Struct containing the client + cert file for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file + in the container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client key file + in the container for the targets. + type: string + keySecret: + description: Secret containing the client + key file for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname + for the targets. + type: string type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of - namespaces that the term applies to. The - term is applied to the union of the namespaces - selected by this field and the ones listed - in the namespaces field. null selector and - null or empty namespaces list means "this - pod's namespace". An empty selector ({}) - matches all namespaces. + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics + specific scrape parametrs properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. + disable_compression: + type: boolean + disable_keep_alive: + description: disable_keepalive allows + disabling HTTP keep-alive when scraping + targets. By default, HTTP keep-alive + is enabled, so TCP connections to scrape + targets could be re-used. See https://docs.victoriametrics.com/vmagent.html#scrape_config-enhancements + type: boolean + headers: + description: 'Headers allows sending custom + headers to scrape targets must be in + of semicolon separated header with it''s + value eg: headerName: headerValue vmagent + supports since 1.79.0 version' items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static - list of namespace names that the term applies - to. The term is applied to the union of - the namespaces listed in this field and - the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector - means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose value - of the label with key topologyKey matches - that of any node on which any of the selected - pods is running. Empty topologyKey is not - allowed. - type: string - required: - - topologyKey + type: array + metric_relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + no_stale_markers: + type: boolean + proxy_client_config: + description: ProxyClientConfig configures + proxy auth settings for scraping See + feature description https://docs.victoriametrics.com/vmagent.html#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint + to authenticate over basic authentication + properties: + password: + description: The secret in the + service scrape namespace that + contains the password for authentication. + It must be at them same namespace + as CRD + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile defines + path to password file at disk + type: string + username: + description: The secret in the + service scrape namespace that + contains the username for authentication. + It must be at them same namespace + as CRD + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects + a key of a Secret. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + description: TLSConfig specifies TLSConfig + configuration parameters. + properties: + ca: + description: Stuct containing + the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to + select. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of + the secret to select + from. Must be a valid + secret key. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert + in the container to use for + the targets. + type: string + cert: + description: Struct containing + the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to + select. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of + the secret to select + from. Must be a valid + secret key. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client + cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client + key file in the container for + the targets. + type: string + keySecret: + description: Secret containing + the client key file for the + targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the + hostname for the targets. + type: string + type: object + type: object + relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object type: object type: array + jobLabel: + description: The label to use to retrieve the job + name from. + type: string + namespaceSelector: + description: Selector to select which namespaces + the Endpoints objects are discovered from. + properties: + any: + description: Boolean describing whether all + namespaces are selected in contrast to a list + restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podTargetLabels: + description: PodTargetLabels transfers labels on + the Kubernetes Pod onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit + on number of scraped samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Endpoints objects + by corresponding Service labels. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: SeriesLimit defines per-scrape limit + on number of unique time series a single target + can expose during all the scrapes on the time + window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on the + Kubernetes Service onto the target. + items: + type: string + type: array + required: + - endpoints type: object type: object - nodeName: - description: NodeName is a request to schedule this Pod - onto a specific node. If it is non-empty, the scheduler - simply schedules this Pod onto that node, assuming that - it fits resource requirements. - type: string - nodeSelector: - additionalProperties: - type: string - description: 'NodeSelector is a selector which must be true - for the Pod to fit on a node. Selector which must match - a node''s labels for the Pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - x-kubernetes-map-type: atomic - schedulerName: - description: If specified, the Pod will be dispatched by - specified scheduler. If not specified, the Pod will be - dispatched by default scheduler. - type: string - tolerations: - description: "Allows Pods to be scheduled onto nodes with - matching taints. Each toleration in the array allows the - Pod to tolerate node taints based on specified `key`, - `value`, `effect`, and `operator`. \n - The `key`, `value`, - and `effect` identify the taint that the toleration matches. - - The `operator` determines how the toleration matches - the taint. \n Pods with matching tolerations are allowed - to be scheduled on tainted nodes, typically reserved for - specific purposes." + type: object + monitor: + description: "Deprecated since v0.9 Determines whether metrics + exporter information is annotated on the Component's headless + Service. \n If set to true, the following annotations will + be patched into the Service: \n - \"monitor.kubeblocks.io/path\" + - \"monitor.kubeblocks.io/port\" - \"monitor.kubeblocks.io/scheme\" + \n These annotations allow the Prometheus installed by KubeBlocks + to discover and scrape metrics from the exporter." + type: boolean + name: + description: "Specifies the Component's name. It's part of the + Service DNS name and must comply with the IANA service naming + rule. The name is optional when ClusterComponentSpec is used + as a template (e.g., in `shardingSpec`), but required otherwise. + \n TODO +kubebuilder:validation:XValidation:rule=\"self == + oldSelf\",message=\"name is immutable\"" + maxLength: 22 + pattern: ^[a-z]([a-z0-9\-]*[a-z0-9])?$ + type: string + offlineInstances: + description: "Specifies the names of instances to be transitioned + to offline status. \n Marking an instance as offline results + in the following: \n 1. The associated Pod is stopped, and + its PersistentVolumeClaim (PVC) is retained for potential + future reuse or data recovery, but it is no longer actively + used. 2. The ordinal number assigned to this instance is preserved, + ensuring it remains unique and avoiding conflicts with new + instances. \n Setting instances to offline allows for a controlled + scale-in process, preserving their data and maintaining ordinal + consistency within the Cluster. Note that offline instances + and their associated resources, such as PVCs, are not automatically + deleted. The administrator must manually manage the cleanup + and removal of these resources when they are no longer needed." + items: + type: string + type: array + replicas: + default: 1 + description: Specifies the desired number of replicas in the + Component for enhancing availability and durability, or load + balancing. + format: int32 + minimum: 0 + type: integer + resources: + description: Specifies the resources required by the Component. + It allows defining the CPU, memory requirements and limits + for the Component's containers. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only + be set for containers." items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple - using the matching operator . + description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: - effect: - description: Effect indicates the taint effect to - match. Empty means match all taint effects. When - specified, allowed values are NoSchedule, PreferNoSchedule - and NoExecute. - type: string - key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If - the key is empty, operator must be Exists; this - combination means to match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints - of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect - NoExecute, otherwise this field is ignored) tolerates - the taint. By default, it is not set, which means - tolerate the taint forever (do not evict). Zero - and negative values will be treated as 0 (evict - immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value - should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: TopologySpreadConstraints describes how a group - of Pods ought to spread across topology domains. Scheduler - will schedule Pods in a way which abides by the constraints. - All topologySpreadConstraints are ANDed. - items: - description: TopologySpreadConstraint specifies how to - spread matching pods among the given topology. - properties: - labelSelector: - description: LabelSelector is used to find matching - pods. Pods that match this label selector are counted - to determine the number of pods in their corresponding - topology domain. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement is - a selector that contains values, a key, and - an operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If - the operator is Exists or DoesNotExist, - the values array must be empty. This array - is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: "MatchLabelKeys is a set of pod label - keys to select the pods over which spreading will - be calculated. The keys are used to lookup values - from the incoming pod labels, those key-value labels - are ANDed with labelSelector to select the group - of existing pods over which spreading will be calculated - for the incoming pod. The same key is forbidden - to exist in both MatchLabelKeys and LabelSelector. - MatchLabelKeys cannot be set when LabelSelector - isn't set. Keys that don't exist in the incoming - pod labels will be ignored. A null or empty list - means only match against labelSelector. \n This - is a beta field and requires the MatchLabelKeysInPodTopologySpread - feature gate to be enabled (enabled by default)." - items: - type: string - type: array - x-kubernetes-list-type: atomic - maxSkew: - description: 'MaxSkew describes the degree to which - pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, - it is the maximum permitted difference between the - number of matching pods in the target topology and - the global minimum. The global minimum is the minimum - number of matching pods in an eligible domain or - zero if the number of eligible domains is less than - MinDomains. For example, in a 3-zone cluster, MaxSkew - is set to 1, and pods with the same labelSelector - spread as 2/2/1: In this case, the global minimum - is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - - if MaxSkew is 1, incoming pod can only be scheduled - to zone3 to become 2/2/2; scheduling it onto zone1(zone2) - would make the ActualSkew(3-1) on zone1(zone2) violate - MaxSkew(1). - if MaxSkew is 2, incoming pod can - be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, - it is used to give higher precedence to topologies - that satisfy it. It''s a required field. Default - value is 1 and 0 is not allowed.' - format: int32 - type: integer - minDomains: - description: "MinDomains indicates a minimum number - of eligible domains. When the number of eligible - domains with matching topology keys is less than - minDomains, Pod Topology Spread treats \"global - minimum\" as 0, and then the calculation of Skew - is performed. And when the number of eligible domains - with matching topology keys equals or greater than - minDomains, this value has no effect on scheduling. - As a result, when the number of eligible domains - is less than minDomains, scheduler won't schedule - more than maxSkew Pods to those domains. If value - is nil, the constraint behaves as if MinDomains - is equal to 1. Valid values are integers greater - than 0. When value is not nil, WhenUnsatisfiable - must be DoNotSchedule. \n For example, in a 3-zone - cluster, MaxSkew is set to 2, MinDomains is set - to 5 and pods with the same labelSelector spread - as 2/2/2: | zone1 | zone2 | zone3 | | P P | P - P | P P | The number of domains is less than - 5(MinDomains), so \"global minimum\" is treated - as 0. In this situation, new pod with the same labelSelector - cannot be scheduled, because computed skew will - be 3(3 - 0) if new Pod is scheduled to any of the - three zones, it will violate MaxSkew. \n This is - a beta field and requires the MinDomainsInPodTopologySpread - feature gate to be enabled (enabled by default)." - format: int32 - type: integer - nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we - will treat Pod's nodeAffinity/nodeSelector when - calculating pod topology spread skew. Options are: - - Honor: only nodes matching nodeAffinity/nodeSelector - are included in the calculations. - Ignore: nodeAffinity/nodeSelector - are ignored. All nodes are included in the calculations. - \n If this value is nil, the behavior is equivalent - to the Honor policy. This is a beta-level feature - default enabled by the NodeInclusionPolicyInPodTopologySpread - feature flag." - type: string - nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will - treat node taints when calculating pod topology - spread skew. Options are: - Honor: nodes without - taints, along with tainted nodes for which the incoming - pod has a toleration, are included. - Ignore: node - taints are ignored. All nodes are included. \n If - this value is nil, the behavior is equivalent to - the Ignore policy. This is a beta-level feature - default enabled by the NodeInclusionPolicyInPodTopologySpread - feature flag." - type: string - topologyKey: - description: TopologyKey is the key of node labels. - Nodes that have a label with this key and identical - values are considered to be in the same topology. - We consider each as a "bucket", and - try to put balanced number of pods into each bucket. - We define a domain as a particular instance of a - topology. Also, we define an eligible domain as - a domain whose nodes meet the requirements of nodeAffinityPolicy - and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", - each Node is a domain of that topology. And, if - TopologyKey is "topology.kubernetes.io/zone", each - zone is a domain of that topology. It's a required - field. - type: string - whenUnsatisfiable: - description: 'WhenUnsatisfiable indicates how to deal - with a pod if it doesn''t satisfy the spread constraint. - - DoNotSchedule (default) tells the scheduler not - to schedule it. - ScheduleAnyway tells the scheduler - to schedule the pod in any location, but giving - higher precedence to topologies that would help - reduce the skew. A constraint is considered "Unsatisfiable" - for an incoming pod if and only if every possible - node assignment for that pod would violate "MaxSkew" - on some topology. For example, in a 3-zone cluster, - MaxSkew is set to 1, and pods with the same labelSelector - spread as 3/1/1: | zone1 | zone2 | zone3 | | P P - P | P | P | If WhenUnsatisfiable is set - to DoNotSchedule, incoming pod can only be scheduled - to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) - on zone2(zone3) satisfies MaxSkew(1). In other words, - the cluster can still be imbalanced, but scheduler - won''t make it *more* imbalanced. It''s a required - field.' + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. type: string required: - - maxSkew - - topologyKey - - whenUnsatisfiable + - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object type: object - serviceAccountName: - description: "Specifies the name of the ServiceAccount required - by the running Component. This ServiceAccount is used to grant - necessary permissions for the Component's Pods to interact - with other Kubernetes resources, such as modifying Pod labels - or sending events. \n Defaults: If not specified, KubeBlocks - automatically assigns a default ServiceAccount named \"kb-{cluster.name}\", - bound to a default role installed together with KubeBlocks. - \n Future Changes: Future versions might change the default - ServiceAccount creation strategy to one per Component, potentially - revising the naming to \"kb-{cluster.name}-{component.name}\". - \n Users can override the automatic ServiceAccount assignment - by explicitly setting the name of an existed ServiceAccount - in this field." - type: string - serviceRefs: - description: "Defines a list of ServiceRef for a Component, - enabling access to both external services and Services provided - by other Clusters. \n Types of services: \n - External services: - Not managed by KubeBlocks or managed by a different KubeBlocks - operator; Require a ServiceDescriptor for connection details. - - Services provided by a Cluster: Managed by the same KubeBlocks - operator; identified using Cluster, Component and Service - names. \n ServiceRefs with identical `serviceRef.name` in - the same Cluster are considered the same. \n Example: ```yaml - serviceRefs: - name: \"redis-sentinel\" serviceDescriptor: - name: \"external-redis-sentinel\" - name: \"postgres-cluster\" - clusterServiceSelector: cluster: \"my-postgres-cluster\" service: - component: \"postgresql\" ``` The example above includes ServiceRefs - to an external Redis Sentinel service and a PostgreSQL Cluster." - items: - properties: - cluster: - description: "Specifies the name of the KubeBlocks Cluster - being referenced. This is used when services from another - KubeBlocks Cluster are consumed. \n By default, the - referenced KubeBlocks Cluster's `clusterDefinition.spec.connectionCredential` - will be utilized to bind to the current Component. This - credential should include: `endpoint`, `port`, `username`, - and `password`. \n Note: \n - The `ServiceKind` and - `ServiceVersion` specified in the service reference - within the ClusterDefinition are not validated when - using this approach. - If both `cluster` and `serviceDescriptor` - are present, `cluster` will take precedence. \n Deprecated - since v0.9 since `clusterDefinition.spec.connectionCredential` - is deprecated, use `clusterServiceSelector` instead. - This field is maintained for backward compatibility - and its use is discouraged. Existing usage should be - updated to the current preferred approach to avoid compatibility - issues in future releases." - type: string - clusterServiceSelector: - description: References a service provided by another - KubeBlocks Cluster. It specifies the ClusterService - and the account credentials needed for access. - properties: - cluster: - description: The name of the Cluster being referenced. - type: string - credential: - description: Specifies the SystemAccount to authenticate - and establish a connection with the referenced Cluster. - The SystemAccount should be defined in `componentDefinition.spec.systemAccounts` - of the Component providing the service in the referenced - Cluster. - properties: - component: - description: The name of the Component where the - credential resides in. - type: string - name: - description: The name of the credential (SystemAccount) - to reference. - type: string - required: - - component - - name - type: object - service: - description: Identifies a ClusterService from the - list of Services defined in `cluster.spec.services` - of the referenced Cluster. - properties: - component: - description: "The name of the Component where - the Service resides in. \n It is required when - referencing a Component's Service." - type: string - port: - description: "The port name of the Service to - be referenced. \n If there is a non-zero node-port - exist for the matched Service port, the node-port - will be selected first. \n If the referenced - Service is of pod-service type (a Service per - Pod), there will be multiple Service objects - matched, and the resolved value will be presented - in the following format: service1.name:port1,service2.name:port2..." - type: string - service: - description: "The name of the Service to be referenced. - \n Leave it empty to reference the default Service. - Set it to \"headless\" to reference the default - headless Service. \n If the referenced Service - is of pod-service type (a Service per Pod), - there will be multiple Service objects matched, - and the resolved value will be presented in - the following format: service1.name,service2.name..." - type: string - required: - - service - type: object - required: - - cluster - type: object - name: - description: "Specifies the identifier of the service - reference declaration. It corresponds to the serviceRefDeclaration - name defined in either: \n - `componentDefinition.spec.serviceRefDeclarations[*].name` - - `clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name` - (deprecated)" - type: string - namespace: - description: Specifies the namespace of the referenced - Cluster or the namespace of the referenced ServiceDescriptor - object. If not provided, the referenced Cluster and - ServiceDescriptor will be searched in the namespace - of the current Cluster by default. - type: string - serviceDescriptor: - description: "Specifies the name of the ServiceDescriptor - object that describes a service provided by external - sources. \n When referencing a service provided by external - sources, a ServiceDescriptor object is required to establish - the service binding. The `serviceDescriptor.spec.serviceKind` - and `serviceDescriptor.spec.serviceVersion` should match - the serviceKind and serviceVersion declared in the definition. - \n If both `cluster` and `serviceDescriptor` are specified, - the `cluster` takes precedence." - type: string - required: - - name - type: object - type: array - serviceVersion: - description: ServiceVersion specifies the version of the Service - expected to be provisioned by this Component. The version - should follow the syntax and semantics of the "Semantic Versioning" - specification (http://semver.org/). If no version is specified, - the latest available version will be used. - maxLength: 32 - type: string - services: - description: Overrides services defined in referenced ComponentDefinition - and expose endpoints that can be accessed by clients. - items: - properties: - annotations: - additionalProperties: - type: string - description: 'If ServiceType is LoadBalancer, cloud provider - related parameters can be put here. More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer.' - type: object - name: - description: References the ComponentService name defined - in the `componentDefinition.spec.services[*].name`. - maxLength: 25 - type: string - podService: - description: Indicates whether to generate individual - Services for each Pod. If set to true, a separate Service - will be created for each Pod in the Cluster. - type: boolean - serviceType: - default: ClusterIP - description: "Determines how the Service is exposed. Valid - options are `ClusterIP`, `NodePort`, and `LoadBalancer`. - \n - `ClusterIP` allocates a Cluster-internal IP address - for load-balancing to endpoints. Endpoints are determined - by the selector or if that is not specified, they are - determined by manual construction of an Endpoints object - or EndpointSlice objects. - `NodePort` builds on ClusterIP - and allocates a port on every node which routes to the - same endpoints as the ClusterIP. - `LoadBalancer` builds - on NodePort and creates an external load-balancer (if - supported in the current cloud) which routes to the - same endpoints as the ClusterIP. \n Note: although K8s - Service type allows the 'ExternalName' type, it is not - a valid option for ClusterComponentService. \n For more - info, see: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types." - enum: - - ClusterIP - - NodePort - - LoadBalancer - type: string - x-kubernetes-preserve-unknown-fields: true - required: - - name - type: object - type: array - sidecars: - description: Defines the sidecar containers that will be attached - to the Component's main container. - items: - type: string - maxItems: 32 - minItems: 1 - type: array - x-kubernetes-list-type: set - switchPolicy: - description: "Defines the strategy for switchover and failover - when workloadType is Replication. \n Deprecated since v0.9. - This field is maintained for backward compatibility and its - use is discouraged. Existing usage should be updated to the - current preferred approach to avoid compatibility issues in - future releases." + x-kubernetes-preserve-unknown-fields: true + schedulingPolicy: + description: Specifies the scheduling policy for the Component. properties: - type: - default: Noop - description: Type specifies the type of switch policy to - be applied. - enum: - - Noop - type: string - type: object - tls: - description: A boolean flag that indicates whether the Component - should use Transport Layer Security (TLS) for secure communication. - When set to true, the Component will be configured to use - TLS encryption for its network connections. This ensures that - the data transmitted between the Component and its clients - or other Components is encrypted and protected from unauthorized - access. If TLS is enabled, the Component may require additional - configuration, such as specifying TLS certificates and keys, - to properly set up the secure communication channel. - type: boolean - tolerations: - description: "Allows Pods to be scheduled onto nodes with matching - taints. Each toleration in the array allows the Pod to tolerate - node taints based on specified `key`, `value`, `effect`, and - `operator`. \n - The `key`, `value`, and `effect` identify - the taint that the toleration matches. - The `operator` determines - how the toleration matches the taint. \n Pods with matching - tolerations are allowed to be scheduled on tainted nodes, - typically reserved for specific purposes. \n Deprecated since - v0.10, replaced by the `schedulingPolicy` field." - items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . - properties: - effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. - type: string - key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - x-kubernetes-preserve-unknown-fields: true - updateStrategy: - description: "Defines the update strategy for the Component. - \n Deprecated since v0.9. This field is maintained for backward - compatibility and its use is discouraged. Existing usage should - be updated to the current preferred approach to avoid compatibility - issues in future releases." - enum: - - Serial - - BestEffortParallel - - Parallel - type: string - userResourceRefs: - description: "Allows users to specify custom ConfigMaps and - Secrets to be mounted as volumes in the Cluster's Pods. This - is useful in scenarios where users need to provide additional - resources to the Cluster, such as: \n - Mounting custom scripts - or configuration files during Cluster startup. - Mounting - Secrets as volumes to provide sensitive information, like - S3 AK/SK, to the Cluster." - properties: - configMapRefs: - description: ConfigMapRefs defines the user-defined ConfigMaps. - items: - description: ConfigMapRef defines a reference to a ConfigMap. - properties: - asVolumeFrom: - description: AsVolumeFrom lists the names of containers - in which the volume should be mounted. - items: - type: string - type: array - x-kubernetes-list-type: set - configMap: - description: ConfigMap specifies the ConfigMap to - be mounted as a volume. - properties: - defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: optional specify whether the ConfigMap - or its keys must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - mountPoint: - description: MountPoint is the filesystem path where - the volume will be mounted. - maxLength: 256 - pattern: ^/[a-z]([a-z0-9\-]*[a-z0-9])?$ - type: string - name: - description: Name is the name of the referenced ConfigMap - or Secret object. It must conform to DNS label standards. - maxLength: 63 - pattern: ^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$ - type: string - subPath: - description: SubPath specifies a path within the volume - from which to mount. - type: string - required: - - configMap - - mountPoint - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - secretRefs: - description: SecretRefs defines the user-defined Secrets. - items: - description: SecretRef defines a reference to a Secret. - properties: - asVolumeFrom: - description: AsVolumeFrom lists the names of containers - in which the volume should be mounted. - items: - type: string - type: array - x-kubernetes-list-type: set - mountPoint: - description: MountPoint is the filesystem path where - the volume will be mounted. - maxLength: 256 - pattern: ^/[a-z]([a-z0-9\-]*[a-z0-9])?$ - type: string - name: - description: Name is the name of the referenced ConfigMap - or Secret object. It must conform to DNS label standards. - maxLength: 63 - pattern: ^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$ - type: string - secret: - description: Secret specifies the Secret to be mounted - as a volume. - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer + affinity: + description: Specifies a group of affinity scheduling rules + of the Cluster, including NodeAffinity, PodAffinity, and + PodAntiAffinity. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. + The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node + that meets all of the scheduling requirements + (resource request, requiredDuringScheduling affinity + expressions, etc.), compute a sum by iterating + through the elements of this field and adding + "weight" to the sum if the node matches the corresponding + matchExpressions; the node(s) with the highest + sum are the most preferred. items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. - type: string - required: - - key - - path - type: object - type: array - optional: - description: optional field specify whether the - Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - subPath: - description: SubPath specifies a path within the volume - from which to mount. - type: string - required: - - mountPoint - - name - - secret - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - volumeClaimTemplates: - description: Specifies a list of PersistentVolumeClaim templates - that represent the storage requirements for the Component. - Each template specifies the desired characteristics of a persistent - volume, such as storage class, size, and access modes. These - templates are used to dynamically provision persistent volumes - for the Component. - items: - properties: - name: - description: "Refers to the name of a volumeMount defined - in either: \n - `componentDefinition.spec.runtime.containers[*].volumeMounts` - - `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` - (deprecated) \n The value of `name` must match the `name` - field of a volumeMount specified in the corresponding - `volumeMounts` array." - type: string - spec: - description: "Defines the desired characteristics of a - PersistentVolumeClaim that will be created for the volume - with the mount name specified in the `name` field. \n - When a Pod is created for this ClusterComponent, a new - PVC will be created based on the specification defined - in the `spec` field. The PVC will be associated with - the volume mount specified by the `name` field." - properties: - accessModes: - description: 'Contains the desired access modes the - volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1.' - items: - type: string - type: array - x-kubernetes-preserve-unknown-fields: true - resources: - description: 'Represents the minimum resources the - volume should have. If the RecoverVolumeExpansionFailure - feature is enabled, users are allowed to specify - resource requirements that are lower than the previous - value but must still be higher than the capacity - recorded in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources.' - properties: - claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It - can only be set for containers." - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of - one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes - that resource available inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. Requests cannot - exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - x-kubernetes-preserve-unknown-fields: true - storageClassName: - description: 'The name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1.' - type: string - volumeMode: - description: Defines what type of volume is required - by the claim, either Block or Filesystem. - type: string - type: object - required: - - name - type: object - type: array - required: - - replicas - type: object - maxItems: 128 - minItems: 1 - type: array - x-kubernetes-validations: - - message: duplicated component - rule: self.all(x, size(self.filter(c, c.name == x.name)) == 1) - - message: two kinds of definition API can not be used simultaneously - rule: self.all(x, size(self.filter(c, has(c.componentDef))) == 0) - || self.all(x, size(self.filter(c, has(c.componentDef))) == size(self)) - network: - description: "The configuration of network. \n Deprecated since v0.9. - This field is maintained for backward compatibility and its use - is discouraged. Existing usage should be updated to the current - preferred approach to avoid compatibility issues in future releases." - properties: - hostNetworkAccessible: - default: false - description: Indicates whether the host network can be accessed. - By default, this is set to false. - type: boolean - publiclyAccessible: - default: false - description: Indicates whether the network is accessible to the - public. By default, this is set to false. - type: boolean - type: object - replicas: - description: "Specifies the replicas of the first componentSpec, if - the replicas of the first componentSpec is specified, this value - will be ignored. \n Deprecated since v0.9. This field is maintained - for backward compatibility and its use is discouraged. Existing - usage should be updated to the current preferred approach to avoid - compatibility issues in future releases." - format: int32 - type: integer - resources: - description: "Specifies the resources of the first componentSpec, - if the resources of the first componentSpec is specified, this value - will be ignored. \n Deprecated since v0.9. This field is maintained - for backward compatibility and its use is discouraged. Existing - usage should be updated to the current preferred approach to avoid - compatibility issues in future releases." - properties: - cpu: - anyOf: - - type: integer - - type: string - description: 'Specifies the amount of CPU resource the Cluster - needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - memory: - anyOf: - - type: integer - - type: string - description: 'Specifies the amount of memory resource the Cluster - needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: Specifies runtimeClassName for all Pods managed by this - Cluster. - type: string - schedulingPolicy: - description: Specifies the scheduling policy for the Cluster. - properties: - affinity: - description: Specifies a group of affinity scheduling rules of - the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for - the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects - (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated with - the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. + matchExpressions: + description: A list of node selector requirements + by node's labels. items: - type: string + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. If + the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. If + the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, + the pod will not be scheduled onto the node. If + the affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to an update), the system may or may + not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. + description: A null or empty node selector + term matches no objects. The requirements + of them are ANDed. The TopologySelectorTerm + type implements a subset of the NodeSelectorTerm. properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. + matchExpressions: + description: A list of node selector requirements + by node's labels. items: - type: string + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. If + the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. If + the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator type: object + x-kubernetes-map-type: atomic type: array + required: + - nodeSelectorTerms type: object x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the - corresponding nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from - its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term - matches no objects. The requirements of them are - ANDed. The TopologySelectorTerm type implements - a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. + podAffinity: + description: Describes pod affinity scheduling rules + (e.g. co-locate this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. + The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node + that meets all of the scheduling requirements + (resource request, requiredDuringScheduling affinity + expressions, etc.), compute a sum by iterating + through the elements of this field and adding + "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched + WeightedPodAffinityTerm fields are added per-node + to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. + labelSelector: + description: A label query over a set + of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a + list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a + set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values + array must be non-empty. If + the operator is Exists or + DoesNotExist, the values array + must be empty. This array + is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies + to. The term is applied to the union + of the namespaces selected by this field + and the ones listed in the namespaces + field. null selector and null or empty + namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a + list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a + set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values + array must be non-empty. If + the operator is Exists or + DoesNotExist, the values array + must be empty. This array + is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's + namespace". items: type: string type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array required: - - key - - operator + - topologyKey type: object - type: array - type: object - x-kubernetes-map-type: atomic - type: array - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest sum are - the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, + the pod will not be scheduled onto the node. If + the affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by - this field and the ones listed in the namespaces - field. null selector and null or empty namespaces - list means "this pod's namespace". An empty - selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. type: string - type: array - required: - - key - - operator + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. - The term is applied to the union of the namespaces - listed in this field and the ones selected - by namespaceSelector. null or empty namespaces - list and null namespaceSelector means "this - pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the - pods matching the labelSelector in the specified - namespaces, where co-located is defined as - running on a node whose value of the label - with key topologyKey matches that of any node - on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the - corresponding podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to a pod label update), - the system may or may not try to eventually evict the - pod from its node. When there are multiple elements, - the lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not - co-located (anti-affinity) with, where co-located - is defined as running on a node whose value of the - label with key matches that of any node - on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of + namespaces that the term applies to. The + term is applied to the union of the namespaces + selected by this field and the ones listed + in the namespaces field. null selector and + null or empty namespaces list means "this + pod's namespace". An empty selector ({}) + matches all namespaces. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. items: - type: string + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term applies + to. The term is applied to the union of + the namespaces listed in this field and + the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose value + of the label with key topologyKey matches + that of any node on which any of the selected + pods is running. Empty topologyKey is not + allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string + required: + - topologyKey + type: object type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, etc. - as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the anti-affinity expressions - specified by this field, but it may choose a node that - violates one or more of the expressions. The node that - is most preferred is the one with the greatest sum of - weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - anti-affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest sum are - the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) + podAntiAffinity: + description: Describes pod anti-affinity scheduling + rules (e.g. avoid putting this pod in the same node, + zone, etc. as some other pod(s)). properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. + The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node + that meets all of the scheduling requirements + (resource request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating + through the elements of this field and adding + "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched + WeightedPodAffinityTerm fields are added per-node + to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set + of resources, in this case pods. properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. + matchExpressions: + description: matchExpressions is a + list of label selector requirements. + The requirements are ANDed. items: - type: string + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a + set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values + array must be non-empty. If + the operator is Exists or + DoesNotExist, the values array + must be empty. This array + is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by - this field and the ones listed in the namespaces - field. null selector and null or empty namespaces - list means "this pod's namespace". An empty - selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies + to. The term is applied to the union + of the namespaces selected by this field + and the ones listed in the namespaces + field. null selector and null or empty + namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. + matchExpressions: + description: matchExpressions is a + list of label selector requirements. + The requirements are ANDed. items: - type: string + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a + set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values + array must be non-empty. If + the operator is Exists or + DoesNotExist, the values array + must be empty. This array + is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's + namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. - The term is applied to the union of the namespaces - listed in this field and the ones selected - by namespaceSelector. null or empty namespaces - list and null namespaceSelector means "this - pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the - pods matching the labelSelector in the specified - namespaces, where co-located is defined as - running on a node whose value of the label - with key topologyKey matches that of any node - on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the - corresponding podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified - by this field are not met at scheduling time, the pod - will not be scheduled onto the node. If the anti-affinity - requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod - label update), the system may or may not try to eventually - evict the pod from its node. When there are multiple - elements, the lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not - co-located (anti-affinity) with, where co-located - is defined as running on a node whose value of the - label with key matches that of any node - on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array required: - - key - - operator + - topologyKey type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, + the pod will not be scheduled onto the node. If + the anti-affinity requirements specified by this + field cease to be met at some point during pod + execution (e.g. due to a pod label update), the + system may or may not try to eventually evict + the pod from its node. When there are multiple + elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all + terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. items: - type: string + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - nodeName: - description: NodeName is a request to schedule this Pod onto a - specific node. If it is non-empty, the scheduler simply schedules - this Pod onto that node, assuming that it fits resource requirements. - type: string - nodeSelector: - additionalProperties: - type: string - description: 'NodeSelector is a selector which must be true for - the Pod to fit on a node. Selector which must match a node''s - labels for the Pod to be scheduled on that node. More info: - https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - x-kubernetes-map-type: atomic - schedulerName: - description: If specified, the Pod will be dispatched by specified - scheduler. If not specified, the Pod will be dispatched by default - scheduler. - type: string - tolerations: - description: "Allows Pods to be scheduled onto nodes with matching - taints. Each toleration in the array allows the Pod to tolerate - node taints based on specified `key`, `value`, `effect`, and - `operator`. \n - The `key`, `value`, and `effect` identify the - taint that the toleration matches. - The `operator` determines - how the toleration matches the taint. \n Pods with matching - tolerations are allowed to be scheduled on tainted nodes, typically - reserved for specific purposes." - items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . - properties: - effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: TopologySpreadConstraints describes how a group of - Pods ought to spread across topology domains. Scheduler will - schedule Pods in a way which abides by the constraints. All - topologySpreadConstraints are ANDed. - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - properties: - labelSelector: - description: LabelSelector is used to find matching pods. - Pods that match this label selector are counted to determine - the number of pods in their corresponding topology domain. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of + namespaces that the term applies to. The + term is applied to the union of the namespaces + selected by this field and the ones listed + in the namespaces field. null selector and + null or empty namespaces list means "this + pod's namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term applies + to. The term is applied to the union of + the namespaces listed in this field and + the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose value + of the label with key topologyKey matches + that of any node on which any of the selected + pods is running. Empty topologyKey is not + allowed. + type: string + required: + - topologyKey + type: object + type: array type: object type: object + nodeName: + description: NodeName is a request to schedule this Pod + onto a specific node. If it is non-empty, the scheduler + simply schedules this Pod onto that node, assuming that + it fits resource requirements. + type: string + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must be true + for the Pod to fit on a node. Selector which must match + a node''s labels for the Pod to be scheduled on that node. + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object x-kubernetes-map-type: atomic - matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys - to select the pods over which spreading will be calculated. - The keys are used to lookup values from the incoming pod - labels, those key-value labels are ANDed with labelSelector - to select the group of existing pods over which spreading - will be calculated for the incoming pod. The same key - is forbidden to exist in both MatchLabelKeys and LabelSelector. - MatchLabelKeys cannot be set when LabelSelector isn't - set. Keys that don't exist in the incoming pod labels - will be ignored. A null or empty list means only match - against labelSelector. \n This is a beta field and requires - the MatchLabelKeysInPodTopologySpread feature gate to - be enabled (enabled by default)." + schedulerName: + description: If specified, the Pod will be dispatched by + specified scheduler. If not specified, the Pod will be + dispatched by default scheduler. + type: string + tolerations: + description: "Allows Pods to be scheduled onto nodes with + matching taints. Each toleration in the array allows the + Pod to tolerate node taints based on specified `key`, + `value`, `effect`, and `operator`. \n - The `key`, `value`, + and `effect` identify the taint that the toleration matches. + - The `operator` determines how the toleration matches + the taint. \n Pods with matching tolerations are allowed + to be scheduled on tainted nodes, typically reserved for + specific purposes." items: - type: string - type: array - x-kubernetes-list-type: atomic - maxSkew: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple + using the matching operator . + properties: + effect: + description: Effect indicates the taint effect to + match. Empty means match all taint effects. When + specified, allowed values are NoSchedule, PreferNoSchedule + and NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If + the key is empty, operator must be Exists; this + combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints + of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect + NoExecute, otherwise this field is ignored) tolerates + the taint. By default, it is not set, which means + tolerate the taint forever (do not evict). Zero + and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value + should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraints describes how a group + of Pods ought to spread across topology domains. Scheduler + will schedule Pods in a way which abides by the constraints. + All topologySpreadConstraints are ANDed. + items: + description: TopologySpreadConstraint specifies how to + spread matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching + pods. Pods that match this label selector are counted + to determine the number of pods in their corresponding + topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label + keys to select the pods over which spreading will + be calculated. The keys are used to lookup values + from the incoming pod labels, those key-value labels + are ANDed with labelSelector to select the group + of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden + to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector + isn't set. Keys that don't exist in the incoming + pod labels will be ignored. A null or empty list + means only match against labelSelector. \n This + is a beta field and requires the MatchLabelKeysInPodTopologySpread + feature gate to be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which + pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the + number of matching pods in the target topology and + the global minimum. The global minimum is the minimum + number of matching pods in an eligible domain or + zero if the number of eligible domains is less than + MinDomains. For example, in a 3-zone cluster, MaxSkew + is set to 1, and pods with the same labelSelector + spread as 2/2/1: In this case, the global minimum + is 1. | zone1 | zone2 | zone3 | | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled + to zone3 to become 2/2/2; scheduling it onto zone1(zone2) + would make the ActualSkew(3-1) on zone1(zone2) violate + MaxSkew(1). - if MaxSkew is 2, incoming pod can + be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies + that satisfy it. It''s a required field. Default + value is 1 and 0 is not allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number + of eligible domains. When the number of eligible + domains with matching topology keys is less than + minDomains, Pod Topology Spread treats \"global + minimum\" as 0, and then the calculation of Skew + is performed. And when the number of eligible domains + with matching topology keys equals or greater than + minDomains, this value has no effect on scheduling. + As a result, when the number of eligible domains + is less than minDomains, scheduler won't schedule + more than maxSkew Pods to those domains. If value + is nil, the constraint behaves as if MinDomains + is equal to 1. Valid values are integers greater + than 0. When value is not nil, WhenUnsatisfiable + must be DoNotSchedule. \n For example, in a 3-zone + cluster, MaxSkew is set to 2, MinDomains is set + to 5 and pods with the same labelSelector spread + as 2/2/2: | zone1 | zone2 | zone3 | | P P | P + P | P P | The number of domains is less than + 5(MinDomains), so \"global minimum\" is treated + as 0. In this situation, new pod with the same labelSelector + cannot be scheduled, because computed skew will + be 3(3 - 0) if new Pod is scheduled to any of the + three zones, it will violate MaxSkew. \n This is + a beta field and requires the MinDomainsInPodTopologySpread + feature gate to be enabled (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we + will treat Pod's nodeAffinity/nodeSelector when + calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector + are included in the calculations. - Ignore: nodeAffinity/nodeSelector + are ignored. All nodes are included in the calculations. + \n If this value is nil, the behavior is equivalent + to the Honor policy. This is a beta-level feature + default enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will + treat node taints when calculating pod topology + spread skew. Options are: - Honor: nodes without + taints, along with tainted nodes for which the incoming + pod has a toleration, are included. - Ignore: node + taints are ignored. All nodes are included. \n If + this value is nil, the behavior is equivalent to + the Ignore policy. This is a beta-level feature + default enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. + Nodes that have a label with this key and identical + values are considered to be in the same topology. + We consider each as a "bucket", and + try to put balanced number of pods into each bucket. + We define a domain as a particular instance of a + topology. Also, we define an eligible domain as + a domain whose nodes meet the requirements of nodeAffinityPolicy + and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", + each Node is a domain of that topology. And, if + TopologyKey is "topology.kubernetes.io/zone", each + zone is a domain of that topology. It's a required + field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal + with a pod if it doesn''t satisfy the spread constraint. + - DoNotSchedule (default) tells the scheduler not + to schedule it. - ScheduleAnyway tells the scheduler + to schedule the pod in any location, but giving + higher precedence to topologies that would help + reduce the skew. A constraint is considered "Unsatisfiable" + for an incoming pod if and only if every possible + node assignment for that pod would violate "MaxSkew" + on some topology. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 3/1/1: | zone1 | zone2 | zone3 | | P P + P | P | P | If WhenUnsatisfiable is set + to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) + on zone2(zone3) satisfies MaxSkew(1). In other words, + the cluster can still be imbalanced, but scheduler + won''t make it *more* imbalanced. It''s a required + field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + type: object + serviceAccountName: + description: "Specifies the name of the ServiceAccount required + by the running Component. This ServiceAccount is used to grant + necessary permissions for the Component's Pods to interact + with other Kubernetes resources, such as modifying Pod labels + or sending events. \n Defaults: If not specified, KubeBlocks + automatically assigns a default ServiceAccount named \"kb-{cluster.name}\", + bound to a default role installed together with KubeBlocks. + \n Future Changes: Future versions might change the default + ServiceAccount creation strategy to one per Component, potentially + revising the naming to \"kb-{cluster.name}-{component.name}\". + \n Users can override the automatic ServiceAccount assignment + by explicitly setting the name of an existed ServiceAccount + in this field." + type: string + serviceRefs: + description: "Defines a list of ServiceRef for a Component, + enabling access to both external services and Services provided + by other Clusters. \n Types of services: \n - External services: + Not managed by KubeBlocks or managed by a different KubeBlocks + operator; Require a ServiceDescriptor for connection details. + - Services provided by a Cluster: Managed by the same KubeBlocks + operator; identified using Cluster, Component and Service + names. \n ServiceRefs with identical `serviceRef.name` in + the same Cluster are considered the same. \n Example: ```yaml + serviceRefs: - name: \"redis-sentinel\" serviceDescriptor: + name: \"external-redis-sentinel\" - name: \"postgres-cluster\" + clusterServiceSelector: cluster: \"my-postgres-cluster\" service: + component: \"postgresql\" ``` The example above includes ServiceRefs + to an external Redis Sentinel service and a PostgreSQL Cluster." + items: + properties: + cluster: + description: "Specifies the name of the KubeBlocks Cluster + being referenced. This is used when services from another + KubeBlocks Cluster are consumed. \n By default, the + referenced KubeBlocks Cluster's `clusterDefinition.spec.connectionCredential` + will be utilized to bind to the current Component. This + credential should include: `endpoint`, `port`, `username`, + and `password`. \n Note: \n - The `ServiceKind` and + `ServiceVersion` specified in the service reference + within the ClusterDefinition are not validated when + using this approach. - If both `cluster` and `serviceDescriptor` + are present, `cluster` will take precedence. \n Deprecated + since v0.9 since `clusterDefinition.spec.connectionCredential` + is deprecated, use `clusterServiceSelector` instead. + This field is maintained for backward compatibility + and its use is discouraged. Existing usage should be + updated to the current preferred approach to avoid compatibility + issues in future releases." + type: string + clusterServiceSelector: + description: References a service provided by another + KubeBlocks Cluster. It specifies the ClusterService + and the account credentials needed for access. + properties: + cluster: + description: The name of the Cluster being referenced. + type: string + credential: + description: Specifies the SystemAccount to authenticate + and establish a connection with the referenced Cluster. + The SystemAccount should be defined in `componentDefinition.spec.systemAccounts` + of the Component providing the service in the referenced + Cluster. + properties: + component: + description: The name of the Component where the + credential resides in. + type: string + name: + description: The name of the credential (SystemAccount) + to reference. + type: string + required: + - component + - name + type: object + service: + description: Identifies a ClusterService from the + list of Services defined in `cluster.spec.services` + of the referenced Cluster. + properties: + component: + description: "The name of the Component where + the Service resides in. \n It is required when + referencing a Component's Service." + type: string + port: + description: "The port name of the Service to + be referenced. \n If there is a non-zero node-port + exist for the matched Service port, the node-port + will be selected first. \n If the referenced + Service is of pod-service type (a Service per + Pod), there will be multiple Service objects + matched, and the resolved value will be presented + in the following format: service1.name:port1,service2.name:port2..." + type: string + service: + description: "The name of the Service to be referenced. + \n Leave it empty to reference the default Service. + Set it to \"headless\" to reference the default + headless Service. \n If the referenced Service + is of pod-service type (a Service per Pod), + there will be multiple Service objects matched, + and the resolved value will be presented in + the following format: service1.name,service2.name..." + type: string + required: + - service + type: object + required: + - cluster + type: object + name: + description: "Specifies the identifier of the service + reference declaration. It corresponds to the serviceRefDeclaration + name defined in either: \n - `componentDefinition.spec.serviceRefDeclarations[*].name` + - `clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name` + (deprecated)" + type: string + namespace: + description: Specifies the namespace of the referenced + Cluster or the namespace of the referenced ServiceDescriptor + object. If not provided, the referenced Cluster and + ServiceDescriptor will be searched in the namespace + of the current Cluster by default. + type: string + serviceDescriptor: + description: "Specifies the name of the ServiceDescriptor + object that describes a service provided by external + sources. \n When referencing a service provided by external + sources, a ServiceDescriptor object is required to establish + the service binding. The `serviceDescriptor.spec.serviceKind` + and `serviceDescriptor.spec.serviceVersion` should match + the serviceKind and serviceVersion declared in the definition. + \n If both `cluster` and `serviceDescriptor` are specified, + the `cluster` takes precedence." + type: string + required: + - name + type: object + type: array + serviceVersion: + description: ServiceVersion specifies the version of the Service + expected to be provisioned by this Component. The version + should follow the syntax and semantics of the "Semantic Versioning" + specification (http://semver.org/). If no version is specified, + the latest available version will be used. + maxLength: 32 + type: string + services: + description: Overrides services defined in referenced ComponentDefinition + and expose endpoints that can be accessed by clients. + items: + properties: + annotations: + additionalProperties: + type: string + description: 'If ServiceType is LoadBalancer, cloud provider + related parameters can be put here. More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer.' + type: object + name: + description: References the ComponentService name defined + in the `componentDefinition.spec.services[*].name`. + maxLength: 25 + type: string + podService: + description: Indicates whether to generate individual + Services for each Pod. If set to true, a separate Service + will be created for each Pod in the Cluster. + type: boolean + serviceType: + default: ClusterIP + description: "Determines how the Service is exposed. Valid + options are `ClusterIP`, `NodePort`, and `LoadBalancer`. + \n - `ClusterIP` allocates a Cluster-internal IP address + for load-balancing to endpoints. Endpoints are determined + by the selector or if that is not specified, they are + determined by manual construction of an Endpoints object + or EndpointSlice objects. - `NodePort` builds on ClusterIP + and allocates a port on every node which routes to the + same endpoints as the ClusterIP. - `LoadBalancer` builds + on NodePort and creates an external load-balancer (if + supported in the current cloud) which routes to the + same endpoints as the ClusterIP. \n Note: although K8s + Service type allows the 'ExternalName' type, it is not + a valid option for ClusterComponentService. \n For more + info, see: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types." + enum: + - ClusterIP + - NodePort + - LoadBalancer + type: string + x-kubernetes-preserve-unknown-fields: true + required: + - name + type: object + type: array + switchPolicy: + description: "Defines the strategy for switchover and failover + when workloadType is Replication. \n Deprecated since v0.9. + This field is maintained for backward compatibility and its + use is discouraged. Existing usage should be updated to the + current preferred approach to avoid compatibility issues in + future releases." + properties: + type: + default: Noop + description: Type specifies the type of switch policy to + be applied. + enum: + - Noop + type: string + type: object + tls: + description: A boolean flag that indicates whether the Component + should use Transport Layer Security (TLS) for secure communication. + When set to true, the Component will be configured to use + TLS encryption for its network connections. This ensures that + the data transmitted between the Component and its clients + or other Components is encrypted and protected from unauthorized + access. If TLS is enabled, the Component may require additional + configuration, such as specifying TLS certificates and keys, + to properly set up the secure communication channel. + type: boolean + tolerations: + description: "Allows Pods to be scheduled onto nodes with matching + taints. Each toleration in the array allows the Pod to tolerate + node taints based on specified `key`, `value`, `effect`, and + `operator`. \n - The `key`, `value`, and `effect` identify + the taint that the toleration matches. - The `operator` determines + how the toleration matches the taint. \n Pods with matching + tolerations are allowed to be scheduled on tainted nodes, + typically reserved for specific purposes. \n Deprecated since + v0.10, replaced by the `schedulingPolicy` field." + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + x-kubernetes-preserve-unknown-fields: true + updateStrategy: + description: "Defines the update strategy for the Component. + \n Deprecated since v0.9. This field is maintained for backward + compatibility and its use is discouraged. Existing usage should + be updated to the current preferred approach to avoid compatibility + issues in future releases." + enum: + - Serial + - BestEffortParallel + - Parallel + type: string + userResourceRefs: + description: "Allows users to specify custom ConfigMaps and + Secrets to be mounted as volumes in the Cluster's Pods. This + is useful in scenarios where users need to provide additional + resources to the Cluster, such as: \n - Mounting custom scripts + or configuration files during Cluster startup. - Mounting + Secrets as volumes to provide sensitive information, like + S3 AK/SK, to the Cluster." + properties: + configMapRefs: + description: ConfigMapRefs defines the user-defined ConfigMaps. + items: + description: ConfigMapRef defines a reference to a ConfigMap. + properties: + asVolumeFrom: + description: AsVolumeFrom lists the names of containers + in which the volume should be mounted. + items: + type: string + type: array + x-kubernetes-list-type: set + configMap: + description: ConfigMap specifies the ConfigMap to + be mounted as a volume. + properties: + defaultMode: + description: 'defaultMode is optional: mode bits + used to set permissions on created files by + default. Must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + Defaults to 0644. Directories within the path + are not affected by this setting. This might + be in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the ConfigMap, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + mountPoint: + description: MountPoint is the filesystem path where + the volume will be mounted. + maxLength: 256 + pattern: ^/[a-z]([a-z0-9\-]*[a-z0-9])?$ + type: string + name: + description: Name is the name of the referenced ConfigMap + or Secret object. It must conform to DNS label standards. + maxLength: 63 + pattern: ^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$ + type: string + subPath: + description: SubPath specifies a path within the volume + from which to mount. + type: string + required: + - configMap + - mountPoint + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + secretRefs: + description: SecretRefs defines the user-defined Secrets. + items: + description: SecretRef defines a reference to a Secret. + properties: + asVolumeFrom: + description: AsVolumeFrom lists the names of containers + in which the volume should be mounted. + items: + type: string + type: array + x-kubernetes-list-type: set + mountPoint: + description: MountPoint is the filesystem path where + the volume will be mounted. + maxLength: 256 + pattern: ^/[a-z]([a-z0-9\-]*[a-z0-9])?$ + type: string + name: + description: Name is the name of the referenced ConfigMap + or Secret object. It must conform to DNS label standards. + maxLength: 63 + pattern: ^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$ + type: string + secret: + description: Secret specifies the Secret to be mounted + as a volume. + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits + used to set permissions on created files by + default. Must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + Defaults to 0644. Directories within the path + are not affected by this setting. This might + be in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the Secret, the volume setup + will error unless it is marked optional. Paths + must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the + Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret + in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + subPath: + description: SubPath specifies a path within the volume + from which to mount. + type: string + required: + - mountPoint + - name + - secret + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + volumeClaimTemplates: + description: Specifies a list of PersistentVolumeClaim templates + that represent the storage requirements for the Component. + Each template specifies the desired characteristics of a persistent + volume, such as storage class, size, and access modes. These + templates are used to dynamically provision persistent volumes + for the Component. + items: + properties: + name: + description: "Refers to the name of a volumeMount defined + in either: \n - `componentDefinition.spec.runtime.containers[*].volumeMounts` + - `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` + (deprecated) \n The value of `name` must match the `name` + field of a volumeMount specified in the corresponding + `volumeMounts` array." + type: string + spec: + description: "Defines the desired characteristics of a + PersistentVolumeClaim that will be created for the volume + with the mount name specified in the `name` field. \n + When a Pod is created for this ClusterComponent, a new + PVC will be created based on the specification defined + in the `spec` field. The PVC will be associated with + the volume mount specified by the `name` field." + properties: + accessModes: + description: 'Contains the desired access modes the + volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1.' + items: + type: string + type: array + x-kubernetes-preserve-unknown-fields: true + resources: + description: 'Represents the minimum resources the + volume should have. If the RecoverVolumeExpansionFailure + feature is enabled, users are allowed to specify + resource requirements that are lower than the previous + value but must still be higher than the capacity + recorded in the status field of the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources.' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field + and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It + can only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of + one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes + that resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + x-kubernetes-preserve-unknown-fields: true + storageClassName: + description: 'The name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1.' + type: string + volumeMode: + description: Defines what type of volume is required + by the claim, either Block or Filesystem. + type: string + type: object + required: + - name + type: object + type: array + required: + - replicas + type: object + maxItems: 128 + minItems: 1 + type: array + x-kubernetes-validations: + - message: duplicated component + rule: self.all(x, size(self.filter(c, c.name == x.name)) == 1) + - message: two kinds of definition API can not be used simultaneously + rule: self.all(x, size(self.filter(c, has(c.componentDef))) == 0) + || self.all(x, size(self.filter(c, has(c.componentDef))) == size(self)) + network: + description: "The configuration of network. \n Deprecated since v0.9. + This field is maintained for backward compatibility and its use + is discouraged. Existing usage should be updated to the current + preferred approach to avoid compatibility issues in future releases." + properties: + hostNetworkAccessible: + default: false + description: Indicates whether the host network can be accessed. + By default, this is set to false. + type: boolean + publiclyAccessible: + default: false + description: Indicates whether the network is accessible to the + public. By default, this is set to false. + type: boolean + type: object + replicas: + description: "Specifies the replicas of the first componentSpec, if + the replicas of the first componentSpec is specified, this value + will be ignored. \n Deprecated since v0.9. This field is maintained + for backward compatibility and its use is discouraged. Existing + usage should be updated to the current preferred approach to avoid + compatibility issues in future releases." + format: int32 + type: integer + resources: + description: "Specifies the resources of the first componentSpec, + if the resources of the first componentSpec is specified, this value + will be ignored. \n Deprecated since v0.9. This field is maintained + for backward compatibility and its use is discouraged. Existing + usage should be updated to the current preferred approach to avoid + compatibility issues in future releases." + properties: + cpu: + anyOf: + - type: integer + - type: string + description: 'Specifies the amount of CPU resource the Cluster + needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + memory: + anyOf: + - type: integer + - type: string + description: 'Specifies the amount of memory resource the Cluster + needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: Specifies runtimeClassName for all Pods managed by this + Cluster. + type: string + schedulingPolicy: + description: Specifies the scheduling policy for the Cluster. + properties: + affinity: + description: Specifies a group of affinity scheduling rules of + the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + nodeName: + description: NodeName is a request to schedule this Pod onto a + specific node. If it is non-empty, the scheduler simply schedules + this Pod onto that node, assuming that it fits resource requirements. + type: string + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must be true for + the Pod to fit on a node. Selector which must match a node''s + labels for the Pod to be scheduled on that node. More info: + https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + x-kubernetes-map-type: atomic + schedulerName: + description: If specified, the Pod will be dispatched by specified + scheduler. If not specified, the Pod will be dispatched by default + scheduler. + type: string + tolerations: + description: "Allows Pods to be scheduled onto nodes with matching + taints. Each toleration in the array allows the Pod to tolerate + node taints based on specified `key`, `value`, `effect`, and + `operator`. \n - The `key`, `value`, and `effect` identify the + taint that the toleration matches. - The `operator` determines + how the toleration matches the taint. \n Pods with matching + tolerations are allowed to be scheduled on tainted nodes, typically + reserved for specific purposes." + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraints describes how a group of + Pods ought to spread across topology domains. Scheduler will + schedule Pods in a way which abides by the constraints. All + topologySpreadConstraints are ANDed. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine + the number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys + to select the pods over which spreading will be calculated. + The keys are used to lookup values from the incoming pod + labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading + will be calculated for the incoming pod. The same key + is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't + set. Keys that don't exist in the incoming pod labels + will be ignored. A null or empty list means only match + against labelSelector. \n This is a beta field and requires + the MatchLabelKeysInPodTopologySpread feature gate to + be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number @@ -6579,6 +8508,15 @@ spec: type: string type: object type: array + disableExporter: + description: "Determines whether metrics exporter information + is annotated on the Component's headless Service. \n If + set to true, the following annotations will not be patched + into the Service: \n - \"monitor.kubeblocks.io/path\" + - \"monitor.kubeblocks.io/port\" - \"monitor.kubeblocks.io/scheme\" + \n These annotations allow the Prometheus installed by + KubeBlocks to discover and scrape metrics from the exporter." + type: boolean enabledLogs: description: "Specifies which types of logs should be collected for the Component. The log types are defined in the `componentDefinition.spec.logConfigs` @@ -7812,598 +9750,2176 @@ spec: resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes - the minimum amount of compute - resources required. If Requests - is omitted for a container, - it defaults to Limits if that - is explicitly specified, otherwise - to an implementation-defined - value. Requests cannot exceed - Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes + the minimum amount of compute + resources required. If Requests + is omitted for a container, + it defaults to Limits if that + is explicitly specified, otherwise + to an implementation-defined + value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label + query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is + the name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines + what type of volume is required + by the claim. Value of Filesystem + is implied when not included in + claim spec. + type: string + volumeName: + description: volumeName is the binding + reference to the PersistentVolume + backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine + and then exposed to the pod. + properties: + fsType: + description: 'fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. TODO: how do + we prevent errors in the filesystem from + compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target + lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC + target worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume + world wide identifiers (wwids) Either + wwids or combination of targetWWNs and + lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic + volume resource that is provisioned/attached + using an exec based plugin. + properties: + driver: + description: driver is the name of the driver + to use for this volume. + type: string + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". The default filesystem + depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this + field holds extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef + is reference to the secret object containing + sensitive information to pass to the plugin + scripts. This may be empty if no secret + object is specified. If the secret object + contains more than one secret, all secrets + are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume + attached to a kubelet's host machine. This + depends on the Flocker control service being + running + properties: + datasetName: + description: datasetName is Name of the + dataset stored as metadata -> name on + the dataset for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of + the dataset. This is unique identifier + of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a + GCE Disk resource that is attached to a kubelet''s + host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + partition: + description: 'partition is the partition + in the volume that you want to mount. + If omitted, the default is to mount by + volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, + the volume partition for /dev/sda is "0" + (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the + PD resource in GCE. Used to identify the + disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository + at a particular revision. DEPRECATED: GitRepo + is deprecated. To provision a container with + a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount + the EmptyDir into the Pod''s container.' + properties: + directory: + description: directory is the target directory + name. Must not contain or start with '..'. If + '.' is supplied, the volume directory + will be the git repository. Otherwise, + if specified, the volume will contain + the git repository in the subdirectory + with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash + for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs + mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint + name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume + path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the + Glusterfs volume to be mounted with read-only + permissions. Defaults to false. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing + file or directory on the host machine that + is directly exposed to the container. This + is generally used for system agents or other + privileged things that are allowed to see + the host machine. Most containers will NOT + need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who + can use host directory mounts and who can/can + not mount host directories as read/write.' + properties: + path: + description: 'path of the directory on the + host. If the path is a symlink, it will + follow the link to the real path. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk + resource that is attached to a kubelet''s + host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether + support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether + support iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom + iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, + new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface + Name that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target + Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target + Portal List. The portal is either an IP + or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret + for iSCSI target and initiator authentication + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target + Portal. The Portal is either an IP or + ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a + DNS_LABEL and unique within the pod. