summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--pkg/k8s.io/api/core/v1/taint.go39
-rw-r--r--pkg/k8s.io/api/core/v1/toleration.go56
-rw-r--r--pkg/k8s.io/api/core/v1/types.go1811
3 files changed, 0 insertions, 1906 deletions
diff --git a/pkg/k8s.io/api/core/v1/taint.go b/pkg/k8s.io/api/core/v1/taint.go
deleted file mode 100644
index db71bd2fd..000000000
--- a/pkg/k8s.io/api/core/v1/taint.go
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-import "fmt"
-
-// MatchTaint checks if the taint matches taintToMatch. Taints are unique by key:effect,
-// if the two taints have same key:effect, regard as they match.
-func (t *Taint) MatchTaint(taintToMatch *Taint) bool {
- return t.Key == taintToMatch.Key && t.Effect == taintToMatch.Effect
-}
-
-// taint.ToString() converts taint struct to string in format '<key>=<value>:<effect>', '<key>=<value>:', '<key>:<effect>', or '<key>'.
-func (t *Taint) ToString() string {
- if len(t.Effect) == 0 {
- if len(t.Value) == 0 {
- return fmt.Sprintf("%v", t.Key)
- }
- return fmt.Sprintf("%v=%v:", t.Key, t.Value)
- }
- if len(t.Value) == 0 {
- return fmt.Sprintf("%v:%v", t.Key, t.Effect)
- }
- return fmt.Sprintf("%v=%v:%v", t.Key, t.Value, t.Effect)
-}
diff --git a/pkg/k8s.io/api/core/v1/toleration.go b/pkg/k8s.io/api/core/v1/toleration.go
deleted file mode 100644
index b203d335b..000000000
--- a/pkg/k8s.io/api/core/v1/toleration.go
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
-Copyright 2017 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package v1
-
-// MatchToleration checks if the toleration matches tolerationToMatch. Tolerations are unique by <key,effect,operator,value>,
-// if the two tolerations have same <key,effect,operator,value> combination, regard as they match.
-// TODO: uniqueness check for tolerations in api validations.
-func (t *Toleration) MatchToleration(tolerationToMatch *Toleration) bool {
- return t.Key == tolerationToMatch.Key &&
- t.Effect == tolerationToMatch.Effect &&
- t.Operator == tolerationToMatch.Operator &&
- t.Value == tolerationToMatch.Value
-}
-
-// ToleratesTaint checks if the toleration tolerates the taint.
-// The matching follows the rules below:
-// (1) Empty toleration.effect means to match all taint effects,
-// otherwise taint effect must equal to toleration.effect.
-// (2) If toleration.operator is 'Exists', it means to match all taint values.
-// (3) Empty toleration.key means to match all taint keys.
-// If toleration.key is empty, toleration.operator must be 'Exists';
-// this combination means to match all taint values and all taint keys.
-func (t *Toleration) ToleratesTaint(taint *Taint) bool {
- if len(t.Effect) > 0 && t.Effect != taint.Effect {
- return false
- }
-
- if len(t.Key) > 0 && t.Key != taint.Key {
- return false
- }
-
- // TODO: Use proper defaulting when Toleration becomes a field of PodSpec
- switch t.Operator {
- // empty operator means Equal
- case "", TolerationOpEqual:
- return t.Value == taint.Value
- case TolerationOpExists:
- return true
- default:
- return false
- }
-}
diff --git a/pkg/k8s.io/api/core/v1/types.go b/pkg/k8s.io/api/core/v1/types.go
index ab0e80cdb..833814bc6 100644
--- a/pkg/k8s.io/api/core/v1/types.go
+++ b/pkg/k8s.io/api/core/v1/types.go
@@ -23,15 +23,6 @@ import (
"github.com/containers/podman/v4/pkg/k8s.io/apimachinery/pkg/util/intstr"
)
-const (
- // NamespaceDefault means the object is in the default namespace which is applied when not specified by clients
- NamespaceDefault string = "default"
- // NamespaceAll is the default argument to specify on a context when you want to list or filter resources across all namespaces
- NamespaceAll string = ""
- // NamespaceNodeLease is the namespace where we place node lease objects (used for node heartbeats)
- NamespaceNodeLease string = "kube-node-lease"
-)
-
// Volume represents a named volume in a pod that may be accessed by any container in the pod.
type Volume struct {
// Volume's name.