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on + the host that shares a pod''s lifetime More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the + NFS export to be mounted with read-only + permissions. Defaults to false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or + IP address of the NFS server. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource + represents a reference to a PersistentVolumeClaim + in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a + PersistentVolumeClaim in the same namespace + as the pod using this volume. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly + setting in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents + a PhotonController persistent disk attached + and mounted on kubelets host machine + properties: + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies + Photon Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx + volume attached and mounted on kubelets host + machine + properties: + fsType: + description: fSType represents the filesystem + type to mount Must be a filesystem type + supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies + a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one + resources secrets, configmaps, and downward + API + properties: + defaultMode: + description: defaultMode are the mode bits + used to set permissions on created files + by default. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits + set. + format: int32 + type: integer + sources: + description: sources is the list of volume + projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + configMap: + description: configMap information + about the configMap data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced ConfigMap + will be projected into the volume + as a file whose name is the + key and content is the value. + If specified, the listed keys + will be projected into the specified + paths, and unlisted keys will + not be present. If a key is + specified which is not present + in the ConfigMap, the volume + setup will error unless it is + marked optional. Paths must + be relative and may not contain + the '..' path or start with + '..'. + items: + description: Maps a string key + to a path within a volume. + properties: + key: + description: key is the + key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set + permissions on this file. + Must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: path is the + relative path of the file + to map the key to. May + not be an absolute path. + May not contain the path + element '..'. May not + start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: optional specify + whether the ConfigMap or its + keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information + about the downwardAPI data to project + properties: + items: + description: Items is a list of + DownwardAPIVolume file + items: + description: DownwardAPIVolumeFile + represents information to + create the file containing + the pod field + properties: + fieldRef: + description: 'Required: + Selects a field of the + pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version + of the schema the + FieldPath is written + in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of + the field to select + in the specified API + version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: + mode bits used to set + permissions on this file, + must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: + Path is the relative + path name of the file + to be created. Must not + be absolute or contain + the ''..'' path. Must + be utf-8 encoded. The + first item of the relative + path must not start with + ''..''' + type: string + resourceFieldRef: + description: 'Selects a + resource of the container: + only resources limits + and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) are + currently supported.' + properties: + containerName: + description: 'Container + name: required for + volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies + the output format + of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about + the secret data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced Secret + will be projected into the volume + as a file whose name is the + key and content is the value. + If specified, the listed keys + will be projected into the specified + paths, and unlisted keys will + not be present. If a key is + specified which is not present + in the Secret, the volume setup + will error unless it is marked + optional. Paths must be relative + and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key + to a path within a volume. + properties: + key: + description: key is the + key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set + permissions on this file. + Must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: path is the + relative path of the file + to map the key to. May + not be an absolute path. + May not contain the path + element '..'. May not + start with the string + '..'. + type: string + required: + - key + - path type: object - type: object - selector: - description: selector is a label - query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates the key and values. - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - Valid operators are - In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is - an array of string values. - If the operator is In - or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the - values array must be - empty. This array is - replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: optional field specify + whether the Secret or its key + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is + information about the serviceAccountToken + data to project + properties: + audience: + description: audience is the intended + audience of the token. A recipient + of a token must identify itself + with an identifier specified + in the audience of the token, + and otherwise should reject + the token. The audience defaults + to the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds + is the requested duration of + validity of the service account + token. As the token approaches + expiration, the kubelet volume + plugin will proactively rotate + the service account token. The + kubelet will start trying to + rotate the token if the token + is older than 80 percent of + its time to live or if the token + is older than 24 hours.Defaults + to 1 hour and must be at least + 10 minutes. + format: int64 + type: integer + path: + description: path is the path + relative to the mount point + of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount + on the host that shares a pod's lifetime + properties: + group: + description: group to map volume access + to Default is no group + type: string + readOnly: + description: readOnly here will force the + Quobyte volume to be mounted with read-only + permissions. Defaults to false. + type: boolean + registry: + description: registry represents a single + or multiple Quobyte Registry services + specified as a string as host:port pair + (multiple entries are separated with commas) + which acts as the central registry for + volumes + type: string + tenant: + description: tenant owning the given Quobyte + volume in the Backend Used with dynamically + provisioned Quobyte volumes, value is + set by the plugin + type: string + user: + description: user to map volume access to + Defaults to serivceaccount user + type: string + volume: + description: volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device + mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + image: + description: 'image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key + ring for RBDUser. Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of + Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. + Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides + keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. + Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address + of the ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name + of the ScaleIO Protection Domain for the + configured storage. + type: string + readOnly: + description: readOnly Defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the + secret for ScaleIO user and other sensitive + information. If this is not provided, + Login operation will fail. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable + SSL communication with Gateway, default + false + type: boolean + storageMode: + description: storageMode indicates whether + the storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO + Storage Pool associated with the protection + domain. + type: string + system: + description: system is the name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a + volume already created in the ScaleIO + system that is associated with this volume + source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that + should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode + bits used to set permissions on created + files by default. Must be an octal value + between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. + Directories within the path are not affected + by this setting. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each + key-value pair in the Data field of the + referenced Secret will be projected into + the volume as a file whose name is the + key and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, the + volume setup will error unless it is marked + optional. Paths must be relative and may + not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on + this file. Must be an octal value + between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether + the Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of + the secret in the pod''s namespace to + use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret + to use for obtaining the StorageOS API + credentials. If not specified, default + values will be attempted. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable + name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the + scope of the volume within StorageOS. If + no namespace is specified then the Pod's + namespace will be used. This allows the + Kubernetes name scoping to be mirrored + within StorageOS for tighter integration. + Set VolumeName to any name to override + the default behaviour. Set to "default" + if you are not using namespaces within + StorageOS. Namespaces that do not pre-exist + within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere + volume attached and mounted on kubelets host + machine + properties: + fsType: + description: fsType is filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage + Policy Based Management (SPBM) profile + ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage + Policy Based Management (SPBM) profile + name. + type: string + volumePath: + description: volumePath is the path that + identifies vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + issuer: + description: Specifies the configuration for the TLS certificates + issuer. It allows defining the issuer name and the reference + to the secret containing the TLS certificates and key. + The secret should contain the CA certificate, TLS certificate, + and private key in the specified keys. Required when TLS + is enabled. + properties: + name: + allOf: + - enum: + - KubeBlocks + - UserProvided + - enum: + - KubeBlocks + - UserProvided + default: KubeBlocks + description: "The issuer for TLS certificates. It only + allows two enum values: `KubeBlocks` and `UserProvided`. + \n - `KubeBlocks` indicates that the self-signed TLS + certificates generated by the KubeBlocks Operator + will be used. - `UserProvided` means that the user + is responsible for providing their own CA, Cert, and + Key. In this case, the user-provided CA certificate, + server certificate, and private key will be used for + TLS communication." + type: string + secretRef: + description: SecretRef is the reference to the secret + that contains user-provided certificates. It is required + when the issuer is set to `UserProvided`. + properties: + ca: + description: Key of CA cert in Secret + type: string + cert: + description: Key of Cert in Secret + type: string + key: + description: Key of TLS private key in Secret + type: string + name: + description: Name of the Secret that contains user-provided + certificates. + type: string + required: + - ca + - cert + - key + - name + type: object + required: + - name + type: object + metricsStoreIntegration: + description: It supports prometheus/victoriametrics operator. + properties: + serviceMonitorTemplate: + description: "Specifies the ServiceMonitor template + used in the Component. \n Example usage: ```yaml name: + prometheus-scrape namespace: default labels: k8s-app: + node-exporter serviceMonitorTemplate: selector: matchLabels: + app: app-exporter k8s-app: app-exporter endpoints: + - port: metrics_port jobLabel: k8s-app ```" + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + serviceMonitorSpec: + description: ServiceMonitorSpec contains specification + parameters for a ServiceMonitor + properties: + attachMetadata: + description: "`attachMetadata` defines additional + metadata which is added to the discovered + targets. \n It requires Prometheus >= v2.37.0." + properties: + node: + description: When set to true, Prometheus + must have the `get` permission on the + `Nodes` objects. + type: boolean + type: object + endpoints: + description: List of endpoints part of this + ServiceMonitor. + items: + description: Endpoint defines an endpoint + serving Prometheus metrics to be scraped + by Prometheus. + properties: + authorization: + description: "`authorization` configures + the Authorization header credentials + to use when scraping the target. \n + Cannot be set at the same time as `basicAuth`, + or `oauth2`." + properties: + credentials: + description: Selects a key of a Secret + in the namespace that contains the + credentials for authentication. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication + type. The value is case-insensitive. + \n \"Basic\" is not a supported + value. \n Default: \"Bearer\"" + type: string + type: object + basicAuth: + description: "`basicAuth` configures the + Basic Authentication credentials to + use when scraping the target. \n Cannot + be set at the same time as `authorization`, + or `oauth2`." + properties: + password: + description: '`password` specifies + a key of a Secret containing the + password for authentication.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies + a key of a Secret containing the + username for authentication.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: "File to read bearer token + for scraping the target. \n Deprecated: + use `authorization` instead." + type: string + bearerTokenSecret: + description: "`bearerTokenSecret` specifies + a key of a Secret containing the bearer + token for scraping targets. The secret + needs to be in the same namespace as + the ServiceMonitor object and readable + by the Prometheus Operator. \n Deprecated: + use `authorization` instead." + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + enableHttp2: + description: '`enableHttp2` can be used + to disable HTTP2 when scraping the target.' + type: boolean + filterRunning: + description: "When true, the pods which + are not running (e.g. either in Failed + or Succeeded state) are dropped during + the target discovery. \n If unset, the + filtering is enabled. \n More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" + type: boolean + followRedirects: + description: '`followRedirects` defines + whether the scrape requests should follow + HTTP 3xx redirects.' + type: boolean + honorLabels: + description: When true, `honorLabels` + preserves the metric's labels when they + collide with the target's labels. + type: boolean + honorTimestamps: + description: '`honorTimestamps` controls + whether Prometheus preserves the timestamps + when exposed by the target.' + type: boolean + interval: + description: "Interval at which Prometheus + scrapes the metrics from the target. + \n If empty, Prometheus uses the global + scrape interval." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + metricRelabelings: + description: '`metricRelabelings` configures + the relabeling rules to apply to the + samples before ingestion.' + items: + description: "RelabelConfig allows dynamic + rewriting of the label set for targets, + alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform + based on the regex matching. \n + `Uppercase` and `Lowercase` actions + require Prometheus >= v2.36.0. + `DropEqual` and `KeepEqual` actions + require Prometheus >= v2.41.0. + \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of + the hash of the source label values. + \n Only applicable when the action + is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression + against which the extracted value + is matched. + type: string + replacement: + description: "Replacement value + against which a Replace action + is performed if the regular expression + matches. \n Regex capture groups + are available." + type: string + separator: + description: Separator is the string + between concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using + the configured Separator and matched + against the configured regular + expression. + items: + description: LabelName is a valid + Prometheus label name which + may only contain ASCII letters, + numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the + resulting string is written in + a replacement. \n It is mandatory + for `Replace`, `HashMod`, `Lowercase`, + `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups + are available." + type: string + type: object + type: array + oauth2: + description: "`oauth2` configures the + OAuth2 settings to use when scraping + the target. \n It requires Prometheus + >= 2.27.0. \n Cannot be set at the same + time as `authorization`, or `basicAuth`." + properties: + clientId: + description: '`clientId` specifies + a key of a Secret or ConfigMap containing + the OAuth2 client''s ID.' + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. type: string - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in the - matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: 'storageClassName is - the name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies + a key of a Secret containing the + OAuth2 client''s secret.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures + the HTTP parameters to append to + the token URL.' + type: object + scopes: + description: '`scopes` defines the + OAuth2 scopes used for the token + request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures + the URL to fetch the token from.' + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + params: + additionalProperties: + items: + type: string + type: array + description: params define optional HTTP + URL parameters. + type: object + path: + description: "HTTP path from which to + scrape for metrics. \n If empty, Prometheus + uses the default value (e.g. `/metrics`)." + type: string + port: + description: "Name of the Service port + which this endpoint refers to. \n It + takes precedence over `targetPort`." + type: string + proxyUrl: + description: '`proxyURL` configures the + HTTP Proxy URL (e.g. "http://proxyserver:2195") + to go through when scraping the target.' + type: string + relabelings: + description: "`relabelings` configures + the relabeling rules to apply the target's + metadata labels. \n The Operator automatically + adds relabelings for a few standard + Kubernetes fields. \n The original scrape + job's name is available via the `__tmp_prometheus_job_name` + label. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + items: + description: "RelabelConfig allows dynamic + rewriting of the label set for targets, + alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform + based on the regex matching. \n + `Uppercase` and `Lowercase` actions + require Prometheus >= v2.36.0. + `DropEqual` and `KeepEqual` actions + require Prometheus >= v2.41.0. + \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of + the hash of the source label values. + \n Only applicable when the action + is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression + against which the extracted value + is matched. type: string - volumeMode: - description: volumeMode defines - what type of volume is required - by the claim. Value of Filesystem - is implied when not included in - claim spec. + replacement: + description: "Replacement value + against which a Replace action + is performed if the regular expression + matches. \n Regex capture groups + are available." type: string - volumeName: - description: volumeName is the binding - reference to the PersistentVolume - backing this claim. + separator: + description: Separator is the string + between concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using + the configured Separator and matched + against the configured regular + expression. + items: + description: LabelName is a valid + Prometheus label name which + may only contain ASCII letters, + numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the + resulting string is written in + a replacement. \n It is mandatory + for `Replace`, `HashMod`, `Lowercase`, + `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups + are available." type: string type: object - required: - - spec - type: object - type: object - fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine - and then exposed to the pod. - properties: - fsType: - description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. TODO: how do - we prevent errors in the filesystem from - compromising the machine' - type: string - lun: - description: 'lun is Optional: FC target - lun number' - format: int32 - type: integer - readOnly: - description: 'readOnly is Optional: Defaults - to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'targetWWNs is Optional: FC - target worldwide names (WWNs)' - items: - type: string - type: array - wwids: - description: 'wwids Optional: FC volume - world wide identifiers (wwids) Either - wwids or combination of targetWWNs and - lun must be set, but not both simultaneously.' - items: + type: array + scheme: + description: "HTTP scheme to use for scraping. + \n `http` and `https` are the expected + values unless you rewrite the `__scheme__` + label via relabeling. \n If empty, Prometheus + uses the default value `http`." + enum: + - http + - https type: string - type: array - type: object - flexVolume: - description: flexVolume represents a generic - volume resource that is provisioned/attached - using an exec based plugin. - properties: - driver: - description: driver is the name of the driver - to use for this volume. - type: string - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem - depends on FlexVolume script. - type: string - options: - additionalProperties: + scrapeTimeout: + description: "Timeout after which Prometheus + considers the scrape to be failed. \n + If empty, Prometheus uses the global + scrape timeout unless it is less than + the target's scrape interval value in + which the latter is used." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string - description: 'options is Optional: this - field holds extra command options if any.' - type: object - readOnly: - description: 'readOnly is Optional: defaults - to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret - object is specified. If the secret object - contains more than one secret, all secrets - are passed to the plugin scripts.' - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - driver - type: object - flocker: - description: flocker represents a Flocker volume - attached to a kubelet's host machine. This - depends on the Flocker control service being - running - properties: - datasetName: - description: datasetName is Name of the - dataset stored as metadata -> name on - the dataset for Flocker should be considered - as deprecated - type: string - datasetUUID: - description: datasetUUID is the UUID of - the dataset. This is unique identifier - of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'gcePersistentDisk represents a - GCE Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'fsType is filesystem type - of the volume that you want to mount. - Tip: Ensure that the filesystem type is - supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - partition: - description: 'partition is the partition - in the volume that you want to mount. - If omitted, the default is to mount by - volume name. Examples: For volume /dev/sda1, - you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" - (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'pdName is unique name of the - PD resource in GCE. Used to identify the - disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'readOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated. To provision a container with - a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount - the EmptyDir into the Pod''s container.' - properties: - directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory - will be the git repository. Otherwise, - if specified, the volume will contain - the git repository in the subdirectory - with the given name. - type: string - repository: - description: repository is the URL - type: string - revision: - description: revision is the commit hash - for the specified revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'glusterfs represents a Glusterfs - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'endpoints is the endpoint - name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'path is the Glusterfs volume - path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'readOnly here will force the - Glusterfs volume to be mounted with read-only - permissions. Defaults to false. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'hostPath represents a pre-existing - file or directory on the host machine that - is directly exposed to the container. This - is generally used for system agents or other - privileged things that are allowed to see - the host machine. Most containers will NOT - need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who - can use host directory mounts and who can/can - not mount host directories as read/write.' - properties: - path: - description: 'path of the directory on the - host. If the path is a symlink, it will - follow the link to the real path. More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'iscsi represents an ISCSI Disk - resource that is attached to a kubelet''s - host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md' + targetPort: + anyOf: + - type: integer + - type: string + description: "Name or number of the target + port of the `Pod` object behind the + Service, the port must be specified + with container port property. \n Deprecated: + use `port` instead." + x-kubernetes-int-or-string: true + tlsConfig: + description: TLS configuration to use + when scraping the target. + properties: + ca: + description: Certificate authority + used when verifying server certificates. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in + the Prometheus container to use + for the targets. + type: string + cert: + description: Client certificate to + present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert + file in the Prometheus container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client key + file in the Prometheus container + for the targets. + type: string + keySecret: + description: Secret containing the + client key file for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname + for the targets. + type: string + type: object + trackTimestampsStaleness: + description: "`trackTimestampsStaleness` + defines whether Prometheus tracks staleness + of the metrics that have an explicit + timestamp present in scraped data. Has + no effect if `honorTimestamps` is false. + \n It requires Prometheus >= v2.48.0." + type: boolean + type: object + type: array + jobLabel: + description: "`jobLabel` selects the label from + the associated Kubernetes `Service` object + which will be used as the `job` label for + all metrics. \n For example if `jobLabel` + is set to `foo` and the Kubernetes `Service` + object is labeled with `foo: bar`, then Prometheus + adds the `job=\"bar\"` label to all ingested + metrics. \n If the value of this field is + empty or if the label doesn't exist for the + given Service, the `job` label of the metrics + defaults to the name of the associated Kubernetes + `Service`." + type: string + keepDroppedTargets: + description: "Per-scrape limit on the number + of targets dropped by relabeling that will + be kept in memory. 0 means no limit. \n It + requires Prometheus >= v2.47.0." + format: int64 + type: integer + labelLimit: + description: "Per-scrape limit on number of + labels that will be accepted for a sample. + \n It requires Prometheus >= v2.27.0." + format: int64 + type: integer + labelNameLengthLimit: + description: "Per-scrape limit on length of + labels name that will be accepted for a sample. + \n It requires Prometheus >= v2.27.0." + format: int64 + type: integer + labelValueLengthLimit: + description: "Per-scrape limit on length of + labels value that will be accepted for a sample. + \n It requires Prometheus >= v2.27.0." + format: int64 + type: integer + namespaceSelector: + description: Selector to select which namespaces + the Kubernetes `Endpoints` objects are discovered + from. properties: - chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication - type: boolean - chapAuthSession: - description: chapAuthSession defines whether - support iSCSI Session CHAP authentication + any: + description: Boolean describing whether + all namespaces are selected in contrast + to a list restricting them. type: boolean - fsType: - description: 'fsType is the filesystem type - of the volume that you want to mount. - Tip: Ensure that the filesystem type is - supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - initiatorName: - description: initiatorName is the custom - iSCSI Initiator Name. If initiatorName - is specified with iscsiInterface simultaneously, - new iSCSI interface : will be created for the connection. - type: string - iqn: - description: iqn is the target iSCSI Qualified - Name. - type: string - iscsiInterface: - description: iscsiInterface is the interface - Name that uses an iSCSI transport. Defaults - to 'default' (tcp). - type: string - lun: - description: lun represents iSCSI Target - Lun number. - format: int32 - type: integer - portals: - description: portals is the iSCSI Target - Portal List. The portal is either an IP - or ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). + matchNames: + description: List of namespace names to + select from. items: type: string type: array - readOnly: - description: readOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - secretRef: - description: secretRef is the CHAP Secret - for iSCSI target and initiator authentication - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - targetPortal: - description: targetPortal is iSCSI Target - Portal. The Portal is either an IP or - ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'name of the volume. Must be a - DNS_LABEL and unique within the pod. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'nfs represents an NFS mount on - the host that shares a pod''s lifetime More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'path that is exported by the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'readOnly here will force the - NFS export to be mounted with read-only - permissions. Defaults to false. More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'server is the hostname or - IP address of the NFS server. More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'claimName is the name of a - PersistentVolumeClaim in the same namespace - as the pod using this volume. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. - type: boolean - required: - - claimName type: object - photonPersistentDisk: - description: photonPersistentDisk represents - a PhotonController persistent disk attached - and mounted on kubelets host machine + podTargetLabels: + description: '`podTargetLabels` defines the + labels which are transferred from the associated + Kubernetes `Pod` object onto the ingested + metrics.' + items: + type: string + type: array + sampleLimit: + description: '`sampleLimit` defines a per-scrape + limit on the number of scraped samples that + will be accepted.' + format: int64 + type: integer + selector: + description: Label selector to select the Kubernetes + `Endpoints` objects. properties: - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. - type: string - pdID: - description: pdID is the ID that identifies - Photon Controller persistent disk - type: string - required: - - pdID + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host - machine + x-kubernetes-map-type: atomic + targetLabels: + description: '`targetLabels` defines the labels + which are transferred from the associated + Kubernetes `Service` object onto the ingested + metrics.' + items: + type: string + type: array + targetLimit: + description: '`targetLimit` defines a limit + on the number of scraped targets that will + be accepted.' + format: int64 + type: integer + required: + - selector + type: object + type: object + vmMonitorTemplate: + description: "VictoriaMetrics is currently not supported + yet. Specifies the VMServiceScrape template used in + the Component. \n ```yaml name: vm-scrape namespace: + default labels: k8s-app: node-exporter vmServiceScrapeSpec: + selector: matchLabels: app: app-exporter ```" + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + vmServiceScrapeSpec: + description: VMServiceScrapeSpec defines the desired + state of VMServiceScrape + properties: + attach_metadata: + description: AttachMetadata configures metadata + attaching from service discovery properties: - fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type - supported by the host operating system. - Ex. "ext4", "xfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - readOnly: - description: readOnly defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + node: + description: 'Node instructs vmagent to + add node specific metadata from service + discovery Valid for roles: pod, endpoints, + endpointslice.' type: boolean - volumeID: - description: volumeID uniquely identifies - a Portworx volume - type: string - required: - - volumeID type: object - projected: - description: projected items for all in one - resources secrets, configmaps, and downward - API - properties: - defaultMode: - description: defaultMode are the mode bits - used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. Directories within - the path are not affected by this setting. - This might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits - set. - format: int32 - type: integer - sources: - description: sources is the list of volume - projections - items: - description: Projection that may be projected - along with other supported volume types + discoveryRole: + description: 'DiscoveryRole - defines kubernetes_sd + role for objects discovery. by default, its + endpoints. can be changed to service or endpointslices. + note, that with service setting, you have + to use port: "name" and cannot use targetPort + for endpoints.' + enum: + - endpoints + - service + - endpointslices + type: string + endpoints: + description: A list of endpoints allowed as + part of this ServiceScrape. + items: + description: Endpoint defines a scrapeable + endpoint serving Prometheus metrics. + properties: + attach_metadata: + description: AttachMetadata configures + metadata attaching from service discovery properties: - configMap: - description: configMap information - about the configMap data to project + node: + description: 'Node instructs vmagent + to add node specific metadata from + service discovery Valid for roles: + pod, endpoints, endpointslice.' + type: boolean + type: object + authorization: + description: Authorization with http header + Authorization + properties: + credentials: + description: Reference to the secret + with value for authorization properties: - items: - description: items if unspecified, - each key-value pair in the Data - field of the referenced ConfigMap - will be projected into the volume - as a file whose name is the - key and content is the value. - If specified, the listed keys - will be projected into the specified - paths, and unlisted keys will - not be present. If a key is - specified which is not present - in the ConfigMap, the volume - setup will error unless it is - marked optional. Paths must - be relative and may not contain - the '..' path or start with - '..'. - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: key is the - key to project. - type: string - mode: - description: 'mode is Optional: - mode bits used to set - permissions on this file. - Must be an octal value - between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts - both octal and decimal - values, JSON requires - decimal values for mode - bits. If not specified, - the volume defaultMode - will be used. This might - be in conflict with other - options that affect the - file mode, like fsGroup, - and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: path is the - relative path of the file - to map the key to. May - not be an absolute path. - May not contain the path - element '..'. May not - start with the string - '..'. - type: string - required: - - key - - path - type: object - type: array + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -8411,185 +11927,68 @@ spec: apiVersion, kind, uid?' type: string optional: - description: optional specify - whether the ConfigMap or its - keys must be defined + description: Specify whether the + Secret or its key must be defined type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - downwardAPI: - description: downwardAPI information - about the downwardAPI data to project + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, + default to bearer + type: string + type: object + basicAuth: + description: 'BasicAuth allow an endpoint + to authenticate over basic authentication + More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: The secret in the service + scrape namespace that contains the + password for authentication. It + must be at them same namespace as + CRD properties: - items: - description: Items is a list of - DownwardAPIVolume file - items: - description: DownwardAPIVolumeFile - represents information to - create the file containing - the pod field - properties: - fieldRef: - description: 'Required: - Selects a field of the - pod: only annotations, - labels, name and namespace - are supported.' - properties: - apiVersion: - description: Version - of the schema the - FieldPath is written - in terms of, defaults - to "v1". - type: string - fieldPath: - description: Path of - the field to select - in the specified API - version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - mode: - description: 'Optional: - mode bits used to set - permissions on this file, - must be an octal value - between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts - both octal and decimal - values, JSON requires - decimal values for mode - bits. If not specified, - the volume defaultMode - will be used. This might - be in conflict with other - options that affect the - file mode, like fsGroup, - and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: - Path is the relative - path name of the file - to be created. Must not - be absolute or contain - the ''..'' path. Must - be utf-8 encoded. The - first item of the relative - path must not start with - ''..''' - type: string - resourceFieldRef: - description: 'Selects a - resource of the container: - only resources limits - and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are - currently supported.' - properties: - containerName: - description: 'Container - name: required for - volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies - the output format - of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: - resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - required: - - path - type: object - type: array + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key type: object - secret: - description: secret information about - the secret data to project + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile defines + path to password file at disk + type: string + username: + description: The secret in the service + scrape namespace that contains the + username for authentication. It + must be at them same namespace as + CRD properties: - items: - description: items if unspecified, - each key-value pair in the Data - field of the referenced Secret - will be projected into the volume - as a file whose name is the - key and content is the value. - If specified, the listed keys - will be projected into the specified - paths, and unlisted keys will - not be present. If a key is - specified which is not present - in the Secret, the volume setup - will error unless it is marked - optional. Paths must be relative - and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: key is the - key to project. - type: string - mode: - description: 'mode is Optional: - mode bits used to set - permissions on this file. - Must be an octal value - between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts - both octal and decimal - values, JSON requires - decimal values for mode - bits. If not specified, - the volume defaultMode - will be used. This might - be in conflict with other - options that affect the - file mode, like fsGroup, - and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: path is the - relative path of the file - to map the key to. May - not be an absolute path. - May not contain the path - element '..'. May not - start with the string - '..'. - type: string - required: - - key - - path - type: object - type: array + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -8597,453 +11996,997 @@ spec: apiVersion, kind, uid?' type: string optional: - description: optional field specify - whether the Secret or its key - must be defined + description: Specify whether the + Secret or its key must be defined type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is - information about the serviceAccountToken - data to project + type: object + bearerTokenFile: + description: File to read bearer token + for scraping targets. + type: string + bearerTokenSecret: + description: Secret to mount to read bearer + token for scraping targets. The secret + needs to be in the same namespace as + the service scrape and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls + redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's + labels on collisions with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls + whether vmagent respects the timestamps + present in scraped data. + type: boolean + interval: + description: Interval at which metrics + should be scraped + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply + to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic + rewriting of the label set, being + applied to samples before ingestion. + It defines ``-section + of configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based + on regex matching. Default is + 'replace' + type: string + if: + description: 'If represents metricsQL + match expression (or list of expressions): + ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together + with Match for `action: graphite`' + type: object + match: + description: 'Match is used together + with Labels for `action: graphite`' + type: string + modulus: + description: Modulus to take of + the hash of the source label values. + format: int64 + type: integer + regex: + description: Regular expression + against which the extracted value + is matched. Default is '(.*)' + victoriaMetrics supports multiline + regex joined with | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against + which a regex replace is performed + if the regular expression matches. + Regex capture groups are available. + Default is '$1' + type: string + separator: + description: Separator placed between + concatenated source label values. + default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels + - additional form of source labels + source_labels for compatibility + with original relabel config. + if set both sourceLabels and + source_labels, sourceLabels has + priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using + the configured separator and matched + against the configured regular + expression for the replace, keep, + and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel + - additional form of target label + - target_label for compatibility + with original relabel config. + if set both targetLabel and target_label, + targetLabel has priority. for + details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the + resulting value is written in + a replace action. It is mandatory + for replace actions. Regex capture + groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap + containing the OAuth2 client id properties: - audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself - with an identifier specified - in the audience of the token, - and otherwise should reject - the token. The audience defaults - to the identifier of the apiserver. + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing + the OAuth2 client secret + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. type: string - expirationSeconds: - description: expirationSeconds - is the requested duration of - validity of the service account - token. As the token approaches - expiration, the kubelet volume - plugin will proactively rotate - the service account token. The - kubelet will start trying to - rotate the token if the token - is older than 80 percent of - its time to live or if the token - is older than 24 hours.Defaults - to 1 hour and must be at least - 10 minutes. - format: int64 - type: integer - path: - description: path is the path - relative to the mount point - of the file to project the token - into. + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines + path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append + to the token URL + type: object + scopes: + description: OAuth2 scopes used for + the token request + items: + type: string + type: array + token_url: + description: The URL to fetch the + token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port + this endpoint refers to. Mutually exclusive + with targetPort. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 + Directs scrapes to proxy through this + endpoint. + type: string + relabelConfigs: + description: 'RelabelConfigs to apply + to samples before scraping. More info: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic + rewriting of the label set, being + applied to samples before ingestion. + It defines ``-section + of configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based + on regex matching. Default is + 'replace' + type: string + if: + description: 'If represents metricsQL + match expression (or list of expressions): + ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together + with Match for `action: graphite`' + type: object + match: + description: 'Match is used together + with Labels for `action: graphite`' + type: string + modulus: + description: Modulus to take of + the hash of the source label values. + format: int64 + type: integer + regex: + description: Regular expression + against which the extracted value + is matched. Default is '(.*)' + victoriaMetrics supports multiline + regex joined with | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against + which a regex replace is performed + if the regular expression matches. + Regex capture groups are available. + Default is '$1' + type: string + separator: + description: Separator placed between + concatenated source label values. + default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels + - additional form of source labels + source_labels for compatibility + with original relabel config. + if set both sourceLabels and + source_labels, sourceLabels has + priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using + the configured separator and matched + against the configured regular + expression for the replace, keep, + and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel + - additional form of target label + - target_label for compatibility + with original relabel config. + if set both targetLabel and target_label, + targetLabel has priority. for + details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the + resulting value is written in + a replace action. It is mandatory + for replace actions. Regex capture + groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-endpoint + limit on number of scraped samples that + will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + type: string + scrape_interval: + description: ScrapeInterval is the same + as Interval and has priority over it. + one of scrape_interval or interval can + be used + type: string + scrapeTimeout: + description: Timeout after which the scrape + is ended + type: string + seriesLimit: + description: SeriesLimit defines per-scrape + limit on number of unique time series + a single target can expose during all + the scrapes on the time window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: Name or number of the pod + port this endpoint refers to. Mutually + exclusive with port. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to + use when scraping the endpoint + properties: + ca: + description: Stuct containing the + CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in + the container to use for the targets. + type: string + cert: + description: Struct containing the + client cert file for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert + file in the container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client key + file in the container for the targets. + type: string + keySecret: + description: Secret containing the + client key file for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean required: - - path + - key type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname + for the targets. + type: string type: object - type: array - type: object - quobyte: - description: quobyte represents a Quobyte mount - on the host that shares a pod's lifetime + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics + specific scrape parametrs + properties: + disable_compression: + type: boolean + disable_keep_alive: + description: disable_keepalive allows + disabling HTTP keep-alive when scraping + targets. By default, HTTP keep-alive + is enabled, so TCP connections to + scrape targets could be re-used. + See https://docs.victoriametrics.com/vmagent.html#scrape_config-enhancements + type: boolean + headers: + description: 'Headers allows sending + custom headers to scrape targets + must be in of semicolon separated + header with it''s value eg: headerName: + headerValue vmagent supports since + 1.79.0 version' + items: + type: string + type: array + metric_relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + no_stale_markers: + type: boolean + proxy_client_config: + description: ProxyClientConfig configures + proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent.html#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an + endpoint to authenticate over + basic authentication + properties: + password: + description: The secret in + the service scrape namespace + that contains the password + for authentication. It must + be at them same namespace + as CRD + properties: + key: + description: The key of + the secret to select + from. Must be a valid + secret key. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile + defines path to password + file at disk + type: string + username: + description: The secret in + the service scrape namespace + that contains the username + for authentication. It must + be at them same namespace + as CRD + properties: + key: + description: The key of + the secret to select + from. Must be a valid + secret key. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector + selects a key of a Secret. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + description: TLSConfig specifies + TLSConfig configuration parameters. + properties: + ca: + description: Stuct containing + the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap + containing data to use + for the targets. + properties: + key: + description: The key + to select. + type: string + name: + description: 'Name + of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other + useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify + whether the ConfigMap + or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the + targets. + properties: + key: + description: The key + of the secret to + select from. Must + be a valid secret + key. + type: string + name: + description: 'Name + of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other + useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify + whether the Secret + or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA + cert in the container to + use for the targets. + type: string + cert: + description: Struct containing + the client cert file for + the targets. + properties: + configMap: + description: ConfigMap + containing data to use + for the targets. + properties: + key: + description: The key + to select. + type: string + name: + description: 'Name + of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other + useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify + whether the ConfigMap + or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the + targets. + properties: + key: + description: The key + of the secret to + select from. Must + be a valid secret + key. + type: string + name: + description: 'Name + of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other + useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify + whether the Secret + or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client + cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target + certificate validation. + type: boolean + keyFile: + description: Path to the client + key file in the container + for the targets. + type: string + keySecret: + description: Secret containing + the client key file for + the targets. + properties: + key: + description: The key of + the secret to select + from. Must be a valid + secret key. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify + the hostname for the targets. + type: string + type: object + type: object + relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + type: array + jobLabel: + description: The label to use to retrieve the + job name from. + type: string + namespaceSelector: + description: Selector to select which namespaces + the Endpoints objects are discovered from. properties: - group: - description: group to map volume access - to Default is no group - type: string - readOnly: - description: readOnly here will force the - Quobyte volume to be mounted with read-only - permissions. Defaults to false. + any: + description: Boolean describing whether + all namespaces are selected in contrast + to a list restricting them. type: boolean - registry: - description: registry represents a single - or multiple Quobyte Registry services - specified as a string as host:port pair - (multiple entries are separated with commas) - which acts as the central registry for - volumes - type: string - tenant: - description: tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volumes, value is - set by the plugin - type: string - user: - description: user to map volume access to - Defaults to serivceaccount user - type: string - volume: - description: volume is a string that references - an already created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type - of the volume that you want to mount. - Tip: Ensure that the filesystem type is - supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - image: - description: 'image is the rados image name. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'keyring is the path to key - ring for RBDUser. Default is /etc/ceph/keyring. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'monitors is a collection of - Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + matchNames: + description: List of namespace names. items: type: string type: array - pool: - description: 'pool is the rados pool name. - Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'readOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - user: - description: 'user is the rados user name. - Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: gateway is the host address - of the ScaleIO API Gateway. - type: string - protectionDomain: - description: protectionDomain is the name - of the ScaleIO Protection Domain for the - configured storage. - type: string - readOnly: - description: readOnly Defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef references to the - secret for ScaleIO user and other sensitive - information. If this is not provided, - Login operation will fail. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - sslEnabled: - description: sslEnabled Flag enable/disable - SSL communication with Gateway, default - false - type: boolean - storageMode: - description: storageMode indicates whether - the storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. - type: string - storagePool: - description: storagePool is the ScaleIO - Storage Pool associated with the protection - domain. - type: string - system: - description: system is the name of the storage - system as configured in ScaleIO. - type: string - volumeName: - description: volumeName is the name of a - volume already created in the ScaleIO - system that is associated with this volume - source. - type: string - required: - - gateway - - secretRef - - system type: object - secret: - description: 'secret represents a secret that - should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + podTargetLabels: + description: PodTargetLabels transfers labels + on the Kubernetes Pod onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape + limit on number of scraped samples that will + be accepted. + format: int64 + type: integer + selector: + description: Selector to select Endpoints objects + by corresponding Service labels. properties: - defaultMode: - description: 'defaultMode is Optional: mode - bits used to set permissions on created - files by default. Must be an octal value - between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. - Directories within the path are not affected - by this setting. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' - format: int32 - type: integer - items: - description: items If unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: - description: Maps a string key to a path - within a volume. + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. properties: key: - description: key is the key to project. + description: key is the label key + that the selector applies to. type: string - mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' - format: int32 - type: integer - path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array required: - key - - path + - operator type: object type: array - optional: - description: optional field specify whether - the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of - the secret in the pod''s namespace to - use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: storageOS represents a StorageOS - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. - type: string - readOnly: - description: readOnly defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef specifies the secret - to use for obtaining the StorageOS API - credentials. If not specified, default - values will be attempted. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. type: object - x-kubernetes-map-type: atomic - volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume - names are only unique within a namespace. - type: string - volumeNamespace: - description: volumeNamespace specifies the - scope of the volume within StorageOS. If - no namespace is specified then the Pod's - namespace will be used. This allows the - Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. - Set VolumeName to any name to override - the default behaviour. Set to "default" - if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. - type: string - type: object - vsphereVolume: - description: vsphereVolume represents a vSphere - volume attached and mounted on kubelets host - machine - properties: - fsType: - description: fsType is filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. - type: string - storagePolicyID: - description: storagePolicyID is the storage - Policy Based Management (SPBM) profile - ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile - name. - type: string - volumePath: - description: volumePath is the path that - identifies vSphere volume vmdk - type: string - required: - - volumePath type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: SeriesLimit defines per-scrape + limit on number of unique time series a single + target can expose during all the scrapes on + the time window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on + the Kubernetes Service onto the target. + items: + type: string + type: array required: - - name + - endpoints type: object - type: array - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - issuer: - description: Specifies the configuration for the TLS certificates - issuer. It allows defining the issuer name and the reference - to the secret containing the TLS certificates and key. - The secret should contain the CA certificate, TLS certificate, - and private key in the specified keys. Required when TLS - is enabled. - properties: - name: - allOf: - - enum: - - KubeBlocks - - UserProvided - - enum: - - KubeBlocks - - UserProvided - default: KubeBlocks - description: "The issuer for TLS certificates. It only - allows two enum values: `KubeBlocks` and `UserProvided`. - \n - `KubeBlocks` indicates that the self-signed TLS - certificates generated by the KubeBlocks Operator - will be used. - `UserProvided` means that the user - is responsible for providing their own CA, Cert, and - Key. In this case, the user-provided CA certificate, - server certificate, and private key will be used for - TLS communication." - type: string - secretRef: - description: SecretRef is the reference to the secret - that contains user-provided certificates. It is required - when the issuer is set to `UserProvided`. - properties: - ca: - description: Key of CA cert in Secret - type: string - cert: - description: Key of Cert in Secret - type: string - key: - description: Key of TLS private key in Secret - type: string - name: - description: Name of the Secret that contains user-provided - certificates. - type: string - required: - - ca - - cert - - key - - name type: object - required: - - name type: object - monitorEnabled: - description: "Determines whether metrics exporter information - is annotated on the Component's headless Service. \n If - set to true, the following annotations will be patched - into the Service: \n - \"monitor.kubeblocks.io/path\" + monitor: + description: "Deprecated since v0.9 Determines whether metrics + exporter information is annotated on the Component's headless + Service. \n If set to true, the following annotations + will be patched into the Service: \n - \"monitor.kubeblocks.io/path\" - \"monitor.kubeblocks.io/port\" - \"monitor.kubeblocks.io/scheme\" \n These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter." @@ -10620,15 +14563,6 @@ spec: - name type: object type: array - sidecars: - description: Defines the sidecar containers that will be - attached to the Component's main container. - items: - type: string - maxItems: 32 - minItems: 1 - type: array - x-kubernetes-list-type: set switchPolicy: description: "Defines the strategy for switchover and failover when workloadType is Replication. \n Deprecated since diff --git a/config/crd/bases/apps.kubeblocks.io_componentdefinitions.yaml b/config/crd/bases/apps.kubeblocks.io_componentdefinitions.yaml index 5fa3a60bd1e..375c300a3bc 100644 --- a/config/crd/bases/apps.kubeblocks.io_componentdefinitions.yaml +++ b/config/crd/bases/apps.kubeblocks.io_componentdefinitions.yaml @@ -86,32 +86,6 @@ spec: ignored to avoid overriding higher-priority annotations. \n This field is immutable." type: object - builtinMonitorContainer: - description: Defines the built-in metrics exporter container. - properties: - metricsPath: - description: Specifies the http/https url path to scrape for metrics. - If empty, Prometheus uses the default value (e.g. `/metrics`). - type: string - metricsPort: - description: Specifies the port name to scrape for metrics. - type: string - name: - description: Specifies the name of the built-in metrics exporter - container. - type: string - protocol: - description: Specifies the schema to use for scraping. `http` - and `https` are the expected values unless you rewrite the `__scheme__` - label via relabeling. If empty, Prometheus uses the default - value `http`. - enum: - - http - - https - type: string - required: - - name - type: object configs: description: "Specifies the configuration file templates and volume mount parameters used by the Component. It also includes descriptions @@ -289,6 +263,30 @@ spec: characteristics. maxLength: 256 type: string + exporter: + description: Defines the built-in metrics exporter container. + properties: + containerName: + description: Specifies the name of the built-in metrics exporter + container. + type: string + scrapePath: + description: Specifies the http/https url path to scrape for metrics. + If empty, Prometheus uses the default value (e.g. `/metrics`). + type: string + scrapePort: + description: Specifies the port name to scrape for metrics. + type: string + scrapeScheme: + description: Specifies the schema to use for scraping. `http` + and `https` are the expected values unless you rewrite the `__scheme__` + label via relabeling. If empty, Prometheus uses the default + value `http`. + enum: + - http + - https + type: string + type: object hostNetwork: description: "Specifies the host network configuration for the Component. \n When `hostNetwork` option is enabled, the Pods share the host's @@ -5208,6 +5206,39 @@ spec: format: int32 minimum: 0 type: integer + monitor: + description: Deprecated since v0.9 monitor is monitoring config which + provided by provider. + properties: + builtIn: + default: false + description: builtIn is a switch to enable KubeBlocks builtIn + monitoring. If BuiltIn is set to true, monitor metrics will + be scraped automatically. If BuiltIn is set to false, the provider + should set ExporterConfig and Sidecar container own. + type: boolean + exporterConfig: + description: exporterConfig provided by provider, which specify + necessary information to Time Series Database. exporterConfig + is valid when builtIn is false. + properties: + scrapePath: + default: /metrics + description: scrapePath is exporter url path for Time Series + Database to scrape metrics. + maxLength: 128 + type: string + scrapePort: + anyOf: + - type: integer + - type: string + description: scrapePort is exporter port for Time Series Database + to scrape metrics. + x-kubernetes-int-or-string: true + required: + - scrapePort + type: object + type: object policyRules: description: "Defines the namespaced policy rules required by the Component. \n The `policyRules` field is an array of `rbacv1.PolicyRule` @@ -13219,1331 +13250,6 @@ spec: - name type: object type: array - sidecarContainerSpecs: - description: Defines the sidecar containers that will be attached - to the component's main container. - items: - properties: - args: - description: 'Arguments to the entrypoint. The container image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will - be unchanged. Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. - The container image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: - i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. - If a variable cannot be resolved, the reference in the - input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists - or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be - a C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key - will take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set - of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap must be - defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each - key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take - in response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The Pod''s termination grace period - countdown begins before the PreStop hook is executed. - Regardless of the outcome of the handler, the container - will eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other management - of the container blocks until the hook completes or until - the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC port. - properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - monitor: - description: Defines the function or purpose of the container, - such as the monitor type sidecar. - properties: - kind: - description: Defines the kind of monitor, such as metrics - or logs. - enum: - - metrics - - logs - - traces - type: string - scrapeConfig: - description: Defines the scrape configuration for the prometheus. - properties: - metricsPath: - description: Specifies the http/https url path to scrape - for metrics. If empty, Prometheus uses the default - value (e.g. `/metrics`). - type: string - metricsPort: - description: Specifies the port name to scrape for metrics. - type: string - protocol: - description: Specifies the schema to use for scraping. - `http` and `https` are the expected values unless - you rewrite the `__scheme__` label via relabeling. - If empty, Prometheus uses the default value `http`. - enum: - - http - - https - type: string - type: object - required: - - kind - type: object - name: - description: Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not - specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Modifying this array with strategic merge patch may corrupt - the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. - Cannot be updated. - items: - description: ContainerPort represents a network port in a - single container. - properties: - containerPort: - description: Number of port to expose on the pod's IP - address. This must be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external port to. - type: string - hostPort: - description: Number of port to expose on the host. If - specified, this must be a valid port number, 0 < x < - 65536. If HostNetwork is specified, this must match - ContainerPort. Most containers do not need this. - format: int32 - type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod - must have a unique name. Name for the port that can - be referred to by services. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if the probe - fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC port. - properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resizePolicy: - description: Resources resize policy for the container. - items: - description: ContainerResizePolicy represents resource resize - policy for the container. - properties: - resourceName: - description: 'Name of the resource to which this resource - resize policy applies. Supported values: cpu, memory.' - type: string - restartPolicy: - description: Restart policy to apply when specified resource - is resized. If not specified, it defaults to NotRequired. - type: string - required: - - resourceName - - restartPolicy - type: object - type: array - x-kubernetes-list-type: atomic - resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - properties: - claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only - be set for containers." - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - restartPolicy: - description: 'RestartPolicy defines the restart behavior of - individual containers in a pod. This field may only be set - for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, - the restart behavior is defined by the Pod''s restart policy - and the container type. Setting the RestartPolicy as "Always" - for the init container will have the following effect: this - init container will be continually restarted on exit until - all regular containers have terminated. Once all regular containers - have completed, all init containers with restartPolicy "Always" - will be shut down. This lifecycle differs from normal init - containers and is often referred to as a "sidecar" container. - Although this init container still starts in the init container - sequence, it does not wait for the container to complete before - proceeding to the next init container. Instead, the next init - container starts immediately after this init container is - started, or after any startupProbe has successfully completed.' - type: string - securityContext: - description: 'SecurityContext defines the security options the - container should be run with. If set, the fields of SecurityContext - override the equivalent fields of PodSecurityContext. More - info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN Note that this field cannot be set - when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by - the container runtime. Note that this field cannot be - set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent to - root on the host. Defaults to false. Note that this field - cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: procMount denotes the type of proc mount to - use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root - filesystem. Default is false. Note that this field cannot - be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a - non-root user. If true, the Kubelet will validate the - image at runtime to ensure that it does not run as UID - 0 (root) and fail to start the container if it does. If - unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata - if unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a - random SELinux context for each container. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod & container - level, the container options override the pod options. - Note that this field cannot be set when spec.os.name is - windows. - properties: - localhostProfile: - description: localhostProfile indicates a profile defined - in a file on the node should be used. The profile - must be preconfigured on the node to work. Must be - a descending path, relative to the kubelet's configured - seccomp profile location. Must be set if type is "Localhost". - Must NOT be set for any other type. - type: string - type: - description: "type indicates which kind of seccomp profile - will be applied. Valid options are: \n Localhost - - a profile defined in a file on the node should be - used. RuntimeDefault - the container runtime default - profile should be used. Unconfined - no profile should - be applied." - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is - linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the - GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container should - be run as a 'Host Process' container. All of a Pod's - containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess - containers and non-HostProcess containers). In addition, - if HostProcess is true then HostNetwork must also - be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. - type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod - will be restarted, just as if the livenessProbe failed. This - can be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. - This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC port. - properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a buffer - for stdin in the container runtime. If this is not set, reads - from stdin in the container will always result in EOF. Default - is false. - type: boolean - stdinOnce: - description: Whether the container runtime should close the - stdin channel after it has been opened by a single attach. - When stdin is true the stdin stream will remain open across - multiple attach sessions. If stdinOnce is set to true, stdin - is opened on container start, is empty until the first client - attaches to stdin, and then remains open and accepts data - until the client disconnects, at which time stdin is closed - and remains closed until the container is restarted. If this - flag is false, a container processes that reads from stdin - will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which the - container''s termination message will be written is mounted - into the container''s filesystem. Message written is intended - to be brief final status, such as an assertion failure message. - Will be truncated by the node if greater than 4096 bytes. - The total message length across all containers will be limited - to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be - populated. File will use the contents of terminationMessagePath - to populate the container status message on both success and - failure. FallbackToLogsOnError will use the last chunk of - container log output if the termination message file is empty - and the container exited with an error. The log output is - limited to 2048 bytes or 80 lines, whichever is smaller. Defaults - to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices to be - used by the container. - items: - description: volumeDevice describes a mapping of a raw block - device within a container. - properties: - devicePath: - description: devicePath is the path inside of the container - that the device will be mapped to. - type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume - within a container. - properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other - way around. When not set, MountPropagationNone is used. - This field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might - be configured in the container image. Cannot be updated. - type: string - required: - - name - type: object - maxItems: 32 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - x-kubernetes-preserve-unknown-fields: true systemAccounts: description: "An array of `SystemAccount` objects that define the system accounts needed for the management operations of the Component. diff --git a/config/crd/bases/apps.kubeblocks.io_components.yaml b/config/crd/bases/apps.kubeblocks.io_components.yaml index bbb119f0e7c..eab5bb3d105 100644 --- a/config/crd/bases/apps.kubeblocks.io_components.yaml +++ b/config/crd/bases/apps.kubeblocks.io_components.yaml @@ -225,6 +225,14 @@ spec: type: string type: object type: array + disableExporter: + description: "Determines whether metrics exporter information is annotated + on the Component's headless Service. \n If set to true, the following + annotations will not be patched into the Service: \n - \"monitor.kubeblocks.io/path\" + - \"monitor.kubeblocks.io/port\" - \"monitor.kubeblocks.io/scheme\" + \n These annotations allow the Prometheus installed by KubeBlocks + to discover and scrape metrics from the exporter." + type: boolean enabledLogs: description: "Specifies which types of logs should be collected for the Cluster. The log types are defined in the `componentDefinition.spec.logConfigs` @@ -2360,240 +2368,2048 @@ spec: - name type: object type: array - monitorEnabled: - description: "Determines whether metrics exporter information is annotated - on the Component's headless Service. \n If set to true, the following - annotations will be patched into the Service: \n - \"monitor.kubeblocks.io/path\" - - \"monitor.kubeblocks.io/port\" - \"monitor.kubeblocks.io/scheme\" - \n These annotations allow the Prometheus installed by KubeBlocks - to discover and scrape metrics from the exporter." - type: boolean - offlineInstances: - description: "Specifies the names of instances to be transitioned - to offline status. \n Marking an instance as offline results in - the following: \n 1. The associated Pod is stopped, and its PersistentVolumeClaim - (PVC) is retained for potential future reuse or data recovery, but - it is no longer actively used. 2. The ordinal number assigned to - this instance is preserved, ensuring it remains unique and avoiding - conflicts with new instances. \n Setting instances to offline allows - for a controlled scale-in process, preserving their data and maintaining - ordinal consistency within the Cluster. Note that offline instances - and their associated resources, such as PVCs, are not automatically - deleted. The administrator must manually manage the cleanup and - removal of these resources when they are no longer needed." - items: - type: string - type: array - replicas: - default: 1 - description: Specifies the desired number of replicas in the Component - for enhancing availability and durability, or load balancing. - format: int32 - minimum: 0 - type: integer - resources: - description: Specifies the resources required by the Component. It - allows defining the CPU, memory requirements and limits for the - Component's containers. - properties: - claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - x-kubernetes-preserve-unknown-fields: true - runtimeClassName: - description: Defines runtimeClassName for all Pods managed by this - Component. - type: string - schedulingPolicy: - description: Specifies the scheduling policy for the Component. + metricsStoreIntegration: + description: It supports prometheus/victoriametrics operator. properties: - affinity: - description: Specifies a group of affinity scheduling rules of - the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. + serviceMonitorTemplate: + description: "Specifies the ServiceMonitor template used in the + Component. \n Example usage: ```yaml name: prometheus-scrape + namespace: default labels: k8s-app: node-exporter serviceMonitorTemplate: + selector: matchLabels: app: app-exporter k8s-app: app-exporter + endpoints: - port: metrics_port jobLabel: k8s-app ```" properties: - nodeAffinity: - description: Describes node affinity scheduling rules for - the pod. + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + serviceMonitorSpec: + description: ServiceMonitorSpec contains specification parameters + for a ServiceMonitor properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. + attachMetadata: + description: "`attachMetadata` defines additional metadata + which is added to the discovered targets. \n It requires + Prometheus >= v2.37.0." + properties: + node: + description: When set to true, Prometheus must have + the `get` permission on the `Nodes` objects. + type: boolean + type: object + endpoints: + description: List of endpoints part of this ServiceMonitor. items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects - (i.e. is also a no-op). + description: Endpoint defines an endpoint serving Prometheus + metrics to be scraped by Prometheus. properties: - preference: - description: A node selector term, associated with - the corresponding weight. + authorization: + description: "`authorization` configures the Authorization + header credentials to use when scraping the target. + \n Cannot be set at the same time as `basicAuth`, + or `oauth2`." properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array + credentials: + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" + type: string type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the - corresponding nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from - its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term - matches no objects. The requirements of them are - ANDed. The TopologySelectorTerm type implements - a subset of the NodeSelectorTerm. + basicAuth: + description: "`basicAuth` configures the Basic Authentication + credentials to use when scraping the target. \n + Cannot be set at the same time as `authorization`, + or `oauth2`." properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: + password: + description: '`password` specifies a key of + a Secret containing the password for authentication.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key of + a Secret containing the username for authentication.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: "File to read bearer token for scraping + the target. \n Deprecated: use `authorization` + instead." + type: string + bearerTokenSecret: + description: "`bearerTokenSecret` specifies a key + of a Secret containing the bearer token for scraping + targets. The secret needs to be in the same namespace + as the ServiceMonitor object and readable by the + Prometheus Operator. \n Deprecated: use `authorization` + instead." + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + enableHttp2: + description: '`enableHttp2` can be used to disable + HTTP2 when scraping the target.' + type: boolean + filterRunning: + description: "When true, the pods which are not + running (e.g. either in Failed or Succeeded state) + are dropped during the target discovery. \n If + unset, the filtering is enabled. \n More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" + type: boolean + followRedirects: + description: '`followRedirects` defines whether + the scrape requests should follow HTTP 3xx redirects.' + type: boolean + honorLabels: + description: When true, `honorLabels` preserves + the metric's labels when they collide with the + target's labels. + type: boolean + honorTimestamps: + description: '`honorTimestamps` controls whether + Prometheus preserves the timestamps when exposed + by the target.' + type: boolean + interval: + description: "Interval at which Prometheus scrapes + the metrics from the target. \n If empty, Prometheus + uses the global scrape interval." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + metricRelabelings: + description: '`metricRelabelings` configures the + relabeling rules to apply to the samples before + ingestion.' + items: + description: "RelabelConfig allows dynamic rewriting + of the label set for targets, alerts, scraped + samples and remote write samples. \n More info: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the + regex matching. \n `Uppercase` and `Lowercase` + actions require Prometheus >= v2.36.0. `DropEqual` + and `KeepEqual` actions require Prometheus + >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash + of the source label values. \n Only applicable + when the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which + the extracted value is matched. + type: string + replacement: + description: "Replacement value against which + a Replace action is performed if the regular + expression matches. \n Regex capture groups + are available." + type: string + separator: + description: Separator is the string between + concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select values + from existing labels. Their content is concatenated + using the configured Separator and matched + against the configured regular expression. + items: + description: LabelName is a valid Prometheus + label name which may only contain ASCII + letters, numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting + string is written in a replacement. \n It + is mandatory for `Replace`, `HashMod`, `Lowercase`, + `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups are available." + type: string + type: object + type: array + oauth2: + description: "`oauth2` configures the OAuth2 settings + to use when scraping the target. \n It requires + Prometheus >= 2.27.0. \n Cannot be set at the + same time as `authorization`, or `basicAuth`." + properties: + clientId: + description: '`clientId` specifies a key of + a Secret or ConfigMap containing the OAuth2 + client''s ID.' + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies a key + of a Secret containing the OAuth2 client''s + secret.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures the + HTTP parameters to append to the token URL.' + type: object + scopes: + description: '`scopes` defines the OAuth2 scopes + used for the token request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures the URL + to fetch the token from.' + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + params: + additionalProperties: + items: + type: string + type: array + description: params define optional HTTP URL parameters. + type: object + path: + description: "HTTP path from which to scrape for + metrics. \n If empty, Prometheus uses the default + value (e.g. `/metrics`)." + type: string + port: + description: "Name of the Service port which this + endpoint refers to. \n It takes precedence over + `targetPort`." + type: string + proxyUrl: + description: '`proxyURL` configures the HTTP Proxy + URL (e.g. "http://proxyserver:2195") to go through + when scraping the target.' + type: string + relabelings: + description: "`relabelings` configures the relabeling + rules to apply the target's metadata labels. \n + The Operator automatically adds relabelings for + a few standard Kubernetes fields. \n The original + scrape job's name is available via the `__tmp_prometheus_job_name` + label. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + items: + description: "RelabelConfig allows dynamic rewriting + of the label set for targets, alerts, scraped + samples and remote write samples. \n More info: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the + regex matching. \n `Uppercase` and `Lowercase` + actions require Prometheus >= v2.36.0. `DropEqual` + and `KeepEqual` actions require Prometheus + >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash + of the source label values. \n Only applicable + when the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which + the extracted value is matched. + type: string + replacement: + description: "Replacement value against which + a Replace action is performed if the regular + expression matches. \n Regex capture groups + are available." + type: string + separator: + description: Separator is the string between + concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select values + from existing labels. Their content is concatenated + using the configured Separator and matched + against the configured regular expression. + items: + description: LabelName is a valid Prometheus + label name which may only contain ASCII + letters, numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting + string is written in a replacement. \n It + is mandatory for `Replace`, `HashMod`, `Lowercase`, + `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups are available." + type: string + type: object + type: array + scheme: + description: "HTTP scheme to use for scraping. \n + `http` and `https` are the expected values unless + you rewrite the `__scheme__` label via relabeling. + \n If empty, Prometheus uses the default value + `http`." + enum: + - http + - https + type: string + scrapeTimeout: + description: "Timeout after which Prometheus considers + the scrape to be failed. \n If empty, Prometheus + uses the global scrape timeout unless it is less + than the target's scrape interval value in which + the latter is used." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: "Name or number of the target port + of the `Pod` object behind the Service, the port + must be specified with container port property. + \n Deprecated: use `port` instead." + x-kubernetes-int-or-string: true + tlsConfig: + description: TLS configuration to use when scraping + the target. + properties: + ca: + description: Certificate authority used when + verifying server certificates. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the Prometheus + container to use for the targets. + type: string + cert: + description: Client certificate to present when + doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in + the Prometheus container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in + the Prometheus container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for + the targets. + type: string + type: object + trackTimestampsStaleness: + description: "`trackTimestampsStaleness` defines + whether Prometheus tracks staleness of the metrics + that have an explicit timestamp present in scraped + data. Has no effect if `honorTimestamps` is false. + \n It requires Prometheus >= v2.48.0." + type: boolean + type: object + type: array + jobLabel: + description: "`jobLabel` selects the label from the associated + Kubernetes `Service` object which will be used as the + `job` label for all metrics. \n For example if `jobLabel` + is set to `foo` and the Kubernetes `Service` object + is labeled with `foo: bar`, then Prometheus adds the + `job=\"bar\"` label to all ingested metrics. \n If the + value of this field is empty or if the label doesn't + exist for the given Service, the `job` label of the + metrics defaults to the name of the associated Kubernetes + `Service`." + type: string + keepDroppedTargets: + description: "Per-scrape limit on the number of targets + dropped by relabeling that will be kept in memory. 0 + means no limit. \n It requires Prometheus >= v2.47.0." + format: int64 + type: integer + labelLimit: + description: "Per-scrape limit on number of labels that + will be accepted for a sample. \n It requires Prometheus + >= v2.27.0." + format: int64 + type: integer + labelNameLengthLimit: + description: "Per-scrape limit on length of labels name + that will be accepted for a sample. \n It requires Prometheus + >= v2.27.0." + format: int64 + type: integer + labelValueLengthLimit: + description: "Per-scrape limit on length of labels value + that will be accepted for a sample. \n It requires Prometheus + >= v2.27.0." + format: int64 + type: integer + namespaceSelector: + description: Selector to select which namespaces the Kubernetes + `Endpoints` objects are discovered from. + properties: + any: + description: Boolean describing whether all namespaces + are selected in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names to select from. + items: + type: string + type: array + type: object + podTargetLabels: + description: '`podTargetLabels` defines the labels which + are transferred from the associated Kubernetes `Pod` + object onto the ingested metrics.' + items: + type: string + type: array + sampleLimit: + description: '`sampleLimit` defines a per-scrape limit + on the number of scraped samples that will be accepted.' + format: int64 + type: integer + selector: + description: Label selector to select the Kubernetes `Endpoints` + objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + targetLabels: + description: '`targetLabels` defines the labels which + are transferred from the associated Kubernetes `Service` + object onto the ingested metrics.' + items: + type: string + type: array + targetLimit: + description: '`targetLimit` defines a limit on the number + of scraped targets that will be accepted.' + format: int64 + type: integer + required: + - selector + type: object + type: object + vmMonitorTemplate: + description: "VictoriaMetrics is currently not supported yet. + Specifies the VMServiceScrape template used in the Component. + \n ```yaml name: vm-scrape namespace: default labels: k8s-app: + node-exporter vmServiceScrapeSpec: selector: matchLabels: app: + app-exporter ```" + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + vmServiceScrapeSpec: + description: VMServiceScrapeSpec defines the desired state + of VMServiceScrape + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching + from service discovery + properties: + node: + description: 'Node instructs vmagent to add node specific + metadata from service discovery Valid for roles: + pod, endpoints, endpointslice.' + type: boolean + type: object + discoveryRole: + description: 'DiscoveryRole - defines kubernetes_sd role + for objects discovery. by default, its endpoints. can + be changed to service or endpointslices. note, that + with service setting, you have to use port: "name" and + cannot use targetPort for endpoints.' + enum: + - endpoints + - service + - endpointslices + type: string + endpoints: + description: A list of endpoints allowed as part of this + ServiceScrape. + items: + description: Endpoint defines a scrapeable endpoint + serving Prometheus metrics. + properties: + attach_metadata: + description: AttachMetadata configures metadata + attaching from service discovery + properties: + node: + description: 'Node instructs vmagent to add + node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice.' + type: boolean + type: object + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default + to bearer + type: string + type: object + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate + over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: The secret in the service scrape + namespace that contains the password for authentication. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile defines path to password + file at disk + type: string + username: + description: The secret in the service scrape + namespace that contains the username for authentication. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping + targets. + type: string + bearerTokenSecret: + description: Secret to mount to read bearer token + for scraping targets. The secret needs to be in + the same namespace as the service scrape and accessible + by the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects + for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels + on collisions with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent + respects the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be + scraped + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples + before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting + of the label set, being applied to samples before + ingestion. It defines ``-section + of configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex + matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL match + expression (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with + Match for `action: graphite`' + type: object + match: + description: 'Match is used together with + Labels for `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of + the source label values. + format: int64 + type: integer + regex: + description: Regular expression against which + the extracted value is matched. Default + is '(.*)' victoriaMetrics supports multiline + regex joined with | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against which + a regex replace is performed if the regular + expression matches. Regex capture groups + are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels - additional + form of source labels source_labels for + compatibility with original relabel config. + if set both sourceLabels and source_labels, + sourceLabels has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select values + from existing labels. Their content is concatenated + using the configured separator and matched + against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel - additional + form of target label - target_label for + compatibility with original relabel config. + if set both targetLabel and target_label, + targetLabel has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the resulting + value is written in a replace action. It + is mandatory for replace actions. Regex + capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint + refers to. Mutually exclusive with targetPort. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 + Directs scrapes to proxy through this endpoint. + type: string + relabelConfigs: + description: 'RelabelConfigs to apply to samples + before scraping. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic rewriting + of the label set, being applied to samples before + ingestion. It defines ``-section + of configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex + matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL match + expression (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with + Match for `action: graphite`' + type: object + match: + description: 'Match is used together with + Labels for `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of + the source label values. + format: int64 + type: integer + regex: + description: Regular expression against which + the extracted value is matched. Default + is '(.*)' victoriaMetrics supports multiline + regex joined with | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against which + a regex replace is performed if the regular + expression matches. Regex capture groups + are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels - additional + form of source labels source_labels for + compatibility with original relabel config. + if set both sourceLabels and source_labels, + sourceLabels has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select values + from existing labels. Their content is concatenated + using the configured separator and matched + against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel - additional + form of target label - target_label for + compatibility with original relabel config. + if set both targetLabel and target_label, + targetLabel has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the resulting + value is written in a replace action. It + is mandatory for replace actions. Regex + capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-endpoint limit + on number of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + type: string + scrape_interval: + description: ScrapeInterval is the same as Interval + and has priority over it. one of scrape_interval + or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: SeriesLimit defines per-scrape limit + on number of unique time series a single target + can expose during all the scrapes on the time + window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: Name or number of the pod port this + endpoint refers to. Mutually exclusive with port. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to use when + scraping the endpoint + properties: + ca: + description: Stuct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in + the container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in + the container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for + the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics + specific scrape parametrs + properties: + disable_compression: + type: boolean + disable_keep_alive: + description: disable_keepalive allows disabling + HTTP keep-alive when scraping targets. By + default, HTTP keep-alive is enabled, so TCP + connections to scrape targets could be re-used. + See https://docs.victoriametrics.com/vmagent.html#scrape_config-enhancements + type: boolean + headers: + description: 'Headers allows sending custom + headers to scrape targets must be in of semicolon + separated header with it''s value eg: headerName: + headerValue vmagent supports since 1.79.0 + version' + items: + type: string + type: array + metric_relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + no_stale_markers: + type: boolean + proxy_client_config: + description: ProxyClientConfig configures proxy + auth settings for scraping See feature description + https://docs.victoriametrics.com/vmagent.html#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint + to authenticate over basic authentication + properties: + password: + description: The secret in the service + scrape namespace that contains the + password for authentication. It must + be at them same namespace as CRD + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile defines path + to password file at disk + type: string + username: + description: The secret in the service + scrape namespace that contains the + username for authentication. It must + be at them same namespace as CRD + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a + key of a Secret. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + description: TLSConfig specifies TLSConfig + configuration parameters. + properties: + ca: + description: Stuct containing the CA + cert to use for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in + the container to use for the targets. + type: string + cert: + description: Struct containing the client + cert file for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert + file in the container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client key + file in the container for the targets. + type: string + keySecret: + description: Secret containing the client + key file for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname + for the targets. + type: string + type: object + type: object + relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + type: array + jobLabel: + description: The label to use to retrieve the job name + from. + type: string + namespaceSelector: + description: Selector to select which namespaces the Endpoints + objects are discovered from. + properties: + any: + description: Boolean describing whether all namespaces + are selected in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes + Pod onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Endpoints objects by corresponding + Service labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: SeriesLimit defines per-scrape limit on number + of unique time series a single target can expose during + all the scrapes on the time window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on the Kubernetes + Service onto the target. + items: + type: string + type: array + required: + - endpoints + type: object + type: object + type: object + offlineInstances: + description: "Specifies the names of instances to be transitioned + to offline status. \n Marking an instance as offline results in + the following: \n 1. The associated Pod is stopped, and its PersistentVolumeClaim + (PVC) is retained for potential future reuse or data recovery, but + it is no longer actively used. 2. The ordinal number assigned to + this instance is preserved, ensuring it remains unique and avoiding + conflicts with new instances. \n Setting instances to offline allows + for a controlled scale-in process, preserving their data and maintaining + ordinal consistency within the Cluster. Note that offline instances + and their associated resources, such as PVCs, are not automatically + deleted. The administrator must manually manage the cleanup and + removal of these resources when they are no longer needed." + items: + type: string + type: array + replicas: + default: 1 + description: Specifies the desired number of replicas in the Component + for enhancing availability and durability, or load balancing. + format: int32 + minimum: 0 + type: integer + resources: + description: Specifies the resources required by the Component. It + allows defining the CPU, memory requirements and limits for the + Component's containers. + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + x-kubernetes-preserve-unknown-fields: true + runtimeClassName: + description: Defines runtimeClassName for all Pods managed by this + Component. + type: string + schedulingPolicy: + description: Specifies the scheduling policy for the Component. + properties: + affinity: + description: Specifies a group of affinity scheduling rules of + the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: key: description: The label key that the selector applies to. @@ -4142,15 +5958,6 @@ spec: - name type: object type: array - sidecars: - description: Defines the sidecar containers that will be attached - to the Component's main container. - items: - type: string - maxItems: 32 - minItems: 1 - type: array - x-kubernetes-list-type: set tlsConfig: description: "Specifies the TLS configuration for the Component, including: \n - A boolean flag that indicates whether the Component should diff --git a/config/crd/bases/apps.kubeblocks.io_configconstraints.yaml b/config/crd/bases/apps.kubeblocks.io_configconstraints.yaml index 7505f6cdd85..013115a3288 100644 --- a/config/crd/bases/apps.kubeblocks.io_configconstraints.yaml +++ b/config/crd/bases/apps.kubeblocks.io_configconstraints.yaml @@ -94,10 +94,10 @@ spec: (e.g., from secondary to primary), some changes in configuration are needed to reflect the new role." items: - description: DownwardAPITriggeredAction defines an action that triggers - specific commands in response to changes in Pod labels. For example, - a command might be executed when the 'role' label of the Pod is - updated. + description: DownwardAPIChangeTriggeredAction defines an action + that triggers specific commands in response to changes in Pod + labels. For example, a command might be executed when the 'role' + label of the Pod is updated. properties: command: description: Specifies the command to be triggered when changes @@ -730,35 +730,7 @@ spec: spec: description: ConfigConstraintSpec defines the desired state of ConfigConstraint properties: - configSchema: - description: Defines a list of parameters including their names, default - values, descriptions, types, and constraints (permissible values - or the range of valid values). - properties: - cue: - description: "Hold a string that contains a script written in - CUE language that defines a list of configuration items. Each - item is detailed with its name, default value, description, - type (e.g. string, integer, float), and constraints (permissible - values or the valid range of values). \n CUE (Configure, Unify, - Execute) is a declarative language designed for defining and - validating complex data configurations. It is particularly useful - in environments like K8s where complex configurations and validation - rules are common. \n This script functions as a validator for - user-provided configurations, ensuring compliance with the established - specifications and constraints." - type: string - schemaInJSON: - description: Generated from the 'cue' field and transformed into - a JSON format. - x-kubernetes-preserve-unknown-fields: true - topLevelKey: - description: Specifies the top-level key in the 'configSchema.cue' - that organizes the validation rules for parameters. This key - must exist within the CUE script defined in 'configSchema.cue'. - type: string - type: object - downwardAPITriggeredActions: + downwardAPIChangeTriggeredActions: description: "TODO: migrate DownwardAPITriggeredActions to ComponentDefinition.spec.lifecycleActions Specifies a list of actions to execute specified commands based on Pod labels. \n It utilizes the K8s Downward API to mount label @@ -771,10 +743,10 @@ spec: (e.g., from secondary to primary), some changes in configuration are needed to reflect the new role." items: - description: DownwardAPITriggeredAction defines an action that triggers - specific commands in response to changes in Pod labels. For example, - a command might be executed when the 'role' label of the Pod is - updated. + description: DownwardAPIChangeTriggeredAction defines an action + that triggers specific commands in response to changes in Pod + labels. For example, a command might be executed when the 'role' + label of the Pod is updated. properties: command: description: Specifies the command to be triggered when changes @@ -962,6 +934,34 @@ spec: efficient handling of configuration changes by potentially eliminating an unnecessary reload step." type: boolean + parametersSchema: + description: Defines a list of parameters including their names, default + values, descriptions, types, and constraints (permissible values + or the range of valid values). + properties: + cue: + description: "Hold a string that contains a script written in + CUE language that defines a list of configuration items. Each + item is detailed with its name, default value, description, + type (e.g. string, integer, float), and constraints (permissible + values or the valid range of values). \n CUE (Configure, Unify, + Execute) is a declarative language designed for defining and + validating complex data configurations. It is particularly useful + in environments like K8s where complex configurations and validation + rules are common. \n This script functions as a validator for + user-provided configurations, ensuring compliance with the established + specifications and constraints." + type: string + schemaInJSON: + description: Generated from the 'cue' field and transformed into + a JSON format. + x-kubernetes-preserve-unknown-fields: true + topLevelKey: + description: Specifies the top-level key in the 'configSchema.cue' + that organizes the validation rules for parameters. This key + must exist within the CUE script defined in 'configSchema.cue'. + type: string + type: object reloadAction: description: "Specifies the dynamic reload (dynamic reconfiguration) actions supported by the engine. When set, the controller executes @@ -1110,6 +1110,58 @@ spec: required: - command type: object + targetPodSelector: + description: "Used to match labels on the pod to determine whether + a dynamic reload should be performed. \n In some scenarios, + only specific pods (e.g., primary replicas) need to undergo + a dynamic reload. The `reloadedPodSelector` allows you to specify + label selectors to target the desired pods for the reload process. + \n If the `reloadedPodSelector` is not specified or is nil, + all pods managed by the workload will be considered for the + dynamic reload." + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic tplScriptTrigger: description: Enables reloading process using a Go template script. properties: @@ -1197,57 +1249,6 @@ spec: engines that require static parameters to be set via SQL statements before they can take effect on restart." type: boolean - reloadedPodSelector: - description: "Used to match labels on the pod to determine whether - a dynamic reload should be performed. \n In some scenarios, only - specific pods (e.g., primary replicas) need to undergo a dynamic - reload. The `reloadedPodSelector` allows you to specify label selectors - to target the desired pods for the reload process. \n If the `reloadedPodSelector` - is not specified or is nil, all pods managed by the workload will - be considered for the dynamic reload." - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic staticParameters: description: List static parameters. Modifications to any of these parameters require a restart of the process to take effect. diff --git a/controllers/apps/cluster_plan_builder.go b/controllers/apps/cluster_plan_builder.go index 55398eba871..34d84595860 100644 --- a/controllers/apps/cluster_plan_builder.go +++ b/controllers/apps/cluster_plan_builder.go @@ -24,9 +24,11 @@ import ( "fmt" "reflect" + vmv1beta1 "github.com/VictoriaMetrics/operator/api/victoriametrics/v1beta1" "github.com/go-logr/logr" snapshotv1beta1 "github.com/kubernetes-csi/external-snapshotter/client/v3/apis/volumesnapshot/v1beta1" snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" @@ -123,6 +125,8 @@ func init() { model.AddScheme(workloadsv1alpha1.AddToScheme) model.AddScheme(storagev1alpha1.AddToScheme) model.AddScheme(appsv1beta1.AddToScheme) + model.AddScheme(monitoringv1.AddToScheme) + model.AddScheme(vmv1beta1.AddToScheme) } // PlanBuilder implementation diff --git a/controllers/apps/componentSidecarContainerTransformer.go b/controllers/apps/componentSidecarContainerTransformer.go deleted file mode 100644 index 087e1f13d3d..00000000000 --- a/controllers/apps/componentSidecarContainerTransformer.go +++ /dev/null @@ -1,102 +0,0 @@ -/* -Copyright (C) 2022-2024 ApeCloud Co., Ltd - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package apps - -import ( - "slices" - - corev1 "k8s.io/api/core/v1" - "sigs.k8s.io/controller-runtime/pkg/client" - - appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" - "github.com/apecloud/kubeblocks/pkg/common" - "github.com/apecloud/kubeblocks/pkg/controller/component" - "github.com/apecloud/kubeblocks/pkg/controller/graph" - "github.com/apecloud/kubeblocks/pkg/controller/model" -) - -type componentSidecarContainerTransformer struct{} - -var _ graph.Transformer = &componentSidecarContainerTransformer{} - -func (c componentSidecarContainerTransformer) Transform(ctx graph.TransformContext, _ *graph.DAG) (err error) { - transCtx, _ := ctx.(*componentTransformContext) - compOrig := transCtx.ComponentOrig - compDef := transCtx.CompDef - synthesizeComp := transCtx.SynthesizeComponent - - if model.IsObjectDeleting(compOrig) { - return - } - if common.IsCompactMode(compOrig.Annotations) { - transCtx.V(1).Info( - "Component is in compact mode, no need to inject sidecar containers to podTemplate", - "component", client.ObjectKeyFromObject(transCtx.ComponentOrig)) - return - } - - containers := injectSidecarContainers(compDef, synthesizeComp) - injectHostNetwork(transCtx, synthesizeComp, containers) - return -} - -func injectHostNetwork(transCtx *componentTransformContext, synthesizeComp *component.SynthesizedComponent, containers []corev1.Container) { - if len(containers) == 0 || !isHostNetworkEnabled(transCtx) { - return - } - - for _, container := range containers { - if len(container.Ports) > 0 { - synthesizeComp.HostNetwork.ContainerPorts = append( - synthesizeComp.HostNetwork.ContainerPorts, - appsv1alpha1.HostNetworkContainerPort{ - Container: container.Name, - Ports: buildHostNetworkPortsFromContainer(container.Ports), - }) - } - } -} - -func buildHostNetworkPortsFromContainer(containerPorts []corev1.ContainerPort) []string { - var ports []string - for _, port := range containerPorts { - ports = append(ports, port.Name) - } - return ports -} - -func injectSidecarContainers(compDef *appsv1alpha1.ComponentDefinition, synthesizeComp *component.SynthesizedComponent) []corev1.Container { - if len(synthesizeComp.Sidecars) == 0 { - return nil - } - - var containers []corev1.Container - for _, sidecar := range compDef.Spec.SidecarContainerSpecs { - if !slices.Contains(synthesizeComp.Sidecars, sidecar.Name) { - continue - } - containers = append(containers, sidecar.Container) - } - - // replace containers env default credential placeholder - replacedEnvs := component.GetEnvReplacementMapForConnCredential(synthesizeComp.ClusterName) - for _, c := range containers { - c.Env = component.ReplaceSecretEnvVars(replacedEnvs, c.Env) - } - synthesizeComp.PodSpec.Containers = append(synthesizeComp.PodSpec.Containers, containers...) - return containers -} diff --git a/controllers/apps/component_controller.go b/controllers/apps/component_controller.go index 657ad0f7b09..9f07449741a 100644 --- a/controllers/apps/component_controller.go +++ b/controllers/apps/component_controller.go @@ -153,11 +153,13 @@ func (r *ComponentReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( // do validation for the spec & definition consistency &componentValidationTransformer{}, // handle sidecar container - &componentSidecarContainerTransformer{}, + &componentMonitorContainerTransformer{}, // allocate ports for host-network component &componentHostNetworkTransformer{}, // handle component services &componentServiceTransformer{}, + // integration prometheus and VictoriaMetrics + &componentPrometheusIntegrationTransformer{Client: r.Client}, // handle component system accounts &componentAccountTransformer{}, // provision component system accounts diff --git a/controllers/apps/component_controller_test.go b/controllers/apps/component_controller_test.go index 926b283ab4e..527ca1d869c 100644 --- a/controllers/apps/component_controller_test.go +++ b/controllers/apps/component_controller_test.go @@ -32,6 +32,7 @@ import ( "github.com/golang/mock/gomock" snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" "github.com/sethvargo/go-password/password" "golang.org/x/exp/maps" "golang.org/x/exp/slices" @@ -1518,6 +1519,46 @@ var _ = Describe("Component Controller", func() { testCompConfiguration := func(compName, compDefName string) { } + testMetricsStoreIntegration := func(compName, compDefName string) { + monitorserviceNS := "default" + createClusterObjV2(compName, compDefObj.Name, func(f *testapps.MockClusterFactory) { + f.SetPrometheusIntegration(true, "monitor-test", monitorserviceNS) + }) + + By("wait for restore created") + ml := client.MatchingLabels{ + constant.AppInstanceLabelKey: clusterKey.Name, + constant.KBAppComponentLabelKey: compObj.Name, + } + By("check prometheus MonitorService") + Eventually(testapps.List(&testCtx, generics.MonitorServiceSignature, + ml, client.InNamespace(monitorserviceNS))).Should(HaveLen(1)) + + var sms monitoringv1.ServiceMonitorList + Expect(testCtx.Cli.List(testCtx.Ctx, &sms, ml, client.InNamespace(monitorserviceNS))).Should(Succeed()) + Expect(len(sms.Items)).Should(Equal(1)) + sm := sms.Items[0] + + By("update MonitorService") + Eventually(testapps.GetAndChangeObj(&testCtx, client.ObjectKeyFromObject(compObj), func(compDef *appsv1alpha1.Component) { + compDef.Spec.MetricsStoreIntegration.ServiceMonitorTemplate.ServiceMonitorSpec.JobLabel = "test_job" + })).Should(Succeed()) + + By("check MonitorService jobLabel") + Eventually(testapps.CheckObj(&testCtx, client.ObjectKeyFromObject(sm), func(g Gomega, ms *monitoringv1.ServiceMonitor) { + g.Expect(ms.Spec.JobLabel).Should(Equal("test_job")) + })).Should(Succeed()) + + By("disable MonitorService") + Eventually(testapps.GetAndChangeObj(&testCtx, client.ObjectKeyFromObject(compObj), func(compDef *appsv1alpha1.Component) { + compDef.Spec.MetricsStoreIntegration.ServiceMonitorTemplate = nil + })).Should(Succeed()) + + By("wait delete prometheus MonitorService") + Eventually(testapps.List(&testCtx, generics.MonitorServiceSignature, + ml, client.InNamespace(monitorserviceNS))).Should(HaveLen(0)) + } + testCompAffinityNToleration := func(compName, compDefName string) { const ( topologyKey = "testTopologyKey" @@ -2107,6 +2148,10 @@ var _ = Describe("Component Controller", func() { It("create component with custom RBAC which is already exist created by User", func() { tesCreateCompWithRBACCreateByUser(defaultCompName, compDefName) }) + + It("create component with integration prometheus operator", func() { + testMetricsStoreIntegration(defaultCompName, compDefName) + }) }) Context("when creating cluster with multiple kinds of components", func() { diff --git a/controllers/apps/component_utils.go b/controllers/apps/component_utils.go index 8f225f586a2..ce2aa670fe6 100644 --- a/controllers/apps/component_utils.go +++ b/controllers/apps/component_utils.go @@ -163,12 +163,3 @@ func getImageName(image string) string { return "" } } - -func HasSidecar(compDef *appsv1alpha1.ComponentDefinition, sidecar string) bool { - for _, spec := range compDef.Spec.SidecarContainerSpecs { - if spec.Name == sidecar { - return true - } - } - return false -} diff --git a/controllers/apps/configuration/config_util.go b/controllers/apps/configuration/config_util.go index 8e7ab1acf04..09c5f1dfc31 100644 --- a/controllers/apps/configuration/config_util.go +++ b/controllers/apps/configuration/config_util.go @@ -44,7 +44,7 @@ import ( ) type ValidateConfigMap func(configTpl, ns string) (*corev1.ConfigMap, error) -type ValidateConfigSchema func(tpl *appsv1beta1.ConfigSchema) (bool, error) +type ValidateConfigSchema func(tpl *appsv1beta1.ParametersSchema) (bool, error) func checkConfigLabels(object client.Object, requiredLabs []string) bool { labels := object.GetLabels() @@ -85,7 +85,7 @@ func getConfigMapByTemplateName(cli client.Client, ctx intctrlutil.RequestCtx, t func checkConfigConstraint(ctx intctrlutil.RequestCtx, configConstraint *appsv1beta1.ConfigConstraint) (bool, error) { // validate configuration template - validateConfigSchema := func(ccSchema *appsv1beta1.ConfigSchema) (bool, error) { + validateConfigSchema := func(ccSchema *appsv1beta1.ParametersSchema) (bool, error) { if ccSchema == nil || len(ccSchema.CUE) == 0 { return true, nil } @@ -95,8 +95,8 @@ func checkConfigConstraint(ctx intctrlutil.RequestCtx, configConstraint *appsv1b } // validate schema - if ok, err := validateConfigSchema(configConstraint.Spec.ConfigSchema); !ok || err != nil { - ctx.Log.Error(err, "failed to validate template schema!", "configMapName", fmt.Sprintf("%v", configConstraint.Spec.ConfigSchema)) + if ok, err := validateConfigSchema(configConstraint.Spec.ParametersSchema); !ok || err != nil { + ctx.Log.Error(err, "failed to validate template schema!", "configMapName", fmt.Sprintf("%v", configConstraint.Spec.ParametersSchema)) return ok, err } return true, nil @@ -397,7 +397,7 @@ func createConfigPatch(cfg *corev1.ConfigMap, formatter *appsv1beta1.FileFormatC } func updateConfigSchema(cc *appsv1beta1.ConfigConstraint, cli client.Client, ctx context.Context) error { - schema := cc.Spec.ConfigSchema + schema := cc.Spec.ParametersSchema if schema == nil || schema.CUE == "" { return nil } @@ -415,6 +415,6 @@ func updateConfigSchema(cc *appsv1beta1.ConfigConstraint, cli client.Client, ctx } ccPatch := client.MergeFrom(cc.DeepCopy()) - cc.Spec.ConfigSchema.SchemaInJSON = openAPISchema + cc.Spec.ParametersSchema.SchemaInJSON = openAPISchema return cli.Patch(ctx, cc, ccPatch) } diff --git a/controllers/apps/configuration/sync_upgrade_policy.go b/controllers/apps/configuration/sync_upgrade_policy.go index 3370a8d5b34..48e8f03feb1 100644 --- a/controllers/apps/configuration/sync_upgrade_policy.go +++ b/controllers/apps/configuration/sync_upgrade_policy.go @@ -88,16 +88,17 @@ func sync(params reconfigureParams, updatedParameters map[string]string, pods [] ctx = params.Ctx.Ctx configKey = params.getConfigKey() versionHash = params.getTargetVersionHash() + selector = params.ConfigConstraint.GetPodSelector() ) - if params.ConfigConstraint.ReloadedPodSelector != nil { - pods, err = matchLabel(pods, params.ConfigConstraint.ReloadedPodSelector) + if selector != nil { + pods, err = matchLabel(pods, selector) } if err != nil { return makeReturnedStatus(ESFailedAndRetry), err } if len(pods) == 0 { - params.Ctx.Log.Info(fmt.Sprintf("no pods to update, and retry, selector: %s", params.ConfigConstraint.ReloadedPodSelector.String())) + params.Ctx.Log.Info(fmt.Sprintf("no pods to update, and retry, selector: %v", selector)) return makeReturnedStatus(ESRetry), nil } diff --git a/controllers/apps/configuration/sync_upgrade_policy_test.go b/controllers/apps/configuration/sync_upgrade_policy_test.go index 7d20f5077b5..f2517f01c96 100644 --- a/controllers/apps/configuration/sync_upgrade_policy_test.go +++ b/controllers/apps/configuration/sync_upgrade_policy_test.go @@ -135,9 +135,11 @@ var _ = Describe("Reconfigure OperatorSyncPolicy", func() { }})) // add selector - mockParam.ConfigConstraint.ReloadedPodSelector = &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "primary": "true", + mockParam.ConfigConstraint.ReloadAction = &appsv1beta1.ReloadAction{ + TargetPodSelector: &metav1.LabelSelector{ + MatchLabels: map[string]string{ + "primary": "true", + }, }, } diff --git a/controllers/apps/monitor_integration_utils.go b/controllers/apps/monitor_integration_utils.go new file mode 100644 index 00000000000..a6129a58bb4 --- /dev/null +++ b/controllers/apps/monitor_integration_utils.go @@ -0,0 +1,90 @@ +/* +Copyright (C) 2022-2024 ApeCloud Co., Ltd + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package apps + +import ( + "context" + "reflect" + + corev1 "k8s.io/api/core/v1" + "sigs.k8s.io/controller-runtime/pkg/client" + + appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" + "github.com/apecloud/kubeblocks/pkg/constant" + "github.com/apecloud/kubeblocks/pkg/controller/graph" + "github.com/apecloud/kubeblocks/pkg/controller/model" + intctrlutil "github.com/apecloud/kubeblocks/pkg/generics" +) + +func listMonitorServices[T intctrlutil.Object, PT intctrlutil.PObject[T], L intctrlutil.ObjList[T], PL intctrlutil.PObjList[T, L]]( + ctx context.Context, cli client.Reader, + clusterName, componentName string, + component *appsv1alpha1.Component, + _ func(T, PT, L, PL)) ([]T, error) { + var objList L + var objects []T + + ml := client.MatchingLabels{ + constant.AppInstanceLabelKey: clusterName, + constant.KBAppComponentLabelKey: componentName, + } + if err := cli.List(ctx, PL(&objList), client.InNamespace(corev1.NamespaceAll), ml); err != nil { + return nil, err + } + + items := toObjects[T, L, PL](&objList) + for _, object := range items { + if isOwnerRef(PT(&object), component) { + objects = append(objects, object) + } + } + return objects, nil +} + +func toObjects[T intctrlutil.Object, L intctrlutil.ObjList[T], PL intctrlutil.PObjList[T, L]](compList PL) []T { + fValue := reflect.ValueOf(compList).Elem().FieldByName("Items") + if !fValue.CanInterface() { + return nil + } + value := fValue.Interface() + switch v := value.(type) { + case []T: + return v + case []*T: + var rets []T + for _, item := range v { + rets = append(rets, *item) + } + return rets + } + return nil +} + +func isOwnerRef(target, owner client.Object) bool { + for _, ownerRef := range target.GetOwnerReferences() { + if ownerRef.Name == owner.GetName() && ownerRef.UID == owner.GetUID() { + return true + } + } + return false +} + +func deleteObjects[T intctrlutil.Object, PT intctrlutil.PObject[T]](objects []T, graphCli model.GraphClient, dag *graph.DAG) { + for _, object := range objects { + graphCli.Delete(dag, PT(&object), inDataContext4G()) + } +} diff --git a/controllers/apps/suite_test.go b/controllers/apps/suite_test.go index 35c61680e27..a8d6c5fe855 100644 --- a/controllers/apps/suite_test.go +++ b/controllers/apps/suite_test.go @@ -29,8 +29,10 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + vmv1beta1 "github.com/VictoriaMetrics/operator/api/victoriametrics/v1beta1" "github.com/go-logr/logr" snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" "go.uber.org/zap/zapcore" apiextv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "k8s.io/client-go/kubernetes/scheme" @@ -111,7 +113,10 @@ var _ = BeforeSuite(func() { // use dependent external CRDs. // resolved by ref: https://github.com/operator-framework/operator-sdk/issues/4434#issuecomment-786794418 filepath.Join(build.Default.GOPATH, "pkg", "mod", "github.com", "kubernetes-csi/external-snapshotter/", - "client/v6@v6.2.0", "config", "crd")}, + "client/v6@v6.2.0", "config", "crd"), + + filepath.Join("..", "..", "test", "testdata", "monitor", "crd"), + }, ErrorIfCRDPathMissing: true, } @@ -125,6 +130,14 @@ var _ = BeforeSuite(func() { Expect(err).NotTo(HaveOccurred()) model.AddScheme(appsv1alpha1.AddToScheme) + err = monitoringv1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + model.AddScheme(monitoringv1.AddToScheme) + + err = vmv1beta1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + model.AddScheme(vmv1beta1.AddToScheme) + err = appsv1beta1.AddToScheme(scheme.Scheme) Expect(err).NotTo(HaveOccurred()) model.AddScheme(appsv1beta1.AddToScheme) diff --git a/controllers/apps/transformer_cluster_component.go b/controllers/apps/transformer_cluster_component.go index 20d1c779a25..1dc6a401052 100644 --- a/controllers/apps/transformer_cluster_component.go +++ b/controllers/apps/transformer_cluster_component.go @@ -203,8 +203,8 @@ func copyAndMergeComponent(oldCompObj, newCompObj *appsv1alpha1.Component) *apps compObjCopy.Spec.Instances = compProto.Spec.Instances compObjCopy.Spec.OfflineInstances = compProto.Spec.OfflineInstances compObjCopy.Spec.RuntimeClassName = compProto.Spec.RuntimeClassName - compObjCopy.Spec.Sidecars = compProto.Spec.Sidecars - compObjCopy.Spec.MonitorEnabled = compProto.Spec.MonitorEnabled + compObjCopy.Spec.DisableExporter = compProto.Spec.DisableExporter + compObjCopy.Spec.MetricsStoreIntegration = compProto.Spec.MetricsStoreIntegration if reflect.DeepEqual(oldCompObj.Annotations, compObjCopy.Annotations) && reflect.DeepEqual(oldCompObj.Labels, compObjCopy.Labels) && diff --git a/controllers/apps/transformer_component_monitor_transformer.go b/controllers/apps/transformer_component_monitor_transformer.go new file mode 100644 index 00000000000..f49a7be52ad --- /dev/null +++ b/controllers/apps/transformer_component_monitor_transformer.go @@ -0,0 +1,66 @@ +/* +Copyright (C) 2022-2024 ApeCloud Co., Ltd + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package apps + +import ( + "slices" + + corev1 "k8s.io/api/core/v1" + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/apecloud/kubeblocks/pkg/common" + "github.com/apecloud/kubeblocks/pkg/controller/component" + "github.com/apecloud/kubeblocks/pkg/controller/graph" + "github.com/apecloud/kubeblocks/pkg/controller/model" +) + +type componentMonitorContainerTransformer struct{} + +var _ graph.Transformer = &componentMonitorContainerTransformer{} + +func (c componentMonitorContainerTransformer) Transform(ctx graph.TransformContext, _ *graph.DAG) (err error) { + transCtx, _ := ctx.(*componentTransformContext) + compOrig := transCtx.ComponentOrig + compDef := transCtx.CompDef + synthesizeComp := transCtx.SynthesizeComponent + + if model.IsObjectDeleting(compOrig) { + return + } + if common.IsCompactMode(compOrig.Annotations) { + transCtx.V(1).Info( + "Component is in compact mode, no need to inject sidecar containers to podTemplate", + "component", client.ObjectKeyFromObject(transCtx.ComponentOrig)) + return + } + + if synthesizeComp.DisableExporter != nil && *synthesizeComp.DisableExporter { + removeMonitorContainer(component.GetExporter(compDef.Spec), synthesizeComp) + } + return +} + +func removeMonitorContainer(exporter *common.Exporter, synthesizeComp *component.SynthesizedComponent) { + if exporter == nil || exporter.ContainerName == "" { + return + } + + cmp := func(container corev1.Container) bool { + return container.Name == exporter.ContainerName + } + synthesizeComp.PodSpec.Containers = slices.DeleteFunc(synthesizeComp.PodSpec.Containers, cmp) +} diff --git a/controllers/apps/transformer_component_prometheus_integration.go b/controllers/apps/transformer_component_prometheus_integration.go new file mode 100644 index 00000000000..1d34e279c13 --- /dev/null +++ b/controllers/apps/transformer_component_prometheus_integration.go @@ -0,0 +1,150 @@ +/* +Copyright (C) 2022-2024 ApeCloud Co., Ltd + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package apps + +import ( + "fmt" + "reflect" + "strings" + + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" + "golang.org/x/exp/slices" + "k8s.io/apimachinery/pkg/api/meta" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" + + appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" + "github.com/apecloud/kubeblocks/pkg/common" + "github.com/apecloud/kubeblocks/pkg/constant" + "github.com/apecloud/kubeblocks/pkg/controller/builder" + "github.com/apecloud/kubeblocks/pkg/controller/component" + "github.com/apecloud/kubeblocks/pkg/controller/graph" + "github.com/apecloud/kubeblocks/pkg/controller/model" + intctrlutil "github.com/apecloud/kubeblocks/pkg/generics" +) + +type componentPrometheusIntegrationTransformer struct { + client.Client +} + +var _ graph.Transformer = &componentPrometheusIntegrationTransformer{} + +func (i componentPrometheusIntegrationTransformer) Transform(ctx graph.TransformContext, dag *graph.DAG) error { + transCtx, _ := ctx.(*componentTransformContext) + if model.IsObjectDeleting(transCtx.ComponentOrig) { + return nil + } + if common.IsCompactMode(transCtx.ComponentOrig.Annotations) { + transCtx.V(1).Info( + "Component is in compact mode, no need to create monitor services related objects", + "component", client.ObjectKeyFromObject(transCtx.ComponentOrig)) + return nil + } + + synthesizeComp := transCtx.SynthesizeComponent + graphCli, _ := transCtx.Client.(model.GraphClient) + + if synthesizeComp.MetricsStoreIntegration == nil { + return nil + } + if err := i.buildPrometheusMonitorService(transCtx, synthesizeComp.MetricsStoreIntegration, graphCli, dag); err != nil { + return err + } + return i.buildVMMonitorService(transCtx, synthesizeComp.MetricsStoreIntegration, graphCli) +} + +func (i componentPrometheusIntegrationTransformer) buildPrometheusMonitorService(transCtx *componentTransformContext, msi *appsv1alpha1.MetricsStoreIntegration, graphCli model.GraphClient, dag *graph.DAG) error { + var running *monitoringv1.ServiceMonitor + + objects, err := listMonitorServices(transCtx.GetContext(), + i.Client, + transCtx.Cluster.Name, + transCtx.Component.Name, + transCtx.Component, + intctrlutil.MonitorServiceSignature) + if err != nil { + // if the k8s cluster does not have the related crd installed, ignore it. + if !meta.IsNoMatchError(err) { + return err + } + return nil + } + + // clean up the created monitorService objects. + if msi.ServiceMonitorTemplate == nil { + deleteObjects(objects, graphCli, dag) + return nil + } + + cmp := func(obj monitoringv1.ServiceMonitor) bool { + return obj.Namespace == msi.ServiceMonitorTemplate.Namespace && + strings.HasPrefix(obj.Name, msi.ServiceMonitorTemplate.Name) + } + index := slices.IndexFunc(objects, cmp) + if index >= 0 { + running = objects[index].DeepCopy() + objects = slices.Delete(objects, index, index+1) + } + + deleteObjects(objects, graphCli, dag) + return createOrUpdateMonitorService(transCtx, running, msi.ServiceMonitorTemplate, graphCli, dag) +} + +func createOrUpdateMonitorService(transCtx *componentTransformContext, existing *monitoringv1.ServiceMonitor, template *appsv1alpha1.ServiceMonitorTemplate, graphCli model.GraphClient, dag *graph.DAG) error { + expected, err := createMonitorService(transCtx, template, transCtx.Component) + if err != nil { + return err + } + + if existing == nil { + graphCli.Create(dag, expected, inDataContext4G()) + return nil + } + + objCopy := existing.DeepCopy() + objCopy.Spec = expected.Spec + + if !reflect.DeepEqual(existing, objCopy) { + graphCli.Update(dag, existing, objCopy, inDataContext4G()) + } + return nil +} + +func createMonitorService(transCtx *componentTransformContext, template *appsv1alpha1.ServiceMonitorTemplate, owner client.Object) (*monitoringv1.ServiceMonitor, error) { + genName := common.SimpleNameGenerator.GenerateName(template.Name) + monitorService := builder.NewMonitorServiceBuilder(template.Namespace, genName). + AddLabelsInMap(template.Labels). + AddLabels(constant.AppInstanceLabelKey, transCtx.Cluster.Name). + AddLabels(constant.KBAppComponentLabelKey, transCtx.Component.Name). + SetMonitorServiceSpec(template.ServiceMonitorSpec). + SetDefaultEndpoint(component.GetExporter(transCtx.CompDef.Spec)). + GetObject() + + scheme, _ := appsv1alpha1.SchemeBuilder.Build() + if err := controllerutil.SetOwnerReference(owner, monitorService, scheme); err != nil { + return nil, err + } + return monitorService, nil +} + +func (i componentPrometheusIntegrationTransformer) buildVMMonitorService(transCtx *componentTransformContext, integration *appsv1alpha1.MetricsStoreIntegration, graphCli model.GraphClient) error { + // TODO: support vm operator + if integration.VMMonitorTemplate == nil { + return nil + } + return fmt.Errorf("not support vm") +} diff --git a/controllers/apps/transformer_component_validation.go b/controllers/apps/transformer_component_validation.go index 41ded857701..28826e34067 100644 --- a/controllers/apps/transformer_component_validation.go +++ b/controllers/apps/transformer_component_validation.go @@ -22,8 +22,6 @@ package apps import ( "fmt" - "github.com/go-errors/errors" - appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" "github.com/apecloud/kubeblocks/pkg/controller/graph" ) @@ -48,29 +46,29 @@ func (t *componentValidationTransformer) Transform(ctx graph.TransformContext, d if err = validateCompReplicas(comp, transCtx.CompDef); err != nil { return newRequeueError(requeueDuration, err.Error()) } - if err = validateSidecarContainers(comp, transCtx.CompDef); err != nil { - return newRequeueError(requeueDuration, err.Error()) - } + // if err = validateSidecarContainers(comp, transCtx.CompDef); err != nil { + // return newRequeueError(requeueDuration, err.Error()) + // } return nil } -func validateSidecarContainers(comp *appsv1alpha1.Component, compDef *appsv1alpha1.ComponentDefinition) error { - if len(comp.Spec.Sidecars) == 0 { - return nil - } - - var notFoundSidecar []string - for _, sidecar := range comp.Spec.Sidecars { - if !HasSidecar(compDef, sidecar) { - notFoundSidecar = append(notFoundSidecar, sidecar) - } - } - - if len(notFoundSidecar) == 0 { - return nil - } - return errors.Errorf("sidecars %v are not found in the componentDefinition", notFoundSidecar) -} +// func validateSidecarContainers(comp *appsv1alpha1.Component, compDef *appsv1alpha1.ComponentDefinition) error { +// if len(comp.Spec.Sidecars) == 0 { +// return nil +// } +// +// var notFoundSidecar []string +// for _, sidecar := range comp.Spec.Sidecars { +// if !HasSidecar(compDef, sidecar) { +// notFoundSidecar = append(notFoundSidecar, sidecar) +// } +// } +// +// if len(notFoundSidecar) == 0 { +// return nil +// } +// return errors.Errorf("sidecars %v are not found in the componentDefinition", notFoundSidecar) +// } func validateEnabledLogs(comp *appsv1alpha1.Component, compDef *appsv1alpha1.ComponentDefinition) error { invalidLogNames := validateEnabledLogConfigs(compDef, comp.Spec.EnabledLogs) diff --git a/deploy/helm/crds/apps.kubeblocks.io_clusterdefinitions.yaml b/deploy/helm/crds/apps.kubeblocks.io_clusterdefinitions.yaml index 1267c63d4c2..1714dd3773f 100644 --- a/deploy/helm/crds/apps.kubeblocks.io_clusterdefinitions.yaml +++ b/deploy/helm/crds/apps.kubeblocks.io_clusterdefinitions.yaml @@ -77,33 +77,6 @@ spec: ComponentDefinition. \n Deprecated: Use ComponentDefinition instead. This type is deprecated as of version 0.8." properties: - builtinMonitorContainer: - description: Defines the built-in metrics exporter container. - properties: - metricsPath: - description: Specifies the http/https url path to scrape - for metrics. If empty, Prometheus uses the default value - (e.g. `/metrics`). - type: string - metricsPort: - description: Specifies the port name to scrape for metrics. - type: string - name: - description: Specifies the name of the built-in metrics - exporter container. - type: string - protocol: - description: Specifies the schema to use for scraping. `http` - and `https` are the expected values unless you rewrite - the `__scheme__` label via relabeling. If empty, Prometheus - uses the default value `http`. - enum: - - http - - https - type: string - required: - - name - type: object characterType: description: Defines well-known database component name, such as mongos(mongodb), proxy(redis), mariadb(mysql). @@ -582,6 +555,31 @@ spec: description: description: Description of the component definition. type: string + exporter: + description: Defines the metrics exporter. + properties: + containerName: + description: Specifies the name of the built-in metrics + exporter container. + type: string + scrapePath: + description: Specifies the http/https url path to scrape + for metrics. If empty, Prometheus uses the default value + (e.g. `/metrics`). + type: string + scrapePort: + description: Specifies the port name to scrape for metrics. + type: string + scrapeScheme: + description: Specifies the schema to use for scraping. `http` + and `https` are the expected values unless you rewrite + the `__scheme__` label via relabeling. If empty, Prometheus + uses the default value `http`. + enum: + - http + - https + type: string + type: object horizontalScalePolicy: description: Defines the behavior of horizontal scale. properties: @@ -638,6 +636,40 @@ spec: x-kubernetes-list-map-keys: - name x-kubernetes-list-type: map + monitor: + description: Deprecated since v0.9 monitor is monitoring config + which provided by provider. + properties: + builtIn: + default: false + description: builtIn is a switch to enable KubeBlocks builtIn + monitoring. If BuiltIn is set to true, monitor metrics + will be scraped automatically. If BuiltIn is set to false, + the provider should set ExporterConfig and Sidecar container + own. + type: boolean + exporterConfig: + description: exporterConfig provided by provider, which + specify necessary information to Time Series Database. + exporterConfig is valid when builtIn is false. + properties: + scrapePath: + default: /metrics + description: scrapePath is exporter url path for Time + Series Database to scrape metrics. + maxLength: 128 + type: string + scrapePort: + anyOf: + - type: integer + - type: string + description: scrapePort is exporter port for Time Series + Database to scrape metrics. + x-kubernetes-int-or-string: true + required: + - scrapePort + type: object + type: object name: description: This name could be used as default name of `cluster.spec.componentSpecs.name`, and needs to conform with same validation rules as `cluster.spec.componentSpecs.name`, @@ -9221,1402 +9253,6 @@ spec: - serviceRefDeclarationSpecs type: object type: array - sidecarContainerSpecs: - description: Defines the sidecar containers that will be attached - to the component's main container. - items: - properties: - args: - description: 'Arguments to the entrypoint. The container - image''s CMD is used if this is not provided. Variable - references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are - reduced to a single $, which allows for escaping the - $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce - the string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - command: - description: 'Entrypoint array. Not executed within a - shell. The container image''s ENTRYPOINT is used if - this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If - a variable cannot be resolved, the reference in the - input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - env: - description: List of environment variables to set in the - container. Cannot be updated. - items: - description: EnvVar represents an environment variable - present in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are - expanded using the previously defined environment - variables in the container and any service environment - variables. If a variable cannot be resolved, the - reference in the input string will be unchanged. - Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" - will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults - to "".' - type: string - valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' - properties: - containerName: - description: 'Container name: required for - volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the - pod's namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must - be a C_IDENTIFIER. All invalid keys will be reported - as an event when the container is starting. When a key - exists in multiple sources, the value associated with - the last source will take precedence. Values defined - by an Env with a duplicate key will take precedence. - Cannot be updated. - items: - description: EnvFromSource represents the source of - a set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must - be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to - each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - optional: - description: Specify whether the Secret must - be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config - management to default or override container images in - workload controllers like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, - IfNotPresent. Defaults to Always if :latest tag is specified, - or IfNotPresent otherwise. Cannot be updated. More info: - https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should - take in response to container lifecycle events. Cannot - be updated. - properties: - postStart: - description: 'PostStart is called immediately after - a container is created. If the handler fails, the - container is terminated and restarted according - to its restart policy. Other management of the container - blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set - "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name. - This will be canonicalized upon output, - so case-variant names will be understood - as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before - a container is terminated due to an API request - or management event such as liveness/startup probe - failure, preemption, resource contention, etc. The - handler is not called if the container crashes or - exits. The Pod''s termination grace period countdown - begins before the PreStop hook is executed. Regardless - of the outcome of the handler, the container will - eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other - management of the container blocks until the hook - completes or until the termination grace period - is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to - execute inside the container, the working - directory for the command is root ('/') - in the container's filesystem. The command - is simply exec'd, it is not run inside a - shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you - need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request - to perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set - "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the - request. HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom - header to be used in HTTP probes - properties: - name: - description: The header field name. - This will be canonicalized upon output, - so case-variant names will be understood - as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting - to the host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward - compatibility. There are no validation of this - field and lifecycle hooks will fail in runtime - when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect - to, defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to - access on the container. Number must be - in the range 1 to 65535. Name must be an - IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a - GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see - https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to - perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the - probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - monitor: - description: Defines the function or purpose of the container, - such as the monitor type sidecar. - properties: - kind: - description: Defines the kind of monitor, such as - metrics or logs. - enum: - - metrics - - logs - - traces - type: string - scrapeConfig: - description: Defines the scrape configuration for - the prometheus. - properties: - metricsPath: - description: Specifies the http/https url path - to scrape for metrics. If empty, Prometheus - uses the default value (e.g. `/metrics`). - type: string - metricsPort: - description: Specifies the port name to scrape - for metrics. - type: string - protocol: - description: Specifies the schema to use for scraping. - `http` and `https` are the expected values unless - you rewrite the `__scheme__` label via relabeling. - If empty, Prometheus uses the default value - `http`. - enum: - - http - - https - type: string - type: object - required: - - kind - type: object - name: - description: Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. - Not specifying a port here DOES NOT prevent that port - from being exposed. Any port which is listening on the - default "0.0.0.0" address inside a container will be - accessible from the network. Modifying this array with - strategic merge patch may corrupt the data. For more - information See https://github.com/kubernetes/kubernetes/issues/108255. - Cannot be updated. - items: - description: ContainerPort represents a network port - in a single container. - properties: - containerPort: - description: Number of port to expose on the pod's - IP address. This must be a valid port number, - 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external port - to. - type: string - hostPort: - description: Number of port to expose on the host. - If specified, this must be a valid port number, - 0 < x < 65536. If HostNetwork is specified, this - must match ContainerPort. Most containers do not - need this. - format: int32 - type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in - a pod must have a unique name. Name for the port - that can be referred to by services. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, TCP, - or SCTP. Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if - the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a - GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see - https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to - perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the - probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resizePolicy: - description: Resources resize policy for the container. - items: - description: ContainerResizePolicy represents resource - resize policy for the container. - properties: - resourceName: - description: 'Name of the resource to which this - resource resize policy applies. Supported values: - cpu, memory.' - type: string - restartPolicy: - description: Restart policy to apply when specified - resource is resized. If not specified, it defaults - to NotRequired. - type: string - required: - - resourceName - - restartPolicy - type: object - type: array - x-kubernetes-list-type: atomic - resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - properties: - claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used by - this container. \n This is an alpha field and requires - enabling the DynamicResourceAllocation feature gate. - \n This field is immutable. It can only be set for - containers." - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of one - entry in pod.spec.resourceClaims of the Pod - where this field is used. It makes that resource - available inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. Requests cannot exceed Limits. More info: - https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - restartPolicy: - description: 'RestartPolicy defines the restart behavior - of individual containers in a pod. This field may only - be set for init containers, and the only allowed value - is "Always". For non-init containers or when this field - is not specified, the restart behavior is defined by - the Pod''s restart policy and the container type. Setting - the RestartPolicy as "Always" for the init container - will have the following effect: this init container - will be continually restarted on exit until all regular - containers have terminated. Once all regular containers - have completed, all init containers with restartPolicy - "Always" will be shut down. This lifecycle differs from - normal init containers and is often referred to as a - "sidecar" container. Although this init container still - starts in the init container sequence, it does not wait - for the container to complete before proceeding to the - next init container. Instead, the next init container - starts immediately after this init container is started, - or after any startupProbe has successfully completed.' - type: string - securityContext: - description: 'SecurityContext defines the security options - the container should be run with. If set, the fields - of SecurityContext override the equivalent fields of - PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent - process. This bool directly controls if the no_new_privs - flag will be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as - Privileged 2) has CAP_SYS_ADMIN Note that this field - cannot be set when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running - containers. Defaults to the default set of capabilities - granted by the container runtime. Note that this - field cannot be set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent - to root on the host. Defaults to false. Note that - this field cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: procMount denotes the type of proc mount - to use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field - cannot be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only - root filesystem. Default is false. Note that this - field cannot be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the - container process. Uses runtime default if unset. - May also be set in PodSecurityContext. If set in - both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name - is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run - as a non-root user. If true, the Kubelet will validate - the image at runtime to ensure that it does not - run as UID 0 (root) and fail to start the container - if it does. If unset or false, no such validation - will be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the - container process. Defaults to user specified in - image metadata if unspecified. May also be set in - PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be - set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to - the container. If unspecified, the container runtime - will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name - is windows. - properties: - level: - description: Level is SELinux level label that - applies to the container. - type: string - role: - description: Role is a SELinux role label that - applies to the container. - type: string - type: - description: Type is a SELinux type label that - applies to the container. - type: string - user: - description: User is a SELinux user label that - applies to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod - & container level, the container options override - the pod options. Note that this field cannot be - set when spec.os.name is windows. - properties: - localhostProfile: - description: localhostProfile indicates a profile - defined in a file on the node should be used. - The profile must be preconfigured on the node - to work. Must be a descending path, relative - to the kubelet's configured seccomp profile - location. Must be set if type is "Localhost". - Must NOT be set for any other type. - type: string - type: - description: "type indicates which kind of seccomp - profile will be applied. Valid options are: - \n Localhost - a profile defined in a file on - the node should be used. RuntimeDefault - the - container runtime default profile should be - used. Unconfined - no profile should be applied." - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings applied - to all containers. If unspecified, the options from - the PodSecurityContext will be used. If set in both - SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name - is linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA - admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential - spec named by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name - of the GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container - should be run as a 'Host Process' container. - All of a Pod's containers must have the same - effective HostProcess value (it is not allowed - to have a mix of HostProcess containers and - non-HostProcess containers). In addition, if - HostProcess is true then HostNetwork must also - be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows to run the - entrypoint of the container process. Defaults - to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set - in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes - precedence. - type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has - successfully initialized. If specified, no other probes - are executed until this completes successfully. If this - probe fails, the Pod will be restarted, just as if the - livenessProbe failed. This can be used to provide different - probe parameters at the beginning of a Pod''s lifecycle, - when it might take a long time to load data or warm - a cache, than during steady-state operation. This cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory - for the command is root ('/') in the container's - filesystem. The command is simply exec'd, it - is not run inside a shell, so traditional shell - instructions ('|', etc) won't work. To use a - shell, you need to explicitly call out to that - shell. Exit status of 0 is treated as live/healthy - and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the - probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a - GRPC port. - properties: - port: - description: Port number of the gRPC service. - Number must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service - to place in the gRPC HealthCheckRequest (see - https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to - perform. - properties: - host: - description: Host name to connect to, defaults - to the pod IP. You probably want to set "Host" - in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This - will be canonicalized upon output, so - case-variant names will be understood - as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container - has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the - probe. Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the - probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. - Minimum value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving - a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod - needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after - the processes running in the pod are sent a termination - signal and the time when the processes are forcibly - halted with a kill signal. Set this value longer - than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds - will be used. Otherwise, this value overrides the - value provided by the pod spec. Value must be non-negative - integer. The value zero indicates stop immediately - via the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod - feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds - is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe - times out. Defaults to 1 second. Minimum value is - 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a - buffer for stdin in the container runtime. If this is - not set, reads from stdin in the container will always - result in EOF. Default is false. - type: boolean - stdinOnce: - description: Whether the container runtime should close - the stdin channel after it has been opened by a single - attach. When stdin is true the stdin stream will remain - open across multiple attach sessions. If stdinOnce is - set to true, stdin is opened on container start, is - empty until the first client attaches to stdin, and - then remains open and accepts data until the client - disconnects, at which time stdin is closed and remains - closed until the container is restarted. If this flag - is false, a container processes that reads from stdin - will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which - the container''s termination message will be written - is mounted into the container''s filesystem. Message - written is intended to be brief final status, such as - an assertion failure message. Will be truncated by the - node if greater than 4096 bytes. The total message length - across all containers will be limited to 12kb. Defaults - to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should - be populated. File will use the contents of terminationMessagePath - to populate the container status message on both success - and failure. FallbackToLogsOnError will use the last - chunk of container log output if the termination message - file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, - whichever is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a - TTY for itself, also requires 'stdin' to be true. Default - is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices - to be used by the container. - items: - description: volumeDevice describes a mapping of a raw - block device within a container. - properties: - devicePath: - description: devicePath is the path inside of the - container that the device will be mapped to. - type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's - filesystem. Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume - within a container. - properties: - mountPath: - description: Path within the container at which - the volume should be mounted. Must not contain - ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts - are propagated from the host to container and - the other way around. When not set, MountPropagationNone - is used. This field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write - otherwise (false or unspecified). Defaults to - false. - type: boolean - subPath: - description: Path within the volume from which the - container's volume should be mounted. Defaults - to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from - which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable - references $(VAR_NAME) are expanded using the - container's environment. Defaults to "" (volume's - root). SubPathExpr and SubPath are mutually exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which - might be configured in the container image. Cannot be - updated. - type: string - required: - - name - type: object - maxItems: 32 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - x-kubernetes-preserve-unknown-fields: true statefulSpec: description: Defines spec for `Stateful` workloads. properties: diff --git a/deploy/helm/crds/apps.kubeblocks.io_clusters.yaml b/deploy/helm/crds/apps.kubeblocks.io_clusters.yaml index 6918b28e994..fd9444330d6 100644 --- a/deploy/helm/crds/apps.kubeblocks.io_clusters.yaml +++ b/deploy/helm/crds/apps.kubeblocks.io_clusters.yaml @@ -445,6 +445,15 @@ spec: type: string type: object type: array + disableExporter: + description: "Determines whether metrics exporter information + is annotated on the Component's headless Service. \n If set + to true, the following annotations will not be patched into + the Service: \n - \"monitor.kubeblocks.io/path\" - \"monitor.kubeblocks.io/port\" + - \"monitor.kubeblocks.io/scheme\" \n These annotations allow + the Prometheus installed by KubeBlocks to discover and scrape + metrics from the exporter." + type: boolean enabledLogs: description: "Specifies which types of logs should be collected for the Component. The log types are defined in the `componentDefinition.spec.logConfigs` @@ -2777,3016 +2786,4936 @@ spec: required: - name type: object - monitorEnabled: - description: "Determines whether metrics exporter information - is annotated on the Component's headless Service. \n If set - to true, the following annotations will be patched into the - Service: \n - \"monitor.kubeblocks.io/path\" - \"monitor.kubeblocks.io/port\" - - \"monitor.kubeblocks.io/scheme\" \n These annotations allow - the Prometheus installed by KubeBlocks to discover and scrape - metrics from the exporter." - type: boolean - name: - description: "Specifies the Component's name. It's part of the - Service DNS name and must comply with the IANA service naming - rule. The name is optional when ClusterComponentSpec is used - as a template (e.g., in `shardingSpec`), but required otherwise. - \n TODO +kubebuilder:validation:XValidation:rule=\"self == - oldSelf\",message=\"name is immutable\"" - maxLength: 22 - pattern: ^[a-z]([a-z0-9\-]*[a-z0-9])?