@@ -57,133 +48,14 @@ type VolumeSource struct {
// mount host directories as read/write.
// +optional
HostPath *HostPathVolumeSource `json:"hostPath,omitempty"`
- // EmptyDir represents a temporary directory that shares a pod's lifetime.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
- // +optional
- EmptyDir *EmptyDirVolumeSource `json:"emptyDir,omitempty"`
- // GCEPersistentDisk represents a GCE Disk resource that is attached to a
- // kubelet's host machine and then exposed to the pod.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- // +optional
- GCEPersistentDisk *GCEPersistentDiskVolumeSource `json:"gcePersistentDisk,omitempty"`
- // AWSElasticBlockStore represents an AWS Disk resource that is attached to a
- // kubelet's host machine and then exposed to the pod.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- // +optional
- AWSElasticBlockStore *AWSElasticBlockStoreVolumeSource `json:"awsElasticBlockStore,omitempty"`
- // GitRepo represents a git repository at a particular revision.
- // DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
- // EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
- // into the Pod's container.
- // +optional
- GitRepo *GitRepoVolumeSource `json:"gitRepo,omitempty"`
- // Secret represents a secret that should populate this volume.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
- // +optional
- Secret *SecretVolumeSource `json:"secret,omitempty"`
- // NFS represents an NFS mount on the host that shares a pod's lifetime
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- // +optional
- NFS *NFSVolumeSource `json:"nfs,omitempty"`
- // ISCSI represents an ISCSI Disk resource that is attached to a
- // kubelet's host machine and then exposed to the pod.
- // More info: https://examples.k8s.io/volumes/iscsi/README.md
- // +optional
- ISCSI *ISCSIVolumeSource `json:"iscsi,omitempty"`
- // Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
- // More info: https://examples.k8s.io/volumes/glusterfs/README.md
- // +optional
- Glusterfs *GlusterfsVolumeSource `json:"glusterfs,omitempty"`
// PersistentVolumeClaimVolumeSource represents a reference to a
// PersistentVolumeClaim in the same namespace.
// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
// +optional
PersistentVolumeClaim *PersistentVolumeClaimVolumeSource `json:"persistentVolumeClaim,omitempty"`
- // RBD represents a Rados Block Device mount on the host that shares a pod's lifetime.
- // More info: https://examples.k8s.io/volumes/rbd/README.md
- // +optional
- RBD *RBDVolumeSource `json:"rbd,omitempty"`
- // FlexVolume represents a generic volume resource that is
- // provisioned/attached using an exec based plugin.
- // +optional
- FlexVolume *FlexVolumeSource `json:"flexVolume,omitempty"`
- // Cinder represents a cinder volume attached and mounted on kubelets host machine.
- // More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- // +optional
- Cinder *CinderVolumeSource `json:"cinder,omitempty"`
- // CephFS represents a Ceph FS mount on the host that shares a pod's lifetime
- // +optional
- CephFS *CephFSVolumeSource `json:"cephfs,omitempty"`
- // Flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running
- // +optional
- Flocker *FlockerVolumeSource `json:"flocker,omitempty"`
- // DownwardAPI represents downward API about the pod that should populate this volume
- // +optional
- DownwardAPI *DownwardAPIVolumeSource `json:"downwardAPI,omitempty"`
- // FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.