$ - type: string - offlineInstances: - description: "Specifies the names of instances to be transitioned - to offline status. \n Marking an instance as offline results - in the following: \n 1. The associated Pod is stopped, and - its PersistentVolumeClaim (PVC) is retained for potential - future reuse or data recovery, but it is no longer actively - used. 2. The ordinal number assigned to this instance is preserved, - ensuring it remains unique and avoiding conflicts with new - instances. \n Setting instances to offline allows for a controlled - scale-in process, preserving their data and maintaining ordinal - consistency within the Cluster. Note that offline instances - and their associated resources, such as PVCs, are not automatically - deleted. The administrator must manually manage the cleanup - and removal of these resources when they are no longer needed." - items: - type: string - type: array - replicas: - default: 1 - description: Specifies the desired number of replicas in the - Component for enhancing availability and durability, or load - balancing. - format: int32 - minimum: 0 - type: integer - resources: - description: Specifies the resources required by the Component. - It allows defining the CPU, memory requirements and limits - for the Component's containers. - properties: - claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only - be set for containers." - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - x-kubernetes-preserve-unknown-fields: true - schedulingPolicy: - description: Specifies the scheduling policy for the Component. + metricsStoreIntegration: + description: It supports prometheus/victoriametrics operator. properties: - affinity: - description: Specifies a group of affinity scheduling rules - of the Cluster, including NodeAffinity, PodAffinity, and - PodAntiAffinity. + serviceMonitorTemplate: + description: "Specifies the ServiceMonitor template used + in the Component. \n Example usage: ```yaml name: prometheus-scrape + namespace: default labels: k8s-app: node-exporter serviceMonitorTemplate: + selector: matchLabels: app: app-exporter k8s-app: app-exporter + endpoints: - port: metrics_port jobLabel: k8s-app ```" properties: - nodeAffinity: - description: Describes node affinity scheduling rules - for the pod. + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + serviceMonitorSpec: + description: ServiceMonitorSpec contains specification + parameters for a ServiceMonitor properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified by this field, but it may choose a node - that violates one or more of the expressions. - The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node - that meets all of the scheduling requirements - (resource request, requiredDuringScheduling affinity - expressions, etc.), compute a sum by iterating - through the elements of this field and adding - "weight" to the sum if the node matches the corresponding - matchExpressions; the node(s) with the highest - sum are the most preferred. + attachMetadata: + description: "`attachMetadata` defines additional + metadata which is added to the discovered targets. + \n It requires Prometheus >= v2.37.0." + properties: + node: + description: When set to true, Prometheus must + have the `get` permission on the `Nodes` objects. + type: boolean + type: object + endpoints: + description: List of endpoints part of this ServiceMonitor. items: - description: An empty preferred scheduling term - matches all objects with implicit weight 0 (i.e. - it's a no-op). A null preferred scheduling term - matches no objects (i.e. is also a no-op). + description: Endpoint defines an endpoint serving + Prometheus metrics to be scraped by Prometheus. properties: - preference: - description: A node selector term, associated - with the corresponding weight. + authorization: + description: "`authorization` configures the + Authorization header credentials to use + when scraping the target. \n Cannot be set + at the same time as `basicAuth`, or `oauth2`." properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. If - the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. If - the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array + credentials: + description: Selects a key of a Secret + in the namespace that contains the credentials + for authentication. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication + type. The value is case-insensitive. + \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" + type: string type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching - the corresponding nodeSelectorTerm, in the - range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified - by this field are not met at scheduling time, - the pod will not be scheduled onto the node. If - the affinity requirements specified by this field - cease to be met at some point during pod execution - (e.g. due to an update), the system may or may - not try to eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector - terms. The terms are ORed. - items: - description: A null or empty node selector - term matches no objects. The requirements - of them are ANDed. The TopologySelectorTerm - type implements a subset of the NodeSelectorTerm. + basicAuth: + description: "`basicAuth` configures the Basic + Authentication credentials to use when scraping + the target. \n Cannot be set at the same + time as `authorization`, or `oauth2`." properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. If - the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: The label key that - the selector applies to. - type: string - operator: - description: Represents a key's - relationship to a set of values. - Valid operators are In, NotIn, - Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string - values. If the operator is In - or NotIn, the values array must - be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. If - the operator is Gt or Lt, the - values array must have a single - element, which will be interpreted - as an integer. This array is replaced - during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array + password: + description: '`password` specifies a key + of a Secret containing the password + for authentication.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key + of a Secret containing the username + for authentication.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: "File to read bearer token for + scraping the target. \n Deprecated: use + `authorization` instead." + type: string + bearerTokenSecret: + description: "`bearerTokenSecret` specifies + a key of a Secret containing the bearer + token for scraping targets. The secret needs + to be in the same namespace as the ServiceMonitor + object and readable by the Prometheus Operator. + \n Deprecated: use `authorization` instead." + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - type: array - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules - (e.g. co-locate this pod in the same node, zone, etc. - as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the affinity expressions - specified by this field, but it may choose a node - that violates one or more of the expressions. - The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node - that meets all of the scheduling requirements - (resource request, requiredDuringScheduling affinity - expressions, etc.), compute a sum by iterating - through the elements of this field and adding - "weight" to the sum if the node has pods which - matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added per-node - to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. + enableHttp2: + description: '`enableHttp2` can be used to + disable HTTP2 when scraping the target.' + type: boolean + filterRunning: + description: "When true, the pods which are + not running (e.g. either in Failed or Succeeded + state) are dropped during the target discovery. + \n If unset, the filtering is enabled. \n + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" + type: boolean + followRedirects: + description: '`followRedirects` defines whether + the scrape requests should follow HTTP 3xx + redirects.' + type: boolean + honorLabels: + description: When true, `honorLabels` preserves + the metric's labels when they collide with + the target's labels. + type: boolean + honorTimestamps: + description: '`honorTimestamps` controls whether + Prometheus preserves the timestamps when + exposed by the target.' + type: boolean + interval: + description: "Interval at which Prometheus + scrapes the metrics from the target. \n + If empty, Prometheus uses the global scrape + interval." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + metricRelabelings: + description: '`metricRelabelings` configures + the relabeling rules to apply to the samples + before ingestion.' + items: + description: "RelabelConfig allows dynamic + rewriting of the label set for targets, + alerts, scraped samples and remote write + samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based + on the regex matching. \n `Uppercase` + and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` + actions require Prometheus >= v2.41.0. + \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the + hash of the source label values. \n + Only applicable when the action is + `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against + which the extracted value is matched. + type: string + replacement: + description: "Replacement value against + which a Replace action is performed + if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string + between concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using the + configured Separator and matched against + the configured regular expression. + items: + description: LabelName is a valid + Prometheus label name which may + only contain ASCII letters, numbers, + as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting + string is written in a replacement. + \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. + \n Regex capture groups are available." + type: string + type: object + type: array + oauth2: + description: "`oauth2` configures the OAuth2 + settings to use when scraping the target. + \n It requires Prometheus >= 2.27.0. \n + Cannot be set at the same time as `authorization`, + or `basicAuth`." properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. + clientId: + description: '`clientId` specifies a key + of a Secret or ConfigMap containing + the OAuth2 client''s ID.' properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set - of namespaces that the term applies - to. The term is applied to the union - of the namespaces selected by this field - and the ones listed in the namespaces - field. null selector and null or empty - namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies + a key of a Secret containing the OAuth2 + client''s secret.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static - list of namespace names that the term - applies to. The term is applied to the - union of the namespaces listed in this - field and the ones selected by namespaceSelector. - null or empty namespaces list and null - namespaceSelector means "this pod's - namespace". + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures + the HTTP parameters to append to the + token URL.' + type: object + scopes: + description: '`scopes` defines the OAuth2 + scopes used for the token request.' items: type: string type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose - value of the label with key topologyKey - matches that of any node on which any - of the selected pods is running. Empty - topologyKey is not allowed. + tokenUrl: + description: '`tokenURL` configures the + URL to fetch the token from.' + minLength: 1 type: string required: - - topologyKey + - clientId + - clientSecret + - tokenUrl type: object - weight: - description: weight associated with matching - the corresponding podAffinityTerm, in the - range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified - by this field are not met at scheduling time, - the pod will not be scheduled onto the node. If - the affinity requirements specified by this field - cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may - or may not try to eventually evict the pod from - its node. When there are multiple elements, the - lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those - matching the labelSelector relative to the given - namespace(s)) that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object + params: + additionalProperties: + items: + type: string + type: array + description: params define optional HTTP URL + parameters. type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of - namespaces that the term applies to. The - term is applied to the union of the namespaces - selected by this field and the ones listed - in the namespaces field. null selector and - null or empty namespaces list means "this - pod's namespace". An empty selector ({}) - matches all namespaces. + path: + description: "HTTP path from which to scrape + for metrics. \n If empty, Prometheus uses + the default value (e.g. `/metrics`)." + type: string + port: + description: "Name of the Service port which + this endpoint refers to. \n It takes precedence + over `targetPort`." + type: string + proxyUrl: + description: '`proxyURL` configures the HTTP + Proxy URL (e.g. "http://proxyserver:2195") + to go through when scraping the target.' + type: string + relabelings: + description: "`relabelings` configures the + relabeling rules to apply the target's metadata + labels. \n The Operator automatically adds + relabelings for a few standard Kubernetes + fields. \n The original scrape job's name + is available via the `__tmp_prometheus_job_name` + label. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + items: + description: "RelabelConfig allows dynamic + rewriting of the label set for targets, + alerts, scraped samples and remote write + samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based + on the regex matching. \n `Uppercase` + and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` + actions require Prometheus >= v2.41.0. + \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the + hash of the source label values. \n + Only applicable when the action is + `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against + which the extracted value is matched. + type: string + replacement: + description: "Replacement value against + which a Replace action is performed + if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string + between concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using the + configured Separator and matched against + the configured regular expression. + items: + description: LabelName is a valid + Prometheus label name which may + only contain ASCII letters, numbers, + as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting + string is written in a replacement. + \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, + `KeepEqual` and `DropEqual` actions. + \n Regex capture groups are available." + type: string + type: object + type: array + scheme: + description: "HTTP scheme to use for scraping. + \n `http` and `https` are the expected values + unless you rewrite the `__scheme__` label + via relabeling. \n If empty, Prometheus + uses the default value `http`." + enum: + - http + - https + type: string + scrapeTimeout: + description: "Timeout after which Prometheus + considers the scrape to be failed. \n If + empty, Prometheus uses the global scrape + timeout unless it is less than the target's + scrape interval value in which the latter + is used." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: "Name or number of the target + port of the `Pod` object behind the Service, + the port must be specified with container + port property. \n Deprecated: use `port` + instead." + x-kubernetes-int-or-string: true + tlsConfig: + description: TLS configuration to use when + scraping the target. properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. - items: + ca: + description: Certificate authority used + when verifying server certificates. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the + Prometheus container to use for the + targets. + type: string + cert: + description: Client certificate to present + when doing client-authentication. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file + in the Prometheus container for the + targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client key file + in the Prometheus container for the + targets. + type: string + keySecret: + description: Secret containing the client + key file for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname + for the targets. + type: string type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static - list of namespace names that the term applies - to. The term is applied to the union of - the namespaces listed in this field and - the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector - means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose value - of the label with key topologyKey matches - that of any node on which any of the selected - pods is running. Empty topologyKey is not - allowed. - type: string - required: - - topologyKey + trackTimestampsStaleness: + description: "`trackTimestampsStaleness` defines + whether Prometheus tracks staleness of the + metrics that have an explicit timestamp + present in scraped data. Has no effect if + `honorTimestamps` is false. \n It requires + Prometheus >= v2.48.0." + type: boolean type: object type: array + jobLabel: + description: "`jobLabel` selects the label from + the associated Kubernetes `Service` object which + will be used as the `job` label for all metrics. + \n For example if `jobLabel` is set to `foo` and + the Kubernetes `Service` object is labeled with + `foo: bar`, then Prometheus adds the `job=\"bar\"` + label to all ingested metrics. \n If the value + of this field is empty or if the label doesn't + exist for the given Service, the `job` label of + the metrics defaults to the name of the associated + Kubernetes `Service`." + type: string + keepDroppedTargets: + description: "Per-scrape limit on the number of + targets dropped by relabeling that will be kept + in memory. 0 means no limit. \n It requires Prometheus + >= v2.47.0." + format: int64 + type: integer + labelLimit: + description: "Per-scrape limit on number of labels + that will be accepted for a sample. \n It requires + Prometheus >= v2.27.0." + format: int64 + type: integer + labelNameLengthLimit: + description: "Per-scrape limit on length of labels + name that will be accepted for a sample. \n It + requires Prometheus >= v2.27.0." + format: int64 + type: integer + labelValueLengthLimit: + description: "Per-scrape limit on length of labels + value that will be accepted for a sample. \n It + requires Prometheus >= v2.27.0." + format: int64 + type: integer + namespaceSelector: + description: Selector to select which namespaces + the Kubernetes `Endpoints` objects are discovered + from. + properties: + any: + description: Boolean describing whether all + namespaces are selected in contrast to a list + restricting them. + type: boolean + matchNames: + description: List of namespace names to select + from. + items: + type: string + type: array + type: object + podTargetLabels: + description: '`podTargetLabels` defines the labels + which are transferred from the associated Kubernetes + `Pod` object onto the ingested metrics.' + items: + type: string + type: array + sampleLimit: + description: '`sampleLimit` defines a per-scrape + limit on the number of scraped samples that will + be accepted.' + format: int64 + type: integer + selector: + description: Label selector to select the Kubernetes + `Endpoints` objects. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + targetLabels: + description: '`targetLabels` defines the labels + which are transferred from the associated Kubernetes + `Service` object onto the ingested metrics.' + items: + type: string + type: array + targetLimit: + description: '`targetLimit` defines a limit on the + number of scraped targets that will be accepted.' + format: int64 + type: integer + required: + - selector type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. avoid putting this pod in the same node, - zone, etc. as some other pod(s)). + type: object + vmMonitorTemplate: + description: "VictoriaMetrics is currently not supported + yet. Specifies the VMServiceScrape template used in the + Component. \n ```yaml name: vm-scrape namespace: default + labels: k8s-app: node-exporter vmServiceScrapeSpec: selector: + matchLabels: app: app-exporter ```" + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + vmServiceScrapeSpec: + description: VMServiceScrapeSpec defines the desired + state of VMServiceScrape properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule - pods to nodes that satisfy the anti-affinity expressions - specified by this field, but it may choose a node - that violates one or more of the expressions. - The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node - that meets all of the scheduling requirements - (resource request, requiredDuringScheduling anti-affinity - expressions, etc.), compute a sum by iterating - through the elements of this field and adding - "weight" to the sum if the node has pods which - matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. + attach_metadata: + description: AttachMetadata configures metadata + attaching from service discovery + properties: + node: + description: 'Node instructs vmagent to add + node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice.' + type: boolean + type: object + discoveryRole: + description: 'DiscoveryRole - defines kubernetes_sd + role for objects discovery. by default, its endpoints. + can be changed to service or endpointslices. note, + that with service setting, you have to use port: + "name" and cannot use targetPort for endpoints.' + enum: + - endpoints + - service + - endpointslices + type: string + endpoints: + description: A list of endpoints allowed as part + of this ServiceScrape. items: - description: The weights of all of the matched - WeightedPodAffinityTerm fields are added per-node - to find the most preferred node(s) + description: Endpoint defines a scrapeable endpoint + serving Prometheus metrics. properties: - podAffinityTerm: - description: Required. A pod affinity term, - associated with the corresponding weight. + attach_metadata: + description: AttachMetadata configures metadata + attaching from service discovery properties: - labelSelector: - description: A label query over a set - of resources, in this case pods. + node: + description: 'Node instructs vmagent to + add node specific metadata from service + discovery Valid for roles: pod, endpoints, + endpointslice.' + type: boolean + type: object + authorization: + description: Authorization with http header + Authorization + properties: + credentials: + description: Reference to the secret with + value for authorization properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. - type: object + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set - of namespaces that the term applies - to. The term is applied to the union - of the namespaces selected by this field - and the ones listed in the namespaces - field. null selector and null or empty - namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default + to bearer + type: string + type: object + basicAuth: + description: 'BasicAuth allow an endpoint + to authenticate over basic authentication + More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: The secret in the service + scrape namespace that contains the password + for authentication. It must be at them + same namespace as CRD properties: - matchExpressions: - description: matchExpressions is a - list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label - key that the selector applies - to. - type: string - operator: - description: operator represents - a key's relationship to a - set of values. Valid operators - are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values - array must be non-empty. If - the operator is Exists or - DoesNotExist, the values array - must be empty. This array - is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map - of {key,value} pairs. A single {key,value} - in the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are - ANDed. + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile defines path + to password file at disk + type: string + username: + description: The secret in the service + scrape namespace that contains the username + for authentication. It must be at them + same namespace as CRD + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for + scraping targets. + type: string + bearerTokenSecret: + description: Secret to mount to read bearer + token for scraping targets. The secret needs + to be in the same namespace as the service + scrape and accessible by the victoria-metrics + operator. + nullable: true + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects + for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's + labels on collisions with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether + vmagent respects the timestamps present + in scraped data. + type: boolean + interval: + description: Interval at which metrics should + be scraped + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply + to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic + rewriting of the label set, being applied + to samples before ingestion. It defines + ``-section of + configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based + on regex matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL + match expression (or list of expressions): + ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together + with Match for `action: graphite`' + type: object + match: + description: 'Match is used together + with Labels for `action: graphite`' + type: string + modulus: + description: Modulus to take of the + hash of the source label values. + format: int64 + type: integer + regex: + description: Regular expression against + which the extracted value is matched. + Default is '(.*)' victoriaMetrics + supports multiline regex joined with + | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against + which a regex replace is performed + if the regular expression matches. + Regex capture groups are available. + Default is '$1' + type: string + separator: + description: Separator placed between + concatenated source label values. + default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels + - additional form of source labels + source_labels for compatibility with + original relabel config. if set both + sourceLabels and source_labels, sourceLabels + has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using the + configured separator and matched against + the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel - + additional form of target label - + target_label for compatibility with + original relabel config. if set both + targetLabel and target_label, targetLabel + has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the resulting + value is written in a replace action. + It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the + OAuth2 client secret + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static - list of namespace names that the term - applies to. The term is applied to the - union of the namespaces listed in this - field and the ones selected by namespaceSelector. - null or empty namespaces list and null - namespaceSelector means "this pod's - namespace". + client_secret_file: + description: ClientSecretFile defines + path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the + token URL + type: object + scopes: + description: OAuth2 scopes used for the + token request items: type: string type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose - value of the label with key topologyKey - matches that of any node on which any - of the selected pods is running. Empty - topologyKey is not allowed. + token_url: + description: The URL to fetch the token + from + minLength: 1 type: string required: - - topologyKey + - client_id + - token_url type: object - weight: - description: weight associated with matching - the corresponding podAffinityTerm, in the - range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified - by this field are not met at scheduling time, - the pod will not be scheduled onto the node. If - the anti-affinity requirements specified by this - field cease to be met at some point during pod - execution (e.g. due to a pod label update), the - system may or may not try to eventually evict - the pod from its node. When there are multiple - elements, the lists of nodes corresponding to - each podAffinityTerm are intersected, i.e. all - terms must be satisfied. - items: - description: Defines a set of pods (namely those - matching the labelSelector relative to the given - namespace(s)) that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which - a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this + endpoint refers to. Mutually exclusive with + targetPort. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 + Directs scrapes to proxy through this endpoint. + type: string + relabelConfigs: + description: 'RelabelConfigs to apply to samples + before scraping. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic + rewriting of the label set, being applied + to samples before ingestion. It defines + ``-section of + configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based + on regex matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL + match expression (or list of expressions): + ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together + with Match for `action: graphite`' type: object - type: array - matchLabels: - additionalProperties: + match: + description: 'Match is used together + with Labels for `action: graphite`' type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. + modulus: + description: Modulus to take of the + hash of the source label values. + format: int64 + type: integer + regex: + description: Regular expression against + which the extracted value is matched. + Default is '(.*)' victoriaMetrics + supports multiline regex joined with + | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against + which a regex replace is performed + if the regular expression matches. + Regex capture groups are available. + Default is '$1' + type: string + separator: + description: Separator placed between + concatenated source label values. + default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels + - additional form of source labels + source_labels for compatibility with + original relabel config. if set both + sourceLabels and source_labels, sourceLabels + has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using the + configured separator and matched against + the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel - + additional form of target label - + target_label for compatibility with + original relabel config. if set both + targetLabel and target_label, targetLabel + has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the resulting + value is written in a replace action. + It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-endpoint + limit on number of scraped samples that + will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + type: string + scrape_interval: + description: ScrapeInterval is the same as + Interval and has priority over it. one of + scrape_interval or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape + is ended + type: string + seriesLimit: + description: SeriesLimit defines per-scrape + limit on number of unique time series a + single target can expose during all the + scrapes on the time window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: Name or number of the pod port + this endpoint refers to. Mutually exclusive + with port. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to use + when scraping the endpoint + properties: + ca: + description: Stuct containing the CA cert + to use for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the + container to use for the targets. + type: string + cert: + description: Struct containing the client + cert file for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file + in the container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client key file + in the container for the targets. + type: string + keySecret: + description: Secret containing the client + key file for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname + for the targets. + type: string type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of - namespaces that the term applies to. The - term is applied to the union of the namespaces - selected by this field and the ones listed - in the namespaces field. null selector and - null or empty namespaces list means "this - pod's namespace". An empty selector ({}) - matches all namespaces. + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics + specific scrape parametrs properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The - requirements are ANDed. + disable_compression: + type: boolean + disable_keep_alive: + description: disable_keepalive allows + disabling HTTP keep-alive when scraping + targets. By default, HTTP keep-alive + is enabled, so TCP connections to scrape + targets could be re-used. See https://docs.victoriametrics.com/vmagent.html#scrape_config-enhancements + type: boolean + headers: + description: 'Headers allows sending custom + headers to scrape targets must be in + of semicolon separated header with it''s + value eg: headerName: headerValue vmagent + supports since 1.79.0 version' items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents - a key's relationship to a set - of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array - of string values. If the operator - is In or NotIn, the values array - must be non-empty. If the operator - is Exists or DoesNotExist, the - values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static - list of namespace names that the term applies - to. The term is applied to the union of - the namespaces listed in this field and - the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector - means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where co-located - is defined as running on a node whose value - of the label with key topologyKey matches - that of any node on which any of the selected - pods is running. Empty topologyKey is not - allowed. - type: string - required: - - topologyKey + type: array + metric_relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + no_stale_markers: + type: boolean + proxy_client_config: + description: ProxyClientConfig configures + proxy auth settings for scraping See + feature description https://docs.victoriametrics.com/vmagent.html#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint + to authenticate over basic authentication + properties: + password: + description: The secret in the + service scrape namespace that + contains the password for authentication. + It must be at them same namespace + as CRD + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile defines + path to password file at disk + type: string + username: + description: The secret in the + service scrape namespace that + contains the username for authentication. + It must be at them same namespace + as CRD + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects + a key of a Secret. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + description: TLSConfig specifies TLSConfig + configuration parameters. + properties: + ca: + description: Stuct containing + the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to + select. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of + the secret to select + from. Must be a valid + secret key. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert + in the container to use for + the targets. + type: string + cert: + description: Struct containing + the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to + select. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of + the secret to select + from. Must be a valid + secret key. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client + cert file in the container for + the targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client + key file in the container for + the targets. + type: string + keySecret: + description: Secret containing + the client key file for the + targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the + hostname for the targets. + type: string + type: object + type: object + relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object type: object type: array + jobLabel: + description: The label to use to retrieve the job + name from. + type: string + namespaceSelector: + description: Selector to select which namespaces + the Endpoints objects are discovered from. + properties: + any: + description: Boolean describing whether all + namespaces are selected in contrast to a list + restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podTargetLabels: + description: PodTargetLabels transfers labels on + the Kubernetes Pod onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit + on number of scraped samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Endpoints objects + by corresponding Service labels. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: SeriesLimit defines per-scrape limit + on number of unique time series a single target + can expose during all the scrapes on the time + window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on the + Kubernetes Service onto the target. + items: + type: string + type: array + required: + - endpoints type: object type: object - nodeName: - description: NodeName is a request to schedule this Pod - onto a specific node. If it is non-empty, the scheduler - simply schedules this Pod onto that node, assuming that - it fits resource requirements. - type: string - nodeSelector: - additionalProperties: - type: string - description: 'NodeSelector is a selector which must be true - for the Pod to fit on a node. Selector which must match - a node''s labels for the Pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - x-kubernetes-map-type: atomic - schedulerName: - description: If specified, the Pod will be dispatched by - specified scheduler. If not specified, the Pod will be - dispatched by default scheduler. - type: string - tolerations: - description: "Allows Pods to be scheduled onto nodes with - matching taints. Each toleration in the array allows the - Pod to tolerate node taints based on specified `key`, - `value`, `effect`, and `operator`. \n - The `key`, `value`, - and `effect` identify the taint that the toleration matches. - - The `operator` determines how the toleration matches - the taint. \n Pods with matching tolerations are allowed - to be scheduled on tainted nodes, typically reserved for - specific purposes." + type: object + monitor: + description: "Deprecated since v0.9 Determines whether metrics + exporter information is annotated on the Component's headless + Service. \n If set to true, the following annotations will + be patched into the Service: \n - \"monitor.kubeblocks.io/path\" + - \"monitor.kubeblocks.io/port\" - \"monitor.kubeblocks.io/scheme\" + \n These annotations allow the Prometheus installed by KubeBlocks + to discover and scrape metrics from the exporter." + type: boolean + name: + description: "Specifies the Component's name. It's part of the + Service DNS name and must comply with the IANA service naming + rule. The name is optional when ClusterComponentSpec is used + as a template (e.g., in `shardingSpec`), but required otherwise. + \n TODO +kubebuilder:validation:XValidation:rule=\"self == + oldSelf\",message=\"name is immutable\"" + maxLength: 22 + pattern: ^[a-z]([a-z0-9\-]*[a-z0-9])?$ + type: string + offlineInstances: + description: "Specifies the names of instances to be transitioned + to offline status. \n Marking an instance as offline results + in the following: \n 1. The associated Pod is stopped, and + its PersistentVolumeClaim (PVC) is retained for potential + future reuse or data recovery, but it is no longer actively + used. 2. The ordinal number assigned to this instance is preserved, + ensuring it remains unique and avoiding conflicts with new + instances. \n Setting instances to offline allows for a controlled + scale-in process, preserving their data and maintaining ordinal + consistency within the Cluster. Note that offline instances + and their associated resources, such as PVCs, are not automatically + deleted. The administrator must manually manage the cleanup + and removal of these resources when they are no longer needed." + items: + type: string + type: array + replicas: + default: 1 + description: Specifies the desired number of replicas in the + Component for enhancing availability and durability, or load + balancing. + format: int32 + minimum: 0 + type: integer + resources: + description: Specifies the resources required by the Component. + It allows defining the CPU, memory requirements and limits + for the Component's containers. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only + be set for containers." items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple - using the matching operator . + description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: - effect: - description: Effect indicates the taint effect to - match. Empty means match all taint effects. When - specified, allowed values are NoSchedule, PreferNoSchedule - and NoExecute. - type: string - key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If - the key is empty, operator must be Exists; this - combination means to match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints - of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect - NoExecute, otherwise this field is ignored) tolerates - the taint. By default, it is not set, which means - tolerate the taint forever (do not evict). Zero - and negative values will be treated as 0 (evict - immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value - should be empty, otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: TopologySpreadConstraints describes how a group - of Pods ought to spread across topology domains. Scheduler - will schedule Pods in a way which abides by the constraints. - All topologySpreadConstraints are ANDed. - items: - description: TopologySpreadConstraint specifies how to - spread matching pods among the given topology. - properties: - labelSelector: - description: LabelSelector is used to find matching - pods. Pods that match this label selector are counted - to determine the number of pods in their corresponding - topology domain. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement is - a selector that contains values, a key, and - an operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If - the operator is Exists or DoesNotExist, - the values array must be empty. This array - is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - matchLabelKeys: - description: "MatchLabelKeys is a set of pod label - keys to select the pods over which spreading will - be calculated. The keys are used to lookup values - from the incoming pod labels, those key-value labels - are ANDed with labelSelector to select the group - of existing pods over which spreading will be calculated - for the incoming pod. The same key is forbidden - to exist in both MatchLabelKeys and LabelSelector. - MatchLabelKeys cannot be set when LabelSelector - isn't set. Keys that don't exist in the incoming - pod labels will be ignored. A null or empty list - means only match against labelSelector. \n This - is a beta field and requires the MatchLabelKeysInPodTopologySpread - feature gate to be enabled (enabled by default)." - items: - type: string - type: array - x-kubernetes-list-type: atomic - maxSkew: - description: 'MaxSkew describes the degree to which - pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, - it is the maximum permitted difference between the - number of matching pods in the target topology and - the global minimum. The global minimum is the minimum - number of matching pods in an eligible domain or - zero if the number of eligible domains is less than - MinDomains. For example, in a 3-zone cluster, MaxSkew - is set to 1, and pods with the same labelSelector - spread as 2/2/1: In this case, the global minimum - is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - - if MaxSkew is 1, incoming pod can only be scheduled - to zone3 to become 2/2/2; scheduling it onto zone1(zone2) - would make the ActualSkew(3-1) on zone1(zone2) violate - MaxSkew(1). - if MaxSkew is 2, incoming pod can - be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, - it is used to give higher precedence to topologies - that satisfy it. It''s a required field. Default - value is 1 and 0 is not allowed.' - format: int32 - type: integer - minDomains: - description: "MinDomains indicates a minimum number - of eligible domains. When the number of eligible - domains with matching topology keys is less than - minDomains, Pod Topology Spread treats \"global - minimum\" as 0, and then the calculation of Skew - is performed. And when the number of eligible domains - with matching topology keys equals or greater than - minDomains, this value has no effect on scheduling. - As a result, when the number of eligible domains - is less than minDomains, scheduler won't schedule - more than maxSkew Pods to those domains. If value - is nil, the constraint behaves as if MinDomains - is equal to 1. Valid values are integers greater - than 0. When value is not nil, WhenUnsatisfiable - must be DoNotSchedule. \n For example, in a 3-zone - cluster, MaxSkew is set to 2, MinDomains is set - to 5 and pods with the same labelSelector spread - as 2/2/2: | zone1 | zone2 | zone3 | | P P | P - P | P P | The number of domains is less than - 5(MinDomains), so \"global minimum\" is treated - as 0. In this situation, new pod with the same labelSelector - cannot be scheduled, because computed skew will - be 3(3 - 0) if new Pod is scheduled to any of the - three zones, it will violate MaxSkew. \n This is - a beta field and requires the MinDomainsInPodTopologySpread - feature gate to be enabled (enabled by default)." - format: int32 - type: integer - nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we - will treat Pod's nodeAffinity/nodeSelector when - calculating pod topology spread skew. Options are: - - Honor: only nodes matching nodeAffinity/nodeSelector - are included in the calculations. - Ignore: nodeAffinity/nodeSelector - are ignored. All nodes are included in the calculations. - \n If this value is nil, the behavior is equivalent - to the Honor policy. This is a beta-level feature - default enabled by the NodeInclusionPolicyInPodTopologySpread - feature flag." - type: string - nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will - treat node taints when calculating pod topology - spread skew. Options are: - Honor: nodes without - taints, along with tainted nodes for which the incoming - pod has a toleration, are included. - Ignore: node - taints are ignored. All nodes are included. \n If - this value is nil, the behavior is equivalent to - the Ignore policy. This is a beta-level feature - default enabled by the NodeInclusionPolicyInPodTopologySpread - feature flag." - type: string - topologyKey: - description: TopologyKey is the key of node labels. - Nodes that have a label with this key and identical - values are considered to be in the same topology. - We consider each as a "bucket", and - try to put balanced number of pods into each bucket. - We define a domain as a particular instance of a - topology. Also, we define an eligible domain as - a domain whose nodes meet the requirements of nodeAffinityPolicy - and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", - each Node is a domain of that topology. And, if - TopologyKey is "topology.kubernetes.io/zone", each - zone is a domain of that topology. It's a required - field. - type: string - whenUnsatisfiable: - description: 'WhenUnsatisfiable indicates how to deal - with a pod if it doesn''t satisfy the spread constraint. - - DoNotSchedule (default) tells the scheduler not - to schedule it. - ScheduleAnyway tells the scheduler - to schedule the pod in any location, but giving - higher precedence to topologies that would help - reduce the skew. A constraint is considered "Unsatisfiable" - for an incoming pod if and only if every possible - node assignment for that pod would violate "MaxSkew" - on some topology. For example, in a 3-zone cluster, - MaxSkew is set to 1, and pods with the same labelSelector - spread as 3/1/1: | zone1 | zone2 | zone3 | | P P - P | P | P | If WhenUnsatisfiable is set - to DoNotSchedule, incoming pod can only be scheduled - to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) - on zone2(zone3) satisfies MaxSkew(1). In other words, - the cluster can still be imbalanced, but scheduler - won''t make it *more* imbalanced. It''s a required - field.' + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where this + field is used. It makes that resource available + inside a container. type: string required: - - maxSkew - - topologyKey - - whenUnsatisfiable + - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests + cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object type: object - serviceAccountName: - description: "Specifies the name of the ServiceAccount required - by the running Component. This ServiceAccount is used to grant - necessary permissions for the Component's Pods to interact - with other Kubernetes resources, such as modifying Pod labels - or sending events. \n Defaults: If not specified, KubeBlocks - automatically assigns a default ServiceAccount named \"kb-{cluster.name}\", - bound to a default role installed together with KubeBlocks. - \n Future Changes: Future versions might change the default - ServiceAccount creation strategy to one per Component, potentially - revising the naming to \"kb-{cluster.name}-{component.name}\". - \n Users can override the automatic ServiceAccount assignment - by explicitly setting the name of an existed ServiceAccount - in this field." - type: string - serviceRefs: - description: "Defines a list of ServiceRef for a Component, - enabling access to both external services and Services provided - by other Clusters. \n Types of services: \n - External services: - Not managed by KubeBlocks or managed by a different KubeBlocks - operator; Require a ServiceDescriptor for connection details. - - Services provided by a Cluster: Managed by the same KubeBlocks - operator; identified using Cluster, Component and Service - names. \n ServiceRefs with identical `serviceRef.name` in - the same Cluster are considered the same. \n Example: ```yaml - serviceRefs: - name: \"redis-sentinel\" serviceDescriptor: - name: \"external-redis-sentinel\" - name: \"postgres-cluster\" - clusterServiceSelector: cluster: \"my-postgres-cluster\" service: - component: \"postgresql\" ``` The example above includes ServiceRefs - to an external Redis Sentinel service and a PostgreSQL Cluster." - items: - properties: - cluster: - description: "Specifies the name of the KubeBlocks Cluster - being referenced. This is used when services from another - KubeBlocks Cluster are consumed. \n By default, the - referenced KubeBlocks Cluster's `clusterDefinition.spec.connectionCredential` - will be utilized to bind to the current Component. This - credential should include: `endpoint`, `port`, `username`, - and `password`. \n Note: \n - The `ServiceKind` and - `ServiceVersion` specified in the service reference - within the ClusterDefinition are not validated when - using this approach. - If both `cluster` and `serviceDescriptor` - are present, `cluster` will take precedence. \n Deprecated - since v0.9 since `clusterDefinition.spec.connectionCredential` - is deprecated, use `clusterServiceSelector` instead. - This field is maintained for backward compatibility - and its use is discouraged. Existing usage should be - updated to the current preferred approach to avoid compatibility - issues in future releases." - type: string - clusterServiceSelector: - description: References a service provided by another - KubeBlocks Cluster. It specifies the ClusterService - and the account credentials needed for access. - properties: - cluster: - description: The name of the Cluster being referenced. - type: string - credential: - description: Specifies the SystemAccount to authenticate - and establish a connection with the referenced Cluster. - The SystemAccount should be defined in `componentDefinition.spec.systemAccounts` - of the Component providing the service in the referenced - Cluster. - properties: - component: - description: The name of the Component where the - credential resides in. - type: string - name: - description: The name of the credential (SystemAccount) - to reference. - type: string - required: - - component - - name - type: object - service: - description: Identifies a ClusterService from the - list of Services defined in `cluster.spec.services` - of the referenced Cluster. - properties: - component: - description: "The name of the Component where - the Service resides in. \n It is required when - referencing a Component's Service." - type: string - port: - description: "The port name of the Service to - be referenced. \n If there is a non-zero node-port - exist for the matched Service port, the node-port - will be selected first. \n If the referenced - Service is of pod-service type (a Service per - Pod), there will be multiple Service objects - matched, and the resolved value will be presented - in the following format: service1.name:port1,service2.name:port2..." - type: string - service: - description: "The name of the Service to be referenced. - \n Leave it empty to reference the default Service. - Set it to \"headless\" to reference the default - headless Service. \n If the referenced Service - is of pod-service type (a Service per Pod), - there will be multiple Service objects matched, - and the resolved value will be presented in - the following format: service1.name,service2.name..." - type: string - required: - - service - type: object - required: - - cluster - type: object - name: - description: "Specifies the identifier of the service - reference declaration. It corresponds to the serviceRefDeclaration - name defined in either: \n - `componentDefinition.spec.serviceRefDeclarations[*].name` - - `clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name` - (deprecated)" - type: string - namespace: - description: Specifies the namespace of the referenced - Cluster or the namespace of the referenced ServiceDescriptor - object. If not provided, the referenced Cluster and - ServiceDescriptor will be searched in the namespace - of the current Cluster by default. - type: string - serviceDescriptor: - description: "Specifies the name of the ServiceDescriptor - object that describes a service provided by external - sources. \n When referencing a service provided by external - sources, a ServiceDescriptor object is required to establish - the service binding. The `serviceDescriptor.spec.serviceKind` - and `serviceDescriptor.spec.serviceVersion` should match - the serviceKind and serviceVersion declared in the definition. - \n If both `cluster` and `serviceDescriptor` are specified, - the `cluster` takes precedence." - type: string - required: - - name - type: object - type: array - serviceVersion: - description: ServiceVersion specifies the version of the Service - expected to be provisioned by this Component. The version - should follow the syntax and semantics of the "Semantic Versioning" - specification (http://semver.org/). If no version is specified, - the latest available version will be used. - maxLength: 32 - type: string - services: - description: Overrides services defined in referenced ComponentDefinition - and expose endpoints that can be accessed by clients. - items: - properties: - annotations: - additionalProperties: - type: string - description: 'If ServiceType is LoadBalancer, cloud provider - related parameters can be put here. More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer.' - type: object - name: - description: References the ComponentService name defined - in the `componentDefinition.spec.services[*].name`. - maxLength: 25 - type: string - podService: - description: Indicates whether to generate individual - Services for each Pod. If set to true, a separate Service - will be created for each Pod in the Cluster. - type: boolean - serviceType: - default: ClusterIP - description: "Determines how the Service is exposed. Valid - options are `ClusterIP`, `NodePort`, and `LoadBalancer`. - \n - `ClusterIP` allocates a Cluster-internal IP address - for load-balancing to endpoints. Endpoints are determined - by the selector or if that is not specified, they are - determined by manual construction of an Endpoints object - or EndpointSlice objects. - `NodePort` builds on ClusterIP - and allocates a port on every node which routes to the - same endpoints as the ClusterIP. - `LoadBalancer` builds - on NodePort and creates an external load-balancer (if - supported in the current cloud) which routes to the - same endpoints as the ClusterIP. \n Note: although K8s - Service type allows the 'ExternalName' type, it is not - a valid option for ClusterComponentService. \n For more - info, see: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types." - enum: - - ClusterIP - - NodePort - - LoadBalancer - type: string - x-kubernetes-preserve-unknown-fields: true - required: - - name - type: object - type: array - sidecars: - description: Defines the sidecar containers that will be attached - to the Component's main container. - items: - type: string - maxItems: 32 - minItems: 1 - type: array - x-kubernetes-list-type: set - switchPolicy: - description: "Defines the strategy for switchover and failover - when workloadType is Replication. \n Deprecated since v0.9. - This field is maintained for backward compatibility and its - use is discouraged. Existing usage should be updated to the - current preferred approach to avoid compatibility issues in - future releases." + x-kubernetes-preserve-unknown-fields: true + schedulingPolicy: + description: Specifies the scheduling policy for the Component. properties: - type: - default: Noop - description: Type specifies the type of switch policy to - be applied. - enum: - - Noop - type: string - type: object - tls: - description: A boolean flag that indicates whether the Component - should use Transport Layer Security (TLS) for secure communication. - When set to true, the Component will be configured to use - TLS encryption for its network connections. This ensures that - the data transmitted between the Component and its clients - or other Components is encrypted and protected from unauthorized - access. If TLS is enabled, the Component may require additional - configuration, such as specifying TLS certificates and keys, - to properly set up the secure communication channel. - type: boolean - tolerations: - description: "Allows Pods to be scheduled onto nodes with matching - taints. Each toleration in the array allows the Pod to tolerate - node taints based on specified `key`, `value`, `effect`, and - `operator`. \n - The `key`, `value`, and `effect` identify - the taint that the toleration matches. - The `operator` determines - how the toleration matches the taint. \n Pods with matching - tolerations are allowed to be scheduled on tainted nodes, - typically reserved for specific purposes. \n Deprecated since - v0.10, replaced by the `schedulingPolicy` field." - items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . - properties: - effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. - type: string - key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - x-kubernetes-preserve-unknown-fields: true - updateStrategy: - description: "Defines the update strategy for the Component. - \n Deprecated since v0.9. This field is maintained for backward - compatibility and its use is discouraged. Existing usage should - be updated to the current preferred approach to avoid compatibility - issues in future releases." - enum: - - Serial - - BestEffortParallel - - Parallel - type: string - userResourceRefs: - description: "Allows users to specify custom ConfigMaps and - Secrets to be mounted as volumes in the Cluster's Pods. This - is useful in scenarios where users need to provide additional - resources to the Cluster, such as: \n - Mounting custom scripts - or configuration files during Cluster startup. - Mounting - Secrets as volumes to provide sensitive information, like - S3 AK/SK, to the Cluster." - properties: - configMapRefs: - description: ConfigMapRefs defines the user-defined ConfigMaps. - items: - description: ConfigMapRef defines a reference to a ConfigMap. - properties: - asVolumeFrom: - description: AsVolumeFrom lists the names of containers - in which the volume should be mounted. - items: - type: string - type: array - x-kubernetes-list-type: set - configMap: - description: ConfigMap specifies the ConfigMap to - be mounted as a volume. - properties: - defaultMode: - description: 'defaultMode is optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: items if unspecified, each key-value - pair in the Data field of the referenced ConfigMap - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the ConfigMap, the volume - setup will error unless it is marked optional. - Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: optional specify whether the ConfigMap - or its keys must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - mountPoint: - description: MountPoint is the filesystem path where - the volume will be mounted. - maxLength: 256 - pattern: ^/[a-z]([a-z0-9\-]*[a-z0-9])?$ - type: string - name: - description: Name is the name of the referenced ConfigMap - or Secret object. It must conform to DNS label standards. - maxLength: 63 - pattern: ^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$ - type: string - subPath: - description: SubPath specifies a path within the volume - from which to mount. - type: string - required: - - configMap - - mountPoint - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - secretRefs: - description: SecretRefs defines the user-defined Secrets. - items: - description: SecretRef defines a reference to a Secret. - properties: - asVolumeFrom: - description: AsVolumeFrom lists the names of containers - in which the volume should be mounted. - items: - type: string - type: array - x-kubernetes-list-type: set - mountPoint: - description: MountPoint is the filesystem path where - the volume will be mounted. - maxLength: 256 - pattern: ^/[a-z]([a-z0-9\-]*[a-z0-9])?$ - type: string - name: - description: Name is the name of the referenced ConfigMap - or Secret object. It must conform to DNS label standards. - maxLength: 63 - pattern: ^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$ - type: string - secret: - description: Secret specifies the Secret to be mounted - as a volume. - properties: - defaultMode: - description: 'defaultMode is Optional: mode bits - used to set permissions on created files by - default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. - Defaults to 0644. Directories within the path - are not affected by this setting. This might - be in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer + affinity: + description: Specifies a group of affinity scheduling rules + of the Cluster, including NodeAffinity, PodAffinity, and + PodAntiAffinity. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. + The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node + that meets all of the scheduling requirements + (resource request, requiredDuringScheduling affinity + expressions, etc.), compute a sum by iterating + through the elements of this field and adding + "weight" to the sum if the node matches the corresponding + matchExpressions; the node(s) with the highest + sum are the most preferred. items: - description: items If unspecified, each key-value - pair in the Data field of the referenced Secret - will be projected into the volume as a file - whose name is the key and content is the value. - If specified, the listed keys will be projected - into the specified paths, and unlisted keys - will not be present. If a key is specified which - is not present in the Secret, the volume setup - will error unless it is marked optional. Paths - must be relative and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: key is the key to project. - type: string - mode: - description: 'mode is Optional: mode bits - used to set permissions on this file. - Must be an octal value between 0000 and - 0777 or a decimal value between 0 and - 511. YAML accepts both octal and decimal - values, JSON requires decimal values for - mode bits. If not specified, the volume - defaultMode will be used. This might be - in conflict with other options that affect - the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - path: - description: path is the relative path of - the file to map the key to. May not be - an absolute path. May not contain the - path element '..'. May not start with - the string '..'. - type: string - required: - - key - - path - type: object - type: array - optional: - description: optional field specify whether the - Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of the secret - in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - subPath: - description: SubPath specifies a path within the volume - from which to mount. - type: string - required: - - mountPoint - - name - - secret - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - volumeClaimTemplates: - description: Specifies a list of PersistentVolumeClaim templates - that represent the storage requirements for the Component. - Each template specifies the desired characteristics of a persistent - volume, such as storage class, size, and access modes. These - templates are used to dynamically provision persistent volumes - for the Component. - items: - properties: - name: - description: "Refers to the name of a volumeMount defined - in either: \n - `componentDefinition.spec.runtime.containers[*].volumeMounts` - - `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` - (deprecated) \n The value of `name` must match the `name` - field of a volumeMount specified in the corresponding - `volumeMounts` array." - type: string - spec: - description: "Defines the desired characteristics of a - PersistentVolumeClaim that will be created for the volume - with the mount name specified in the `name` field. \n - When a Pod is created for this ClusterComponent, a new - PVC will be created based on the specification defined - in the `spec` field. The PVC will be associated with - the volume mount specified by the `name` field." - properties: - accessModes: - description: 'Contains the desired access modes the - volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1.' - items: - type: string - type: array - x-kubernetes-preserve-unknown-fields: true - resources: - description: 'Represents the minimum resources the - volume should have. If the RecoverVolumeExpansionFailure - feature is enabled, users are allowed to specify - resource requirements that are lower than the previous - value but must still be higher than the capacity - recorded in the status field of the claim. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources.' - properties: - claims: - description: "Claims lists the names of resources, - defined in spec.resourceClaims, that are used - by this container. \n This is an alpha field - and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It - can only be set for containers." - items: - description: ResourceClaim references one entry - in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of - one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes - that resource available inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. Requests cannot - exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - x-kubernetes-preserve-unknown-fields: true - storageClassName: - description: 'The name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1.' - type: string - volumeMode: - description: Defines what type of volume is required - by the claim, either Block or Filesystem. - type: string - type: object - required: - - name - type: object - type: array - required: - - replicas - type: object - maxItems: 128 - minItems: 1 - type: array - x-kubernetes-validations: - - message: duplicated component - rule: self.all(x, size(self.filter(c, c.name == x.name)) == 1) - - message: two kinds of definition API can not be used simultaneously - rule: self.all(x, size(self.filter(c, has(c.componentDef))) == 0) - || self.all(x, size(self.filter(c, has(c.componentDef))) == size(self)) - network: - description: "The configuration of network. \n Deprecated since v0.9. - This field is maintained for backward compatibility and its use - is discouraged. Existing usage should be updated to the current - preferred approach to avoid compatibility issues in future releases." - properties: - hostNetworkAccessible: - default: false - description: Indicates whether the host network can be accessed. - By default, this is set to false. - type: boolean - publiclyAccessible: - default: false - description: Indicates whether the network is accessible to the - public. By default, this is set to false. - type: boolean - type: object - replicas: - description: "Specifies the replicas of the first componentSpec, if - the replicas of the first componentSpec is specified, this value - will be ignored. \n Deprecated since v0.9. This field is maintained - for backward compatibility and its use is discouraged. Existing - usage should be updated to the current preferred approach to avoid - compatibility issues in future releases." - format: int32 - type: integer - resources: - description: "Specifies the resources of the first componentSpec, - if the resources of the first componentSpec is specified, this value - will be ignored. \n Deprecated since v0.9. This field is maintained - for backward compatibility and its use is discouraged. Existing - usage should be updated to the current preferred approach to avoid - compatibility issues in future releases." - properties: - cpu: - anyOf: - - type: integer - - type: string - description: 'Specifies the amount of CPU resource the Cluster - needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - memory: - anyOf: - - type: integer - - type: string - description: 'Specifies the amount of memory resource the Cluster - needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - runtimeClassName: - description: Specifies runtimeClassName for all Pods managed by this - Cluster. - type: string - schedulingPolicy: - description: Specifies the scheduling policy for the Cluster. - properties: - affinity: - description: Specifies a group of affinity scheduling rules of - the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for - the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects - (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated with - the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. + matchExpressions: + description: A list of node selector requirements + by node's labels. items: - type: string + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. If + the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. If + the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, + the pod will not be scheduled onto the node. If + the affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to an update), the system may or may + not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. + description: A null or empty node selector + term matches no objects. The requirements + of them are ANDed. The TopologySelectorTerm + type implements a subset of the NodeSelectorTerm. properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. + matchExpressions: + description: A list of node selector requirements + by node's labels. items: - type: string + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. If + the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that + the selector applies to. + type: string + operator: + description: Represents a key's + relationship to a set of values. + Valid operators are In, NotIn, + Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string + values. If the operator is In + or NotIn, the values array must + be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. If + the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator type: object + x-kubernetes-map-type: atomic type: array + required: + - nodeSelectorTerms type: object x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the - corresponding nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from - its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term - matches no objects. The requirements of them are - ANDed. The TopologySelectorTerm type implements - a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. + podAffinity: + description: Describes pod affinity scheduling rules + (e.g. co-locate this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. + The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node + that meets all of the scheduling requirements + (resource request, requiredDuringScheduling affinity + expressions, etc.), compute a sum by iterating + through the elements of this field and adding + "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched + WeightedPodAffinityTerm fields are added per-node + to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. + labelSelector: + description: A label query over a set + of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a + list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a + set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values + array must be non-empty. If + the operator is Exists or + DoesNotExist, the values array + must be empty. This array + is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies + to. The term is applied to the union + of the namespaces selected by this field + and the ones listed in the namespaces + field. null selector and null or empty + namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a + list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a + set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values + array must be non-empty. If + the operator is Exists or + DoesNotExist, the values array + must be empty. This array + is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's + namespace". items: type: string type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array required: - - key - - operator + - topologyKey type: object - type: array - type: object - x-kubernetes-map-type: atomic - type: array - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. - co-locate this pod in the same node, zone, etc. as some - other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest sum are - the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, + the pod will not be scheduled onto the node. If + the affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by - this field and the ones listed in the namespaces - field. null selector and null or empty namespaces - list means "this pod's namespace". An empty - selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. - items: + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. type: string - type: array - required: - - key - - operator + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. - The term is applied to the union of the namespaces - listed in this field and the ones selected - by namespaceSelector. null or empty namespaces - list and null namespaceSelector means "this - pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the - pods matching the labelSelector in the specified - namespaces, where co-located is defined as - running on a node whose value of the label - with key topologyKey matches that of any node - on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the - corresponding podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to a pod label update), - the system may or may not try to eventually evict the - pod from its node. When there are multiple elements, - the lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not - co-located (anti-affinity) with, where co-located - is defined as running on a node whose value of the - label with key matches that of any node - on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of + namespaces that the term applies to. The + term is applied to the union of the namespaces + selected by this field and the ones listed + in the namespaces field. null selector and + null or empty namespaces list means "this + pod's namespace". An empty selector ({}) + matches all namespaces. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. items: - type: string + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term applies + to. The term is applied to the union of + the namespaces listed in this field and + the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose value + of the label with key topologyKey matches + that of any node on which any of the selected + pods is running. Empty topologyKey is not + allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string + required: + - topologyKey + type: object type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules - (e.g. avoid putting this pod in the same node, zone, etc. - as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the anti-affinity expressions - specified by this field, but it may choose a node that - violates one or more of the expressions. The node that - is most preferred is the one with the greatest sum of - weights, i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - anti-affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node has pods which matches the corresponding - podAffinityTerm; the node(s) with the highest sum are - the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred - node(s) + podAntiAffinity: + description: Describes pod anti-affinity scheduling + rules (e.g. avoid putting this pod in the same node, + zone, etc. as some other pod(s)). properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. + The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node + that meets all of the scheduling requirements + (resource request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating + through the elements of this field and adding + "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched + WeightedPodAffinityTerm fields are added per-node + to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set + of resources, in this case pods. properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. + matchExpressions: + description: matchExpressions is a + list of label selector requirements. + The requirements are ANDed. items: - type: string + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a + set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values + array must be non-empty. If + the operator is Exists or + DoesNotExist, the values array + must be empty. This array + is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by - this field and the ones listed in the namespaces - field. null selector and null or empty namespaces - list means "this pod's namespace". An empty - selector ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. - items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set + of namespaces that the term applies + to. The term is applied to the union + of the namespaces selected by this field + and the ones listed in the namespaces + field. null selector and null or empty + namespaces list means "this pod's namespace". + An empty selector ({}) matches all namespaces. properties: - key: - description: key is the label key - that the selector applies to. - type: string - operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. + matchExpressions: + description: matchExpressions is a + list of label selector requirements. + The requirements are ANDed. items: - type: string + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a + set of values. Valid operators + are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values + array must be non-empty. If + the operator is Exists or + DoesNotExist, the values array + must be empty. This array + is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map + of {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's + namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. - The term is applied to the union of the namespaces - listed in this field and the ones selected - by namespaceSelector. null or empty namespaces - list and null namespaceSelector means "this - pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the - pods matching the labelSelector in the specified - namespaces, where co-located is defined as - running on a node whose value of the label - with key topologyKey matches that of any node - on which any of the selected pods is running. - Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the - corresponding podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified - by this field are not met at scheduling time, the pod - will not be scheduled onto the node. If the anti-affinity - requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod - label update), the system may or may not try to eventually - evict the pod from its node. When there are multiple - elements, the lists of nodes corresponding to each podAffinityTerm - are intersected, i.e. all terms must be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) - that this pod should be co-located (affinity) or not - co-located (anti-affinity) with, where co-located - is defined as running on a node whose value of the - label with key matches that of any node - on which a pod of the set of pods is running - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array required: - - key - - operator + - topologyKey type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces - that the term applies to. The term is applied - to the union of the namespaces selected by this - field and the ones listed in the namespaces field. - null selector and null or empty namespaces list - means "this pod's namespace". An empty selector - ({}) matches all namespaces. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, + the pod will not be scheduled onto the node. If + the anti-affinity requirements specified by this + field cease to be met at some point during pod + execution (e.g. due to a pod label update), the + system may or may not try to eventually evict + the pod from its node. When there are multiple + elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all + terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which + a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. items: - type: string + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list - of namespace names that the term applies to. The - term is applied to the union of the namespaces - listed in this field and the ones selected by - namespaceSelector. null or empty namespaces list - and null namespaceSelector means "this pod's namespace". - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey - matches that of any node on which any of the selected - pods is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - nodeName: - description: NodeName is a request to schedule this Pod onto a - specific node. If it is non-empty, the scheduler simply schedules - this Pod onto that node, assuming that it fits resource requirements. - type: string - nodeSelector: - additionalProperties: - type: string - description: 'NodeSelector is a selector which must be true for - the Pod to fit on a node. Selector which must match a node''s - labels for the Pod to be scheduled on that node. More info: - https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - x-kubernetes-map-type: atomic - schedulerName: - description: If specified, the Pod will be dispatched by specified - scheduler. If not specified, the Pod will be dispatched by default - scheduler. - type: string - tolerations: - description: "Allows Pods to be scheduled onto nodes with matching - taints. Each toleration in the array allows the Pod to tolerate - node taints based on specified `key`, `value`, `effect`, and - `operator`. \n - The `key`, `value`, and `effect` identify the - taint that the toleration matches. - The `operator` determines - how the toleration matches the taint. \n Pods with matching - tolerations are allowed to be scheduled on tainted nodes, typically - reserved for specific purposes." - items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . - properties: - effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - topologySpreadConstraints: - description: TopologySpreadConstraints describes how a group of - Pods ought to spread across topology domains. Scheduler will - schedule Pods in a way which abides by the constraints. All - topologySpreadConstraints are ANDed. - items: - description: TopologySpreadConstraint specifies how to spread - matching pods among the given topology. - properties: - labelSelector: - description: LabelSelector is used to find matching pods. - Pods that match this label selector are counted to determine - the number of pods in their corresponding topology domain. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of + namespaces that the term applies to. The + term is applied to the union of the namespaces + selected by this field and the ones listed + in the namespaces field. null selector and + null or empty namespaces list means "this + pod's namespace". An empty selector ({}) + matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static + list of namespace names that the term applies + to. The term is applied to the union of + the namespaces listed in this field and + the ones selected by namespaceSelector. + null or empty namespaces list and null namespaceSelector + means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose value + of the label with key topologyKey matches + that of any node on which any of the selected + pods is running. Empty topologyKey is not + allowed. + type: string + required: + - topologyKey + type: object + type: array type: object type: object + nodeName: + description: NodeName is a request to schedule this Pod + onto a specific node. If it is non-empty, the scheduler + simply schedules this Pod onto that node, assuming that + it fits resource requirements. + type: string + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must be true + for the Pod to fit on a node. Selector which must match + a node''s labels for the Pod to be scheduled on that node. + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object x-kubernetes-map-type: atomic - matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys - to select the pods over which spreading will be calculated. - The keys are used to lookup values from the incoming pod - labels, those key-value labels are ANDed with labelSelector - to select the group of existing pods over which spreading - will be calculated for the incoming pod. The same key - is forbidden to exist in both MatchLabelKeys and LabelSelector. - MatchLabelKeys cannot be set when LabelSelector isn't - set. Keys that don't exist in the incoming pod labels - will be ignored. A null or empty list means only match - against labelSelector. \n This is a beta field and requires - the MatchLabelKeysInPodTopologySpread feature gate to - be enabled (enabled by default)." + schedulerName: + description: If specified, the Pod will be dispatched by + specified scheduler. If not specified, the Pod will be + dispatched by default scheduler. + type: string + tolerations: + description: "Allows Pods to be scheduled onto nodes with + matching taints. Each toleration in the array allows the + Pod to tolerate node taints based on specified `key`, + `value`, `effect`, and `operator`. \n - The `key`, `value`, + and `effect` identify the taint that the toleration matches. + - The `operator` determines how the toleration matches + the taint. \n Pods with matching tolerations are allowed + to be scheduled on tainted nodes, typically reserved for + specific purposes." items: - type: string - type: array - x-kubernetes-list-type: atomic - maxSkew: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple + using the matching operator . + properties: + effect: + description: Effect indicates the taint effect to + match. Empty means match all taint effects. When + specified, allowed values are NoSchedule, PreferNoSchedule + and NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If + the key is empty, operator must be Exists; this + combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints + of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect + NoExecute, otherwise this field is ignored) tolerates + the taint. By default, it is not set, which means + tolerate the taint forever (do not evict). Zero + and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value + should be empty, otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraints describes how a group + of Pods ought to spread across topology domains. Scheduler + will schedule Pods in a way which abides by the constraints. + All topologySpreadConstraints are ANDed. + items: + description: TopologySpreadConstraint specifies how to + spread matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching + pods. Pods that match this label selector are counted + to determine the number of pods in their corresponding + topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label + keys to select the pods over which spreading will + be calculated. The keys are used to lookup values + from the incoming pod labels, those key-value labels + are ANDed with labelSelector to select the group + of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden + to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector + isn't set. Keys that don't exist in the incoming + pod labels will be ignored. A null or empty list + means only match against labelSelector. \n This + is a beta field and requires the MatchLabelKeysInPodTopologySpread + feature gate to be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which + pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the + number of matching pods in the target topology and + the global minimum. The global minimum is the minimum + number of matching pods in an eligible domain or + zero if the number of eligible domains is less than + MinDomains. For example, in a 3-zone cluster, MaxSkew + is set to 1, and pods with the same labelSelector + spread as 2/2/1: In this case, the global minimum + is 1. | zone1 | zone2 | zone3 | | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled + to zone3 to become 2/2/2; scheduling it onto zone1(zone2) + would make the ActualSkew(3-1) on zone1(zone2) violate + MaxSkew(1). - if MaxSkew is 2, incoming pod can + be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies + that satisfy it. It''s a required field. Default + value is 1 and 0 is not allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number + of eligible domains. When the number of eligible + domains with matching topology keys is less than + minDomains, Pod Topology Spread treats \"global + minimum\" as 0, and then the calculation of Skew + is performed. And when the number of eligible domains + with matching topology keys equals or greater than + minDomains, this value has no effect on scheduling. + As a result, when the number of eligible domains + is less than minDomains, scheduler won't schedule + more than maxSkew Pods to those domains. If value + is nil, the constraint behaves as if MinDomains + is equal to 1. Valid values are integers greater + than 0. When value is not nil, WhenUnsatisfiable + must be DoNotSchedule. \n For example, in a 3-zone + cluster, MaxSkew is set to 2, MinDomains is set + to 5 and pods with the same labelSelector spread + as 2/2/2: | zone1 | zone2 | zone3 | | P P | P + P | P P | The number of domains is less than + 5(MinDomains), so \"global minimum\" is treated + as 0. In this situation, new pod with the same labelSelector + cannot be scheduled, because computed skew will + be 3(3 - 0) if new Pod is scheduled to any of the + three zones, it will violate MaxSkew. \n This is + a beta field and requires the MinDomainsInPodTopologySpread + feature gate to be enabled (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we + will treat Pod's nodeAffinity/nodeSelector when + calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector + are included in the calculations. - Ignore: nodeAffinity/nodeSelector + are ignored. All nodes are included in the calculations. + \n If this value is nil, the behavior is equivalent + to the Honor policy. This is a beta-level feature + default enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will + treat node taints when calculating pod topology + spread skew. Options are: - Honor: nodes without + taints, along with tainted nodes for which the incoming + pod has a toleration, are included. - Ignore: node + taints are ignored. All nodes are included. \n If + this value is nil, the behavior is equivalent to + the Ignore policy. This is a beta-level feature + default enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. + Nodes that have a label with this key and identical + values are considered to be in the same topology. + We consider each as a "bucket", and + try to put balanced number of pods into each bucket. + We define a domain as a particular instance of a + topology. Also, we define an eligible domain as + a domain whose nodes meet the requirements of nodeAffinityPolicy + and nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", + each Node is a domain of that topology. And, if + TopologyKey is "topology.kubernetes.io/zone", each + zone is a domain of that topology. It's a required + field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal + with a pod if it doesn''t satisfy the spread constraint. + - DoNotSchedule (default) tells the scheduler not + to schedule it. - ScheduleAnyway tells the scheduler + to schedule the pod in any location, but giving + higher precedence to topologies that would help + reduce the skew. A constraint is considered "Unsatisfiable" + for an incoming pod if and only if every possible + node assignment for that pod would violate "MaxSkew" + on some topology. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 3/1/1: | zone1 | zone2 | zone3 | | P P + P | P | P | If WhenUnsatisfiable is set + to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) + on zone2(zone3) satisfies MaxSkew(1). In other words, + the cluster can still be imbalanced, but scheduler + won''t make it *more* imbalanced. It''s a required + field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + type: object + serviceAccountName: + description: "Specifies the name of the ServiceAccount required + by the running Component. This ServiceAccount is used to grant + necessary permissions for the Component's Pods to interact + with other Kubernetes resources, such as modifying Pod labels + or sending events. \n Defaults: If not specified, KubeBlocks + automatically assigns a default ServiceAccount named \"kb-{cluster.name}\", + bound to a default role installed together with KubeBlocks. + \n Future Changes: Future versions might change the default + ServiceAccount creation strategy to one per Component, potentially + revising the naming to \"kb-{cluster.name}-{component.name}\". + \n Users can override the automatic ServiceAccount assignment + by explicitly setting the name of an existed ServiceAccount + in this field." + type: string + serviceRefs: + description: "Defines a list of ServiceRef for a Component, + enabling access to both external services and Services provided + by other Clusters. \n Types of services: \n - External services: + Not managed by KubeBlocks or managed by a different KubeBlocks + operator; Require a ServiceDescriptor for connection details. + - Services provided by a Cluster: Managed by the same KubeBlocks + operator; identified using Cluster, Component and Service + names. \n ServiceRefs with identical `serviceRef.name` in + the same Cluster are considered the same. \n Example: ```yaml + serviceRefs: - name: \"redis-sentinel\" serviceDescriptor: + name: \"external-redis-sentinel\" - name: \"postgres-cluster\" + clusterServiceSelector: cluster: \"my-postgres-cluster\" service: + component: \"postgresql\" ``` The example above includes ServiceRefs + to an external Redis Sentinel service and a PostgreSQL Cluster." + items: + properties: + cluster: + description: "Specifies the name of the KubeBlocks Cluster + being referenced. This is used when services from another + KubeBlocks Cluster are consumed. \n By default, the + referenced KubeBlocks Cluster's `clusterDefinition.spec.connectionCredential` + will be utilized to bind to the current Component. This + credential should include: `endpoint`, `port`, `username`, + and `password`. \n Note: \n - The `ServiceKind` and + `ServiceVersion` specified in the service reference + within the ClusterDefinition are not validated when + using this approach. - If both `cluster` and `serviceDescriptor` + are present, `cluster` will take precedence. \n Deprecated + since v0.9 since `clusterDefinition.spec.connectionCredential` + is deprecated, use `clusterServiceSelector` instead. + This field is maintained for backward compatibility + and its use is discouraged. Existing usage should be + updated to the current preferred approach to avoid compatibility + issues in future releases." + type: string + clusterServiceSelector: + description: References a service provided by another + KubeBlocks Cluster. It specifies the ClusterService + and the account credentials needed for access. + properties: + cluster: + description: The name of the Cluster being referenced. + type: string + credential: + description: Specifies the SystemAccount to authenticate + and establish a connection with the referenced Cluster. + The SystemAccount should be defined in `componentDefinition.spec.systemAccounts` + of the Component providing the service in the referenced + Cluster. + properties: + component: + description: The name of the Component where the + credential resides in. + type: string + name: + description: The name of the credential (SystemAccount) + to reference. + type: string + required: + - component + - name + type: object + service: + description: Identifies a ClusterService from the + list of Services defined in `cluster.spec.services` + of the referenced Cluster. + properties: + component: + description: "The name of the Component where + the Service resides in. \n It is required when + referencing a Component's Service." + type: string + port: + description: "The port name of the Service to + be referenced. \n If there is a non-zero node-port + exist for the matched Service port, the node-port + will be selected first. \n If the referenced + Service is of pod-service type (a Service per + Pod), there will be multiple Service objects + matched, and the resolved value will be presented + in the following format: service1.name:port1,service2.name:port2..." + type: string + service: + description: "The name of the Service to be referenced. + \n Leave it empty to reference the default Service. + Set it to \"headless\" to reference the default + headless Service. \n If the referenced Service + is of pod-service type (a Service per Pod), + there will be multiple Service objects matched, + and the resolved value will be presented in + the following format: service1.name,service2.name..." + type: string + required: + - service + type: object + required: + - cluster + type: object + name: + description: "Specifies the identifier of the service + reference declaration. It corresponds to the serviceRefDeclaration + name defined in either: \n - `componentDefinition.spec.serviceRefDeclarations[*].name` + - `clusterDefinition.spec.componentDefs[*].serviceRefDeclarations[*].name` + (deprecated)" + type: string + namespace: + description: Specifies the namespace of the referenced + Cluster or the namespace of the referenced ServiceDescriptor + object. If not provided, the referenced Cluster and + ServiceDescriptor will be searched in the namespace + of the current Cluster by default. + type: string + serviceDescriptor: + description: "Specifies the name of the ServiceDescriptor + object that describes a service provided by external + sources. \n When referencing a service provided by external + sources, a ServiceDescriptor object is required to establish + the service binding. The `serviceDescriptor.spec.serviceKind` + and `serviceDescriptor.spec.serviceVersion` should match + the serviceKind and serviceVersion declared in the definition. + \n If both `cluster` and `serviceDescriptor` are specified, + the `cluster` takes precedence." + type: string + required: + - name + type: object + type: array + serviceVersion: + description: ServiceVersion specifies the version of the Service + expected to be provisioned by this Component. The version + should follow the syntax and semantics of the "Semantic Versioning" + specification (http://semver.org/). If no version is specified, + the latest available version will be used. + maxLength: 32 + type: string + services: + description: Overrides services defined in referenced ComponentDefinition + and expose endpoints that can be accessed by clients. + items: + properties: + annotations: + additionalProperties: + type: string + description: 'If ServiceType is LoadBalancer, cloud provider + related parameters can be put here. More info: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer.' + type: object + name: + description: References the ComponentService name defined + in the `componentDefinition.spec.services[*].name`. + maxLength: 25 + type: string + podService: + description: Indicates whether to generate individual + Services for each Pod. If set to true, a separate Service + will be created for each Pod in the Cluster. + type: boolean + serviceType: + default: ClusterIP + description: "Determines how the Service is exposed. Valid + options are `ClusterIP`, `NodePort`, and `LoadBalancer`. + \n - `ClusterIP` allocates a Cluster-internal IP address + for load-balancing to endpoints. Endpoints are determined + by the selector or if that is not specified, they are + determined by manual construction of an Endpoints object + or EndpointSlice objects. - `NodePort` builds on ClusterIP + and allocates a port on every node which routes to the + same endpoints as the ClusterIP. - `LoadBalancer` builds + on NodePort and creates an external load-balancer (if + supported in the current cloud) which routes to the + same endpoints as the ClusterIP. \n Note: although K8s + Service type allows the 'ExternalName' type, it is not + a valid option for ClusterComponentService. \n For more + info, see: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types." + enum: + - ClusterIP + - NodePort + - LoadBalancer + type: string + x-kubernetes-preserve-unknown-fields: true + required: + - name + type: object + type: array + switchPolicy: + description: "Defines the strategy for switchover and failover + when workloadType is Replication. \n Deprecated since v0.9. + This field is maintained for backward compatibility and its + use is discouraged. Existing usage should be updated to the + current preferred approach to avoid compatibility issues in + future releases." + properties: + type: + default: Noop + description: Type specifies the type of switch policy to + be applied. + enum: + - Noop + type: string + type: object + tls: + description: A boolean flag that indicates whether the Component + should use Transport Layer Security (TLS) for secure communication. + When set to true, the Component will be configured to use + TLS encryption for its network connections. This ensures that + the data transmitted between the Component and its clients + or other Components is encrypted and protected from unauthorized + access. If TLS is enabled, the Component may require additional + configuration, such as specifying TLS certificates and keys, + to properly set up the secure communication channel. + type: boolean + tolerations: + description: "Allows Pods to be scheduled onto nodes with matching + taints. Each toleration in the array allows the Pod to tolerate + node taints based on specified `key`, `value`, `effect`, and + `operator`. \n - The `key`, `value`, and `effect` identify + the taint that the toleration matches. - The `operator` determines + how the toleration matches the taint. \n Pods with matching + tolerations are allowed to be scheduled on tainted nodes, + typically reserved for specific purposes. \n Deprecated since + v0.10, replaced by the `schedulingPolicy` field." + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + x-kubernetes-preserve-unknown-fields: true + updateStrategy: + description: "Defines the update strategy for the Component. + \n Deprecated since v0.9. This field is maintained for backward + compatibility and its use is discouraged. Existing usage should + be updated to the current preferred approach to avoid compatibility + issues in future releases." + enum: + - Serial + - BestEffortParallel + - Parallel + type: string + userResourceRefs: + description: "Allows users to specify custom ConfigMaps and + Secrets to be mounted as volumes in the Cluster's Pods. This + is useful in scenarios where users need to provide additional + resources to the Cluster, such as: \n - Mounting custom scripts + or configuration files during Cluster startup. - Mounting + Secrets as volumes to provide sensitive information, like + S3 AK/SK, to the Cluster." + properties: + configMapRefs: + description: ConfigMapRefs defines the user-defined ConfigMaps. + items: + description: ConfigMapRef defines a reference to a ConfigMap. + properties: + asVolumeFrom: + description: AsVolumeFrom lists the names of containers + in which the volume should be mounted. + items: + type: string + type: array + x-kubernetes-list-type: set + configMap: + description: ConfigMap specifies the ConfigMap to + be mounted as a volume. + properties: + defaultMode: + description: 'defaultMode is optional: mode bits + used to set permissions on created files by + default. Must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + Defaults to 0644. Directories within the path + are not affected by this setting. This might + be in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the ConfigMap, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + mountPoint: + description: MountPoint is the filesystem path where + the volume will be mounted. + maxLength: 256 + pattern: ^/[a-z]([a-z0-9\-]*[a-z0-9])?$ + type: string + name: + description: Name is the name of the referenced ConfigMap + or Secret object. It must conform to DNS label standards. + maxLength: 63 + pattern: ^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$ + type: string + subPath: + description: SubPath specifies a path within the volume + from which to mount. + type: string + required: + - configMap + - mountPoint + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + secretRefs: + description: SecretRefs defines the user-defined Secrets. + items: + description: SecretRef defines a reference to a Secret. + properties: + asVolumeFrom: + description: AsVolumeFrom lists the names of containers + in which the volume should be mounted. + items: + type: string + type: array + x-kubernetes-list-type: set + mountPoint: + description: MountPoint is the filesystem path where + the volume will be mounted. + maxLength: 256 + pattern: ^/[a-z]([a-z0-9\-]*[a-z0-9])?$ + type: string + name: + description: Name is the name of the referenced ConfigMap + or Secret object. It must conform to DNS label standards. + maxLength: 63 + pattern: ^[a-z0-9]([a-z0-9\.\-]*[a-z0-9])?$ + type: string + secret: + description: Secret specifies the Secret to be mounted + as a volume. + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits + used to set permissions on created files by + default. Must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. + Defaults to 0644. Directories within the path + are not affected by this setting. This might + be in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the Secret, the volume setup + will error unless it is marked optional. Paths + must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the + Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret + in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + subPath: + description: SubPath specifies a path within the volume + from which to mount. + type: string + required: + - mountPoint + - name + - secret + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + volumeClaimTemplates: + description: Specifies a list of PersistentVolumeClaim templates + that represent the storage requirements for the Component. + Each template specifies the desired characteristics of a persistent + volume, such as storage class, size, and access modes. These + templates are used to dynamically provision persistent volumes + for the Component. + items: + properties: + name: + description: "Refers to the name of a volumeMount defined + in either: \n - `componentDefinition.spec.runtime.containers[*].volumeMounts` + - `clusterDefinition.spec.componentDefs[*].podSpec.containers[*].volumeMounts` + (deprecated) \n The value of `name` must match the `name` + field of a volumeMount specified in the corresponding + `volumeMounts` array." + type: string + spec: + description: "Defines the desired characteristics of a + PersistentVolumeClaim that will be created for the volume + with the mount name specified in the `name` field. \n + When a Pod is created for this ClusterComponent, a new + PVC will be created based on the specification defined + in the `spec` field. The PVC will be associated with + the volume mount specified by the `name` field." + properties: + accessModes: + description: 'Contains the desired access modes the + volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1.' + items: + type: string + type: array + x-kubernetes-preserve-unknown-fields: true + resources: + description: 'Represents the minimum resources the + volume should have. If the RecoverVolumeExpansionFailure + feature is enabled, users are allowed to specify + resource requirements that are lower than the previous + value but must still be higher than the capacity + recorded in the status field of the claim. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources.' + properties: + claims: + description: "Claims lists the names of resources, + defined in spec.resourceClaims, that are used + by this container. \n This is an alpha field + and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It + can only be set for containers." + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of + one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes + that resource available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. Requests cannot + exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + x-kubernetes-preserve-unknown-fields: true + storageClassName: + description: 'The name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1.' + type: string + volumeMode: + description: Defines what type of volume is required + by the claim, either Block or Filesystem. + type: string + type: object + required: + - name + type: object + type: array + required: + - replicas + type: object + maxItems: 128 + minItems: 1 + type: array + x-kubernetes-validations: + - message: duplicated component + rule: self.all(x, size(self.filter(c, c.name == x.name)) == 1) + - message: two kinds of definition API can not be used simultaneously + rule: self.all(x, size(self.filter(c, has(c.componentDef))) == 0) + || self.all(x, size(self.filter(c, has(c.componentDef))) == size(self)) + network: + description: "The configuration of network. \n Deprecated since v0.9. + This field is maintained for backward compatibility and its use + is discouraged. Existing usage should be updated to the current + preferred approach to avoid compatibility issues in future releases." + properties: + hostNetworkAccessible: + default: false + description: Indicates whether the host network can be accessed. + By default, this is set to false. + type: boolean + publiclyAccessible: + default: false + description: Indicates whether the network is accessible to the + public. By default, this is set to false. + type: boolean + type: object + replicas: + description: "Specifies the replicas of the first componentSpec, if + the replicas of the first componentSpec is specified, this value + will be ignored. \n Deprecated since v0.9. This field is maintained + for backward compatibility and its use is discouraged. Existing + usage should be updated to the current preferred approach to avoid + compatibility issues in future releases." + format: int32 + type: integer + resources: + description: "Specifies the resources of the first componentSpec, + if the resources of the first componentSpec is specified, this value + will be ignored. \n Deprecated since v0.9. This field is maintained + for backward compatibility and its use is discouraged. Existing + usage should be updated to the current preferred approach to avoid + compatibility issues in future releases." + properties: + cpu: + anyOf: + - type: integer + - type: string + description: 'Specifies the amount of CPU resource the Cluster + needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + memory: + anyOf: + - type: integer + - type: string + description: 'Specifies the amount of memory resource the Cluster + needs. For more information, refer to: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + runtimeClassName: + description: Specifies runtimeClassName for all Pods managed by this + Cluster. + type: string + schedulingPolicy: + description: Specifies the scheduling policy for the Cluster. + properties: + affinity: + description: Specifies a group of affinity scheduling rules of + the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + nodeName: + description: NodeName is a request to schedule this Pod onto a + specific node. If it is non-empty, the scheduler simply schedules + this Pod onto that node, assuming that it fits resource requirements. + type: string + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must be true for + the Pod to fit on a node. Selector which must match a node''s + labels for the Pod to be scheduled on that node. More info: + https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + x-kubernetes-map-type: atomic + schedulerName: + description: If specified, the Pod will be dispatched by specified + scheduler. If not specified, the Pod will be dispatched by default + scheduler. + type: string + tolerations: + description: "Allows Pods to be scheduled onto nodes with matching + taints. Each toleration in the array allows the Pod to tolerate + node taints based on specified `key`, `value`, `effect`, and + `operator`. \n - The `key`, `value`, and `effect` identify the + taint that the toleration matches. - The `operator` determines + how the toleration matches the taint. \n Pods with matching + tolerations are allowed to be scheduled on tainted nodes, typically + reserved for specific purposes." + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: TopologySpreadConstraints describes how a group of + Pods ought to spread across topology domains. Scheduler will + schedule Pods in a way which abides by the constraints. All + topologySpreadConstraints are ANDed. + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine + the number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys + to select the pods over which spreading will be calculated. + The keys are used to lookup values from the incoming pod + labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading + will be calculated for the incoming pod. The same key + is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't + set. Keys that don't exist in the incoming pod labels + will be ignored. A null or empty list means only match + against labelSelector. \n This is a beta field and requires + the MatchLabelKeysInPodTopologySpread feature gate to + be enabled (enabled by default)." + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: description: 'MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number @@ -6579,6 +8508,15 @@ spec: type: string type: object type: array + disableExporter: + description: "Determines whether metrics exporter information + is annotated on the Component's headless Service. \n If + set to true, the following annotations will not be patched + into the Service: \n - \"monitor.kubeblocks.io/path\" + - \"monitor.kubeblocks.io/port\" - \"monitor.kubeblocks.io/scheme\" + \n These annotations allow the Prometheus installed by + KubeBlocks to discover and scrape metrics from the exporter." + type: boolean enabledLogs: description: "Specifies which types of logs should be collected for the Component. The log types are defined in the `componentDefinition.spec.logConfigs` @@ -7812,598 +9750,2176 @@ spec: resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes - the minimum amount of compute - resources required. If Requests - is omitted for a container, - it defaults to Limits if that - is explicitly specified, otherwise - to an implementation-defined - value. Requests cannot exceed - Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes + the minimum amount of compute + resources required. If Requests + is omitted for a container, + it defaults to Limits if that + is explicitly specified, otherwise + to an implementation-defined + value. Requests cannot exceed + Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label + query over volumes to consider + for binding. + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: A label selector + requirement is a selector + that contains values, a + key, and an operator that + relates the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator + represents a key's relationship + to a set of values. + Valid operators are + In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is + an array of string values. + If the operator is In + or NotIn, the values + array must be non-empty. + If the operator is Exists + or DoesNotExist, the + values array must be + empty. This array is + replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is + the name of the StorageClass required + by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines + what type of volume is required + by the claim. Value of Filesystem + is implied when not included in + claim spec. + type: string + volumeName: + description: volumeName is the binding + reference to the PersistentVolume + backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine + and then exposed to the pod. + properties: + fsType: + description: 'fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. TODO: how do + we prevent errors in the filesystem from + compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target + lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC + target worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume + world wide identifiers (wwids) Either + wwids or combination of targetWWNs and + lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic + volume resource that is provisioned/attached + using an exec based plugin. + properties: + driver: + description: driver is the name of the driver + to use for this volume. + type: string + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". The default filesystem + depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this + field holds extra command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults + to false (read/write). ReadOnly here will + force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef + is reference to the secret object containing + sensitive information to pass to the plugin + scripts. This may be empty if no secret + object is specified. If the secret object + contains more than one secret, all secrets + are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume + attached to a kubelet's host machine. This + depends on the Flocker control service being + running + properties: + datasetName: + description: datasetName is Name of the + dataset stored as metadata -> name on + the dataset for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of + the dataset. This is unique identifier + of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a + GCE Disk resource that is attached to a kubelet''s + host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + partition: + description: 'partition is the partition + in the volume that you want to mount. + If omitted, the default is to mount by + volume name. Examples: For volume /dev/sda1, + you specify the partition as "1". Similarly, + the volume partition for /dev/sda is "0" + (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the + PD resource in GCE. Used to identify the + disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository + at a particular revision. DEPRECATED: GitRepo + is deprecated. To provision a container with + a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount + the EmptyDir into the Pod''s container.' + properties: + directory: + description: directory is the target directory + name. Must not contain or start with '..'. If + '.' is supplied, the volume directory + will be the git repository. Otherwise, + if specified, the volume will contain + the git repository in the subdirectory + with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash + for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs + mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint + name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume + path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the + Glusterfs volume to be mounted with read-only + permissions. Defaults to false. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing + file or directory on the host machine that + is directly exposed to the container. This + is generally used for system agents or other + privileged things that are allowed to see + the host machine. Most containers will NOT + need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who + can use host directory mounts and who can/can + not mount host directories as read/write.' + properties: + path: + description: 'path of the directory on the + host. If the path is a symlink, it will + follow the link to the real path. More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults + to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk + resource that is attached to a kubelet''s + host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether + support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether + support iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom + iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, + new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface + Name that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target + Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target + Portal List. The portal is either an IP + or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret + for iSCSI target and initiator authentication + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target + Portal. The Portal is either an IP or + ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a + DNS_LABEL and unique within the pod. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on + the host that shares a pod''s lifetime More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the + NFS export to be mounted with read-only + permissions. Defaults to false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or + IP address of the NFS server. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource + represents a reference to a PersistentVolumeClaim + in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a + PersistentVolumeClaim in the same namespace + as the pod using this volume. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly + setting in VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents + a PhotonController persistent disk attached + and mounted on kubelets host machine + properties: + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies + Photon Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx + volume attached and mounted on kubelets host + machine + properties: + fsType: + description: fSType represents the filesystem + type to mount Must be a filesystem type + supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred + to be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies + a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one + resources secrets, configmaps, and downward + API + properties: + defaultMode: + description: defaultMode are the mode bits + used to set permissions on created files + by default. Must be an octal value between + 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and + decimal values, JSON requires decimal + values for mode bits. Directories within + the path are not affected by this setting. + This might be in conflict with other options + that affect the file mode, like fsGroup, + and the result can be other mode bits + set. + format: int32 + type: integer + sources: + description: sources is the list of volume + projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + configMap: + description: configMap information + about the configMap data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced ConfigMap + will be projected into the volume + as a file whose name is the + key and content is the value. + If specified, the listed keys + will be projected into the specified + paths, and unlisted keys will + not be present. If a key is + specified which is not present + in the ConfigMap, the volume + setup will error unless it is + marked optional. Paths must + be relative and may not contain + the '..' path or start with + '..'. + items: + description: Maps a string key + to a path within a volume. + properties: + key: + description: key is the + key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set + permissions on this file. + Must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: path is the + relative path of the file + to map the key to. May + not be an absolute path. + May not contain the path + element '..'. May not + start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: optional specify + whether the ConfigMap or its + keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information + about the downwardAPI data to project + properties: + items: + description: Items is a list of + DownwardAPIVolume file + items: + description: DownwardAPIVolumeFile + represents information to + create the file containing + the pod field + properties: + fieldRef: + description: 'Required: + Selects a field of the + pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version + of the schema the + FieldPath is written + in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of + the field to select + in the specified API + version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: + mode bits used to set + permissions on this file, + must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: + Path is the relative + path name of the file + to be created. Must not + be absolute or contain + the ''..'' path. Must + be utf-8 encoded. The + first item of the relative + path must not start with + ''..''' + type: string + resourceFieldRef: + description: 'Selects a + resource of the container: + only resources limits + and requests (limits.cpu, + limits.memory, requests.cpu + and requests.memory) are + currently supported.' + properties: + containerName: + description: 'Container + name: required for + volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies + the output format + of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about + the secret data to project + properties: + items: + description: items if unspecified, + each key-value pair in the Data + field of the referenced Secret + will be projected into the volume + as a file whose name is the + key and content is the value. + If specified, the listed keys + will be projected into the specified + paths, and unlisted keys will + not be present. If a key is + specified which is not present + in the Secret, the volume setup + will error unless it is marked + optional. Paths must be relative + and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key + to a path within a volume. + properties: + key: + description: key is the + key to project. + type: string + mode: + description: 'mode is Optional: + mode bits used to set + permissions on this file. + Must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. YAML accepts + both octal and decimal + values, JSON requires + decimal values for mode + bits. If not specified, + the volume defaultMode + will be used. This might + be in conflict with other + options that affect the + file mode, like fsGroup, + and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: path is the + relative path of the file + to map the key to. May + not be an absolute path. + May not contain the path + element '..'. May not + start with the string + '..'. + type: string + required: + - key + - path type: object - type: object - selector: - description: selector is a label - query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - items: - description: A label selector - requirement is a selector - that contains values, a - key, and an operator that - relates the key and values. - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator - represents a key's relationship - to a set of values. - Valid operators are - In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is - an array of string values. - If the operator is In - or NotIn, the values - array must be non-empty. - If the operator is Exists - or DoesNotExist, the - values array must be - empty. This array is - replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: + type: array + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: optional field specify + whether the Secret or its key + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is + information about the serviceAccountToken + data to project + properties: + audience: + description: audience is the intended + audience of the token. A recipient + of a token must identify itself + with an identifier specified + in the audience of the token, + and otherwise should reject + the token. The audience defaults + to the identifier of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds + is the requested duration of + validity of the service account + token. As the token approaches + expiration, the kubelet volume + plugin will proactively rotate + the service account token. The + kubelet will start trying to + rotate the token if the token + is older than 80 percent of + its time to live or if the token + is older than 24 hours.Defaults + to 1 hour and must be at least + 10 minutes. + format: int64 + type: integer + path: + description: path is the path + relative to the mount point + of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount + on the host that shares a pod's lifetime + properties: + group: + description: group to map volume access + to Default is no group + type: string + readOnly: + description: readOnly here will force the + Quobyte volume to be mounted with read-only + permissions. Defaults to false. + type: boolean + registry: + description: registry represents a single + or multiple Quobyte Registry services + specified as a string as host:port pair + (multiple entries are separated with commas) + which acts as the central registry for + volumes + type: string + tenant: + description: tenant owning the given Quobyte + volume in the Backend Used with dynamically + provisioned Quobyte volumes, value is + set by the plugin + type: string + user: + description: user to map volume access to + Defaults to serivceaccount user + type: string + volume: + description: volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device + mount on the host that shares a pod''s lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type + of the volume that you want to mount. + Tip: Ensure that the filesystem type is + supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + image: + description: 'image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key + ring for RBDUser. Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of + Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. + Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the + ReadOnly setting in VolumeMounts. Defaults + to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication + secret for RBDUser. If provided overrides + keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. + Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address + of the ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name + of the ScaleIO Protection Domain for the + configured storage. + type: string + readOnly: + description: readOnly Defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the + secret for ScaleIO user and other sensitive + information. If this is not provided, + Login operation will fail. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable + SSL communication with Gateway, default + false + type: boolean + storageMode: + description: storageMode indicates whether + the storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO + Storage Pool associated with the protection + domain. + type: string + system: + description: system is the name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a + volume already created in the ScaleIO + system that is associated with this volume + source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that + should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode + bits used to set permissions on created + files by default. Must be an octal value + between 0000 and 0777 or a decimal value + between 0 and 511. YAML accepts both octal + and decimal values, JSON requires decimal + values for mode bits. Defaults to 0644. + Directories within the path are not affected + by this setting. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each + key-value pair in the Data field of the + referenced Secret will be projected into + the volume as a file whose name is the + key and content is the value. If specified, + the listed keys will be projected into + the specified paths, and unlisted keys + will not be present. If a key is specified + which is not present in the Secret, the + volume setup will error unless it is marked + optional. Paths must be relative and may + not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path + within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode + bits used to set permissions on + this file. Must be an octal value + between 0000 and 0777 or a decimal + value between 0 and 511. YAML accepts + both octal and decimal values, JSON + requires decimal values for mode + bits. If not specified, the volume + defaultMode will be used. This might + be in conflict with other options + that affect the file mode, like + fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: path is the relative + path of the file to map the key + to. May not be an absolute path. + May not contain the path element + '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether + the Secret or its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of + the secret in the pod''s namespace to + use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: fsType is the filesystem type + to mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + readOnly: + description: readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret + to use for obtaining the StorageOS API + credentials. If not specified, default + values will be attempted. + properties: + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable + name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the + scope of the volume within StorageOS. If + no namespace is specified then the Pod's + namespace will be used. This allows the + Kubernetes name scoping to be mirrored + within StorageOS for tighter integration. + Set VolumeName to any name to override + the default behaviour. Set to "default" + if you are not using namespaces within + StorageOS. Namespaces that do not pre-exist + within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere + volume attached and mounted on kubelets host + machine + properties: + fsType: + description: fsType is filesystem type to + mount. Must be a filesystem type supported + by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage + Policy Based Management (SPBM) profile + ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage + Policy Based Management (SPBM) profile + name. + type: string + volumePath: + description: volumePath is the path that + identifies vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + issuer: + description: Specifies the configuration for the TLS certificates + issuer. It allows defining the issuer name and the reference + to the secret containing the TLS certificates and key. + The secret should contain the CA certificate, TLS certificate, + and private key in the specified keys. Required when TLS + is enabled. + properties: + name: + allOf: + - enum: + - KubeBlocks + - UserProvided + - enum: + - KubeBlocks + - UserProvided + default: KubeBlocks + description: "The issuer for TLS certificates. It only + allows two enum values: `KubeBlocks` and `UserProvided`. + \n - `KubeBlocks` indicates that the self-signed TLS + certificates generated by the KubeBlocks Operator + will be used. - `UserProvided` means that the user + is responsible for providing their own CA, Cert, and + Key. In this case, the user-provided CA certificate, + server certificate, and private key will be used for + TLS communication." + type: string + secretRef: + description: SecretRef is the reference to the secret + that contains user-provided certificates. It is required + when the issuer is set to `UserProvided`. + properties: + ca: + description: Key of CA cert in Secret + type: string + cert: + description: Key of Cert in Secret + type: string + key: + description: Key of TLS private key in Secret + type: string + name: + description: Name of the Secret that contains user-provided + certificates. + type: string + required: + - ca + - cert + - key + - name + type: object + required: + - name + type: object + metricsStoreIntegration: + description: It supports prometheus/victoriametrics operator. + properties: + serviceMonitorTemplate: + description: "Specifies the ServiceMonitor template + used in the Component. \n Example usage: ```yaml name: + prometheus-scrape namespace: default labels: k8s-app: + node-exporter serviceMonitorTemplate: selector: matchLabels: + app: app-exporter k8s-app: app-exporter endpoints: + - port: metrics_port jobLabel: k8s-app ```" + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + serviceMonitorSpec: + description: ServiceMonitorSpec contains specification + parameters for a ServiceMonitor + properties: + attachMetadata: + description: "`attachMetadata` defines additional + metadata which is added to the discovered + targets. \n It requires Prometheus >= v2.37.0." + properties: + node: + description: When set to true, Prometheus + must have the `get` permission on the + `Nodes` objects. + type: boolean + type: object + endpoints: + description: List of endpoints part of this + ServiceMonitor. + items: + description: Endpoint defines an endpoint + serving Prometheus metrics to be scraped + by Prometheus. + properties: + authorization: + description: "`authorization` configures + the Authorization header credentials + to use when scraping the target. \n + Cannot be set at the same time as `basicAuth`, + or `oauth2`." + properties: + credentials: + description: Selects a key of a Secret + in the namespace that contains the + credentials for authentication. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication + type. The value is case-insensitive. + \n \"Basic\" is not a supported + value. \n Default: \"Bearer\"" + type: string + type: object + basicAuth: + description: "`basicAuth` configures the + Basic Authentication credentials to + use when scraping the target. \n Cannot + be set at the same time as `authorization`, + or `oauth2`." + properties: + password: + description: '`password` specifies + a key of a Secret containing the + password for authentication.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies + a key of a Secret containing the + username for authentication.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: "File to read bearer token + for scraping the target. \n Deprecated: + use `authorization` instead." + type: string + bearerTokenSecret: + description: "`bearerTokenSecret` specifies + a key of a Secret containing the bearer + token for scraping targets. The secret + needs to be in the same namespace as + the ServiceMonitor object and readable + by the Prometheus Operator. \n Deprecated: + use `authorization` instead." + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + enableHttp2: + description: '`enableHttp2` can be used + to disable HTTP2 when scraping the target.' + type: boolean + filterRunning: + description: "When true, the pods which + are not running (e.g. either in Failed + or Succeeded state) are dropped during + the target discovery. \n If unset, the + filtering is enabled. \n More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" + type: boolean + followRedirects: + description: '`followRedirects` defines + whether the scrape requests should follow + HTTP 3xx redirects.' + type: boolean + honorLabels: + description: When true, `honorLabels` + preserves the metric's labels when they + collide with the target's labels. + type: boolean + honorTimestamps: + description: '`honorTimestamps` controls + whether Prometheus preserves the timestamps + when exposed by the target.' + type: boolean + interval: + description: "Interval at which Prometheus + scrapes the metrics from the target. + \n If empty, Prometheus uses the global + scrape interval." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + metricRelabelings: + description: '`metricRelabelings` configures + the relabeling rules to apply to the + samples before ingestion.' + items: + description: "RelabelConfig allows dynamic + rewriting of the label set for targets, + alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform + based on the regex matching. \n + `Uppercase` and `Lowercase` actions + require Prometheus >= v2.36.0. + `DropEqual` and `KeepEqual` actions + require Prometheus >= v2.41.0. + \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of + the hash of the source label values. + \n Only applicable when the action + is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression + against which the extracted value + is matched. + type: string + replacement: + description: "Replacement value + against which a Replace action + is performed if the regular expression + matches. \n Regex capture groups + are available." + type: string + separator: + description: Separator is the string + between concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using + the configured Separator and matched + against the configured regular + expression. + items: + description: LabelName is a valid + Prometheus label name which + may only contain ASCII letters, + numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the + resulting string is written in + a replacement. \n It is mandatory + for `Replace`, `HashMod`, `Lowercase`, + `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups + are available." + type: string + type: object + type: array + oauth2: + description: "`oauth2` configures the + OAuth2 settings to use when scraping + the target. \n It requires Prometheus + >= 2.27.0. \n Cannot be set at the same + time as `authorization`, or `basicAuth`." + properties: + clientId: + description: '`clientId` specifies + a key of a Secret or ConfigMap containing + the OAuth2 client''s ID.' + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. type: string - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in the - matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: 'storageClassName is - the name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies + a key of a Secret containing the + OAuth2 client''s secret.' + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures + the HTTP parameters to append to + the token URL.' + type: object + scopes: + description: '`scopes` defines the + OAuth2 scopes used for the token + request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures + the URL to fetch the token from.' + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + params: + additionalProperties: + items: + type: string + type: array + description: params define optional HTTP + URL parameters. + type: object + path: + description: "HTTP path from which to + scrape for metrics. \n If empty, Prometheus + uses the default value (e.g. `/metrics`)." + type: string + port: + description: "Name of the Service port + which this endpoint refers to. \n It + takes precedence over `targetPort`." + type: string + proxyUrl: + description: '`proxyURL` configures the + HTTP Proxy URL (e.g. "http://proxyserver:2195") + to go through when scraping the target.' + type: string + relabelings: + description: "`relabelings` configures + the relabeling rules to apply the target's + metadata labels. \n The Operator automatically + adds relabelings for a few standard + Kubernetes fields. \n The original scrape + job's name is available via the `__tmp_prometheus_job_name` + label. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + items: + description: "RelabelConfig allows dynamic + rewriting of the label set for targets, + alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform + based on the regex matching. \n + `Uppercase` and `Lowercase` actions + require Prometheus >= v2.36.0. + `DropEqual` and `KeepEqual` actions + require Prometheus >= v2.41.0. + \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of + the hash of the source label values. + \n Only applicable when the action + is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression + against which the extracted value + is matched. type: string - volumeMode: - description: volumeMode defines - what type of volume is required - by the claim. Value of Filesystem - is implied when not included in - claim spec. + replacement: + description: "Replacement value + against which a Replace action + is performed if the regular expression + matches. \n Regex capture groups + are available." type: string - volumeName: - description: volumeName is the binding - reference to the PersistentVolume - backing this claim. + separator: + description: Separator is the string + between concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using + the configured Separator and matched + against the configured regular + expression. + items: + description: LabelName is a valid + Prometheus label name which + may only contain ASCII letters, + numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the + resulting string is written in + a replacement. \n It is mandatory + for `Replace`, `HashMod`, `Lowercase`, + `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups + are available." type: string type: object - required: - - spec - type: object - type: object - fc: - description: fc represents a Fibre Channel resource - that is attached to a kubelet's host machine - and then exposed to the pod. - properties: - fsType: - description: 'fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. TODO: how do - we prevent errors in the filesystem from - compromising the machine' - type: string - lun: - description: 'lun is Optional: FC target - lun number' - format: int32 - type: integer - readOnly: - description: 'readOnly is Optional: Defaults - to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'targetWWNs is Optional: FC - target worldwide names (WWNs)' - items: - type: string - type: array - wwids: - description: 'wwids Optional: FC volume - world wide identifiers (wwids) Either - wwids or combination of targetWWNs and - lun must be set, but not both simultaneously.' - items: + type: array + scheme: + description: "HTTP scheme to use for scraping. + \n `http` and `https` are the expected + values unless you rewrite the `__scheme__` + label via relabeling. \n If empty, Prometheus + uses the default value `http`." + enum: + - http + - https type: string - type: array - type: object - flexVolume: - description: flexVolume represents a generic - volume resource that is provisioned/attached - using an exec based plugin. - properties: - driver: - description: driver is the name of the driver - to use for this volume. - type: string - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem - depends on FlexVolume script. - type: string - options: - additionalProperties: + scrapeTimeout: + description: "Timeout after which Prometheus + considers the scrape to be failed. \n + If empty, Prometheus uses the global + scrape timeout unless it is less than + the target's scrape interval value in + which the latter is used." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ type: string - description: 'options is Optional: this - field holds extra command options if any.' - type: object - readOnly: - description: 'readOnly is Optional: defaults - to false (read/write). ReadOnly here will - force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'secretRef is Optional: secretRef - is reference to the secret object containing - sensitive information to pass to the plugin - scripts. This may be empty if no secret - object is specified. If the secret object - contains more than one secret, all secrets - are passed to the plugin scripts.' - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - driver - type: object - flocker: - description: flocker represents a Flocker volume - attached to a kubelet's host machine. This - depends on the Flocker control service being - running - properties: - datasetName: - description: datasetName is Name of the - dataset stored as metadata -> name on - the dataset for Flocker should be considered - as deprecated - type: string - datasetUUID: - description: datasetUUID is the UUID of - the dataset. This is unique identifier - of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'gcePersistentDisk represents a - GCE Disk resource that is attached to a kubelet''s - host machine and then exposed to the pod. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'fsType is filesystem type - of the volume that you want to mount. - Tip: Ensure that the filesystem type is - supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - partition: - description: 'partition is the partition - in the volume that you want to mount. - If omitted, the default is to mount by - volume name. Examples: For volume /dev/sda1, - you specify the partition as "1". Similarly, - the volume partition for /dev/sda is "0" - (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'pdName is unique name of the - PD resource in GCE. Used to identify the - disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'readOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'gitRepo represents a git repository - at a particular revision. DEPRECATED: GitRepo - is deprecated. To provision a container with - a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount - the EmptyDir into the Pod''s container.' - properties: - directory: - description: directory is the target directory - name. Must not contain or start with '..'. If - '.' is supplied, the volume directory - will be the git repository. Otherwise, - if specified, the volume will contain - the git repository in the subdirectory - with the given name. - type: string - repository: - description: repository is the URL - type: string - revision: - description: revision is the commit hash - for the specified revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'glusterfs represents a Glusterfs - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'endpoints is the endpoint - name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'path is the Glusterfs volume - path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'readOnly here will force the - Glusterfs volume to be mounted with read-only - permissions. Defaults to false. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'hostPath represents a pre-existing - file or directory on the host machine that - is directly exposed to the container. This - is generally used for system agents or other - privileged things that are allowed to see - the host machine. Most containers will NOT - need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who - can use host directory mounts and who can/can - not mount host directories as read/write.' - properties: - path: - description: 'path of the directory on the - host. If the path is a symlink, it will - follow the link to the real path. More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'type for HostPath Volume Defaults - to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'iscsi represents an ISCSI Disk - resource that is attached to a kubelet''s - host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md' + targetPort: + anyOf: + - type: integer + - type: string + description: "Name or number of the target + port of the `Pod` object behind the + Service, the port must be specified + with container port property. \n Deprecated: + use `port` instead." + x-kubernetes-int-or-string: true + tlsConfig: + description: TLS configuration to use + when scraping the target. + properties: + ca: + description: Certificate authority + used when verifying server certificates. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in + the Prometheus container to use + for the targets. + type: string + cert: + description: Client certificate to + present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert + file in the Prometheus container + for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client key + file in the Prometheus container + for the targets. + type: string + keySecret: + description: Secret containing the + client key file for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname + for the targets. + type: string + type: object + trackTimestampsStaleness: + description: "`trackTimestampsStaleness` + defines whether Prometheus tracks staleness + of the metrics that have an explicit + timestamp present in scraped data. Has + no effect if `honorTimestamps` is false. + \n It requires Prometheus >= v2.48.0." + type: boolean + type: object + type: array + jobLabel: + description: "`jobLabel` selects the label from + the associated Kubernetes `Service` object + which will be used as the `job` label for + all metrics. \n For example if `jobLabel` + is set to `foo` and the Kubernetes `Service` + object is labeled with `foo: bar`, then Prometheus + adds the `job=\"bar\"` label to all ingested + metrics. \n If the value of this field is + empty or if the label doesn't exist for the + given Service, the `job` label of the metrics + defaults to the name of the associated Kubernetes + `Service`." + type: string + keepDroppedTargets: + description: "Per-scrape limit on the number + of targets dropped by relabeling that will + be kept in memory. 0 means no limit. \n It + requires Prometheus >= v2.47.0." + format: int64 + type: integer + labelLimit: + description: "Per-scrape limit on number of + labels that will be accepted for a sample. + \n It requires Prometheus >= v2.27.0." + format: int64 + type: integer + labelNameLengthLimit: + description: "Per-scrape limit on length of + labels name that will be accepted for a sample. + \n It requires Prometheus >= v2.27.0." + format: int64 + type: integer + labelValueLengthLimit: + description: "Per-scrape limit on length of + labels value that will be accepted for a sample. + \n It requires Prometheus >= v2.27.0." + format: int64 + type: integer + namespaceSelector: + description: Selector to select which namespaces + the Kubernetes `Endpoints` objects are discovered + from. properties: - chapAuthDiscovery: - description: chapAuthDiscovery defines whether - support iSCSI Discovery CHAP authentication - type: boolean - chapAuthSession: - description: chapAuthSession defines whether - support iSCSI Session CHAP authentication + any: + description: Boolean describing whether + all namespaces are selected in contrast + to a list restricting them. type: boolean - fsType: - description: 'fsType is the filesystem type - of the volume that you want to mount. - Tip: Ensure that the filesystem type is - supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - initiatorName: - description: initiatorName is the custom - iSCSI Initiator Name. If initiatorName - is specified with iscsiInterface simultaneously, - new iSCSI interface : will be created for the connection. - type: string - iqn: - description: iqn is the target iSCSI Qualified - Name. - type: string - iscsiInterface: - description: iscsiInterface is the interface - Name that uses an iSCSI transport. Defaults - to 'default' (tcp). - type: string - lun: - description: lun represents iSCSI Target - Lun number. - format: int32 - type: integer - portals: - description: portals is the iSCSI Target - Portal List. The portal is either an IP - or ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). + matchNames: + description: List of namespace names to + select from. items: type: string type: array - readOnly: - description: readOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. - type: boolean - secretRef: - description: secretRef is the CHAP Secret - for iSCSI target and initiator authentication - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - targetPortal: - description: targetPortal is iSCSI Target - Portal. The Portal is either an IP or - ip_addr:port if the port is other than - default (typically TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'name of the volume. Must be a - DNS_LABEL and unique within the pod. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'nfs represents an NFS mount on - the host that shares a pod''s lifetime More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'path that is exported by the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'readOnly here will force the - NFS export to be mounted with read-only - permissions. Defaults to false. More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'server is the hostname or - IP address of the NFS server. More info: - https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'persistentVolumeClaimVolumeSource - represents a reference to a PersistentVolumeClaim - in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'claimName is the name of a - PersistentVolumeClaim in the same namespace - as the pod using this volume. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: readOnly Will force the ReadOnly - setting in VolumeMounts. Default false. - type: boolean - required: - - claimName type: object - photonPersistentDisk: - description: photonPersistentDisk represents - a PhotonController persistent disk attached - and mounted on kubelets host machine + podTargetLabels: + description: '`podTargetLabels` defines the + labels which are transferred from the associated + Kubernetes `Pod` object onto the ingested + metrics.' + items: + type: string + type: array + sampleLimit: + description: '`sampleLimit` defines a per-scrape + limit on the number of scraped samples that + will be accepted.' + format: int64 + type: integer + selector: + description: Label selector to select the Kubernetes + `Endpoints` objects. properties: - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. - type: string - pdID: - description: pdID is the ID that identifies - Photon Controller persistent disk - type: string - required: - - pdID + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object type: object - portworxVolume: - description: portworxVolume represents a portworx - volume attached and mounted on kubelets host - machine + x-kubernetes-map-type: atomic + targetLabels: + description: '`targetLabels` defines the labels + which are transferred from the associated + Kubernetes `Service` object onto the ingested + metrics.' + items: + type: string + type: array + targetLimit: + description: '`targetLimit` defines a limit + on the number of scraped targets that will + be accepted.' + format: int64 + type: integer + required: + - selector + type: object + type: object + vmMonitorTemplate: + description: "VictoriaMetrics is currently not supported + yet. Specifies the VMServiceScrape template used in + the Component. \n ```yaml name: vm-scrape namespace: + default labels: k8s-app: node-exporter vmServiceScrapeSpec: + selector: matchLabels: app: app-exporter ```" + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + vmServiceScrapeSpec: + description: VMServiceScrapeSpec defines the desired + state of VMServiceScrape + properties: + attach_metadata: + description: AttachMetadata configures metadata + attaching from service discovery properties: - fsType: - description: fSType represents the filesystem - type to mount Must be a filesystem type - supported by the host operating system. - Ex. "ext4", "xfs". Implicitly inferred - to be "ext4" if unspecified. - type: string - readOnly: - description: readOnly defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + node: + description: 'Node instructs vmagent to + add node specific metadata from service + discovery Valid for roles: pod, endpoints, + endpointslice.' type: boolean - volumeID: - description: volumeID uniquely identifies - a Portworx volume - type: string - required: - - volumeID type: object - projected: - description: projected items for all in one - resources secrets, configmaps, and downward - API - properties: - defaultMode: - description: defaultMode are the mode bits - used to set permissions on created files - by default. Must be an octal value between - 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. Directories within - the path are not affected by this setting. - This might be in conflict with other options - that affect the file mode, like fsGroup, - and the result can be other mode bits - set. - format: int32 - type: integer - sources: - description: sources is the list of volume - projections - items: - description: Projection that may be projected - along with other supported volume types + discoveryRole: + description: 'DiscoveryRole - defines kubernetes_sd + role for objects discovery. by default, its + endpoints. can be changed to service or endpointslices. + note, that with service setting, you have + to use port: "name" and cannot use targetPort + for endpoints.' + enum: + - endpoints + - service + - endpointslices + type: string + endpoints: + description: A list of endpoints allowed as + part of this ServiceScrape. + items: + description: Endpoint defines a scrapeable + endpoint serving Prometheus metrics. + properties: + attach_metadata: + description: AttachMetadata configures + metadata attaching from service discovery properties: - configMap: - description: configMap information - about the configMap data to project + node: + description: 'Node instructs vmagent + to add node specific metadata from + service discovery Valid for roles: + pod, endpoints, endpointslice.' + type: boolean + type: object + authorization: + description: Authorization with http header + Authorization + properties: + credentials: + description: Reference to the secret + with value for authorization properties: - items: - description: items if unspecified, - each key-value pair in the Data - field of the referenced ConfigMap - will be projected into the volume - as a file whose name is the - key and content is the value. - If specified, the listed keys - will be projected into the specified - paths, and unlisted keys will - not be present. If a key is - specified which is not present - in the ConfigMap, the volume - setup will error unless it is - marked optional. Paths must - be relative and may not contain - the '..' path or start with - '..'. - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: key is the - key to project. - type: string - mode: - description: 'mode is Optional: - mode bits used to set - permissions on this file. - Must be an octal value - between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts - both octal and decimal - values, JSON requires - decimal values for mode - bits. If not specified, - the volume defaultMode - will be used. This might - be in conflict with other - options that affect the - file mode, like fsGroup, - and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: path is the - relative path of the file - to map the key to. May - not be an absolute path. - May not contain the path - element '..'. May not - start with the string - '..'. - type: string - required: - - key - - path - type: object - type: array + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -8411,185 +11927,68 @@ spec: apiVersion, kind, uid?' type: string optional: - description: optional specify - whether the ConfigMap or its - keys must be defined + description: Specify whether the + Secret or its key must be defined type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - downwardAPI: - description: downwardAPI information - about the downwardAPI data to project + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, + default to bearer + type: string + type: object + basicAuth: + description: 'BasicAuth allow an endpoint + to authenticate over basic authentication + More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: The secret in the service + scrape namespace that contains the + password for authentication. It + must be at them same namespace as + CRD properties: - items: - description: Items is a list of - DownwardAPIVolume file - items: - description: DownwardAPIVolumeFile - represents information to - create the file containing - the pod field - properties: - fieldRef: - description: 'Required: - Selects a field of the - pod: only annotations, - labels, name and namespace - are supported.' - properties: - apiVersion: - description: Version - of the schema the - FieldPath is written - in terms of, defaults - to "v1". - type: string - fieldPath: - description: Path of - the field to select - in the specified API - version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - mode: - description: 'Optional: - mode bits used to set - permissions on this file, - must be an octal value - between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts - both octal and decimal - values, JSON requires - decimal values for mode - bits. If not specified, - the volume defaultMode - will be used. This might - be in conflict with other - options that affect the - file mode, like fsGroup, - and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: - Path is the relative - path name of the file - to be created. Must not - be absolute or contain - the ''..'' path. Must - be utf-8 encoded. The - first item of the relative - path must not start with - ''..''' - type: string - resourceFieldRef: - description: 'Selects a - resource of the container: - only resources limits - and requests (limits.cpu, - limits.memory, requests.cpu - and requests.memory) are - currently supported.' - properties: - containerName: - description: 'Container - name: required for - volumes, optional - for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies - the output format - of the exposed resources, - defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: - resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - required: - - path - type: object - type: array + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key type: object - secret: - description: secret information about - the secret data to project + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile defines + path to password file at disk + type: string + username: + description: The secret in the service + scrape namespace that contains the + username for authentication. It + must be at them same namespace as + CRD properties: - items: - description: items if unspecified, - each key-value pair in the Data - field of the referenced Secret - will be projected into the volume - as a file whose name is the - key and content is the value. - If specified, the listed keys - will be projected into the specified - paths, and unlisted keys will - not be present. If a key is - specified which is not present - in the Secret, the volume setup - will error unless it is marked - optional. Paths must be relative - and may not contain the '..' - path or start with '..'. - items: - description: Maps a string key - to a path within a volume. - properties: - key: - description: key is the - key to project. - type: string - mode: - description: 'mode is Optional: - mode bits used to set - permissions on this file. - Must be an octal value - between 0000 and 0777 - or a decimal value between - 0 and 511. YAML accepts - both octal and decimal - values, JSON requires - decimal values for mode - bits. If not specified, - the volume defaultMode - will be used. This might - be in conflict with other - options that affect the - file mode, like fsGroup, - and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: path is the - relative path of the file - to map the key to. May - not be an absolute path. - May not contain the path - element '..'. May not - start with the string - '..'. - type: string - required: - - key - - path - type: object - type: array + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -8597,453 +11996,997 @@ spec: apiVersion, kind, uid?' type: string optional: - description: optional field specify - whether the Secret or its key - must be defined + description: Specify whether the + Secret or its key must be defined type: boolean + required: + - key type: object x-kubernetes-map-type: atomic - serviceAccountToken: - description: serviceAccountToken is - information about the serviceAccountToken - data to project + type: object + bearerTokenFile: + description: File to read bearer token + for scraping targets. + type: string + bearerTokenSecret: + description: Secret to mount to read bearer + token for scraping targets. The secret + needs to be in the same namespace as + the service scrape and accessible by + the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls + redirects for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's + labels on collisions with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls + whether vmagent respects the timestamps + present in scraped data. + type: boolean + interval: + description: Interval at which metrics + should be scraped + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply + to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic + rewriting of the label set, being + applied to samples before ingestion. + It defines ``-section + of configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based + on regex matching. Default is + 'replace' + type: string + if: + description: 'If represents metricsQL + match expression (or list of expressions): + ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together + with Match for `action: graphite`' + type: object + match: + description: 'Match is used together + with Labels for `action: graphite`' + type: string + modulus: + description: Modulus to take of + the hash of the source label values. + format: int64 + type: integer + regex: + description: Regular expression + against which the extracted value + is matched. Default is '(.*)' + victoriaMetrics supports multiline + regex joined with | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against + which a regex replace is performed + if the regular expression matches. + Regex capture groups are available. + Default is '$1' + type: string + separator: + description: Separator placed between + concatenated source label values. + default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels + - additional form of source labels + source_labels for compatibility + with original relabel config. + if set both sourceLabels and + source_labels, sourceLabels has + priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using + the configured separator and matched + against the configured regular + expression for the replace, keep, + and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel + - additional form of target label + - target_label for compatibility + with original relabel config. + if set both targetLabel and target_label, + targetLabel has priority. for + details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the + resulting value is written in + a replace action. It is mandatory + for replace actions. Regex capture + groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap + containing the OAuth2 client id properties: - audience: - description: audience is the intended - audience of the token. A recipient - of a token must identify itself - with an identifier specified - in the audience of the token, - and otherwise should reject - the token. The audience defaults - to the identifier of the apiserver. + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing + the OAuth2 client secret + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. type: string - expirationSeconds: - description: expirationSeconds - is the requested duration of - validity of the service account - token. As the token approaches - expiration, the kubelet volume - plugin will proactively rotate - the service account token. The - kubelet will start trying to - rotate the token if the token - is older than 80 percent of - its time to live or if the token - is older than 24 hours.Defaults - to 1 hour and must be at least - 10 minutes. - format: int64 - type: integer - path: - description: path is the path - relative to the mount point - of the file to project the token - into. + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines + path for client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append + to the token URL + type: object + scopes: + description: OAuth2 scopes used for + the token request + items: + type: string + type: array + token_url: + description: The URL to fetch the + token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port + this endpoint refers to. Mutually exclusive + with targetPort. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 + Directs scrapes to proxy through this + endpoint. + type: string + relabelConfigs: + description: 'RelabelConfigs to apply + to samples before scraping. More info: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic + rewriting of the label set, being + applied to samples before ingestion. + It defines ``-section + of configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based + on regex matching. Default is + 'replace' + type: string + if: + description: 'If represents metricsQL + match expression (or list of expressions): + ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together + with Match for `action: graphite`' + type: object + match: + description: 'Match is used together + with Labels for `action: graphite`' + type: string + modulus: + description: Modulus to take of + the hash of the source label values. + format: int64 + type: integer + regex: + description: Regular expression + against which the extracted value + is matched. Default is '(.*)' + victoriaMetrics supports multiline + regex joined with | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against + which a regex replace is performed + if the regular expression matches. + Regex capture groups are available. + Default is '$1' + type: string + separator: + description: Separator placed between + concatenated source label values. + default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels + - additional form of source labels + source_labels for compatibility + with original relabel config. + if set both sourceLabels and + source_labels, sourceLabels has + priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select + values from existing labels. Their + content is concatenated using + the configured separator and matched + against the configured regular + expression for the replace, keep, + and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel + - additional form of target label + - target_label for compatibility + with original relabel config. + if set both targetLabel and target_label, + targetLabel has priority. for + details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the + resulting value is written in + a replace action. It is mandatory + for replace actions. Regex capture + groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-endpoint + limit on number of scraped samples that + will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + type: string + scrape_interval: + description: ScrapeInterval is the same + as Interval and has priority over it. + one of scrape_interval or interval can + be used + type: string + scrapeTimeout: + description: Timeout after which the scrape + is ended + type: string + seriesLimit: + description: SeriesLimit defines per-scrape + limit on number of unique time series + a single target can expose during all + the scrapes on the time window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: Name or number of the pod + port this endpoint refers to. Mutually + exclusive with port. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to + use when scraping the endpoint + properties: + ca: + description: Stuct containing the + CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in + the container to use for the targets. + type: string + cert: + description: Struct containing the + client cert file for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert + file in the container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client key + file in the container for the targets. + type: string + keySecret: + description: Secret containing the + client key file for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean required: - - path + - key type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname + for the targets. + type: string type: object - type: array - type: object - quobyte: - description: quobyte represents a Quobyte mount - on the host that shares a pod's lifetime + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics + specific scrape parametrs + properties: + disable_compression: + type: boolean + disable_keep_alive: + description: disable_keepalive allows + disabling HTTP keep-alive when scraping + targets. By default, HTTP keep-alive + is enabled, so TCP connections to + scrape targets could be re-used. + See https://docs.victoriametrics.com/vmagent.html#scrape_config-enhancements + type: boolean + headers: + description: 'Headers allows sending + custom headers to scrape targets + must be in of semicolon separated + header with it''s value eg: headerName: + headerValue vmagent supports since + 1.79.0 version' + items: + type: string + type: array + metric_relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + no_stale_markers: + type: boolean + proxy_client_config: + description: ProxyClientConfig configures + proxy auth settings for scraping + See feature description https://docs.victoriametrics.com/vmagent.html#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an + endpoint to authenticate over + basic authentication + properties: + password: + description: The secret in + the service scrape namespace + that contains the password + for authentication. It must + be at them same namespace + as CRD + properties: + key: + description: The key of + the secret to select + from. Must be a valid + secret key. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile + defines path to password + file at disk + type: string + username: + description: The secret in + the service scrape namespace + that contains the username + for authentication. It must + be at them same namespace + as CRD + properties: + key: + description: The key of + the secret to select + from. Must be a valid + secret key. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector + selects a key of a Secret. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the + referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + description: TLSConfig specifies + TLSConfig configuration parameters. + properties: + ca: + description: Stuct containing + the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap + containing data to use + for the targets. + properties: + key: + description: The key + to select. + type: string + name: + description: 'Name + of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other + useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify + whether the ConfigMap + or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the + targets. + properties: + key: + description: The key + of the secret to + select from. Must + be a valid secret + key. + type: string + name: + description: 'Name + of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other + useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify + whether the Secret + or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA + cert in the container to + use for the targets. + type: string + cert: + description: Struct containing + the client cert file for + the targets. + properties: + configMap: + description: ConfigMap + containing data to use + for the targets. + properties: + key: + description: The key + to select. + type: string + name: + description: 'Name + of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other + useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify + whether the ConfigMap + or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing + data to use for the + targets. + properties: + key: + description: The key + of the secret to + select from. Must + be a valid secret + key. + type: string + name: + description: 'Name + of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other + useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify + whether the Secret + or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client + cert file in the container + for the targets. + type: string + insecureSkipVerify: + description: Disable target + certificate validation. + type: boolean + keyFile: + description: Path to the client + key file in the container + for the targets. + type: string + keySecret: + description: Secret containing + the client key file for + the targets. + properties: + key: + description: The key of + the secret to select + from. Must be a valid + secret key. + type: string + name: + description: 'Name of + the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful + fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify + the hostname for the targets. + type: string + type: object + type: object + relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + type: array + jobLabel: + description: The label to use to retrieve the + job name from. + type: string + namespaceSelector: + description: Selector to select which namespaces + the Endpoints objects are discovered from. properties: - group: - description: group to map volume access - to Default is no group - type: string - readOnly: - description: readOnly here will force the - Quobyte volume to be mounted with read-only - permissions. Defaults to false. + any: + description: Boolean describing whether + all namespaces are selected in contrast + to a list restricting them. type: boolean - registry: - description: registry represents a single - or multiple Quobyte Registry services - specified as a string as host:port pair - (multiple entries are separated with commas) - which acts as the central registry for - volumes - type: string - tenant: - description: tenant owning the given Quobyte - volume in the Backend Used with dynamically - provisioned Quobyte volumes, value is - set by the plugin - type: string - user: - description: user to map volume access to - Defaults to serivceaccount user - type: string - volume: - description: volume is a string that references - an already created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'rbd represents a Rados Block Device - mount on the host that shares a pod''s lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'fsType is the filesystem type - of the volume that you want to mount. - Tip: Ensure that the filesystem type is - supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the - filesystem from compromising the machine' - type: string - image: - description: 'image is the rados image name. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'keyring is the path to key - ring for RBDUser. Default is /etc/ceph/keyring. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'monitors is a collection of - Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + matchNames: + description: List of namespace names. items: type: string type: array - pool: - description: 'pool is the rados pool name. - Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'readOnly here will force the - ReadOnly setting in VolumeMounts. Defaults - to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'secretRef is name of the authentication - secret for RBDUser. If provided overrides - keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - user: - description: 'user is the rados user name. - Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: scaleIO represents a ScaleIO persistent - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: gateway is the host address - of the ScaleIO API Gateway. - type: string - protectionDomain: - description: protectionDomain is the name - of the ScaleIO Protection Domain for the - configured storage. - type: string - readOnly: - description: readOnly Defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef references to the - secret for ScaleIO user and other sensitive - information. If this is not provided, - Login operation will fail. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - sslEnabled: - description: sslEnabled Flag enable/disable - SSL communication with Gateway, default - false - type: boolean - storageMode: - description: storageMode indicates whether - the storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. - type: string - storagePool: - description: storagePool is the ScaleIO - Storage Pool associated with the protection - domain. - type: string - system: - description: system is the name of the storage - system as configured in ScaleIO. - type: string - volumeName: - description: volumeName is the name of a - volume already created in the ScaleIO - system that is associated with this volume - source. - type: string - required: - - gateway - - secretRef - - system type: object - secret: - description: 'secret represents a secret that - should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + podTargetLabels: + description: PodTargetLabels transfers labels + on the Kubernetes Pod onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape + limit on number of scraped samples that will + be accepted. + format: int64 + type: integer + selector: + description: Selector to select Endpoints objects + by corresponding Service labels. properties: - defaultMode: - description: 'defaultMode is Optional: mode - bits used to set permissions on created - files by default. Must be an octal value - between 0000 and 0777 or a decimal value - between 0 and 511. YAML accepts both octal - and decimal values, JSON requires decimal - values for mode bits. Defaults to 0644. - Directories within the path are not affected - by this setting. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can - be other mode bits set.' - format: int32 - type: integer - items: - description: items If unspecified, each - key-value pair in the Data field of the - referenced Secret will be projected into - the volume as a file whose name is the - key and content is the value. If specified, - the listed keys will be projected into - the specified paths, and unlisted keys - will not be present. If a key is specified - which is not present in the Secret, the - volume setup will error unless it is marked - optional. Paths must be relative and may - not contain the '..' path or start with - '..'. + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. items: - description: Maps a string key to a path - within a volume. + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. properties: key: - description: key is the key to project. + description: key is the label key + that the selector applies to. type: string - mode: - description: 'mode is Optional: mode - bits used to set permissions on - this file. Must be an octal value - between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts - both octal and decimal values, JSON - requires decimal values for mode - bits. If not specified, the volume - defaultMode will be used. This might - be in conflict with other options - that affect the file mode, like - fsGroup, and the result can be other - mode bits set.' - format: int32 - type: integer - path: - description: path is the relative - path of the file to map the key - to. May not be an absolute path. - May not contain the path element - '..'. May not start with the string - '..'. + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array required: - key - - path + - operator type: object type: array - optional: - description: optional field specify whether - the Secret or its keys must be defined - type: boolean - secretName: - description: 'secretName is the name of - the secret in the pod''s namespace to - use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: storageOS represents a StorageOS - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: fsType is the filesystem type - to mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. - type: string - readOnly: - description: readOnly defaults to false - (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: secretRef specifies the secret - to use for obtaining the StorageOS API - credentials. If not specified, default - values will be attempted. - properties: - name: - description: 'Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' - type: string + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. type: object - x-kubernetes-map-type: atomic - volumeName: - description: volumeName is the human-readable - name of the StorageOS volume. Volume - names are only unique within a namespace. - type: string - volumeNamespace: - description: volumeNamespace specifies the - scope of the volume within StorageOS. If - no namespace is specified then the Pod's - namespace will be used. This allows the - Kubernetes name scoping to be mirrored - within StorageOS for tighter integration. - Set VolumeName to any name to override - the default behaviour. Set to "default" - if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. - type: string - type: object - vsphereVolume: - description: vsphereVolume represents a vSphere - volume attached and mounted on kubelets host - machine - properties: - fsType: - description: fsType is filesystem type to - mount. Must be a filesystem type supported - by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to - be "ext4" if unspecified. - type: string - storagePolicyID: - description: storagePolicyID is the storage - Policy Based Management (SPBM) profile - ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: storagePolicyName is the storage - Policy Based Management (SPBM) profile - name. - type: string - volumePath: - description: volumePath is the path that - identifies vSphere volume vmdk - type: string - required: - - volumePath type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: SeriesLimit defines per-scrape + limit on number of unique time series a single + target can expose during all the scrapes on + the time window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on + the Kubernetes Service onto the target. + items: + type: string + type: array required: - - name + - endpoints type: object - type: array - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - issuer: - description: Specifies the configuration for the TLS certificates - issuer. It allows defining the issuer name and the reference - to the secret containing the TLS certificates and key. - The secret should contain the CA certificate, TLS certificate, - and private key in the specified keys. Required when TLS - is enabled. - properties: - name: - allOf: - - enum: - - KubeBlocks - - UserProvided - - enum: - - KubeBlocks - - UserProvided - default: KubeBlocks - description: "The issuer for TLS certificates. It only - allows two enum values: `KubeBlocks` and `UserProvided`. - \n - `KubeBlocks` indicates that the self-signed TLS - certificates generated by the KubeBlocks Operator - will be used. - `UserProvided` means that the user - is responsible for providing their own CA, Cert, and - Key. In this case, the user-provided CA certificate, - server certificate, and private key will be used for - TLS communication." - type: string - secretRef: - description: SecretRef is the reference to the secret - that contains user-provided certificates. It is required - when the issuer is set to `UserProvided`. - properties: - ca: - description: Key of CA cert in Secret - type: string - cert: - description: Key of Cert in Secret - type: string - key: - description: Key of TLS private key in Secret - type: string - name: - description: Name of the Secret that contains user-provided - certificates. - type: string - required: - - ca - - cert - - key - - name type: object - required: - - name type: object - monitorEnabled: - description: "Determines whether metrics exporter information - is annotated on the Component's headless Service. \n If - set to true, the following annotations will be patched - into the Service: \n - \"monitor.kubeblocks.io/path\" + monitor: + description: "Deprecated since v0.9 Determines whether metrics + exporter information is annotated on the Component's headless + Service. \n If set to true, the following annotations + will be patched into the Service: \n - \"monitor.kubeblocks.io/path\" - \"monitor.kubeblocks.io/port\" - \"monitor.kubeblocks.io/scheme\" \n These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter." @@ -10620,15 +14563,6 @@ spec: - name type: object type: array - sidecars: - description: Defines the sidecar containers that will be - attached to the Component's main container. - items: - type: string - maxItems: 32 - minItems: 1 - type: array - x-kubernetes-list-type: set switchPolicy: description: "Defines the strategy for switchover and failover when workloadType is Replication. \n Deprecated since diff --git a/deploy/helm/crds/apps.kubeblocks.io_componentdefinitions.yaml b/deploy/helm/crds/apps.kubeblocks.io_componentdefinitions.yaml index 5fa3a60bd1e..375c300a3bc 100644 --- a/deploy/helm/crds/apps.kubeblocks.io_componentdefinitions.yaml +++ b/deploy/helm/crds/apps.kubeblocks.io_componentdefinitions.yaml @@ -86,32 +86,6 @@ spec: ignored to avoid overriding higher-priority annotations. \n This field is immutable." type: object - builtinMonitorContainer: - description: Defines the built-in metrics exporter container. - properties: - metricsPath: - description: Specifies the http/https url path to scrape for metrics. - If empty, Prometheus uses the default value (e.g. `/metrics`). - type: string - metricsPort: - description: Specifies the port name to scrape for metrics. - type: string - name: - description: Specifies the name of the built-in metrics exporter - container. - type: string - protocol: - description: Specifies the schema to use for scraping. `http` - and `https` are the expected values unless you rewrite the `__scheme__` - label via relabeling. If empty, Prometheus uses the default - value `http`. - enum: - - http - - https - type: string - required: - - name - type: object configs: description: "Specifies the configuration file templates and volume mount parameters used by the Component. It also includes descriptions @@ -289,6 +263,30 @@ spec: characteristics. maxLength: 256 type: string + exporter: + description: Defines the built-in metrics exporter container. + properties: + containerName: + description: Specifies the name of the built-in metrics exporter + container. + type: string + scrapePath: + description: Specifies the http/https url path to scrape for metrics. + If empty, Prometheus uses the default value (e.g. `/metrics`). + type: string + scrapePort: + description: Specifies the port name to scrape for metrics. + type: string + scrapeScheme: + description: Specifies the schema to use for scraping. `http` + and `https` are the expected values unless you rewrite the `__scheme__` + label via relabeling. If empty, Prometheus uses the default + value `http`. + enum: + - http + - https + type: string + type: object hostNetwork: description: "Specifies the host network configuration for the Component. \n When `hostNetwork` option is enabled, the Pods share the host's @@ -5208,6 +5206,39 @@ spec: format: int32 minimum: 0 type: integer + monitor: + description: Deprecated since v0.9 monitor is monitoring config which + provided by provider. + properties: + builtIn: + default: false + description: builtIn is a switch to enable KubeBlocks builtIn + monitoring. If BuiltIn is set to true, monitor metrics will + be scraped automatically. If BuiltIn is set to false, the provider + should set ExporterConfig and Sidecar container own. + type: boolean + exporterConfig: + description: exporterConfig provided by provider, which specify + necessary information to Time Series Database. exporterConfig + is valid when builtIn is false. + properties: + scrapePath: + default: /metrics + description: scrapePath is exporter url path for Time Series + Database to scrape metrics. + maxLength: 128 + type: string + scrapePort: + anyOf: + - type: integer + - type: string + description: scrapePort is exporter port for Time Series Database + to scrape metrics. + x-kubernetes-int-or-string: true + required: + - scrapePort + type: object + type: object policyRules: description: "Defines the namespaced policy rules required by the Component. \n The `policyRules` field is an array of `rbacv1.PolicyRule` @@ -13219,1331 +13250,6 @@ spec: - name type: object type: array - sidecarContainerSpecs: - description: Defines the sidecar containers that will be attached - to the component's main container. - items: - properties: - args: - description: 'Arguments to the entrypoint. The container image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will - be unchanged. Double $$ are reduced to a single $, which allows - for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references - will never be expanded, regardless of whether the variable - exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. - The container image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: - i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether - the variable exists or not. Cannot be updated. More info: - https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be - a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. - If a variable cannot be resolved, the reference in the - input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) - syntax: i.e. "$$(VAR_NAME)" will produce the string - literal "$(VAR_NAME)". Escaped references will never - be expanded, regardless of whether the variable exists - or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, limits.ephemeral-storage, requests.cpu, - requests.memory and requests.ephemeral-storage) - are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be - a C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key - will take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set - of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap must be - defined - type: boolean - type: object - x-kubernetes-map-type: atomic - prefix: - description: An optional identifier to prepend to each - key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - x-kubernetes-map-type: atomic - type: object - type: array - image: - description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take - in response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More - info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The Pod''s termination grace period - countdown begins before the PreStop hook is executed. - Regardless of the outcome of the handler, the container - will eventually terminate within the Pod''s termination - grace period (unless delayed by finalizers). Other management - of the container blocks until the hook completes or until - the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's - filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions - ('|', etc) won't work. To use a shell, you need - to explicitly call out to that shell. Exit status - of 0 is treated as live/healthy and non-zero is - unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in - httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the - host. Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: Deprecated. TCPSocket is NOT supported - as a LifecycleHandler and kept for the backward compatibility. - There are no validation of this field and lifecycle - hooks will fail in runtime when tcp handler is specified. - properties: - host: - description: 'Optional: Host name to connect to, - defaults to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range - 1 to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC port. - properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - monitor: - description: Defines the function or purpose of the container, - such as the monitor type sidecar. - properties: - kind: - description: Defines the kind of monitor, such as metrics - or logs. - enum: - - metrics - - logs - - traces - type: string - scrapeConfig: - description: Defines the scrape configuration for the prometheus. - properties: - metricsPath: - description: Specifies the http/https url path to scrape - for metrics. If empty, Prometheus uses the default - value (e.g. `/metrics`). - type: string - metricsPort: - description: Specifies the port name to scrape for metrics. - type: string - protocol: - description: Specifies the schema to use for scraping. - `http` and `https` are the expected values unless - you rewrite the `__scheme__` label via relabeling. - If empty, Prometheus uses the default value `http`. - enum: - - http - - https - type: string - type: object - required: - - kind - type: object - name: - description: Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. - type: string - ports: - description: List of ports to expose from the container. Not - specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Modifying this array with strategic merge patch may corrupt - the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. - Cannot be updated. - items: - description: ContainerPort represents a network port in a - single container. - properties: - containerPort: - description: Number of port to expose on the pod's IP - address. This must be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external port to. - type: string - hostPort: - description: Number of port to expose on the host. If - specified, this must be a valid port number, 0 < x < - 65536. If HostNetwork is specified, this must match - ContainerPort. Most containers do not need this. - format: int32 - type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod - must have a unique name. Name for the port that can - be referred to by services. - type: string - protocol: - default: TCP - description: Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. - Container will be removed from service endpoints if the probe - fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC port. - properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resizePolicy: - description: Resources resize policy for the container. - items: - description: ContainerResizePolicy represents resource resize - policy for the container. - properties: - resourceName: - description: 'Name of the resource to which this resource - resize policy applies. Supported values: cpu, memory.' - type: string - restartPolicy: - description: Restart policy to apply when specified resource - is resized. If not specified, it defaults to NotRequired. - type: string - required: - - resourceName - - restartPolicy - type: object - type: array - x-kubernetes-list-type: atomic - resources: - description: 'Compute Resources required by this container. - Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - properties: - claims: - description: "Claims lists the names of resources, defined - in spec.resourceClaims, that are used by this container. - \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only - be set for containers." - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of one entry - in pod.spec.resourceClaims of the Pod where this - field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests - cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - restartPolicy: - description: 'RestartPolicy defines the restart behavior of - individual containers in a pod. This field may only be set - for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, - the restart behavior is defined by the Pod''s restart policy - and the container type. Setting the RestartPolicy as "Always" - for the init container will have the following effect: this - init container will be continually restarted on exit until - all regular containers have terminated. Once all regular containers - have completed, all init containers with restartPolicy "Always" - will be shut down. This lifecycle differs from normal init - containers and is often referred to as a "sidecar" container. - Although this init container still starts in the init container - sequence, it does not wait for the container to complete before - proceeding to the next init container. Instead, the next init - container starts immediately after this init container is - started, or after any startupProbe has successfully completed.' - type: string - securityContext: - description: 'SecurityContext defines the security options the - container should be run with. If set, the fields of SecurityContext - override the equivalent fields of PodSecurityContext. More - info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether - a process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN Note that this field cannot be set - when spec.os.name is windows.' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by - the container runtime. Note that this field cannot be - set when spec.os.name is windows. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes - in privileged containers are essentially equivalent to - root on the host. Defaults to false. Note that this field - cannot be set when spec.os.name is windows. - type: boolean - procMount: - description: procMount denotes the type of proc mount to - use for the containers. The default is DefaultProcMount - which uses the container runtime defaults for readonly - paths and masked paths. This requires the ProcMountType - feature flag to be enabled. Note that this field cannot - be set when spec.os.name is windows. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root - filesystem. Default is false. Note that this field cannot - be set when spec.os.name is windows. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a - non-root user. If true, the Kubelet will validate the - image at runtime to ensure that it does not run as UID - 0 (root) and fail to start the container if it does. If - unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both - SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata - if unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. Note - that this field cannot be set when spec.os.name is windows. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a - random SELinux context for each container. May also be - set in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. Note that this field cannot be set when - spec.os.name is windows. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - seccompProfile: - description: The seccomp options to use by this container. - If seccomp options are provided at both the pod & container - level, the container options override the pod options. - Note that this field cannot be set when spec.os.name is - windows. - properties: - localhostProfile: - description: localhostProfile indicates a profile defined - in a file on the node should be used. The profile - must be preconfigured on the node to work. Must be - a descending path, relative to the kubelet's configured - seccomp profile location. Must be set if type is "Localhost". - Must NOT be set for any other type. - type: string - type: - description: "type indicates which kind of seccomp profile - will be applied. Valid options are: \n Localhost - - a profile defined in a file on the node should be - used. RuntimeDefault - the container runtime default - profile should be used. Unconfined - no profile should - be applied." - type: string - required: - - type - type: object - windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is - linux. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the - GMSA credential spec to use. - type: string - hostProcess: - description: HostProcess determines if a container should - be run as a 'Host Process' container. All of a Pod's - containers must have the same effective HostProcess - value (it is not allowed to have a mix of HostProcess - containers and non-HostProcess containers). In addition, - if HostProcess is true then HostNetwork must also - be set to true. - type: boolean - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set - in PodSecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence. - type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod - will be restarted, just as if the livenessProbe failed. This - can be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. - This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for the - command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', etc) - won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe - to be considered failed after having succeeded. Defaults - to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC port. - properties: - port: - description: Port number of the gRPC service. Number - must be in the range 1 to 65535. - format: int32 - type: integer - service: - description: "Service is the name of the service to - place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - \n If this is not specified, the default behavior - is defined by gRPC." - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name. This will - be canonicalized upon output, so case-variant - names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has - started before liveness probes are initiated. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe - to be considered successful after having failed. Defaults - to 1. Must be 1 for liveness and startup. Minimum value - is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving a TCP - port. - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on - the container. Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: Optional duration in seconds the pod needs - to terminate gracefully upon probe failure. The grace - period is the duration in seconds after the processes - running in the pod are sent a termination signal and the - time when the processes are forcibly halted with a kill - signal. Set this value longer than the expected cleanup - time for your process. If this value is nil, the pod's - terminationGracePeriodSeconds will be used. Otherwise, - this value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates - stop immediately via the kill signal (no opportunity to - shut down). This is a beta field and requires enabling - ProbeTerminationGracePeriod feature gate. Minimum value - is 1. spec.terminationGracePeriodSeconds is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a buffer - for stdin in the container runtime. If this is not set, reads - from stdin in the container will always result in EOF. Default - is false. - type: boolean - stdinOnce: - description: Whether the container runtime should close the - stdin channel after it has been opened by a single attach. - When stdin is true the stdin stream will remain open across - multiple attach sessions. If stdinOnce is set to true, stdin - is opened on container start, is empty until the first client - attaches to stdin, and then remains open and accepts data - until the client disconnects, at which time stdin is closed - and remains closed until the container is restarted. If this - flag is false, a container processes that reads from stdin - will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which the - container''s termination message will be written is mounted - into the container''s filesystem. Message written is intended - to be brief final status, such as an assertion failure message. - Will be truncated by the node if greater than 4096 bytes. - The total message length across all containers will be limited - to 12kb. Defaults to /dev/termination-log. Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be - populated. File will use the contents of terminationMessagePath - to populate the container status message on both success and - failure. FallbackToLogsOnError will use the last chunk of - container log output if the termination message file is empty - and the container exited with an error. The log output is - limited to 2048 bytes or 80 lines, whichever is smaller. Defaults - to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices to be - used by the container. - items: - description: volumeDevice describes a mapping of a raw block - device within a container. - properties: - devicePath: - description: devicePath is the path inside of the container - that the device will be mapped to. - type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume - within a container. - properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other - way around. When not set, MountPropagationNone is used. - This field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might - be configured in the container image. Cannot be updated. - type: string - required: - - name - type: object - maxItems: 32 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - x-kubernetes-preserve-unknown-fields: true systemAccounts: description: "An array of `SystemAccount` objects that define the system accounts needed for the management operations of the Component. diff --git a/deploy/helm/crds/apps.kubeblocks.io_components.yaml b/deploy/helm/crds/apps.kubeblocks.io_components.yaml index bbb119f0e7c..eab5bb3d105 100644 --- a/deploy/helm/crds/apps.kubeblocks.io_components.yaml +++ b/deploy/helm/crds/apps.kubeblocks.io_components.yaml @@ -225,6 +225,14 @@ spec: type: string type: object type: array + disableExporter: + description: "Determines whether metrics exporter information is annotated + on the Component's headless Service. \n If set to true, the following + annotations will not be patched into the Service: \n - \"monitor.kubeblocks.io/path\" + - \"monitor.kubeblocks.io/port\" - \"monitor.kubeblocks.io/scheme\" + \n These annotations allow the Prometheus installed by KubeBlocks + to discover and scrape metrics from the exporter." + type: boolean enabledLogs: description: "Specifies which types of logs should be collected for the Cluster. The log types are defined in the `componentDefinition.spec.logConfigs` @@ -2360,240 +2368,2048 @@ spec: - name type: object type: array - monitorEnabled: - description: "Determines whether metrics exporter information is annotated - on the Component's headless Service. \n If set to true, the following - annotations will be patched into the Service: \n - \"monitor.kubeblocks.io/path\" - - \"monitor.kubeblocks.io/port\" - \"monitor.kubeblocks.io/scheme\" - \n These annotations allow the Prometheus installed by KubeBlocks - to discover and scrape metrics from the exporter." - type: boolean - offlineInstances: - description: "Specifies the names of instances to be transitioned - to offline status. \n Marking an instance as offline results in - the following: \n 1. The associated Pod is stopped, and its PersistentVolumeClaim - (PVC) is retained for potential future reuse or data recovery, but - it is no longer actively used. 2. The ordinal number assigned to - this instance is preserved, ensuring it remains unique and avoiding - conflicts with new instances. \n Setting instances to offline allows - for a controlled scale-in process, preserving their data and maintaining - ordinal consistency within the Cluster. Note that offline instances - and their associated resources, such as PVCs, are not automatically - deleted. The administrator must manually manage the cleanup and - removal of these resources when they are no longer needed." - items: - type: string - type: array - replicas: - default: 1 - description: Specifies the desired number of replicas in the Component - for enhancing availability and durability, or load balancing. - format: int32 - minimum: 0 - type: integer - resources: - description: Specifies the resources required by the Component. It - allows defining the CPU, memory requirements and limits for the - Component's containers. - properties: - claims: - description: "Claims lists the names of resources, defined in - spec.resourceClaims, that are used by this container. \n This - is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable. It can only be set - for containers." - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: Name must match the name of one entry in pod.spec.resourceClaims - of the Pod where this field is used. It makes that resource - available inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - x-kubernetes-preserve-unknown-fields: true - runtimeClassName: - description: Defines runtimeClassName for all Pods managed by this - Component. - type: string - schedulingPolicy: - description: Specifies the scheduling policy for the Component. + metricsStoreIntegration: + description: It supports prometheus/victoriametrics operator. properties: - affinity: - description: Specifies a group of affinity scheduling rules of - the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. + serviceMonitorTemplate: + description: "Specifies the ServiceMonitor template used in the + Component. \n Example usage: ```yaml name: prometheus-scrape + namespace: default labels: k8s-app: node-exporter serviceMonitorTemplate: + selector: matchLabels: app: app-exporter k8s-app: app-exporter + endpoints: - port: metrics_port jobLabel: k8s-app ```" properties: - nodeAffinity: - description: Describes node affinity scheduling rules for - the pod. + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + serviceMonitorSpec: + description: ServiceMonitorSpec contains specification parameters + for a ServiceMonitor properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. + attachMetadata: + description: "`attachMetadata` defines additional metadata + which is added to the discovered targets. \n It requires + Prometheus >= v2.37.0." + properties: + node: + description: When set to true, Prometheus must have + the `get` permission on the `Nodes` objects. + type: boolean + type: object + endpoints: + description: List of endpoints part of this ServiceMonitor. items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects - (i.e. is also a no-op). + description: Endpoint defines an endpoint serving Prometheus + metrics to be scraped by Prometheus. properties: - preference: - description: A node selector term, associated with - the corresponding weight. + authorization: + description: "`authorization` configures the Authorization + header credentials to use when scraping the target. + \n Cannot be set at the same time as `basicAuth`, + or `oauth2`." properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array + credentials: + description: Selects a key of a Secret in the + namespace that contains the credentials for + authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication type. + The value is case-insensitive. \n \"Basic\" + is not a supported value. \n Default: \"Bearer\"" + type: string type: object - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the - corresponding nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from - its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term - matches no objects. The requirements of them are - ANDed. The TopologySelectorTerm type implements - a subset of the NodeSelectorTerm. + basicAuth: + description: "`basicAuth` configures the Basic Authentication + credentials to use when scraping the target. \n + Cannot be set at the same time as `authorization`, + or `oauth2`." properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: + password: + description: '`password` specifies a key of + a Secret containing the password for authentication.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key of + a Secret containing the username for authentication.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: "File to read bearer token for scraping + the target. \n Deprecated: use `authorization` + instead." + type: string + bearerTokenSecret: + description: "`bearerTokenSecret` specifies a key + of a Secret containing the bearer token for scraping + targets. The secret needs to be in the same namespace + as the ServiceMonitor object and readable by the + Prometheus Operator. \n Deprecated: use `authorization` + instead." + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + enableHttp2: + description: '`enableHttp2` can be used to disable + HTTP2 when scraping the target.' + type: boolean + filterRunning: + description: "When true, the pods which are not + running (e.g. either in Failed or Succeeded state) + are dropped during the target discovery. \n If + unset, the filtering is enabled. \n More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" + type: boolean + followRedirects: + description: '`followRedirects` defines whether + the scrape requests should follow HTTP 3xx redirects.' + type: boolean + honorLabels: + description: When true, `honorLabels` preserves + the metric's labels when they collide with the + target's labels. + type: boolean + honorTimestamps: + description: '`honorTimestamps` controls whether + Prometheus preserves the timestamps when exposed + by the target.' + type: boolean + interval: + description: "Interval at which Prometheus scrapes + the metrics from the target. \n If empty, Prometheus + uses the global scrape interval." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + metricRelabelings: + description: '`metricRelabelings` configures the + relabeling rules to apply to the samples before + ingestion.' + items: + description: "RelabelConfig allows dynamic rewriting + of the label set for targets, alerts, scraped + samples and remote write samples. \n More info: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the + regex matching. \n `Uppercase` and `Lowercase` + actions require Prometheus >= v2.36.0. `DropEqual` + and `KeepEqual` actions require Prometheus + >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash + of the source label values. \n Only applicable + when the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which + the extracted value is matched. + type: string + replacement: + description: "Replacement value against which + a Replace action is performed if the regular + expression matches. \n Regex capture groups + are available." + type: string + separator: + description: Separator is the string between + concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select values + from existing labels. Their content is concatenated + using the configured Separator and matched + against the configured regular expression. + items: + description: LabelName is a valid Prometheus + label name which may only contain ASCII + letters, numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting + string is written in a replacement. \n It + is mandatory for `Replace`, `HashMod`, `Lowercase`, + `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups are available." + type: string + type: object + type: array + oauth2: + description: "`oauth2` configures the OAuth2 settings + to use when scraping the target. \n It requires + Prometheus >= 2.27.0. \n Cannot be set at the + same time as `authorization`, or `basicAuth`." + properties: + clientId: + description: '`clientId` specifies a key of + a Secret or ConfigMap containing the OAuth2 + client''s ID.' + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies a key + of a Secret containing the OAuth2 client''s + secret.' + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures the + HTTP parameters to append to the token URL.' + type: object + scopes: + description: '`scopes` defines the OAuth2 scopes + used for the token request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures the URL + to fetch the token from.' + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + params: + additionalProperties: + items: + type: string + type: array + description: params define optional HTTP URL parameters. + type: object + path: + description: "HTTP path from which to scrape for + metrics. \n If empty, Prometheus uses the default + value (e.g. `/metrics`)." + type: string + port: + description: "Name of the Service port which this + endpoint refers to. \n It takes precedence over + `targetPort`." + type: string + proxyUrl: + description: '`proxyURL` configures the HTTP Proxy + URL (e.g. "http://proxyserver:2195") to go through + when scraping the target.' + type: string + relabelings: + description: "`relabelings` configures the relabeling + rules to apply the target's metadata labels. \n + The Operator automatically adds relabelings for + a few standard Kubernetes fields. \n The original + scrape job's name is available via the `__tmp_prometheus_job_name` + label. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + items: + description: "RelabelConfig allows dynamic rewriting + of the label set for targets, alerts, scraped + samples and remote write samples. \n More info: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the + regex matching. \n `Uppercase` and `Lowercase` + actions require Prometheus >= v2.36.0. `DropEqual` + and `KeepEqual` actions require Prometheus + >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash + of the source label values. \n Only applicable + when the action is `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which + the extracted value is matched. + type: string + replacement: + description: "Replacement value against which + a Replace action is performed if the regular + expression matches. \n Regex capture groups + are available." + type: string + separator: + description: Separator is the string between + concatenated SourceLabels. + type: string + sourceLabels: + description: The source labels select values + from existing labels. Their content is concatenated + using the configured Separator and matched + against the configured regular expression. + items: + description: LabelName is a valid Prometheus + label name which may only contain ASCII + letters, numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting + string is written in a replacement. \n It + is mandatory for `Replace`, `HashMod`, `Lowercase`, + `Uppercase`, `KeepEqual` and `DropEqual` + actions. \n Regex capture groups are available." + type: string + type: object + type: array + scheme: + description: "HTTP scheme to use for scraping. \n + `http` and `https` are the expected values unless + you rewrite the `__scheme__` label via relabeling. + \n If empty, Prometheus uses the default value + `http`." + enum: + - http + - https + type: string + scrapeTimeout: + description: "Timeout after which Prometheus considers + the scrape to be failed. \n If empty, Prometheus + uses the global scrape timeout unless it is less + than the target's scrape interval value in which + the latter is used." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: "Name or number of the target port + of the `Pod` object behind the Service, the port + must be specified with container port property. + \n Deprecated: use `port` instead." + x-kubernetes-int-or-string: true + tlsConfig: + description: TLS configuration to use when scraping + the target. + properties: + ca: + description: Certificate authority used when + verifying server certificates. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the Prometheus + container to use for the targets. + type: string + cert: + description: Client certificate to present when + doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in + the Prometheus container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in + the Prometheus container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for + the targets. + type: string + type: object + trackTimestampsStaleness: + description: "`trackTimestampsStaleness` defines + whether Prometheus tracks staleness of the metrics + that have an explicit timestamp present in scraped + data. Has no effect if `honorTimestamps` is false. + \n It requires Prometheus >= v2.48.0." + type: boolean + type: object + type: array + jobLabel: + description: "`jobLabel` selects the label from the associated + Kubernetes `Service` object which will be used as the + `job` label for all metrics. \n For example if `jobLabel` + is set to `foo` and the Kubernetes `Service` object + is labeled with `foo: bar`, then Prometheus adds the + `job=\"bar\"` label to all ingested metrics. \n If the + value of this field is empty or if the label doesn't + exist for the given Service, the `job` label of the + metrics defaults to the name of the associated Kubernetes + `Service`." + type: string + keepDroppedTargets: + description: "Per-scrape limit on the number of targets + dropped by relabeling that will be kept in memory. 0 + means no limit. \n It requires Prometheus >= v2.47.0." + format: int64 + type: integer + labelLimit: + description: "Per-scrape limit on number of labels that + will be accepted for a sample. \n It requires Prometheus + >= v2.27.0." + format: int64 + type: integer + labelNameLengthLimit: + description: "Per-scrape limit on length of labels name + that will be accepted for a sample. \n It requires Prometheus + >= v2.27.0." + format: int64 + type: integer + labelValueLengthLimit: + description: "Per-scrape limit on length of labels value + that will be accepted for a sample. \n It requires Prometheus + >= v2.27.0." + format: int64 + type: integer + namespaceSelector: + description: Selector to select which namespaces the Kubernetes + `Endpoints` objects are discovered from. + properties: + any: + description: Boolean describing whether all namespaces + are selected in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names to select from. + items: + type: string + type: array + type: object + podTargetLabels: + description: '`podTargetLabels` defines the labels which + are transferred from the associated Kubernetes `Pod` + object onto the ingested metrics.' + items: + type: string + type: array + sampleLimit: + description: '`sampleLimit` defines a per-scrape limit + on the number of scraped samples that will be accepted.' + format: int64 + type: integer + selector: + description: Label selector to select the Kubernetes `Endpoints` + objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + targetLabels: + description: '`targetLabels` defines the labels which + are transferred from the associated Kubernetes `Service` + object onto the ingested metrics.' + items: + type: string + type: array + targetLimit: + description: '`targetLimit` defines a limit on the number + of scraped targets that will be accepted.' + format: int64 + type: integer + required: + - selector + type: object + type: object + vmMonitorTemplate: + description: "VictoriaMetrics is currently not supported yet. + Specifies the VMServiceScrape template used in the Component. + \n ```yaml name: vm-scrape namespace: default labels: k8s-app: + node-exporter vmServiceScrapeSpec: selector: matchLabels: app: + app-exporter ```" + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + vmServiceScrapeSpec: + description: VMServiceScrapeSpec defines the desired state + of VMServiceScrape + properties: + attach_metadata: + description: AttachMetadata configures metadata attaching + from service discovery + properties: + node: + description: 'Node instructs vmagent to add node specific + metadata from service discovery Valid for roles: + pod, endpoints, endpointslice.' + type: boolean + type: object + discoveryRole: + description: 'DiscoveryRole - defines kubernetes_sd role + for objects discovery. by default, its endpoints. can + be changed to service or endpointslices. note, that + with service setting, you have to use port: "name" and + cannot use targetPort for endpoints.' + enum: + - endpoints + - service + - endpointslices + type: string + endpoints: + description: A list of endpoints allowed as part of this + ServiceScrape. + items: + description: Endpoint defines a scrapeable endpoint + serving Prometheus metrics. + properties: + attach_metadata: + description: AttachMetadata configures metadata + attaching from service discovery + properties: + node: + description: 'Node instructs vmagent to add + node specific metadata from service discovery + Valid for roles: pod, endpoints, endpointslice.' + type: boolean + type: object + authorization: + description: Authorization with http header Authorization + properties: + credentials: + description: Reference to the secret with value + for authorization + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File with value for authorization + type: string + type: + description: Type of authorization, default + to bearer + type: string + type: object + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate + over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: The secret in the service scrape + namespace that contains the password for authentication. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile defines path to password + file at disk + type: string + username: + description: The secret in the service scrape + namespace that contains the username for authentication. + It must be at them same namespace as CRD + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: File to read bearer token for scraping + targets. + type: string + bearerTokenSecret: + description: Secret to mount to read bearer token + for scraping targets. The secret needs to be in + the same namespace as the service scrape and accessible + by the victoria-metrics operator. + nullable: true + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + follow_redirects: + description: FollowRedirects controls redirects + for scraping. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels + on collisions with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether vmagent + respects the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be + scraped + type: string + metricRelabelConfigs: + description: MetricRelabelConfigs to apply to samples + before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting + of the label set, being applied to samples before + ingestion. It defines ``-section + of configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex + matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL match + expression (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with + Match for `action: graphite`' + type: object + match: + description: 'Match is used together with + Labels for `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of + the source label values. + format: int64 + type: integer + regex: + description: Regular expression against which + the extracted value is matched. Default + is '(.*)' victoriaMetrics supports multiline + regex joined with | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against which + a regex replace is performed if the regular + expression matches. Regex capture groups + are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels - additional + form of source labels source_labels for + compatibility with original relabel config. + if set both sourceLabels and source_labels, + sourceLabels has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select values + from existing labels. Their content is concatenated + using the configured separator and matched + against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel - additional + form of target label - target_label for + compatibility with original relabel config. + if set both targetLabel and target_label, + targetLabel has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the resulting + value is written in a replace action. It + is mandatory for replace actions. Regex + capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 defines auth configuration + properties: + client_id: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + client_secret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + client_secret_file: + description: ClientSecretFile defines path for + client secret file. + type: string + endpoint_params: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + token_url: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - client_id + - token_url + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint + refers to. Mutually exclusive with targetPort. + type: string + proxyURL: + description: ProxyURL eg http://proxyserver:2195 + Directs scrapes to proxy through this endpoint. + type: string + relabelConfigs: + description: 'RelabelConfigs to apply to samples + before scraping. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic rewriting + of the label set, being applied to samples before + ingestion. It defines ``-section + of configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex + matching. Default is 'replace' + type: string + if: + description: 'If represents metricsQL match + expression (or list of expressions): ''{__name__=~"foo_.*"}''' + x-kubernetes-preserve-unknown-fields: true + labels: + additionalProperties: + type: string + description: 'Labels is used together with + Match for `action: graphite`' + type: object + match: + description: 'Match is used together with + Labels for `action: graphite`' + type: string + modulus: + description: Modulus to take of the hash of + the source label values. + format: int64 + type: integer + regex: + description: Regular expression against which + the extracted value is matched. Default + is '(.*)' victoriaMetrics supports multiline + regex joined with | https://docs.victoriametrics.com/vmagent/#relabeling-enhancements + x-kubernetes-preserve-unknown-fields: true + replacement: + description: Replacement value against which + a regex replace is performed if the regular + expression matches. Regex capture groups + are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated + source label values. default is ';'. + type: string + source_labels: + description: UnderScoreSourceLabels - additional + form of source labels source_labels for + compatibility with original relabel config. + if set both sourceLabels and source_labels, + sourceLabels has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + items: + type: string + type: array + sourceLabels: + description: The source labels select values + from existing labels. Their content is concatenated + using the configured separator and matched + against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + target_label: + description: UnderScoreTargetLabel - additional + form of target label - target_label for + compatibility with original relabel config. + if set both targetLabel and target_label, + targetLabel has priority. for details https://github.com/VictoriaMetrics/operator/issues/131 + type: string + targetLabel: + description: Label to which the resulting + value is written in a replace action. It + is mandatory for replace actions. Regex + capture groups are available. + type: string + type: object + type: array + sampleLimit: + description: SampleLimit defines per-endpoint limit + on number of scraped samples that will be accepted. + format: int64 + type: integer + scheme: + description: HTTP scheme to use for scraping. + enum: + - http + - https + type: string + scrape_interval: + description: ScrapeInterval is the same as Interval + and has priority over it. one of scrape_interval + or interval can be used + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + seriesLimit: + description: SeriesLimit defines per-scrape limit + on number of unique time series a single target + can expose during all the scrapes on the time + window of 24h. + format: int64 + type: integer + targetPort: + anyOf: + - type: integer + - type: string + description: Name or number of the pod port this + endpoint refers to. Mutually exclusive with port. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLSConfig configuration to use when + scraping the endpoint + properties: + ca: + description: Stuct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the container + to use for the targets. + type: string + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in + the container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in + the container for the targets. + type: string + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for + the targets. + type: string + type: object + vm_scrape_params: + description: VMScrapeParams defines VictoriaMetrics + specific scrape parametrs + properties: + disable_compression: + type: boolean + disable_keep_alive: + description: disable_keepalive allows disabling + HTTP keep-alive when scraping targets. By + default, HTTP keep-alive is enabled, so TCP + connections to scrape targets could be re-used. + See https://docs.victoriametrics.com/vmagent.html#scrape_config-enhancements + type: boolean + headers: + description: 'Headers allows sending custom + headers to scrape targets must be in of semicolon + separated header with it''s value eg: headerName: + headerValue vmagent supports since 1.79.0 + version' + items: + type: string + type: array + metric_relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + no_stale_markers: + type: boolean + proxy_client_config: + description: ProxyClientConfig configures proxy + auth settings for scraping See feature description + https://docs.victoriametrics.com/vmagent.html#scraping-targets-via-a-proxy + properties: + basic_auth: + description: BasicAuth allow an endpoint + to authenticate over basic authentication + properties: + password: + description: The secret in the service + scrape namespace that contains the + password for authentication. It must + be at them same namespace as CRD + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + password_file: + description: PasswordFile defines path + to password file at disk + type: string + username: + description: The secret in the service + scrape namespace that contains the + username for authentication. It must + be at them same namespace as CRD + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearer_token: + description: SecretKeySelector selects a + key of a Secret. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + bearer_token_file: + type: string + tls_config: + description: TLSConfig specifies TLSConfig + configuration parameters. + properties: + ca: + description: Stuct containing the CA + cert to use for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in + the container to use for the targets. + type: string + cert: + description: Struct containing the client + cert file for the targets. + properties: + configMap: + description: ConfigMap containing + data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the ConfigMap or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data + to use for the targets. + properties: + key: + description: The key of the + secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether + the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert + file in the container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate + validation. + type: boolean + keyFile: + description: Path to the client key + file in the container for the targets. + type: string + keySecret: + description: Secret containing the client + key file for the targets. + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. + apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname + for the targets. + type: string + type: object + type: object + relabel_debug: + description: deprecated since [v1.85](https://github.com/VictoriaMetrics/VictoriaMetrics/releases/tag/v1.85.0), + will be removed in next release + type: boolean + scrape_align_interval: + type: string + scrape_offset: + type: string + stream_parse: + type: boolean + type: object + type: object + type: array + jobLabel: + description: The label to use to retrieve the job name + from. + type: string + namespaceSelector: + description: Selector to select which namespaces the Endpoints + objects are discovered from. + properties: + any: + description: Boolean describing whether all namespaces + are selected in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string + type: array + type: object + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes + Pod onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number + of scraped samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Endpoints objects by corresponding + Service labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + seriesLimit: + description: SeriesLimit defines per-scrape limit on number + of unique time series a single target can expose during + all the scrapes on the time window of 24h. + format: int64 + type: integer + targetLabels: + description: TargetLabels transfers labels on the Kubernetes + Service onto the target. + items: + type: string + type: array + required: + - endpoints + type: object + type: object + type: object + offlineInstances: + description: "Specifies the names of instances to be transitioned + to offline status. \n Marking an instance as offline results in + the following: \n 1. The associated Pod is stopped, and its PersistentVolumeClaim + (PVC) is retained for potential future reuse or data recovery, but + it is no longer actively used. 2. The ordinal number assigned to + this instance is preserved, ensuring it remains unique and avoiding + conflicts with new instances. \n Setting instances to offline allows + for a controlled scale-in process, preserving their data and maintaining + ordinal consistency within the Cluster. Note that offline instances + and their associated resources, such as PVCs, are not automatically + deleted. The administrator must manually manage the cleanup and + removal of these resources when they are no longer needed." + items: + type: string + type: array + replicas: + default: 1 + description: Specifies the desired number of replicas in the Component + for enhancing availability and durability, or load balancing. + format: int32 + minimum: 0 + type: integer + resources: + description: Specifies the resources required by the Component. It + allows defining the CPU, memory requirements and limits for the + Component's containers. + properties: + claims: + description: "Claims lists the names of resources, defined in + spec.resourceClaims, that are used by this container. \n This + is an alpha field and requires enabling the DynamicResourceAllocation + feature gate. \n This field is immutable. It can only be set + for containers." + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry in pod.spec.resourceClaims + of the Pod where this field is used. It makes that resource + available inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + x-kubernetes-preserve-unknown-fields: true + runtimeClassName: + description: Defines runtimeClassName for all Pods managed by this + Component. + type: string + schedulingPolicy: + description: Specifies the scheduling policy for the Component. + properties: + affinity: + description: Specifies a group of affinity scheduling rules of + the Cluster, including NodeAffinity, PodAffinity, and PodAntiAffinity. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: key: description: The label key that the selector applies to. @@ -4142,15 +5958,6 @@ spec: - name type: object type: array - sidecars: - description: Defines the sidecar containers that will be attached - to the Component's main container. - items: - type: string - maxItems: 32 - minItems: 1 - type: array - x-kubernetes-list-type: set tlsConfig: description: "Specifies the TLS configuration for the Component, including: \n - A boolean flag that indicates whether the Component should diff --git a/deploy/helm/crds/apps.kubeblocks.io_configconstraints.yaml b/deploy/helm/crds/apps.kubeblocks.io_configconstraints.yaml index 7505f6cdd85..013115a3288 100644 --- a/deploy/helm/crds/apps.kubeblocks.io_configconstraints.yaml +++ b/deploy/helm/crds/apps.kubeblocks.io_configconstraints.yaml @@ -94,10 +94,10 @@ spec: (e.g., from secondary to primary), some changes in configuration are needed to reflect the new role." items: - description: DownwardAPITriggeredAction defines an action that triggers - specific commands in response to changes in Pod labels. For example, - a command might be executed when the 'role' label of the Pod is - updated. + description: DownwardAPIChangeTriggeredAction defines an action + that triggers specific commands in response to changes in Pod + labels. For example, a command might be executed when the 'role' + label of the Pod is updated. properties: command: description: Specifies the command to be triggered when changes @@ -730,35 +730,7 @@ spec: spec: description: ConfigConstraintSpec defines the desired state of ConfigConstraint properties: - configSchema: - description: Defines a list of parameters including their names, default - values, descriptions, types, and constraints (permissible values - or the range of valid values). - properties: - cue: - description: "Hold a string that contains a script written in - CUE language that defines a list of configuration items. Each - item is detailed with its name, default value, description, - type (e.g. string, integer, float), and constraints (permissible - values or the valid range of values). \n CUE (Configure, Unify, - Execute) is a declarative language designed for defining and - validating complex data configurations. It is particularly useful - in environments like K8s where complex configurations and validation - rules are common. \n This script functions as a validator for - user-provided configurations, ensuring compliance with the established - specifications and constraints." - type: string - schemaInJSON: - description: Generated from the 'cue' field and transformed into - a JSON format. - x-kubernetes-preserve-unknown-fields: true - topLevelKey: - description: Specifies the top-level key in the 'configSchema.cue' - that organizes the validation rules for parameters. This key - must exist within the CUE script defined in 'configSchema.cue'. - type: string - type: object - downwardAPITriggeredActions: + downwardAPIChangeTriggeredActions: description: "TODO: migrate DownwardAPITriggeredActions to ComponentDefinition.spec.lifecycleActions Specifies a list of actions to execute specified commands based on Pod labels. \n It utilizes the K8s Downward API to mount label @@ -771,10 +743,10 @@ spec: (e.g., from secondary to primary), some changes in configuration are needed to reflect the new role." items: - description: DownwardAPITriggeredAction defines an action that triggers - specific commands in response to changes in Pod labels. For example, - a command might be executed when the 'role' label of the Pod is - updated. + description: DownwardAPIChangeTriggeredAction defines an action + that triggers specific commands in response to changes in Pod + labels. For example, a command might be executed when the 'role' + label of the Pod is updated. properties: command: description: Specifies the command to be triggered when changes @@ -962,6 +934,34 @@ spec: efficient handling of configuration changes by potentially eliminating an unnecessary reload step." type: boolean + parametersSchema: + description: Defines a list of parameters including their names, default + values, descriptions, types, and constraints (permissible values + or the range of valid values). + properties: + cue: + description: "Hold a string that contains a script written in + CUE language that defines a list of configuration items. Each + item is detailed with its name, default value, description, + type (e.g. string, integer, float), and constraints (permissible + values or the valid range of values). \n CUE (Configure, Unify, + Execute) is a declarative language designed for defining and + validating complex data configurations. It is particularly useful + in environments like K8s where complex configurations and validation + rules are common. \n This script functions as a validator for + user-provided configurations, ensuring compliance with the established + specifications and constraints." + type: string + schemaInJSON: + description: Generated from the 'cue' field and transformed into + a JSON format. + x-kubernetes-preserve-unknown-fields: true + topLevelKey: + description: Specifies the top-level key in the 'configSchema.cue' + that organizes the validation rules for parameters. This key + must exist within the CUE script defined in 'configSchema.cue'. + type: string + type: object reloadAction: description: "Specifies the dynamic reload (dynamic reconfiguration) actions supported by the engine. When set, the controller executes @@ -1110,6 +1110,58 @@ spec: required: - command type: object + targetPodSelector: + description: "Used to match labels on the pod to determine whether + a dynamic reload should be performed. \n In some scenarios, + only specific pods (e.g., primary replicas) need to undergo + a dynamic reload. The `reloadedPodSelector` allows you to specify + label selectors to target the desired pods for the reload process. + \n If the `reloadedPodSelector` is not specified or is nil, + all pods managed by the workload will be considered for the + dynamic reload." + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic tplScriptTrigger: description: Enables reloading process using a Go template script. properties: @@ -1197,57 +1249,6 @@ spec: engines that require static parameters to be set via SQL statements before they can take effect on restart." type: boolean - reloadedPodSelector: - description: "Used to match labels on the pod to determine whether - a dynamic reload should be performed. \n In some scenarios, only - specific pods (e.g., primary replicas) need to undergo a dynamic - reload. The `reloadedPodSelector` allows you to specify label selectors - to target the desired pods for the reload process. \n If the `reloadedPodSelector` - is not specified or is nil, all pods managed by the workload will - be considered for the dynamic reload." - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic staticParameters: description: List static parameters. Modifications to any of these parameters require a restart of the process to take effect. diff --git a/docs/developer_docs/api-reference/cluster.md b/docs/developer_docs/api-reference/cluster.md index a026293a92f..d76ed40f977 100644 --- a/docs/developer_docs/api-reference/cluster.md +++ b/docs/developer_docs/api-reference/cluster.md @@ -1080,19 +1080,21 @@ string -sidecars
+metricsStoreIntegration
-[]string + +MetricsStoreIntegration + (Optional) -

Defines the sidecar containers that will be attached to the Component’s main container.

+

It supports prometheus/victoriametrics operator.

-monitorEnabled
+disableExporter
bool @@ -1100,7 +1102,7 @@ bool (Optional)

Determines whether metrics exporter information is annotated on the Component’s headless Service.

-

If set to true, the following annotations will be patched into the Service:

+

If set to true, the following annotations will not be patched into the Service:

  • “monitor.kubeblocks.io/path”
  • “monitor.kubeblocks.io/port”
    • @@ -1341,24 +1343,25 @@ These instance-specific overrides can be specified in cluster.spec.compone -sidecarContainerSpecs
    +monitor
    - -[]SidecarContainerSpec + +MonitorConfig (Optional) -

    Defines the sidecar containers that will be attached to the component’s main container.

    +

    Deprecated since v0.9 +monitor is monitoring config which provided by provider.

    -builtinMonitorContainer
    +exporter
    - -BuiltinMonitorContainerRef + +Exporter @@ -2051,8 +2054,8 @@ This ensures that the tools are available to the ‘config-manager’ si downwardAPIOptions
    - -[]DownwardAPITriggeredAction + +[]DownwardAPIChangeTriggeredAction @@ -3891,49 +3894,6 @@ RefNamespaceName -

    BuiltinMonitorContainerRef -

    -

    -(Appears on:ClusterComponentDefinition, ComponentDefinitionSpec) -

    -
    -
    - - - - - - - - - - - - - - - - - -
    FieldDescription
    -name
    - -string - -    		 -

    Specifies the name of the built-in metrics exporter container.

    -
    -PrometheusScrapeConfig
    - - -PrometheusScrapeConfig - - -    		 -

    -(Members of PrometheusScrapeConfig are embedded into this type.) -

    -

    ClusterBackup

    @@ -4496,30 +4456,31 @@ configmap and mounted to the current component.

    -sidecarContainerSpecs
    +exporter
    - -[]SidecarContainerSpec + +Exporter (Optional) -

    Defines the sidecar containers that will be attached to the component’s main container.

    +

    Defines the metrics exporter.

    -builtinMonitorContainer
    +monitor
    - -BuiltinMonitorContainerRef + +MonitorConfig (Optional) -

    Defines the built-in metrics exporter container.

    +

    Deprecated since v0.9 +monitor is monitoring config which provided by provider.

    @@ -5068,19 +5029,21 @@ The administrator must manually manage the cleanup and removal of these resource -sidecars
    +metricsStoreIntegration
    -[]string + +MetricsStoreIntegration + (Optional) -

    Defines the sidecar containers that will be attached to the Component’s main container.

    +

    It supports prometheus/victoriametrics operator.

    -monitorEnabled
    +disableExporter
    bool @@ -5088,6 +5051,26 @@ bool (Optional)

    Determines whether metrics exporter information is annotated on the Component’s headless Service.

    +

    If set to true, the following annotations will not be patched into the Service:

    +
      +
    • “monitor.kubeblocks.io/path”
      • +
    • “monitor.kubeblocks.io/port”
      • +
    • “monitor.kubeblocks.io/scheme”
      • +
    +

    These annotations allow the Prometheus installed by KubeBlocks to discover and scrape metrics from the exporter.

    + + + + +monitor
    + +bool + + + +(Optional) +

    Deprecated since v0.9 +Determines whether metrics exporter information is annotated on the Component’s headless Service.

    If set to true, the following annotations will be patched into the Service:

    • “monitor.kubeblocks.io/path”
      • @@ -7380,24 +7363,25 @@ These instance-specific overrides can be specified in cluster.spec.compone -sidecarContainerSpecs
      +monitor
      - -[]SidecarContainerSpec + +MonitorConfig (Optional) -

      Defines the sidecar containers that will be attached to the component’s main container.

      +

      Deprecated since v0.9 +monitor is monitoring config which provided by provider.

      -builtinMonitorContainer
      +exporter
      - -BuiltinMonitorContainerRef + +Exporter @@ -8848,19 +8832,21 @@ string -sidecars
      +metricsStoreIntegration
      -[]string + +MetricsStoreIntegration + (Optional) -

      Defines the sidecar containers that will be attached to the Component’s main container.

      +

      It supports prometheus/victoriametrics operator.

      -monitorEnabled
      +disableExporter
      bool @@ -8868,7 +8854,7 @@ bool (Optional)

      Determines whether metrics exporter information is annotated on the Component’s headless Service.

      -

      If set to true, the following annotations will be patched into the Service:

      +

      If set to true, the following annotations will not be patched into the Service:

      • “monitor.kubeblocks.io/path”
      • “monitor.kubeblocks.io/port”
        • @@ -9732,8 +9718,8 @@ This ensures that the tools are available to the ‘config-manager’ si downwardAPIOptions
        - -[]DownwardAPITriggeredAction + +[]DownwardAPIChangeTriggeredAction @@ -11502,6 +11488,118 @@ If the shell is required, it must be explicitly invoked in the command.

        +

        Exporter +

        +

        +(Appears on:ClusterComponentDefinition, ComponentDefinitionSpec) +

        +
        +
        + + + + + + + + + + + + + + + + + + + + + + + + + +
        FieldDescription
        +containerName
        + +string + +        		 +(Optional) +

        Specifies the name of the built-in metrics exporter container.

        +
        +scrapePath
        + +string + +        		 +(Optional) +

        Specifies the http/https url path to scrape for metrics. +If empty, Prometheus uses the default value (e.g. /metrics).

        +
        +scrapePort
        + +string + +        		 +(Optional) +

        Specifies the port name to scrape for metrics.

        +
        +scrapeScheme
        + + +PrometheusScheme + + +        		 +(Optional) +

        Specifies the schema to use for scraping. +http and https are the expected values unless you rewrite the __scheme__ label via relabeling. +If empty, Prometheus uses the default value http.

        +
        +

        ExporterConfig +

        +

        +(Appears on:MonitorConfig) +

        +
        +
        + + + + + + + + + + + + + + + + + +
        FieldDescription
        +scrapePort
        + + +Kubernetes api utils intstr.IntOrString + + +        		 +

        scrapePort is exporter port for Time Series Database to scrape metrics.

        +
        +scrapePath
        + +string + +        		 +(Optional) +

        scrapePath is exporter url path for Time Series Database to scrape metrics.

        +

        Expose

        @@ -12893,18 +12991,79 @@ for example, using ‘{{ eq .spec.replicas 1 }}’ -

        MonitorKind -(string alias)

        +

        MetricsStoreIntegration +

        -(Appears on:MonitorSource) +(Appears on:ClusterComponentSpec, ComponentSpec)

        -

        MonitorKind defines the kind of monitor.

        -

        MonitorSource + + + + + + + + + + + + + + + + + +
        FieldDescription
        +serviceMonitorTemplate
        + + +ServiceMonitorTemplate + + +        		 +(Optional) +

        Specifies the ServiceMonitor template used in the Component.

        +

        Example usage:

        +
        name: prometheus-scrape
+namespace: default
+labels:
+  k8s-app: node-exporter
+serviceMonitorTemplate:
+  selector:
+    matchLabels:
+      app: app-exporter
+      k8s-app: app-exporter
+  endpoints:
+  - port: metrics_port
+  jobLabel: k8s-app
+
        +
        +vmMonitorTemplate
        + + +VMMonitorTemplate + + +        		 +(Optional) +

        VictoriaMetrics is currently not supported yet. +Specifies the VMServiceScrape template used in the Component.

        +
        name: vm-scrape
+namespace: default
+labels:
+  k8s-app: node-exporter
+vmServiceScrapeSpec:
+  selector:
+    matchLabels:
+      app: app-exporter
+
        +
        +

        MonitorConfig

        -(Appears on:SidecarContainerSource) +(Appears on:ClusterComponentDefinition, ComponentDefinitionSpec)

        @@ -12918,33 +13077,40 @@ for example, using ‘{{ eq .spec.replicas 1 }}’ -kind
        +builtIn
        - -MonitorKind - +bool -

        Defines the kind of monitor, such as metrics or logs.

        +(Optional) +

        builtIn is a switch to enable KubeBlocks builtIn monitoring. +If BuiltIn is set to true, monitor metrics will be scraped automatically. +If BuiltIn is set to false, the provider should set ExporterConfig and Sidecar container own.

        -scrapeConfig
        +exporterConfig
        - -PrometheusScrapeConfig + +ExporterConfig (Optional) -

        Defines the scrape configuration for the prometheus.

        +

        exporterConfig provided by provider, which specify necessary information to Time Series Database. +exporterConfig is valid when builtIn is false.

        +

        MonitorKind +(string alias)

        +
        +

        MonitorKind defines the kind of monitor.

        +

        MultipleClusterObjectCombinedOption

        @@ -15660,20 +15826,34 @@ Kubernetes meta/v1.Time -

        PrometheusProtocol +

        PrometheusScheme (string alias)

        -(Appears on:PrometheusScrapeConfig) +(Appears on:Exporter)

        -

        PrometheusProtocol defines the protocol of prometheus scrape metrics.

        +

        PrometheusScheme defines the protocol of prometheus scrape metrics.

        -

        PrometheusScrapeConfig + + + + + + + + + + + + +
        ValueDescription

        "http"

        "https"

        +

        ProtectedVolume

        -(Appears on:BuiltinMonitorContainerRef, MonitorSource) +(Appears on:VolumeProtectionSpec)

        +

        ProtectedVolume is deprecated since v0.9, replaced with ComponentVolume.HighWatermark.

        @@ -15685,91 +15865,32 @@ Kubernetes meta/v1.Time - - - -
        -metricsPath
        - -string - -        		 -(Optional) -

        Specifies the http/https url path to scrape for metrics. -If empty, Prometheus uses the default value (e.g. /metrics).

        -
        -metricsPort
        +name
        string         		(Optional) -

        Specifies the port name to scrape for metrics.

        +

        The Name of the volume to protect.
        -protocol
        +highWatermark
        - -PrometheusProtocol - +int         		(Optional) -

        Specifies the schema to use for scraping. -http and https are the expected values unless you rewrite the __scheme__ label via relabeling. -If empty, Prometheus uses the default value http.

        +

        Defines the high watermark threshold for the volume, it will override the component level threshold. +If the value is invalid, it will be ignored and the component level threshold will be used.
        -

        ProtectedVolume -

        -

        -(Appears on:VolumeProtectionSpec) -

        -
        -

        ProtectedVolume is deprecated since v0.9, replaced with ComponentVolume.HighWatermark.

        -
        - - - - - - - - - - - - - - - - - -
        FieldDescription
        -name
        - -string - -        		 -(Optional) -

        The Name of the volume to protect.

        -
        -highWatermark
        - -int - -        		 -(Optional) -

        Defines the high watermark threshold for the volume, it will override the component level threshold. -If the value is invalid, it will be ignored and the component level threshold will be used.

        -
        -

        ProvisionPolicy +

        ProvisionPolicy

        (Appears on:SystemAccountConfig) @@ -18057,6 +18178,54 @@ int64 +

        ServiceMonitorTemplate +

        +

        +(Appears on:MetricsStoreIntegration) +

        +
        +
        + + + + + + + + + + + + + + + + + +
        FieldDescription
        +ObjectMeta
        + + +Kubernetes meta/v1.ObjectMeta + + +        		 +

        +(Members of ObjectMeta are embedded into this type.) +

        +(Optional) +

        Standard k8s object’s metadata.

        +Refer to the Kubernetes API documentation for the fields of the +metadata field. +
        +serviceMonitorSpec
        + +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1.ServiceMonitorSpec + +        		 +(Optional) +

        ServiceMonitorSpec contains specification parameters for a ServiceMonitor

        +

        ServicePort

        @@ -18851,87 +19020,6 @@ Resources and data associated with the corresponding Component will also be dele -

        SidecarContainerSource -

        -

        -(Appears on:SidecarContainerSpec) -

        -
        -
        - - - - - - - - - - - - - -
        FieldDescription
        -monitor
        - - -MonitorSource - - -        		 -(Optional) -

        Defines the function or purpose of the container, such as the monitor type sidecar.

        -
        -

        SidecarContainerSpec -

        -

        -(Appears on:ClusterComponentDefinition, ComponentDefinitionSpec) -

        -
        -
        - - - - - - - - - - - - - - - - - -
        FieldDescription
        -Container
        - - -Kubernetes core/v1.Container - - -        		 -

        -(Members of Container are embedded into this type.) -

        -
        -SidecarContainerSource
        - - -SidecarContainerSource - - -        		 -

        -(Members of SidecarContainerSource are embedded into this type.) -

        -(Optional) -

        Define the function or purpose of the container, such as the monitor type sidecar. -In order to allow prometheus to scrape metrics from the sidecar container, the schema, port, and url will be injected into the annotation of the service.

        -

        SpecificOpsRequest

        @@ -20298,6 +20386,54 @@ string +

        VMMonitorTemplate +

        +

        +(Appears on:MetricsStoreIntegration) +

        +
        +
        + + + + + + + + + + + + + + + + + +
        FieldDescription
        +ObjectMeta
        + + +Kubernetes meta/v1.ObjectMeta + + +        		 +

        +(Members of ObjectMeta are embedded into this type.) +

        +(Optional) +

        Standard k8s object’s metadata.

        +Refer to the Kubernetes API documentation for the fields of the +metadata field. +
        +vmServiceScrapeSpec
        + +github.com/VictoriaMetrics/operator/api/victoriametrics/v1beta1.VMServiceScrapeSpec + +        		 +(Optional) +

        VMServiceScrapeSpec defines the desired state of VMServiceScrape

        +

        ValueFrom

        @@ -20973,10 +21109,10 @@ via SQL statements before they can take effect on restart. -downwardAPITriggeredActions
        +downwardAPIChangeTriggeredActions
        - -[]DownwardAPITriggeredAction + +[]DownwardAPIChangeTriggeredAction @@ -20996,10 +21132,10 @@ to reflect the new role. -configSchema
        +parametersSchema
        - -ConfigSchema + +ParametersSchema @@ -21050,24 +21186,6 @@ Attempting to change any of these parameters will be ignored.

        -reloadedPodSelector
        - - -Kubernetes meta/v1.LabelSelector - - - - -(Optional) -

        Used to match labels on the pod to determine whether a dynamic reload should be performed.

        -

        In some scenarios, only specific pods (e.g., primary replicas) need to undergo a dynamic reload. -The reloadedPodSelector allows you to specify label selectors to target the desired pods for the reload process.

        -

        If the reloadedPodSelector is not specified or is nil, all pods managed by the workload will be considered for the dynamic -reload.

        - - - - fileFormatConfig
        @@ -21283,10 +21401,10 @@ via SQL statements before they can take effect on restart. -downwardAPITriggeredActions
        +downwardAPIChangeTriggeredActions
        -         -[]DownwardAPITriggeredAction + +[]DownwardAPIChangeTriggeredAction @@ -21306,10 +21424,10 @@ to reflect the new role. -configSchema
        +parametersSchema
        - -ConfigSchema + +ParametersSchema @@ -21360,24 +21478,6 @@ Attempting to change any of these parameters will be ignored.

        -reloadedPodSelector
        - - -Kubernetes meta/v1.LabelSelector - - - - -(Optional) -

        Used to match labels on the pod to determine whether a dynamic reload should be performed.

        -

        In some scenarios, only specific pods (e.g., primary replicas) need to undergo a dynamic reload. -The reloadedPodSelector allows you to specify label selectors to target the desired pods for the reload process.

        -

        If the reloadedPodSelector is not specified or is nil, all pods managed by the workload will be considered for the dynamic -reload.

        - - - - fileFormatConfig
        @@ -21457,77 +21557,13 @@ int64 -

        ConfigSchema -

        -

        -(Appears on:ConfigConstraintSpec) -

        -
        -

        ConfigSchema Defines a list of configuration items with their names, default values, descriptions, -types, and constraints.

        -
        - - - - - - - - - - - - - - - - - - - - - -
        FieldDescription
        -topLevelKey
        - -string - -        		 -(Optional) -

        Specifies the top-level key in the ‘configSchema.cue’ that organizes the validation rules for parameters. -This key must exist within the CUE script defined in ‘configSchema.cue’.

        -
        -cue
        - -string - -        		 -(Optional) -

        Hold a string that contains a script written in CUE language that defines a list of configuration items. -Each item is detailed with its name, default value, description, type (e.g. string, integer, float), -and constraints (permissible values or the valid range of values).

        -

        CUE (Configure, Unify, Execute) is a declarative language designed for defining and validating -complex data configurations. -It is particularly useful in environments like K8s where complex configurations and validation rules are common.

        -

        This script functions as a validator for user-provided configurations, ensuring compliance with -the established specifications and constraints.

        -
        -schemaInJSON
        - - -Kubernetes api extensions v1.JSONSchemaProps - - -        		 -

        Generated from the ‘cue’ field and transformed into a JSON format.

        -
        -

        DownwardAPITriggeredAction +

        DownwardAPIChangeTriggeredAction

        (Appears on:ConfigConstraintSpec, ConfigConstraintSpec)

        -

        DownwardAPITriggeredAction defines an action that triggers specific commands in response to changes in Pod labels. +

        DownwardAPIChangeTriggeredAction defines an action that triggers specific commands in response to changes in Pod labels. For example, a command might be executed when the ‘role’ label of the Pod is updated.

        @@ -21773,6 +21809,70 @@ string
        +

        ParametersSchema +

        +

        +(Appears on:ConfigConstraintSpec) +

        +
        +

        ParametersSchema Defines a list of configuration items with their names, default values, descriptions, +types, and constraints.

        +
        + + + + + + + + + + + + + + + + + + + + + +
        FieldDescription
        +topLevelKey
        + +string + +        		 +(Optional) +

        Specifies the top-level key in the ‘configSchema.cue’ that organizes the validation rules for parameters. +This key must exist within the CUE script defined in ‘configSchema.cue’.

        +
        +cue
        + +string + +        		 +(Optional) +

        Hold a string that contains a script written in CUE language that defines a list of configuration items. +Each item is detailed with its name, default value, description, type (e.g. string, integer, float), +and constraints (permissible values or the valid range of values).

        +

        CUE (Configure, Unify, Execute) is a declarative language designed for defining and validating +complex data configurations. +It is particularly useful in environments like K8s where complex configurations and validation rules are common.

        +

        This script functions as a validator for user-provided configurations, ensuring compliance with +the established specifications and constraints.

        +
        +schemaInJSON
        + + +Kubernetes api extensions v1.JSONSchemaProps + + +        		 +

        Generated from the ‘cue’ field and transformed into a JSON format.

        +

        ReloadAction

        @@ -21846,12 +21946,30 @@ AutoTrigger

        Automatically perform the reload when specified conditions are met.

        + + +targetPodSelector
        + + +Kubernetes meta/v1.LabelSelector + + + + +(Optional) +

        Used to match labels on the pod to determine whether a dynamic reload should be performed.

        +

        In some scenarios, only specific pods (e.g., primary replicas) need to undergo a dynamic reload. +The reloadedPodSelector allows you to specify label selectors to target the desired pods for the reload process.

        +

        If the reloadedPodSelector is not specified or is nil, all pods managed by the workload will be considered for the dynamic +reload.

        + +

        ScriptConfig

        -(Appears on:ConfigConstraintSpec, DownwardAPITriggeredAction, ShellTrigger, TPLScriptTrigger) +(Appears on:ConfigConstraintSpec, DownwardAPIChangeTriggeredAction, ShellTrigger, TPLScriptTrigger)

        diff --git a/go.mod b/go.mod index eddbdbed4eb..27f64db75c4 100644 --- a/go.mod +++ b/go.mod @@ -8,8 +8,9 @@ require ( github.com/Masterminds/semver/v3 v3.2.1 github.com/Masterminds/sprig/v3 v3.2.3 github.com/StudioSol/set v1.0.0 + github.com/VictoriaMetrics/operator/api v0.0.0-20240429073251-1f2be6e1d22d github.com/authzed/controller-idioms v0.7.0 - github.com/aws/aws-sdk-go v1.44.257 + github.com/aws/aws-sdk-go v1.50.8 github.com/bhmj/jsonslice v1.1.2 github.com/clbanning/mxj/v2 v2.5.7 github.com/containers/common v0.55.4 @@ -19,27 +20,27 @@ require ( github.com/evanphx/json-patch v5.6.0+incompatible github.com/fasthttp/router v1.4.20 github.com/fsnotify/fsnotify v1.7.0 - github.com/go-errors/errors v1.4.2 - github.com/go-logr/logr v1.3.0 - github.com/go-logr/zapr v1.2.4 + github.com/go-logr/logr v1.4.1 + github.com/go-logr/zapr v1.3.0 github.com/go-sql-driver/mysql v1.7.1 github.com/golang/mock v1.6.0 github.com/google/go-cmp v0.6.0 - github.com/google/uuid v1.3.1 + github.com/google/uuid v1.6.0 github.com/hashicorp/go-hclog v1.5.0 github.com/hashicorp/vault/sdk v0.9.2 github.com/jackc/pgx/v5 v5.5.4 - github.com/klauspost/compress v1.16.6 + github.com/klauspost/compress v1.17.6 github.com/kubernetes-csi/external-snapshotter/client/v3 v3.0.0 github.com/kubernetes-csi/external-snapshotter/client/v6 v6.2.0 github.com/magiconair/properties v1.8.7 github.com/mitchellh/mapstructure v1.5.1-0.20220423185008-bf980b35cac4 - github.com/onsi/ginkgo/v2 v2.13.0 - github.com/onsi/gomega v1.29.0 + github.com/onsi/ginkgo/v2 v2.14.0 + github.com/onsi/gomega v1.30.0 github.com/opencontainers/image-spec v1.1.0 github.com/pashagolub/pgxmock/v2 v2.11.0 github.com/pkg/errors v0.9.1 - github.com/prometheus/client_golang v1.18.0 + github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.71.0 + github.com/prometheus/client_golang v1.19.0 github.com/redis/go-redis/v9 v9.0.5 github.com/replicatedhq/troubleshoot v0.57.0 github.com/rogpeppe/go-internal v1.12.0 @@ -62,20 +63,20 @@ require ( go.uber.org/automaxprocs v1.5.2 go.uber.org/zap v1.26.0 golang.org/x/crypto v0.21.0 - golang.org/x/exp v0.0.0-20230711153332-06a737ee72cb + golang.org/x/exp v0.0.0-20240119083558-1b970713d09a golang.org/x/net v0.23.0 golang.org/x/text v0.14.0 - google.golang.org/grpc v1.59.0 + google.golang.org/grpc v1.61.0 google.golang.org/protobuf v1.33.0 gopkg.in/ini.v1 v1.67.0 gopkg.in/yaml.v2 v2.4.0 helm.sh/helm/v3 v3.12.3 - k8s.io/api v0.28.8 - k8s.io/apiextensions-apiserver v0.28.3 - k8s.io/apimachinery v0.28.8 - k8s.io/apiserver v0.28.3 + k8s.io/api v0.29.0 + k8s.io/apiextensions-apiserver v0.29.0 + k8s.io/apimachinery v0.29.0 + k8s.io/apiserver v0.29.0 k8s.io/cli-runtime v0.28.3 - k8s.io/client-go v0.28.8 + k8s.io/client-go v12.0.0+incompatible k8s.io/code-generator v0.28.3 k8s.io/component-helpers v0.28.3 k8s.io/cri-api v0.28.3 @@ -86,17 +87,14 @@ require ( k8s.io/kubectl v0.28.2 k8s.io/kubelet v0.26.1 k8s.io/kubernetes v1.28.3 - k8s.io/utils v0.0.0-20230726121419-3b25d923346b - sigs.k8s.io/controller-runtime v0.16.5 - sigs.k8s.io/yaml v1.3.0 + k8s.io/utils v0.0.0-20231127182322-b307cd553661 + sigs.k8s.io/controller-runtime v0.17.2 + sigs.k8s.io/yaml v1.4.0 ) require ( - cloud.google.com/go/storage v1.29.0 // indirect cuelabs.dev/go/oci/ociregistry v0.0.0-20240314152124-224736b49f2e // indirect github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 // indirect github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect github.com/Azure/go-autorest/autorest/azure/auth v0.5.12 // indirect github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 // indirect @@ -106,6 +104,9 @@ require ( github.com/Masterminds/squirrel v1.5.4 // indirect github.com/Microsoft/go-winio v0.6.1 // indirect github.com/Microsoft/hcsshim v0.11.4 // indirect + github.com/VictoriaMetrics/VictoriaMetrics v1.97.1 // indirect + github.com/VictoriaMetrics/metrics v1.31.0 // indirect + github.com/VictoriaMetrics/metricsql v0.72.1 // indirect github.com/andybalholm/brotli v1.0.5 // indirect github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect github.com/armon/go-metrics v0.4.1 // indirect @@ -114,6 +115,7 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/bhmj/xpression v0.9.1 // indirect github.com/blang/semver/v4 v4.0.0 // indirect + github.com/bmatcuk/doublestar/v4 v4.6.1 // indirect github.com/bshuster-repo/logrus-logstash-hook v1.0.2 // indirect github.com/bugsnag/bugsnag-go v2.1.2+incompatible // indirect github.com/bugsnag/panicwrap v1.3.4 // indirect @@ -139,12 +141,13 @@ require ( github.com/dustin/go-humanize v1.0.1 // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/emicklei/proto v1.10.0 // indirect - github.com/evanphx/json-patch/v5 v5.6.0 // indirect + github.com/evanphx/json-patch/v5 v5.8.0 // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect github.com/fatih/camelcase v1.0.0 // indirect - github.com/fatih/color v1.15.0 // indirect - github.com/felixge/httpsnoop v1.0.3 // indirect + github.com/fatih/color v1.16.0 // indirect + github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fvbommel/sortorder v1.1.0 // indirect + github.com/go-errors/errors v1.4.2 // indirect github.com/go-gorp/gorp/v3 v3.0.5 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-ole/go-ole v1.2.6 // indirect @@ -208,10 +211,9 @@ require ( github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.19 // indirect - github.com/mattn/go-runewidth v0.0.14 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-runewidth v0.0.15 // indirect github.com/mattn/go-sqlite3 v2.0.3+incompatible // indirect - github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/miekg/dns v1.1.50 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect @@ -234,10 +236,10 @@ require ( github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect github.com/prometheus/client_model v0.5.0 // indirect - github.com/prometheus/common v0.45.0 // indirect + github.com/prometheus/common v0.48.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect github.com/protocolbuffers/txtpbfmt v0.0.0-20230328191034-3462fbc510c0 // indirect - github.com/rivo/uniseg v0.4.4 // indirect + github.com/rivo/uniseg v0.4.6 // indirect github.com/rubenv/sql-migrate v1.3.1 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect github.com/savsgio/gotils v0.0.0-20230208104028-c358bd845dee // indirect @@ -253,6 +255,11 @@ require ( github.com/tklauser/numcpus v0.6.0 // indirect github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 // indirect github.com/valyala/bytebufferpool v1.0.0 // indirect + github.com/valyala/fastjson v1.6.4 // indirect + github.com/valyala/fastrand v1.1.0 // indirect + github.com/valyala/fasttemplate v1.2.2 // indirect + github.com/valyala/histogram v1.2.0 // indirect + github.com/valyala/quicktemplate v1.7.0 // indirect github.com/xdg-go/pbkdf2 v1.0.0 // indirect github.com/xdg-go/scram v1.1.2 // indirect github.com/xdg-go/stringprep v1.0.4 // indirect @@ -272,35 +279,35 @@ require ( go.etcd.io/etcd/client/v2 v2.305.10 // indirect go.etcd.io/etcd/pkg/v3 v3.5.10 // indirect go.etcd.io/etcd/raft/v3 v3.5.10 // indirect - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 // indirect - go.opentelemetry.io/otel v1.20.0 // indirect + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 // indirect + go.opentelemetry.io/otel v1.22.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0 // indirect - go.opentelemetry.io/otel/metric v1.20.0 // indirect - go.opentelemetry.io/otel/sdk v1.20.0 // indirect - go.opentelemetry.io/otel/trace v1.20.0 // indirect + go.opentelemetry.io/otel/metric v1.22.0 // indirect + go.opentelemetry.io/otel/sdk v1.21.0 // indirect + go.opentelemetry.io/otel/trace v1.22.0 // indirect go.opentelemetry.io/proto/otlp v1.0.0 // indirect go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect - go.uber.org/atomic v1.10.0 // indirect + go.uber.org/atomic v1.11.0 // indirect go.uber.org/multierr v1.11.0 // indirect golang.org/x/mod v0.16.0 // indirect golang.org/x/oauth2 v0.18.0 // indirect golang.org/x/sync v0.6.0 // indirect golang.org/x/sys v0.18.0 // indirect golang.org/x/term v0.18.0 // indirect - golang.org/x/time v0.3.0 // indirect + golang.org/x/time v0.5.0 // indirect golang.org/x/tools v0.19.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect + google.golang.org/appengine v1.6.8 // indirect + google.golang.org/genproto v0.0.0-20240125205218-1f4bbc51befe // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect gotest.tools/v3 v3.5.0 // indirect - k8s.io/component-base v0.28.8 // indirect + k8s.io/component-base v0.29.0 // indirect oras.land/oras-go v1.2.4 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect @@ -309,34 +316,17 @@ require ( ) replace ( + golang.org/x/exp => golang.org/x/exp v0.0.0-20230711153332-06a737ee72cb k8s.io/api => k8s.io/api v0.28.3 k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.28.3 k8s.io/apimachinery => k8s.io/apimachinery v0.28.3 k8s.io/apiserver => k8s.io/apiserver v0.28.3 k8s.io/cli-runtime => k8s.io/cli-runtime v0.28.3 k8s.io/client-go => k8s.io/client-go v0.28.3 - k8s.io/cloud-provider => k8s.io/cloud-provider v0.28.3 - k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.28.3 k8s.io/code-generator => k8s.io/code-generator v0.28.3 k8s.io/component-base => k8s.io/component-base v0.28.3 k8s.io/component-helpers => k8s.io/component-helpers v0.28.3 - k8s.io/controller-manager => k8s.io/controller-manager v0.28.3 k8s.io/cri-api => k8s.io/cri-api v0.28.3 - k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.28.3 - k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.28.3 - k8s.io/endpointslice => k8s.io/endpointslice v0.28.3 - k8s.io/kms => k8s.io/kms v0.28.3 - k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.28.3 - k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.28.3 - k8s.io/kube-proxy => k8s.io/kube-proxy v0.28.3 - k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.28.3 k8s.io/kubectl => k8s.io/kubectl v0.28.3 k8s.io/kubelet => k8s.io/kubelet v0.28.3 - k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.28.3 - k8s.io/metrics => k8s.io/metrics v0.28.3 - k8s.io/mount-utils => k8s.io/mount-utils v0.28.3 - k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.28.3 - k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.28.3 - k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.28.3 - k8s.io/sample-controller => k8s.io/sample-controller v0.28.3 ) diff --git a/go.sum b/go.sum index 55799c58b9c..a6bfdcf1801 100644 --- a/go.sum +++ b/go.sum @@ -20,24 +20,24 @@ cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPT cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go v0.110.7 h1:rJyC7nWRg2jWGZ4wSJ5nY65GTdYJkg0cd/uXb+ACI6o= -cloud.google.com/go v0.110.7/go.mod h1:+EYjdK8e5RME/VY/qLCAtuyALQ9q67dvuum8i+H5xsI= +cloud.google.com/go v0.112.0 h1:tpFCD7hpHFlQ8yPwT3x+QeXqc2T6+n6T+hmABHfDUSM= +cloud.google.com/go v0.112.0/go.mod h1:3jEEVwZ/MHU4djK5t5RHuKOA/GbLddgTdVubX1qnPD4= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/compute v1.23.0 h1:tP41Zoavr8ptEqaW6j+LQOnyBBhO7OkOMAGrgLopTwY= -cloud.google.com/go/compute v1.23.0/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM= +cloud.google.com/go/compute v1.23.4 h1:EBT9Nw4q3zyE7G45Wvv3MzolIrCJEuHys5muLY0wvAw= +cloud.google.com/go/compute v1.23.4/go.mod h1:/EJMj55asU6kAFnuZET8zqgwgJ9FvXWXOkkfQZa4ioI= cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= -cloud.google.com/go/iam v1.1.1 h1:lW7fzj15aVIXYHREOqjRBV9PsH0Z6u8Y46a1YGvQP4Y= -cloud.google.com/go/iam v1.1.1/go.mod h1:A5avdyVL2tCppe4unb0951eI9jreack+RJ0/d+KUZOU= +cloud.google.com/go/iam v1.1.6 h1:bEa06k05IO4f4uJonbB5iAgKTPpABy1ayxaIZV/GHVc= +cloud.google.com/go/iam v1.1.6/go.mod h1:O0zxdPeGBoFdWW3HWmBxJsk0pfvNM/p/qa82rWOGTwI= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= @@ -48,25 +48,24 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= -cloud.google.com/go/storage v1.29.0 h1:6weCgzRvMg7lzuUurI4697AqIRPU1SvzHhynwpW31jI= -cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4= +cloud.google.com/go/storage v1.37.0 h1:WI8CsaFO8Q9KjPVtsZ5Cmi0dXV25zMoX0FklT7c3Jm4= +cloud.google.com/go/storage v1.37.0/go.mod h1:i34TiT2IhiNDmcj65PqwCjcoUX7Z5pLzS8DEmoiFq1k= cuelabs.dev/go/oci/ociregistry v0.0.0-20240314152124-224736b49f2e h1:GwCVItFUPxwdsEYnlUcJ6PJxOjTeFFCKOh6QWg4oAzQ= cuelabs.dev/go/oci/ociregistry v0.0.0-20240314152124-224736b49f2e/go.mod h1:ApHceQLLwcOkCEXM1+DyCXTHEJhNGDpJ2kmV6axsx24= cuelang.org/go v0.8.0 h1:fO1XPe/SUGtc7dhnGnTPbpIDoQm/XxhDtoSF7jzO01c= cuelang.org/go v0.8.0/go.mod h1:CoDbYolfMms4BhWUlhD+t5ORnihR7wvjcfgyO9lL5FI= -dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU= github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= github.com/Azure/azure-pipeline-go v0.2.3 h1:7U9HBg1JFK3jHl5qmo4CTZKFTVgMwdFHMVtCdfBE21U= github.com/Azure/azure-pipeline-go v0.2.3/go.mod h1:x841ezTBIMG6O3lAcl8ATHnsOPVl2bqk7S3ta6S6u4k= github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU= github.com/Azure/azure-sdk-for-go v68.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0 h1:8kDqDngH+DmVBiCtIjCFTGa7MBnsIOkF9IccInFEbjk= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0/go.mod h1:bjGvMhVMb+EEm3VRNQawDMUyMMjo+S5ewNjflkep/0Q= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 h1:sXr+ck84g/ZlZUOZiNELInmMgOsuGwdjjVkEIde0OtY= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM= -github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v0.3.0 h1:Px2UA+2RvSSvv+RvJNuUB6n7rs5Wsel4dXLe90Um2n4= -github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v0.3.0/go.mod h1:tPaiy8S5bQ+S5sOiDlINkp7+Ef339+Nz5L5XO+cnOHo= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 h1:lGlwhPtrX6EVml1hO0ivjkUxsSyl4dsiw9qcA1k/3IQ= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1/go.mod h1:RKUqNu35KJYcVG/fqTRqmuXJZYNhYkBrnC/hX7yGbTA= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 h1:6oNBlSdi1QqM1PNW7FPA6xOGA5UNsXnkaYZz9vdPGhA= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI= +github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.1 h1:AMf7YbZOZIW5b66cXNHMWWT/zkjhz5+a+k/3x40EO7E= +github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.1/go.mod h1:uwfk06ZBcvL/g4VHNjurPfVln9NMbsk2XIZxJ+hu81k= github.com/Azure/azure-storage-blob-go v0.14.0 h1:1BCg74AmVdYwO3dlKwtFU1V0wU2PZdREkXvAmZJRUlM= github.com/Azure/azure-storage-blob-go v0.14.0/go.mod h1:SMqIBi+SuiQH32bvyjngEewEeXoPfKMgWlBDaYf6fck= github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0= @@ -98,7 +97,6 @@ github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBp github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= -github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60= github.com/DATA-DOG/go-sqlmock v1.5.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= @@ -125,11 +123,24 @@ github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/O github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/StudioSol/set v1.0.0 h1:G27J71la+Da08WidabBkoRrvPLTa4cdCn0RjvyJ5WKQ= github.com/StudioSol/set v1.0.0/go.mod h1:hIUNZPo6rEGF43RlPXHq7Fjmf+HkVJBqAjtK7Z9LoIU= +github.com/VictoriaMetrics/VictoriaMetrics v1.97.1 h1:XFrZ0NwUowl10qvU+K8xRsxDfFNjb+z4x3I/31YEx98= +github.com/VictoriaMetrics/VictoriaMetrics v1.97.1/go.mod h1:32Z6+zj/6QnGR4vcMbWUhRDz75n+JnaifW999Nvl1to= +github.com/VictoriaMetrics/easyproto v0.1.4 h1:r8cNvo8o6sR4QShBXQd1bKw/VVLSQma/V2KhTBPf+Sc= +github.com/VictoriaMetrics/easyproto v0.1.4/go.mod h1:QlGlzaJnDfFd8Lk6Ci/fuLxfTo3/GThPs2KH23mv710= +github.com/VictoriaMetrics/metrics v1.24.0/go.mod h1:eFT25kvsTidQFHb6U0oa0rTrDRdz4xTYjpL8+UPohys= +github.com/VictoriaMetrics/metrics v1.31.0 h1:X6+nBvAP0UB+GjR0Ht9hhQ3pjL1AN4b8dt9zFfzTsUo= +github.com/VictoriaMetrics/metrics v1.31.0/go.mod h1:r7hveu6xMdUACXvB8TYdAj8WEsKzWB0EkpJN+RDtOf8= +github.com/VictoriaMetrics/metricsql v0.72.1 h1:fLIHgzezXgD4NjY5ksF4lRkHILW88uI5Lz0Q+N2ucnY= +github.com/VictoriaMetrics/metricsql v0.72.1/go.mod h1:k4UaP/+CjuZslIjd+kCigNG9TQmUqh5v0TP/nMEy90I= +github.com/VictoriaMetrics/operator/api v0.0.0-20240429073251-1f2be6e1d22d h1:sE1AGUSwcbWJRA8CQoGBxmrwX779cmt1LqQy04GcCw4= +github.com/VictoriaMetrics/operator/api v0.0.0-20240429073251-1f2be6e1d22d/go.mod h1:X+55+5PqhP3H9ZH/b1zcPzJHLn6Eeyafl59iHFofNF4= github.com/a8m/expect v1.0.0/go.mod h1:4IwSCMumY49ScypDnjNbYEjgVeqy1/U2cEs3Lat96eA= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/andybalholm/brotli v1.0.2/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= +github.com/andybalholm/brotli v1.0.3/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs= github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= @@ -150,8 +161,8 @@ github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3d github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/authzed/controller-idioms v0.7.0 h1:HhNMUBb8hJzYqY3mhen3B2AC5nsIem3fBe0tC/AAOHo= github.com/authzed/controller-idioms v0.7.0/go.mod h1:0B/PmqCguKv8b3azSMF+HdyKpKr2o3UAZ5eo12Ze8Fo= -github.com/aws/aws-sdk-go v1.44.257 h1:HwelXYZZ8c34uFFhgVw3ybu2gB5fkk8KLj2idTvzZb8= -github.com/aws/aws-sdk-go v1.44.257/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= +github.com/aws/aws-sdk-go v1.50.8 h1:gY0WoOW+/Wz6XmYSgDH9ge3wnAevYDSQWPxxJvqAkP4= +github.com/aws/aws-sdk-go v1.50.8/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= @@ -165,6 +176,8 @@ github.com/bhmj/xpression v0.9.1/go.mod h1:j9oYmEXJjeL9mrgW1+ZDBKJXnbupsCPGhlO9J github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= +github.com/bmatcuk/doublestar/v4 v4.6.1 h1:FH9SifrbvJhnlQpztAx++wlkk70QBf0iBWDwNy7PA4I= +github.com/bmatcuk/doublestar/v4 v4.6.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc= github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/bshuster-repo/logrus-logstash-hook v1.0.2 h1:JYRWo+QGnQdedgshosug9hxpPYTB9oJ1ZZD3fY31alU= github.com/bshuster-repo/logrus-logstash-hook v1.0.2/go.mod h1:HgYntJprnHSPaF9VPPPLP1L5S1vMWxRfa1J+vzDrDTw= @@ -198,8 +211,8 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k= -github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20231109132714-523115ebc101 h1:7To3pQ+pZo0i3dsWEbinPNFs5gPSBOsJtx3wTT94VBY= +github.com/cncf/xds/go v0.0.0-20231109132714-523115ebc101/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/apd/v3 v3.2.1 h1:U+8j7t0axsIgvQUqthuNm82HIrYXodOV2iWLWtEaIwg= github.com/cockroachdb/apd/v3 v3.2.1/go.mod h1:klXJcjp+FffLTHlhIG69tezTDvdP065naDsHzKhYSqc= github.com/cockroachdb/datadriven v1.0.2 h1:H9MtNqVoVhvd9nCBwOyDjUEdZCREqbIdCJD93PBm/jA= @@ -288,8 +301,8 @@ github.com/envoyproxy/protoc-gen-validate v1.0.2/go.mod h1:GpiZQP3dDbg4JouG/NNS7 github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= -github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= +github.com/evanphx/json-patch/v5 v5.8.0 h1:lRj6N9Nci7MvzrXuX6HFzU8XjmhPiXPlsKEy1u0KQro= +github.com/evanphx/json-patch/v5 v5.8.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= github.com/fasthttp/router v1.4.20 h1:yPeNxz5WxZGojzolKqiP15DTXnxZce9Drv577GBrDgU= @@ -299,12 +312,12 @@ github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwo github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= -github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo= github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= -github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= -github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI= github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= @@ -319,9 +332,6 @@ github.com/fvbommel/sortorder v1.1.0/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui72 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= -github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gorp/gorp/v3 v3.0.5 h1:PUjzYdYu3HBOh8LE+UUmRG2P0IRDak9XMeGNvaeq4Ow= github.com/go-gorp/gorp/v3 v3.0.5/go.mod h1:dLEjIyyRNiXvNZ8PSmzpt1GsWAUK8kjVhEpjH8TixEw= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= @@ -336,12 +346,13 @@ github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbV github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= @@ -426,6 +437,7 @@ github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/gomodule/redigo v1.8.2 h1:H5XSIre1MB5NbPYFp+i1NBbb5qN1W8Y8YAQoAYbkm8k= @@ -480,21 +492,21 @@ github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20230323073829-e72429f035bd h1:r8yyd+DJDmsUhGrRBxH5Pj7KeFK5l+Y3FsgT8keqKtk= github.com/google/pprof v0.0.0-20230323073829-e72429f035bd/go.mod h1:79YE0hCXdHag9sBkw2o+N/YnZtTkXi0UT9Nnixa5eYk= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/s2a-go v0.1.3 h1:FAgZmpLl/SXurPEZyCMPBIiiYeTbqfjlbdnCNTAkbGE= -github.com/google/s2a-go v0.1.3/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= +github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= +github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= -github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/enterprise-certificate-proxy v0.2.3 h1:yk9/cqRKtT9wXZSsRH9aurXEpJX+U6FLtpYTdC3R06k= -github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/enterprise-certificate-proxy v0.3.2 h1:Vie5ybvEvT75RniqhfFxPRy3Bf7vr3h0cechB90XaQs= +github.com/googleapis/enterprise-certificate-proxy v0.3.2/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gax-go/v2 v2.8.0 h1:UBtEZqx1bjXtOQ5BVTkuYghXrr3N4V123VKJK67vJZc= -github.com/googleapis/gax-go/v2 v2.8.0/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= +github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56etFpas= +github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4= @@ -599,7 +611,6 @@ github.com/jackc/pgx/v5 v5.5.4 h1:Xp2aQS8uXButQdnCMWNmvx6UysWQQC+u1EoizjguY+8= github.com/jackc/pgx/v5 v5.5.4/go.mod h1:ez9gk+OAat140fv9ErkZDYFWmXLfV+++K0uAOiwgm1A= github.com/jackc/puddle/v2 v2.2.1 h1:RhxXJtFG022u4ibrCSMSiu5aOq1i77R3OHKNJj77OAk= github.com/jackc/puddle/v2 v2.2.1/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jhump/protoreflect v1.6.0 h1:h5jfMVslIg6l29nsMs0D8Wj17RDVdNYti0vDN/PZZoE= github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= @@ -633,9 +644,11 @@ github.com/karrick/godirwalk v1.17.0/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1q github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= +github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/klauspost/compress v1.16.6 h1:91SKEy4K37vkp255cJ8QesJhjyRO0hn9i9G0GoUwLsk= -github.com/klauspost/compress v1.16.6/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= +github.com/klauspost/compress v1.17.6 h1:60eq2E/jlfwQXtvZEeBUYADs+BwKBWURIY+Gj2eRGjI= +github.com/klauspost/compress v1.17.6/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/klauspost/cpuid/v2 v2.2.4 h1:acbojRNwl3o09bUq+yDCtZFc1aiwaAAxtcn8YkZXnvk= github.com/klauspost/cpuid/v2 v2.2.4/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= github.com/klauspost/pgzip v1.2.6 h1:8RXeL5crjEUFnR2/Sn6GJNWtSQ3Dk8pq4CL3jvdDyjU= @@ -703,19 +716,17 @@ github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Ky github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= -github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-oci8 v0.1.1/go.mod h1:wjDx6Xm9q7dFtHJvIlrI99JytznLw5wQ4R+9mNXJwGI= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= -github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= -github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= +github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= github.com/mattn/go-sqlite3 v1.14.15/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= github.com/mattn/go-sqlite3 v2.0.3+incompatible h1:gXHsfypPkaMZrKbD5209QV9jbUTJKjyR5WD3HYQSd+U= github.com/mattn/go-sqlite3 v2.0.3+incompatible/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= -github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA= github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= @@ -804,8 +815,8 @@ github.com/onsi/ginkgo/v2 v2.9.0/go.mod h1:4xkjoL/tZv4SMWeww56BU5kAt19mVB47gTWxm github.com/onsi/ginkgo/v2 v2.9.1/go.mod h1:FEcmzVcCHl+4o9bQZVab+4dC9+j+91t2FHSzmGAPfuo= github.com/onsi/ginkgo/v2 v2.9.2/go.mod h1:WHcJJG2dIlcCqVfBAwUCrJxSPFb6v4azBwgxeMeDuts= github.com/onsi/ginkgo/v2 v2.9.4/go.mod h1:gCQYp2Q+kSoIj7ykSVb9nskRSsR6PUj4AiLywzIhbKM= -github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4= -github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= +github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY= +github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27Hal/PhZw= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= @@ -820,8 +831,8 @@ github.com/onsi/gomega v1.27.1/go.mod h1:aHX5xOykVYzWOV4WqQy0sy8BQptgukenXpCXfad github.com/onsi/gomega v1.27.3/go.mod h1:5vG284IBtfDAmDyrK+eGyZmUgUlmi+Wngqo557cZ6Gw= github.com/onsi/gomega v1.27.4/go.mod h1:riYq/GJKh8hhoM01HN6Vmuy93AarCXCBGpvFDK3q3fQ= github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg= -github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= -github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= +github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= @@ -861,14 +872,16 @@ github.com/poy/onpar v1.1.2 h1:QaNrNiZx0+Nar5dLgTVp5mXkyoVFIbepjyEoGSnhbAY= github.com/poy/onpar v1.1.2/go.mod h1:6X8FLNoxyr9kkmnlqpK6LSoiOtrO6MICtWwEuWkLjzg= github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g= github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U= +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.71.0 h1:et+XkusxWLz+XNqZiyMom9tv9ACvNAUyLXti2LTiV7o= +github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.71.0/go.mod h1:3RiUkFmR9kmPZi9r/8a5jw0a9yg+LMmr7qa0wjqvSiI= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.2/go.mod h1:OsXs2jCmiKlQ1lTBmv21f2mNfw4xf/QclQDMrYNZzcM= github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU= -github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk= -github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA= +github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU= +github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= @@ -881,8 +894,8 @@ github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y8 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4= -github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= -github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= +github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE= +github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= @@ -899,8 +912,8 @@ github.com/redis/go-redis/v9 v9.0.5/go.mod h1:WqMKv5vnQbRuZstUwxQI195wHy+t4PuXDO github.com/replicatedhq/troubleshoot v0.57.0 h1:m9B31Mhgiz4Lwz+W4RvFkqhfYZLCwAqRPUwiwmSAAps= github.com/replicatedhq/troubleshoot v0.57.0/go.mod h1:R5VdixzaBXfWLbP9mcLuZKs/bDCyGGS4+vFtKGWs9xE= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= -github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/rivo/uniseg v0.4.6 h1:Sovz9sDSwbOz9tgUy8JpT+KgCkPYJEN/oYzlJiYTNLg= +github.com/rivo/uniseg v0.4.6/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= @@ -1013,8 +1026,20 @@ github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqri github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= +github.com/valyala/fasthttp v1.30.0/go.mod h1:2rsYD01CKFrjjsvFxx75KlEUNpWNBY9JWD3K/7o2Cus= github.com/valyala/fasthttp v1.50.0 h1:H7fweIlBm0rXLs2q0XbalvJ6r0CUPFWK3/bB4N13e9M= github.com/valyala/fasthttp v1.50.0/go.mod h1:k2zXd82h/7UZc3VOdJ2WaUqt1uZ/XpXAfE9i+HBC3lA= +github.com/valyala/fastjson v1.6.4 h1:uAUNq9Z6ymTgGhcm0UynUAB6tlbakBrz6CQFax3BXVQ= +github.com/valyala/fastjson v1.6.4/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLrsQns1aXY= +github.com/valyala/fastrand v1.1.0 h1:f+5HkLW4rsgzdNoleUOB69hyT9IlD2ZQh9GyDMfb5G8= +github.com/valyala/fastrand v1.1.0/go.mod h1:HWqCzkrkg6QXT8V2EXWvXCoow7vLwOFN002oeRzjapQ= +github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo= +github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= +github.com/valyala/histogram v1.2.0 h1:wyYGAZZt3CpwUiIb9AU/Zbllg1llXyrtApRS815OLoQ= +github.com/valyala/histogram v1.2.0/go.mod h1:Hb4kBwb4UxsaNbbbh+RRz8ZR6pdodR57tzWUS3BUzXY= +github.com/valyala/quicktemplate v1.7.0 h1:LUPTJmlVcb46OOUY3IeD9DojFpAVbsG+5WFTcjMJzCM= +github.com/valyala/quicktemplate v1.7.0/go.mod h1:sqKJnoaOF88V07vkO+9FL8fb9uZg/VPSJnLYn+LmLk8= +github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc= github.com/vmware-tanzu/velero v1.10.1 h1:6WYOolZIygHb8FOZtpp8vCqCuy5Mk3qBF1S65L5cjuo= github.com/vmware-tanzu/velero v1.10.1/go.mod h1:N0J+j8xGSmanGpy1zCRMH2DMGPpwkUj9EZIUXfOlanY= github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c= @@ -1088,22 +1113,22 @@ go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.0 h1:PzIubN4/sjByhDRHLviCjJuweBXWFZWhghjg7cS28+M= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.0/go.mod h1:Ct6zzQEuGK3WpJs2n4dn+wfJYzd/+hNnxMRTWjGn30M= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0 h1:x8Z78aZx8cOF0+Kkazoc7lwUNMGy0LrzEMxTm4BbTxg= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.45.0/go.mod h1:62CPTSry9QZtOaSsE3tOzhx6LzDhHnXJ6xHeMNNiM6Q= -go.opentelemetry.io/otel v1.20.0 h1:vsb/ggIY+hUjD/zCAQHpzTmndPqv/ml2ArbsbfBYTAc= -go.opentelemetry.io/otel v1.20.0/go.mod h1:oUIGj3D77RwJdM6PPZImDpSZGDvkD9fhesHny69JFrs= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 h1:UNQQKPfTDe1J81ViolILjTKPr9WetKW6uei2hFgJmFs= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0/go.mod h1:r9vWsPS/3AQItv3OSlEJ/E4mbrhUbbw18meOjArPtKQ= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 h1:sv9kVfal0MK0wBMCOGr+HeJm9v803BkJxGrk2au7j08= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0/go.mod h1:SK2UL73Zy1quvRPonmOmRDiWk1KBV3LyIeeIxcEApWw= +go.opentelemetry.io/otel v1.22.0 h1:xS7Ku+7yTFvDfDraDIJVpw7XPyuHlB9MCiqqX5mcJ6Y= +go.opentelemetry.io/otel v1.22.0/go.mod h1:eoV4iAi3Ea8LkAEI9+GFT44O6T/D0GWAVFyZVCC6pMI= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0 h1:DeFD0VgTZ+Cj6hxravYYZE2W4GlneVH81iAOPjZkzk8= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0/go.mod h1:GijYcYmNpX1KazD5JmWGsi4P7dDTTTnfv1UbGn84MnU= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0 h1:gvmNvqrPYovvyRmCSygkUDyL8lC5Tl845MLEwqpxhEU= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0/go.mod h1:vNUq47TGFioo+ffTSnKNdob241vePmtNZnAODKapKd0= -go.opentelemetry.io/otel/metric v1.20.0 h1:ZlrO8Hu9+GAhnepmRGhSU7/VkpjrNowxRN9GyKR4wzA= -go.opentelemetry.io/otel/metric v1.20.0/go.mod h1:90DRw3nfK4D7Sm/75yQ00gTJxtkBxX+wu6YaNymbpVM= -go.opentelemetry.io/otel/sdk v1.20.0 h1:5Jf6imeFZlZtKv9Qbo6qt2ZkmWtdWx/wzcCbNUlAWGM= -go.opentelemetry.io/otel/sdk v1.20.0/go.mod h1:rmkSx1cZCm/tn16iWDn1GQbLtsW/LvsdEEFzCSRM6V0= -go.opentelemetry.io/otel/trace v1.20.0 h1:+yxVAPZPbQhbC3OfAkeIVTky6iTFpcr4SiY9om7mXSQ= -go.opentelemetry.io/otel/trace v1.20.0/go.mod h1:HJSK7F/hA5RlzpZ0zKDCHCDHm556LCDtKaAo6JmBFUU= +go.opentelemetry.io/otel/metric v1.22.0 h1:lypMQnGyJYeuYPhOM/bgjbFM6WE44W1/T45er4d8Hhg= +go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY= +go.opentelemetry.io/otel/sdk v1.21.0 h1:FTt8qirL1EysG6sTQRZ5TokkU8d0ugCj8htOgThZXQ8= +go.opentelemetry.io/otel/sdk v1.21.0/go.mod h1:Nna6Yv7PWTdgJHVRD9hIYywQBRx7pbox6nwBnZIxl/E= +go.opentelemetry.io/otel/trace v1.22.0 h1:Hg6pPujv0XG9QaVbGOBVHunyuLcCC3jN7WEhPx83XD0= +go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo= go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= @@ -1111,12 +1136,11 @@ go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274 go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= -go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= +go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= +go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/automaxprocs v1.5.2 h1:2LxUOGiR3O6tw8ui5sZa2LAaHnsviZdVOUZw4fvbnME= go.uber.org/automaxprocs v1.5.2/go.mod h1:eRbA25aqJrxAbsLO0xy5jVwPt7FQnRgjW+efnwa1WM0= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= @@ -1129,7 +1153,6 @@ go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.12.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -1144,6 +1167,7 @@ golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= +golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= @@ -1154,20 +1178,8 @@ golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= -golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= -golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= -golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= -golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= golang.org/x/exp v0.0.0-20230711153332-06a737ee72cb h1:xIApU0ow1zwMa2uL1VDNeQlNVFTWMQxZUZCMDy0Q4Us= golang.org/x/exp v0.0.0-20230711153332-06a737ee72cb/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc= -golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -1180,12 +1192,8 @@ golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPI golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= -golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= -golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -1198,6 +1206,7 @@ golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= +golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic= golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1245,6 +1254,7 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= +golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= @@ -1304,7 +1314,6 @@ golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1315,7 +1324,6 @@ golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1353,6 +1361,7 @@ golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -1379,6 +1388,7 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= @@ -1419,15 +1429,15 @@ golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= @@ -1436,9 +1446,7 @@ golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBn golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -1454,7 +1462,6 @@ golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapK golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -1482,7 +1489,6 @@ golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo= golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= @@ -1498,7 +1504,6 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk= golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= @@ -1524,16 +1529,17 @@ google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjR google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8= -google.golang.org/api v0.122.0 h1:zDobeejm3E7pEG1mNHvdxvjs5XJoCMzyNH+CmwL94Es= -google.golang.org/api v0.122.0/go.mod h1:gcitW0lvnyWjSp9nKxAbdHKIZ6vF4aajGueeslZOyms= +google.golang.org/api v0.161.0 h1:oYzk/bs26WN10AV7iU7MVJVXBH8oCPS2hHyBiEeFoSU= +google.golang.org/api v0.161.0/go.mod h1:0mu0TpK33qnydLvWqbImq2b1eQ5FHRSDCBzAxX9ZHyw= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= +google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= @@ -1578,12 +1584,12 @@ google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d h1:VBu5YqKPv6XiJ199exd8Br+Aetz+o08F+PLMnwJQHAY= -google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d/go.mod h1:yZTlhN0tQnXo3h00fuXNCxJdLdIdnVFVBaRJ5LWBbw4= -google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d h1:DoPTO70H+bcDXcd39vOqb2viZxgqeBeSGtZ55yZU4/Q= -google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d/go.mod h1:KjSP20unUpOx5kyQUFa7k4OJg0qeJ7DEZflGDu2p6Bk= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= +google.golang.org/genproto v0.0.0-20240125205218-1f4bbc51befe h1:USL2DhxfgRchafRvt/wYyyQNzwgL7ZiURcozOE/Pkvo= +google.golang.org/genproto v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:cc8bqMqtv9gMOr0zHg2Vzff5ULhhL2IXP4sbcn32Dro= +google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe h1:0poefMBYvYbs7g5UkjS6HcxBPaTRAmznle9jnxYoAI8= +google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:4jWUdICTdgc3Ibxmr8nAJiiLHwQBY0UI0XZcEMaFKaA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe h1:bQnxqljG/wqi4NTXu2+DJ3n7APcEA882QZ1JvhQAq9o= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:PAREbraiVEVGVdTZsVWjSbbTtSyGbAgIIvni8a8CD5s= google.golang.org/grpc v1.18.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= @@ -1606,8 +1612,8 @@ google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= -google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= +google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= +google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1702,8 +1708,8 @@ k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-aggregator v0.28.3 h1:CVbj3+cpshSHR5dWPzLYx3sVpIDEPLlzMSxY/lAc9cM= -k8s.io/kube-aggregator v0.28.3/go.mod h1:5DyLevbRTcWnT1f9b+lB3BfbXC1w7gDa/OtB6kKInCw= +k8s.io/kube-aggregator v0.19.12 h1:OwyNUe/7/gxzEnaLd3sC9Yrpx0fZAERzvFslX5Qq5g8= +k8s.io/kube-aggregator v0.19.12/go.mod h1:K76wPd03pSHEmS1FgJOcpryac5C3va4cbCvSu+4EmE0= k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= @@ -1715,15 +1721,15 @@ k8s.io/kubernetes v1.28.3 h1:XTci6gzk+JR51UZuZQCFJ4CsyUkfivSjLI4O1P9z6LY= k8s.io/kubernetes v1.28.3/go.mod h1:NhAysZWvHtNcJFFHic87ofxQN7loylCQwg3ZvXVDbag= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20231127182322-b307cd553661 h1:FepOBzJ0GXm8t0su67ln2wAZjbQ6RxQGZDnzuLcrUTI= +k8s.io/utils v0.0.0-20231127182322-b307cd553661/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= oras.land/oras-go v1.2.4 h1:djpBY2/2Cs1PV87GSJlxv4voajVOMZxqqtq9AB8YNvY= oras.land/oras-go v1.2.4/go.mod h1:DYcGfb3YF1nKjcezfX2SNlDAeQFKSXmf+qrFmrh4324= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/controller-runtime v0.16.5 h1:yr1cEJbX08xsTW6XEIzT13KHHmIyX8Umvme2cULvFZw= -sigs.k8s.io/controller-runtime v0.16.5/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= +sigs.k8s.io/controller-runtime v0.17.2 h1:FwHwD1CTUemg0pW2otk7/U5/i5m2ymzvOXdbeGOUvw0= +sigs.k8s.io/controller-runtime v0.17.2/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKUdc5jW3t5jwY7Bo7dcRm+tFxT+NfgY0= @@ -1734,5 +1740,6 @@ sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ih sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/pkg/common/monitor.go b/pkg/common/monitor.go new file mode 100644 index 00000000000..8b09c0e4f72 --- /dev/null +++ b/pkg/common/monitor.go @@ -0,0 +1,72 @@ +/* +Copyright (C) 2022-2024 ApeCloud Co., Ltd + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package common + +import ( + corev1 "k8s.io/api/core/v1" + + appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" +) + +const ( + PrometheusScrapeAnnotationPath = "monitor.kubeblocks.io/path" + PrometheusScrapeAnnotationPort = "monitor.kubeblocks.io/port" + PrometheusScrapeAnnotationScheme = "monitor.kubeblocks.io/scheme" + PrometheusScrapeAnnotationEnabled = "monitor.kubeblocks.io/scrape" +) + +const ( + defaultScrapePath = "/metrics" + defaultScrapeScheme = string(appsv1alpha1.HTTPProtocol) +) + +func FromScrapePath(exporter appsv1alpha1.Exporter) string { + if exporter.ScrapePath != "" { + return exporter.ScrapePath + } + return defaultScrapePath +} + +func FromContainerPort(exporter Exporter, container *corev1.Container) string { + if exporter.ScrapePort != "" { + return exporter.ScrapePort + } + if container != nil && len(container.Ports) > 0 { + return container.Ports[0].Name + } + if exporter.TargetPort != nil { + return exporter.TargetPort.String() + } + return "" +} + +func FromScheme(exporter appsv1alpha1.Exporter) string { + if exporter.ScrapeScheme != "" { + return string(exporter.ScrapeScheme) + } + return defaultScrapeScheme +} + +func GetScrapeAnnotations(exporter Exporter, container *corev1.Container) map[string]string { + return map[string]string{ + PrometheusScrapeAnnotationPath: FromScrapePath(exporter.Exporter), + PrometheusScrapeAnnotationPort: FromContainerPort(exporter, container), + PrometheusScrapeAnnotationScheme: FromScheme(exporter.Exporter), + // Compatible with previous versions of kubeblocks. + PrometheusScrapeAnnotationEnabled: "true", + } +} diff --git a/pkg/common/types.go b/pkg/common/types.go index f16b74f1503..a82090d6027 100644 --- a/pkg/common/types.go +++ b/pkg/common/types.go @@ -19,6 +19,12 @@ along with this program. If not, see . package common +import ( + "k8s.io/apimachinery/pkg/util/intstr" + + appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" +) + // PodRoleNamePair defines a pod name and role name pair. type PodRoleNamePair struct { PodName string `json:"podName,omitempty"` @@ -39,6 +45,12 @@ type GlobalRoleSnapshot struct { PodRoleNamePairs []PodRoleNamePair `json:"PodRoleNamePairs,omitempty"` } +// Exporter defines the built-in metrics exporter. +type Exporter struct { + appsv1alpha1.Exporter `json:",inline"` + TargetPort *intstr.IntOrString `json:"targetPort,omitempty"` +} + // BuiltinHandler defines builtin role probe handler name. type BuiltinHandler string diff --git a/pkg/configuration/config_manager/builder.go b/pkg/configuration/config_manager/builder.go index 250547b518f..f4488eca6ca 100644 --- a/pkg/configuration/config_manager/builder.go +++ b/pkg/configuration/config_manager/builder.go @@ -299,7 +299,7 @@ func buildTPLScriptCM(configSpecBuildMeta *ConfigSpecMeta, manager *CfgManagerBu return nil } -func buildDownwardAPIVolume(manager *CfgManagerBuildParams, fieldInfo appsv1beta1.DownwardAPITriggeredAction) { +func buildDownwardAPIVolume(manager *CfgManagerBuildParams, fieldInfo appsv1beta1.DownwardAPIChangeTriggeredAction) { manager.DownwardAPIVolumes = append(manager.DownwardAPIVolumes, corev1.VolumeMount{ Name: fieldInfo.Name, MountPath: fieldInfo.MountPoint, diff --git a/pkg/configuration/config_manager/builder_test.go b/pkg/configuration/config_manager/builder_test.go index 9d128566ad8..b365b45f2ba 100644 --- a/pkg/configuration/config_manager/builder_test.go +++ b/pkg/configuration/config_manager/builder_test.go @@ -181,8 +181,8 @@ formatterConfig: mockK8sCli.MockCreateMethod(testutil.WithCreateReturned(testutil.WithCreatedSucceedResult(), testutil.WithAnyTimes())) } - newDownwardAPIVolumes := func() []appsv1beta1.DownwardAPITriggeredAction { - return []appsv1beta1.DownwardAPITriggeredAction{ + newDownwardAPIVolumes := func() []appsv1beta1.DownwardAPIChangeTriggeredAction { + return []appsv1beta1.DownwardAPIChangeTriggeredAction{ { Name: "downward-api", MountPoint: "/etc/podinfo", diff --git a/pkg/configuration/config_manager/config_handler_test.go b/pkg/configuration/config_manager/config_handler_test.go index d828b76d376..b16090aee62 100644 --- a/pkg/configuration/config_manager/config_handler_test.go +++ b/pkg/configuration/config_manager/config_handler_test.go @@ -103,8 +103,8 @@ var _ = Describe("Config Handler Test", func() { } } - newDownwardAPIOptions := func() []appsv1beta1.DownwardAPITriggeredAction { - return []appsv1beta1.DownwardAPITriggeredAction{ + newDownwardAPIOptions := func() []appsv1beta1.DownwardAPIChangeTriggeredAction { + return []appsv1beta1.DownwardAPIChangeTriggeredAction{ { Name: "labels", MountPoint: filepath.Join(tmpWorkDir, "labels"), diff --git a/pkg/configuration/config_manager/handler_util.go b/pkg/configuration/config_manager/handler_util.go index 431fd590470..814a7292b78 100644 --- a/pkg/configuration/config_manager/handler_util.go +++ b/pkg/configuration/config_manager/handler_util.go @@ -181,7 +181,7 @@ func GetSupportReloadConfigSpecs(configSpecs []appsv1alpha1.ComponentConfigSpec, ReloadAction: cc.Spec.ReloadAction, ConfigSpec: configSpec, ReloadType: FromReloadTypeConfig(reloadOptions), - DownwardAPIOptions: cc.Spec.DownwardAPITriggeredActions, + DownwardAPIOptions: cc.Spec.DownwardAPIChangeTriggeredActions, FormatterConfig: *cc.Spec.FileFormatConfig, }, }) diff --git a/pkg/configuration/config_manager/type.go b/pkg/configuration/config_manager/type.go index 2aa0847f599..fbf877c059c 100644 --- a/pkg/configuration/config_manager/type.go +++ b/pkg/configuration/config_manager/type.go @@ -41,7 +41,7 @@ type ConfigSpecInfo struct { ConfigSpec appsv1alpha1.ComponentConfigSpec `json:"configSpec"` FormatterConfig appsv1beta1.FileFormatConfig `json:"formatterConfig"` - DownwardAPIOptions []appsv1beta1.DownwardAPITriggeredAction `json:"downwardAPIOptions"` + DownwardAPIOptions []appsv1beta1.DownwardAPIChangeTriggeredAction `json:"downwardAPIOptions"` // config volume mount path MountPoint string `json:"mountPoint"` diff --git a/pkg/configuration/validate/config_validate.go b/pkg/configuration/validate/config_validate.go index 044c441db6b..957b7a3effd 100644 --- a/pkg/configuration/validate/config_validate.go +++ b/pkg/configuration/validate/config_validate.go @@ -132,7 +132,7 @@ func NewConfigValidator(configConstraint *appsv1beta1.ConfigConstraintSpec, opti var ( validator ConfigValidator - configSchema = configConstraint.ConfigSchema + configSchema = configConstraint.ParametersSchema ) switch { diff --git a/pkg/configuration/validate/config_validate_test.go b/pkg/configuration/validate/config_validate_test.go index ac0fd308d24..06b21aaa59e 100644 --- a/pkg/configuration/validate/config_validate_test.go +++ b/pkg/configuration/validate/config_validate_test.go @@ -39,7 +39,7 @@ var fromTestData = func(fileName string) string { var newFakeConfConstraint = func(cueFile string, cfgFormatter appsv1beta1.CfgFileFormat) *appsv1beta1.ConfigConstraintSpec { return &appsv1beta1.ConfigConstraintSpec{ - ConfigSchema: &appsv1beta1.ConfigSchema{ + ParametersSchema: &appsv1beta1.ParametersSchema{ CUE: fromTestData(cueFile), }, FileFormatConfig: &appsv1beta1.FileFormatConfig{ @@ -188,7 +188,7 @@ func TestSchemaValidatorWithOpenSchema(t *testing.T) { validator := &schemaValidator{ typeName: tt.args.SchemaTypeName, cfgType: tplConstraint.FileFormatConfig.Format, - schema: tplConstraint.ConfigSchema.SchemaInJSON, + schema: tplConstraint.ParametersSchema.SchemaInJSON, } require.Equal(t, tt.err, validator.Validate( map[string]string{ diff --git a/pkg/controller/builder/builder_component.go b/pkg/controller/builder/builder_component.go index 1cb4e9936a9..8aa497eda39 100644 --- a/pkg/controller/builder/builder_component.go +++ b/pkg/controller/builder/builder_component.go @@ -70,13 +70,13 @@ func (builder *ComponentBuilder) SetResources(resources corev1.ResourceRequireme return builder } -func (builder *ComponentBuilder) SetSidecarContainers(sidecars []string) *ComponentBuilder { - builder.get().Spec.Sidecars = sidecars +func (builder *ComponentBuilder) SetMetricsStoreIntegration(msi *appsv1alpha1.MetricsStoreIntegration) *ComponentBuilder { + builder.get().Spec.MetricsStoreIntegration = msi return builder } -func (builder *ComponentBuilder) SetMonitor(monitorEnabled *bool) *ComponentBuilder { - builder.get().Spec.MonitorEnabled = monitorEnabled +func (builder *ComponentBuilder) DisableExporter(disableExporter *bool) *ComponentBuilder { + builder.get().Spec.DisableExporter = disableExporter return builder } diff --git a/pkg/controller/builder/builder_monitor_service.go b/pkg/controller/builder/builder_monitor_service.go new file mode 100644 index 00000000000..d025e77a7a9 --- /dev/null +++ b/pkg/controller/builder/builder_monitor_service.go @@ -0,0 +1,60 @@ +/* +Copyright (C) 2022-2024 ApeCloud Co., Ltd + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package builder + +import ( + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" + + "github.com/apecloud/kubeblocks/pkg/common" +) + +type MonitorServiceBuilder struct { + BaseBuilder[monitoringv1.ServiceMonitor, *monitoringv1.ServiceMonitor, MonitorServiceBuilder] +} + +func NewMonitorServiceBuilder(namespace, name string) *MonitorServiceBuilder { + builder := &MonitorServiceBuilder{} + builder.init(namespace, name, &monitoringv1.ServiceMonitor{}, builder) + return builder +} + +func (builder *MonitorServiceBuilder) SetMonitorServiceSpec(spec monitoringv1.ServiceMonitorSpec) *MonitorServiceBuilder { + builder.get().Spec = spec + return builder +} + +func (builder *MonitorServiceBuilder) SetDefaultEndpoint(exporter *common.Exporter) *MonitorServiceBuilder { + if exporter == nil { + return builder + } + + if len(builder.get().Spec.Endpoints) != 0 { + return builder + } + + endpoint := monitoringv1.Endpoint{ + Port: exporter.ScrapePort, + // TODO: deprecated: use `port` instead. + // Compatible with previous versions of kb, the old addon supports int type port. + TargetPort: exporter.TargetPort, + Path: common.FromScrapePath(exporter.Exporter), + Scheme: common.FromScheme(exporter.Exporter), + } + + builder.get().Spec.Endpoints = []monitoringv1.Endpoint{endpoint} + return builder +} diff --git a/pkg/controller/builder/builder_monitor_service_test.go b/pkg/controller/builder/builder_monitor_service_test.go new file mode 100644 index 00000000000..de40bb52167 --- /dev/null +++ b/pkg/controller/builder/builder_monitor_service_test.go @@ -0,0 +1,55 @@ +/* +Copyright (C) 2022-2024 ApeCloud Co., Ltd + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package builder + +import ( + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" + + appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" + "github.com/apecloud/kubeblocks/pkg/common" +) + +var _ = Describe("monitor_service builder", func() { + It("should work well", func() { + const ( + name = "monitor_test" + ns = "default" + ) + + exporter := appsv1alpha1.Exporter{ + ScrapePath: "metrics", + ScrapePort: "http-metrics", + ScrapeScheme: appsv1alpha1.HTTPSProtocol, + } + + ncs := NewMonitorServiceBuilder(ns, name). + SetMonitorServiceSpec(monitoringv1.ServiceMonitorSpec{}). + SetDefaultEndpoint(&common.Exporter{ + Exporter: exporter, + }). + GetObject() + + Expect(ncs.Name).Should(Equal(name)) + Expect(ncs.Namespace).Should(Equal(ns)) + Expect(len(ncs.Spec.Endpoints)).Should(Equal(1)) + Expect(ncs.Spec.Endpoints[0].Port).Should(Equal("http-metrics")) + Expect(ncs.Spec.Endpoints[0].Scheme).Should(Equal("https")) + Expect(ncs.Spec.Endpoints[0].Path).Should(Equal("metrics")) + }) +}) diff --git a/pkg/controller/component/component.go b/pkg/controller/component/component.go index a54de2a693a..75a077ffe49 100644 --- a/pkg/controller/component/component.go +++ b/pkg/controller/component/component.go @@ -32,6 +32,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" + "github.com/apecloud/kubeblocks/pkg/common" "github.com/apecloud/kubeblocks/pkg/constant" "github.com/apecloud/kubeblocks/pkg/controller/apiconversion" "github.com/apecloud/kubeblocks/pkg/controller/builder" @@ -85,8 +86,8 @@ func BuildComponent(cluster *appsv1alpha1.Cluster, compSpec *appsv1alpha1.Cluste AddLabels(constant.KBAppClusterUIDLabelKey, string(cluster.UID)). SetServiceVersion(compSpec.ServiceVersion). SetSchedulingPolicy(schedulingPolicy). - SetSidecarContainers(compSpec.Sidecars). - SetMonitor(compSpec.MonitorEnabled). + SetMetricsStoreIntegration(compSpec.MetricsStoreIntegration). + DisableExporter(compSpec.GetDisableExporter()). SetReplicas(compSpec.Replicas). SetResources(compSpec.Resources). SetServiceAccountName(compSpec.ServiceAccountName). @@ -290,3 +291,21 @@ func GetHostNetworkRelatedComponents(podSpec *corev1.PodSpec, ctx context.Contex } return CheckAndGetClusterComponents(ctx, cli, cluster) } + +func GetExporter(componentDef appsv1alpha1.ComponentDefinitionSpec) *common.Exporter { + if componentDef.Exporter != nil { + return &common.Exporter{Exporter: *componentDef.Exporter} + } + + // Compatible with previous versions of kb + if componentDef.Monitor == nil || componentDef.Monitor.Exporter == nil { + return nil + } + + return &common.Exporter{ + TargetPort: &componentDef.Monitor.Exporter.ScrapePort, + Exporter: appsv1alpha1.Exporter{ + ScrapePath: componentDef.Monitor.Exporter.ScrapePath, + }, + } +} diff --git a/pkg/controller/component/component_definition_convertor.go b/pkg/controller/component/component_definition_convertor.go index 136cd056631..37ba35769be 100644 --- a/pkg/controller/component/component_definition_convertor.go +++ b/pkg/controller/component/component_definition_convertor.go @@ -62,7 +62,8 @@ func buildComponentDefinitionByConversion(clusterCompDef *appsv1alpha1.ClusterCo "rolearbitrator": &compDefRoleArbitratorConvertor{}, "lifecycleactions": &compDefLifecycleActionsConvertor{}, "servicerefdeclarations": &compDefServiceRefDeclarationsConvertor{}, - "sidecarcontainerspecs": &compDefSidecarContainersConvertor{}, + "monitor": &compDefMonitorConvertor{}, + "exporter": &compDefExporterConvertor{}, } compDef := &appsv1alpha1.ComponentDefinition{} if err := covertObject(convertors, &compDef.Spec, clusterCompDef, clusterCompVer); err != nil { @@ -701,9 +702,16 @@ func (c *compDefLifecycleActionsConvertor) convertSwitchover(switchover *appsv1a } } -type compDefSidecarContainersConvertor struct{} +type compDefMonitorConvertor struct{} -func (c *compDefSidecarContainersConvertor) convert(args ...any) (any, error) { +func (c *compDefMonitorConvertor) convert(args ...any) (any, error) { clusterCompDef := args[0].(*appsv1alpha1.ClusterComponentDefinition) - return clusterCompDef.SidecarContainerSpecs, nil + return clusterCompDef.Monitor, nil +} + +type compDefExporterConvertor struct{} + +func (c *compDefExporterConvertor) convert(args ...any) (any, error) { + clusterCompDef := args[0].(*appsv1alpha1.ClusterComponentDefinition) + return clusterCompDef.Exporter, nil } diff --git a/pkg/controller/component/synthesize_component.go b/pkg/controller/component/synthesize_component.go index 3b61972ef6a..1809ae7b59b 100644 --- a/pkg/controller/component/synthesize_component.go +++ b/pkg/controller/component/synthesize_component.go @@ -148,36 +148,36 @@ func buildSynthesizedComponent(reqCtx intctrlutil.RequestCtx, } compDefObj := compDef.DeepCopy() synthesizeComp := &SynthesizedComponent{ - Namespace: comp.Namespace, - ClusterName: clusterName, - ClusterUID: clusterUID, - Comp2CompDefs: comp2CompDef, - Name: compName, - FullCompName: comp.Name, - CompDefName: compDef.Name, - ServiceVersion: comp.Spec.ServiceVersion, - ClusterGeneration: clusterGeneration(cluster, comp), - PodSpec: &compDef.Spec.Runtime, - HostNetwork: compDefObj.Spec.HostNetwork, - ComponentServices: compDefObj.Spec.Services, - LogConfigs: compDefObj.Spec.LogConfigs, - ConfigTemplates: compDefObj.Spec.Configs, - ScriptTemplates: compDefObj.Spec.Scripts, - Roles: compDefObj.Spec.Roles, - UpdateStrategy: compDefObj.Spec.UpdateStrategy, - MinReadySeconds: compDefObj.Spec.MinReadySeconds, - PolicyRules: compDefObj.Spec.PolicyRules, - LifecycleActions: compDefObj.Spec.LifecycleActions, - SystemAccounts: compDefObj.Spec.SystemAccounts, - RoleArbitrator: compDefObj.Spec.RoleArbitrator, - Replicas: comp.Spec.Replicas, - Resources: comp.Spec.Resources, - TLSConfig: comp.Spec.TLSConfig, - ServiceAccountName: comp.Spec.ServiceAccountName, - Instances: comp.Spec.Instances, - OfflineInstances: comp.Spec.OfflineInstances, - Sidecars: comp.Spec.Sidecars, - MonitorEnabled: buildMonitorEnabled(comp), + Namespace: comp.Namespace, + ClusterName: clusterName, + ClusterUID: clusterUID, + Comp2CompDefs: comp2CompDef, + Name: compName, + FullCompName: comp.Name, + CompDefName: compDef.Name, + ServiceVersion: comp.Spec.ServiceVersion, + ClusterGeneration: clusterGeneration(cluster, comp), + PodSpec: &compDef.Spec.Runtime, + HostNetwork: compDefObj.Spec.HostNetwork, + ComponentServices: compDefObj.Spec.Services, + LogConfigs: compDefObj.Spec.LogConfigs, + ConfigTemplates: compDefObj.Spec.Configs, + ScriptTemplates: compDefObj.Spec.Scripts, + Roles: compDefObj.Spec.Roles, + UpdateStrategy: compDefObj.Spec.UpdateStrategy, + MinReadySeconds: compDefObj.Spec.MinReadySeconds, + PolicyRules: compDefObj.Spec.PolicyRules, + LifecycleActions: compDefObj.Spec.LifecycleActions, + SystemAccounts: compDefObj.Spec.SystemAccounts, + RoleArbitrator: compDefObj.Spec.RoleArbitrator, + Replicas: comp.Spec.Replicas, + Resources: comp.Spec.Resources, + TLSConfig: comp.Spec.TLSConfig, + ServiceAccountName: comp.Spec.ServiceAccountName, + Instances: comp.Spec.Instances, + OfflineInstances: comp.Spec.OfflineInstances, + MetricsStoreIntegration: comp.Spec.MetricsStoreIntegration, + DisableExporter: comp.Spec.DisableExporter, } // build backward compatible fields, including workload, services, componentRefEnvs, clusterDefName, clusterCompDefName, and clusterCompVer, etc. @@ -250,13 +250,6 @@ func buildRuntimeClassName(synthesizeComp *SynthesizedComponent, comp *appsv1alp synthesizeComp.PodSpec.RuntimeClassName = comp.Spec.RuntimeClassName } -func buildMonitorEnabled(comp *appsv1alpha1.Component) bool { - if comp.Spec.MonitorEnabled != nil { - return *comp.Spec.MonitorEnabled - } - return false -} - func clusterGeneration(cluster *appsv1alpha1.Cluster, comp *appsv1alpha1.Component) string { if comp != nil && comp.Annotations != nil { if generation, ok := comp.Annotations[constant.KubeBlocksGenerationKey]; ok { diff --git a/pkg/controller/component/type.go b/pkg/controller/component/type.go index 8a20dfa9463..b28c107349f 100644 --- a/pkg/controller/component/type.go +++ b/pkg/controller/component/type.go @@ -56,21 +56,22 @@ type SynthesizedComponent struct { OfflineInstances []string `json:"offlineInstances,omitempty"` // The following fields were introduced with the ComponentDefinition and Component API in KubeBlocks version 0.8.0 - Roles []v1alpha1.ReplicaRole `json:"roles,omitempty"` - Labels map[string]string `json:"labels,omitempty"` - Annotations map[string]string `json:"annotations,omitempty"` - UpdateStrategy *v1alpha1.UpdateStrategy `json:"updateStrategy,omitempty"` - PodManagementPolicy *appsv1.PodManagementPolicyType `json:"podManagementPolicy,omitempty"` - PolicyRules []rbacv1.PolicyRule `json:"policyRules,omitempty"` - LifecycleActions *v1alpha1.ComponentLifecycleActions `json:"lifecycleActions,omitempty"` - SystemAccounts []v1alpha1.SystemAccount `json:"systemAccounts,omitempty"` - RoleArbitrator *v1alpha1.RoleArbitrator `json:"roleArbitrator,omitempty"` - Volumes []v1alpha1.ComponentVolume `json:"volumes,omitempty"` - HostNetwork *v1alpha1.HostNetwork `json:"hostNetwork,omitempty"` - ComponentServices []v1alpha1.ComponentService `json:"componentServices,omitempty"` - MinReadySeconds int32 `json:"minReadySeconds,omitempty"` - Sidecars []string `json:"sidecars,omitempty"` - MonitorEnabled bool `json:"monitorEnabled,omitempty"` + Roles []v1alpha1.ReplicaRole `json:"roles,omitempty"` + Labels map[string]string `json:"labels,omitempty"` + Annotations map[string]string `json:"annotations,omitempty"` + UpdateStrategy *v1alpha1.UpdateStrategy `json:"updateStrategy,omitempty"` + PodManagementPolicy *appsv1.PodManagementPolicyType `json:"podManagementPolicy,omitempty"` + PolicyRules []rbacv1.PolicyRule `json:"policyRules,omitempty"` + LifecycleActions *v1alpha1.ComponentLifecycleActions `json:"lifecycleActions,omitempty"` + SystemAccounts []v1alpha1.SystemAccount `json:"systemAccounts,omitempty"` + RoleArbitrator *v1alpha1.RoleArbitrator `json:"roleArbitrator,omitempty"` + Volumes []v1alpha1.ComponentVolume `json:"volumes,omitempty"` + HostNetwork *v1alpha1.HostNetwork `json:"hostNetwork,omitempty"` + ComponentServices []v1alpha1.ComponentService `json:"componentServices,omitempty"` + MinReadySeconds int32 `json:"minReadySeconds,omitempty"` + Sidecars []string `json:"sidecars,omitempty"` + DisableExporter *bool `json:"disableExporter,omitempty"` + MetricsStoreIntegration *v1alpha1.MetricsStoreIntegration `json:"metricsStoreIntegration,omitempty"` // TODO(xingran): The following fields will be deprecated after KubeBlocks version 0.8.0 ClusterDefName string `json:"clusterDefName,omitempty"` // the name of the clusterDefinition diff --git a/pkg/controller/factory/builder.go b/pkg/controller/factory/builder.go index 3f10a686fcb..c9b4e6c0114 100644 --- a/pkg/controller/factory/builder.go +++ b/pkg/controller/factory/builder.go @@ -25,7 +25,6 @@ import ( "encoding/json" "fmt" "path/filepath" - "slices" "strconv" "strings" @@ -35,6 +34,7 @@ import ( rbacv1 "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/rand" + "k8s.io/klog/v2" appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" appsv1beta1 "github.com/apecloud/kubeblocks/apis/apps/v1beta1" @@ -142,60 +142,32 @@ func vctToPVC(vct corev1.PersistentVolumeClaimTemplate) corev1.PersistentVolumeC // getMonitorAnnotations returns the annotations for the monitor. func getMonitorAnnotations(synthesizedComp *component.SynthesizedComponent, componentDef *appsv1alpha1.ComponentDefinition) map[string]string { - if !synthesizedComp.MonitorEnabled || componentDef == nil || !isSupportedMonitor(componentDef, synthesizedComp) { + if synthesizedComp.DisableExporter == nil || *synthesizedComp.DisableExporter || componentDef == nil { return nil } - var container *corev1.Container - var monitor *appsv1alpha1.PrometheusScrapeConfig - if hasBuiltinMonitor(componentDef) { - monitor, container = getBuiltinContainer(synthesizedComp, componentDef.Spec.BuiltinMonitorContainer) - } else if hasMetricsSidecar(synthesizedComp) { - monitor, container = getMetricsSidecarContainer(synthesizedComp.Sidecars, componentDef.Spec.SidecarContainerSpecs) - } - - if monitor == nil { + exporter := component.GetExporter(componentDef.Spec) + if exporter == nil { return nil } - return instanceset.AddAnnotationScope(instanceset.HeadlessServiceScope, intctrlutil.GetScrapeAnnotations(*monitor, container)) -} - -func isSupportedMonitor(componentDef *appsv1alpha1.ComponentDefinition, synthesizedComp *component.SynthesizedComponent) bool { - return hasMetricsSidecar(synthesizedComp) || hasBuiltinMonitor(componentDef) -} - -func hasBuiltinMonitor(componentDef *appsv1alpha1.ComponentDefinition) bool { - return componentDef.Spec.BuiltinMonitorContainer != nil -} -func hasMetricsSidecar(comp *component.SynthesizedComponent) bool { - return len(comp.Sidecars) > 0 -} - -func getMetricsSidecarContainer(sidecars []string, containerSpecs []appsv1alpha1.SidecarContainerSpec) (*appsv1alpha1.PrometheusScrapeConfig, *corev1.Container) { - for i := range containerSpecs { - spec := &containerSpecs[i] - if slices.Contains(sidecars, spec.Name) && isMetricsContainer(spec) { - return spec.Monitor.ScrapeConfig, &spec.Container - } + // Node: If it is an old addon, containerName may be empty. + container := getBuiltinContainer(synthesizedComp, exporter.ContainerName) + if container == nil && exporter.ScrapePort == "" && exporter.TargetPort == nil { + klog.Warningf("invalid exporter port and ignore for component: %s, componentDef: %s", synthesizedComp.Name, componentDef.Name) + return nil } - return nil, nil + return instanceset.AddAnnotationScope(instanceset.HeadlessServiceScope, common.GetScrapeAnnotations(*exporter, container)) } -func getBuiltinContainer(synthesizedComp *component.SynthesizedComponent, builtinMonitorContainer *appsv1alpha1.BuiltinMonitorContainerRef) (*appsv1alpha1.PrometheusScrapeConfig, *corev1.Container) { +func getBuiltinContainer(synthesizedComp *component.SynthesizedComponent, containerName string) *corev1.Container { containers := synthesizedComp.PodSpec.Containers for i := range containers { - if containers[i].Name == builtinMonitorContainer.Name { - return &builtinMonitorContainer.PrometheusScrapeConfig, &containers[i] + if containers[i].Name == containerName { + return &containers[i] } } - return nil, nil -} - -func isMetricsContainer(sidecarContainer *appsv1alpha1.SidecarContainerSpec) bool { - return sidecarContainer.Monitor != nil && - sidecarContainer.Monitor.SidecarKind == appsv1alpha1.MetricsKind && - sidecarContainer.Monitor.ScrapeConfig != nil + return nil } func setDefaultResourceLimits(its *workloads.InstanceSet) { diff --git a/pkg/controllerutil/config_util_test.go b/pkg/controllerutil/config_util_test.go index 85218f4d50f..0dfdd6b203e 100644 --- a/pkg/controllerutil/config_util_test.go +++ b/pkg/controllerutil/config_util_test.go @@ -312,7 +312,7 @@ var _ = Describe("config_util", func() { configConstraintObj := testapps.NewCustomizedObj("resources/mysql-config-constraint.yaml", &appsv1beta1.ConfigConstraint{}, func(cc *appsv1beta1.ConfigConstraint) { if ccContext, err := testdata.GetTestDataFileContent("cue_testdata/pg14.cue"); err == nil { - cc.Spec.ConfigSchema = &appsv1beta1.ConfigSchema{ + cc.Spec.ParametersSchema = &appsv1beta1.ParametersSchema{ CUE: string(ccContext), } } diff --git a/pkg/controllerutil/metrics.go b/pkg/controllerutil/metrics.go index ddbd338072e..997c524544f 100644 --- a/pkg/controllerutil/metrics.go +++ b/pkg/controllerutil/metrics.go @@ -20,63 +20,11 @@ along with this program. If not, see . package controllerutil import ( - corev1 "k8s.io/api/core/v1" - - appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" viper "github.com/apecloud/kubeblocks/pkg/viperx" ) const FeatureGateEnableRuntimeMetrics = "ENABLED_RUNTIME_METRICS" -const ( - PrometheusScrapeAnnotationPath = "monitor.kubeblocks.io/path" - PrometheusScrapeAnnotationPort = "monitor.kubeblocks.io/port" - PrometheusScrapeAnnotationScheme = "monitor.kubeblocks.io/scheme" - PrometheusScrapeAnnotationEnabled = "monitor.kubeblocks.io/scrape" -) - -const ( - defaultScrapePath = "/metrics" - defaultScrapeScheme = string(appsv1alpha1.HTTPProtocol) -) - func EnabledRuntimeMetrics() bool { return viper.GetBool(FeatureGateEnableRuntimeMetrics) } - -func GetScrapeAnnotations(scrapeConfig appsv1alpha1.PrometheusScrapeConfig, container *corev1.Container) map[string]string { - return map[string]string{ - PrometheusScrapeAnnotationPath: fromScrapePath(scrapeConfig), - PrometheusScrapeAnnotationPort: fromContainerPort(scrapeConfig, container), - PrometheusScrapeAnnotationScheme: fromScheme(scrapeConfig), - // Compatible with previous versions of kubeblocks. - PrometheusScrapeAnnotationEnabled: "true", - } -} - -func fromScrapePath(config appsv1alpha1.PrometheusScrapeConfig) string { - if config.MetricsPath != "" { - return config.MetricsPath - } - return defaultScrapePath -} - -func fromContainerPort(config appsv1alpha1.PrometheusScrapeConfig, container *corev1.Container) string { - if config.MetricsPort != "" { - return config.MetricsPort - } - - if config.MetricsPort == "" && len(container.Ports) > 0 { - return container.Ports[0].Name - } - - // TODO: webhook should have already validated. - return "" -} - -func fromScheme(config appsv1alpha1.PrometheusScrapeConfig) string { - if config.Protocol != "" { - return string(config.Protocol) - } - return defaultScrapeScheme -} diff --git a/pkg/generics/type.go b/pkg/generics/type.go index 1d7797bd12e..4e75b586d06 100644 --- a/pkg/generics/type.go +++ b/pkg/generics/type.go @@ -22,7 +22,9 @@ package generics import ( "reflect" + vmv1beta1 "github.com/VictoriaMetrics/operator/api/victoriametrics/v1beta1" snapshotv1 "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" + monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" batchv1 "k8s.io/api/batch/v1" corev1 "k8s.io/api/core/v1" storagev1 "k8s.io/api/storage/v1" @@ -132,6 +134,12 @@ var ConfigurationSignature = func(_ appsv1alpha1.Configuration, _ *appsv1alpha1. var ServiceDescriptorSignature = func(_ appsv1alpha1.ServiceDescriptor, _ *appsv1alpha1.ServiceDescriptor, _ appsv1alpha1.ServiceDescriptorList, _ *appsv1alpha1.ServiceDescriptorList) { } +var MonitorServiceSignature = func(_ monitoringv1.ServiceMonitor, _ *monitoringv1.ServiceMonitor, _ monitoringv1.ServiceMonitorList, _ *monitoringv1.ServiceMonitorList) { +} + +var VMServiceSignature = func(_ vmv1beta1.VMServiceScrape, _ *vmv1beta1.VMServiceScrape, _ vmv1beta1.VMServiceScrapeList, _ *vmv1beta1.VMServiceScrapeList) { +} + func ToGVK(object client.Object) schema.GroupVersionKind { t := reflect.TypeOf(object) if t.Kind() != reflect.Pointer { diff --git a/pkg/testutil/apps/cluster_factory.go b/pkg/testutil/apps/cluster_factory.go index ea0160799b6..49cdf29ec3d 100644 --- a/pkg/testutil/apps/cluster_factory.go +++ b/pkg/testutil/apps/cluster_factory.go @@ -21,6 +21,7 @@ package apps import ( corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" appsv1alpha1 "github.com/apecloud/kubeblocks/apis/apps/v1alpha1" ) @@ -317,3 +318,22 @@ func (factory *MockClusterFactory) AddUserConfigmapVolume(name, mountPoint, resN userResourcesRefs.ConfigMapRefs = append(userResourcesRefs.ConfigMapRefs, cmResource) }) } + +func (factory *MockClusterFactory) SetPrometheusIntegration(need bool, name, ns string) *MockClusterFactory { + return factory.lastComponentRef(func(comp *appsv1alpha1.ClusterComponentSpec) { + if comp.MetricsStoreIntegration == nil { + comp.MetricsStoreIntegration = &appsv1alpha1.MetricsStoreIntegration{} + } + + if need && comp.MetricsStoreIntegration.ServiceMonitorTemplate == nil { + comp.MetricsStoreIntegration.ServiceMonitorTemplate = &appsv1alpha1.ServiceMonitorTemplate{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: ns, + }, + } + } else { + comp.MetricsStoreIntegration.ServiceMonitorTemplate = nil + } + }) +} diff --git a/pkg/testutil/apps/common_util.go b/pkg/testutil/apps/common_util.go index 2c91cdfd7e7..743f8f01a5e 100644 --- a/pkg/testutil/apps/common_util.go +++ b/pkg/testutil/apps/common_util.go @@ -158,7 +158,19 @@ func List[T intctrlutil.Object, PT intctrlutil.PObject[T], return func(g gomega.Gomega) []T { var objList L g.Expect(testCtx.Cli.List(testCtx.Ctx, PL(&objList), opt...)).To(gomega.Succeed()) - return reflect.ValueOf(&objList).Elem().FieldByName("Items").Interface().([]T) + value := reflect.ValueOf(&objList).Elem().FieldByName("Items").Interface() + switch v := value.(type) { + default: + return nil + case []T: + return v + case []*T: + var rets []T + for _, item := range v { + rets = append(rets, *item) + } + return rets + } } } diff --git a/pkg/testutil/apps/constant.go b/pkg/testutil/apps/constant.go index d52923f677d..7117b5ab523 100644 --- a/pkg/testutil/apps/constant.go +++ b/pkg/testutil/apps/constant.go @@ -330,6 +330,11 @@ var ( Votable: false, }, }, + Exporter: &appsv1alpha1.Exporter{ + ScrapePath: "metrics", + ScrapePort: "http-metric", + ScrapeScheme: appsv1alpha1.HTTPProtocol, + }, LifecycleActions: &appsv1alpha1.ComponentLifecycleActions{ PostProvision: defaultLifecycleActionHandler, PreTerminate: defaultLifecycleActionHandler, diff --git a/test/testdata/config/config-constraint.yaml b/test/testdata/config/config-constraint.yaml index 42d43dd4db4..48452da60a5 100644 --- a/test/testdata/config/config-constraint.yaml +++ b/test/testdata/config/config-constraint.yaml @@ -11,7 +11,7 @@ spec: # ConfigurationSchema that impose restrictions on engine parameter's rule - configSchema: + parametersSchema: # top level mysql configuration type topLevelKey: MysqlParameter diff --git a/test/testdata/monitor/crd/monitoring.coreos.com_servicemonitors.yaml b/test/testdata/monitor/crd/monitoring.coreos.com_servicemonitors.yaml new file mode 100644 index 00000000000..00ddc465cd2 --- /dev/null +++ b/test/testdata/monitor/crd/monitoring.coreos.com_servicemonitors.yaml @@ -0,0 +1,742 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + operator.prometheus.io/version: 0.71.0 + name: servicemonitors.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + categories: + - prometheus-operator + kind: ServiceMonitor + listKind: ServiceMonitorList + plural: servicemonitors + shortNames: + - smon + singular: servicemonitor + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ServiceMonitor defines monitoring for a set of services. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of desired Service selection for target discovery + by Prometheus. + properties: + attachMetadata: + description: "`attachMetadata` defines additional metadata which is + added to the discovered targets. \n It requires Prometheus >= v2.37.0." + properties: + node: + description: When set to true, Prometheus must have the `get` + permission on the `Nodes` objects. + type: boolean + type: object + endpoints: + description: List of endpoints part of this ServiceMonitor. + items: + description: Endpoint defines an endpoint serving Prometheus metrics + to be scraped by Prometheus. + properties: + authorization: + description: "`authorization` configures the Authorization header + credentials to use when scraping the target. \n Cannot be + set at the same time as `basicAuth`, or `oauth2`." + properties: + credentials: + description: Selects a key of a Secret in the namespace + that contains the credentials for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: "Defines the authentication type. The value + is case-insensitive. \n \"Basic\" is not a supported value. + \n Default: \"Bearer\"" + type: string + type: object + basicAuth: + description: "`basicAuth` configures the Basic Authentication + credentials to use when scraping the target. \n Cannot be + set at the same time as `authorization`, or `oauth2`." + properties: + password: + description: '`password` specifies a key of a Secret containing + the password for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: '`username` specifies a key of a Secret containing + the username for authentication.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenFile: + description: "File to read bearer token for scraping the target. + \n Deprecated: use `authorization` instead." + type: string + bearerTokenSecret: + description: "`bearerTokenSecret` specifies a key of a Secret + containing the bearer token for scraping targets. The secret + needs to be in the same namespace as the ServiceMonitor object + and readable by the Prometheus Operator. \n Deprecated: use + `authorization` instead." + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + enableHttp2: + description: '`enableHttp2` can be used to disable HTTP2 when + scraping the target.' + type: boolean + filterRunning: + description: "When true, the pods which are not running (e.g. + either in Failed or Succeeded state) are dropped during the + target discovery. \n If unset, the filtering is enabled. \n + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase" + type: boolean + followRedirects: + description: '`followRedirects` defines whether the scrape requests + should follow HTTP 3xx redirects.' + type: boolean + honorLabels: + description: When true, `honorLabels` preserves the metric's + labels when they collide with the target's labels. + type: boolean + honorTimestamps: + description: '`honorTimestamps` controls whether Prometheus + preserves the timestamps when exposed by the target.' + type: boolean + interval: + description: "Interval at which Prometheus scrapes the metrics + from the target. \n If empty, Prometheus uses the global scrape + interval." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + metricRelabelings: + description: '`metricRelabelings` configures the relabeling + rules to apply to the samples before ingestion.' + items: + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. + type: string + replacement: + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string between concatenated + SourceLabels. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + Separator and matched against the configured regular + expression. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as + well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." + type: string + type: object + type: array + oauth2: + description: "`oauth2` configures the OAuth2 settings to use + when scraping the target. \n It requires Prometheus >= 2.27.0. + \n Cannot be set at the same time as `authorization`, or `basicAuth`." + properties: + clientId: + description: '`clientId` specifies a key of a Secret or + ConfigMap containing the OAuth2 client''s ID.' + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: '`clientSecret` specifies a key of a Secret + containing the OAuth2 client''s secret.' + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: '`endpointParams` configures the HTTP parameters + to append to the token URL.' + type: object + scopes: + description: '`scopes` defines the OAuth2 scopes used for + the token request.' + items: + type: string + type: array + tokenUrl: + description: '`tokenURL` configures the URL to fetch the + token from.' + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + params: + additionalProperties: + items: + type: string + type: array + description: params define optional HTTP URL parameters. + type: object + path: + description: "HTTP path from which to scrape for metrics. \n + If empty, Prometheus uses the default value (e.g. `/metrics`)." + type: string + port: + description: "Name of the Service port which this endpoint refers + to. \n It takes precedence over `targetPort`." + type: string + proxyUrl: + description: '`proxyURL` configures the HTTP Proxy URL (e.g. + "http://proxyserver:2195") to go through when scraping the + target.' + type: string + relabelings: + description: "`relabelings` configures the relabeling rules + to apply the target's metadata labels. \n The Operator automatically + adds relabelings for a few standard Kubernetes fields. \n + The original scrape job's name is available via the `__tmp_prometheus_job_name` + label. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + items: + description: "RelabelConfig allows dynamic rewriting of the + label set for targets, alerts, scraped samples and remote + write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config" + properties: + action: + default: replace + description: "Action to perform based on the regex matching. + \n `Uppercase` and `Lowercase` actions require Prometheus + >= v2.36.0. `DropEqual` and `KeepEqual` actions require + Prometheus >= v2.41.0. \n Default: \"Replace\"" + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + - keepequal + - KeepEqual + - dropequal + - DropEqual + type: string + modulus: + description: "Modulus to take of the hash of the source + label values. \n Only applicable when the action is + `HashMod`." + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. + type: string + replacement: + description: "Replacement value against which a Replace + action is performed if the regular expression matches. + \n Regex capture groups are available." + type: string + separator: + description: Separator is the string between concatenated + SourceLabels. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + Separator and matched against the configured regular + expression. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as + well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: "Label to which the resulting string is written + in a replacement. \n It is mandatory for `Replace`, + `HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and + `DropEqual` actions. \n Regex capture groups are available." + type: string + type: object + type: array + scheme: + description: "HTTP scheme to use for scraping. \n `http` and + `https` are the expected values unless you rewrite the `__scheme__` + label via relabeling. \n If empty, Prometheus uses the default + value `http`." + enum: + - http + - https + type: string + scrapeTimeout: + description: "Timeout after which Prometheus considers the scrape + to be failed. \n If empty, Prometheus uses the global scrape + timeout unless it is less than the target's scrape interval + value in which the latter is used." + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: "Name or number of the target port of the `Pod` + object behind the Service, the port must be specified with + container port property. \n Deprecated: use `port` instead." + x-kubernetes-int-or-string: true + tlsConfig: + description: TLS configuration to use when scraping the target. + properties: + ca: + description: Certificate authority used when verifying server + certificates. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the Prometheus container + to use for the targets. + type: string + cert: + description: Client certificate to present when doing client-authentication. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the Prometheus + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the Prometheus + container for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + trackTimestampsStaleness: + description: "`trackTimestampsStaleness` defines whether Prometheus + tracks staleness of the metrics that have an explicit timestamp + present in scraped data. Has no effect if `honorTimestamps` + is false. \n It requires Prometheus >= v2.48.0." + type: boolean + type: object + type: array + jobLabel: + description: "`jobLabel` selects the label from the associated Kubernetes + `Service` object which will be used as the `job` label for all metrics. + \n For example if `jobLabel` is set to `foo` and the Kubernetes + `Service` object is labeled with `foo: bar`, then Prometheus adds + the `job=\"bar\"` label to all ingested metrics. \n If the value + of this field is empty or if the label doesn't exist for the given + Service, the `job` label of the metrics defaults to the name of + the associated Kubernetes `Service`." + type: string + keepDroppedTargets: + description: "Per-scrape limit on the number of targets dropped by + relabeling that will be kept in memory. 0 means no limit. \n It + requires Prometheus >= v2.47.0." + format: int64 + type: integer + labelLimit: + description: "Per-scrape limit on number of labels that will be accepted + for a sample. \n It requires Prometheus >= v2.27.0." + format: int64 + type: integer + labelNameLengthLimit: + description: "Per-scrape limit on length of labels name that will + be accepted for a sample. \n It requires Prometheus >= v2.27.0." + format: int64 + type: integer + labelValueLengthLimit: + description: "Per-scrape limit on length of labels value that will + be accepted for a sample. \n It requires Prometheus >= v2.27.0." + format: int64 + type: integer + namespaceSelector: + description: Selector to select which namespaces the Kubernetes `Endpoints` + objects are discovered from. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names to select from. + items: + type: string + type: array + type: object + podTargetLabels: + description: '`podTargetLabels` defines the labels which are transferred + from the associated Kubernetes `Pod` object onto the ingested metrics.' + items: + type: string + type: array + sampleLimit: + description: '`sampleLimit` defines a per-scrape limit on the number + of scraped samples that will be accepted.' + format: int64 + type: integer + selector: + description: Label selector to select the Kubernetes `Endpoints` objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + targetLabels: + description: '`targetLabels` defines the labels which are transferred + from the associated Kubernetes `Service` object onto the ingested + metrics.' + items: + type: string + type: array + targetLimit: + description: '`targetLimit` defines a limit on the number of scraped + targets that will be accepted.' + format: int64 + type: integer + required: + - selector + type: object + required: + - spec + type: object + served: true + storage: true diff --git a/test/testdata/operations_config/config-constraint.yaml b/test/testdata/operations_config/config-constraint.yaml index db9ef469f26..bcd4b12e55f 100644 --- a/test/testdata/operations_config/config-constraint.yaml +++ b/test/testdata/operations_config/config-constraint.yaml @@ -4,7 +4,7 @@ metadata: name: mysql-tree-node-template-8.0 spec: # ConfigurationSchema that impose restrictions on engine parameter's rule - configSchema: + parametersSchema: # schema: auto generate from cue scripts # example: ../../pkg/configuration/testdata/mysql_openapi.json cue: |- diff --git a/test/testdata/resources/mysql-config-constraint.yaml b/test/testdata/resources/mysql-config-constraint.yaml index a2fc56627b3..e8e0def12fe 100644 --- a/test/testdata/resources/mysql-config-constraint.yaml +++ b/test/testdata/resources/mysql-config-constraint.yaml @@ -10,7 +10,7 @@ spec: processName: mysqld # ConfigurationSchema that impose restrictions on engine parameter's rule - configSchema: + parametersSchema: # top level mysql configuration type topLevelKey: MysqlParameter diff --git a/test/testdata/resources/mysql-consensus-config-constraint.yaml b/test/testdata/resources/mysql-consensus-config-constraint.yaml index 526b86141f1..c3c65f283b8 100644 --- a/test/testdata/resources/mysql-consensus-config-constraint.yaml +++ b/test/testdata/resources/mysql-consensus-config-constraint.yaml @@ -17,7 +17,7 @@ spec: # ConfigurationSchema that impose restrictions on engine parameter's rule - configSchema: + parametersSchema: # top level mysql configuration type topLevelKey: MysqlParameter