- // +optional
- FC *FCVolumeSource `json:"fc,omitempty"`
- // AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
- // +optional
- AzureFile *AzureFileVolumeSource `json:"azureFile,omitempty"`
// ConfigMap represents a configMap that should populate this volume
// +optional
ConfigMap *ConfigMapVolumeSource `json:"configMap,omitempty"`
- // VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
- // +optional
- VsphereVolume *VsphereVirtualDiskVolumeSource `json:"vsphereVolume,omitempty"`
- // Quobyte represents a Quobyte mount on the host that shares a pod's lifetime
- // +optional
- Quobyte *QuobyteVolumeSource `json:"quobyte,omitempty"`
- // AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
- // +optional
- AzureDisk *AzureDiskVolumeSource `json:"azureDisk,omitempty"`
- // PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
- PhotonPersistentDisk *PhotonPersistentDiskVolumeSource `json:"photonPersistentDisk,omitempty"`
- // Items for all in one resources secrets, configmaps, and downward API
- Projected *ProjectedVolumeSource `json:"projected,omitempty"`
- // PortworxVolume represents a portworx volume attached and mounted on kubelets host machine
- // +optional
- PortworxVolume *PortworxVolumeSource `json:"portworxVolume,omitempty"`
- // ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.
- // +optional
- ScaleIO *ScaleIOVolumeSource `json:"scaleIO,omitempty"`
- // StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.
- // +optional
- StorageOS *StorageOSVolumeSource `json:"storageos,omitempty"`
- // CSI (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature).
- // +optional
- CSI *CSIVolumeSource `json:"csi,omitempty"`
- // Ephemeral represents a volume that is handled by a cluster storage driver.
- // The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,
- // and deleted when the pod is removed.
- //
- // Use this if:
- // a) the volume is only needed while the pod runs,
- // b) features of normal volumes like restoring from snapshot or capacity
- // tracking are needed,
- // c) the storage driver is specified through a storage class, and
- // d) the storage driver supports dynamic volume provisioning through
- // a PersistentVolumeClaim (see EphemeralVolumeSource for more
- // information on the connection between this volume type
- // and PersistentVolumeClaim).
- //
- // Use PersistentVolumeClaim or one of the vendor-specific
- // APIs for volumes that persist for longer than the lifecycle
- // of an individual pod.
- //
- // Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to
- // be used that way - see the documentation of the driver for
- // more information.
- //
- // A pod can use both types of ephemeral volumes and
- // persistent volumes at the same time.
- //
- // This is a beta feature and only available when the GenericEphemeralVolume
- // feature gate is enabled.
- //
- // +optional
- Ephemeral *EphemeralVolumeSource `json:"ephemeral,omitempty"`
}
// PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace.
@@ -203,16 +75,6 @@ type PersistentVolumeClaimVolumeSource struct {
// PersistentVolumeSource is similar to VolumeSource but meant for the
// administrator who creates PVs. Exactly one of its members must be set.
type PersistentVolumeSource struct {
- // GCEPersistentDisk represents a GCE Disk resource that is attached to a
- // kubelet's host machine and then exposed to the pod. Provisioned by an admin.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- // +optional
- GCEPersistentDisk *GCEPersistentDiskVolumeSource `json:"gcePersistentDisk,omitempty"`
- // AWSElasticBlockStore represents an AWS Disk resource that is attached to a
- // kubelet's host machine and then exposed to the pod.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- // +optional
- AWSElasticBlockStore *AWSElasticBlockStoreVolumeSource `json:"awsElasticBlockStore,omitempty"`
// HostPath represents a directory on the host.
// Provisioned by a developer or tester.
// This is useful for single-node development and testing only!
@@ -220,81 +82,8 @@ type PersistentVolumeSource struct {
// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
// +optional
HostPath *HostPathVolumeSource `json:"hostPath,omitempty"`
- // Glusterfs represents a Glusterfs volume that is attached to a host and
- // exposed to the pod. Provisioned by an admin.
- // More info: https://examples.k8s.io/volumes/glusterfs/README.md
- // +optional
- Glusterfs *GlusterfsPersistentVolumeSource `json:"glusterfs,omitempty"`
- // NFS represents an NFS mount on the host. Provisioned by an admin.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- // +optional
- NFS *NFSVolumeSource `json:"nfs,omitempty"`
- // RBD represents a Rados Block Device mount on the host that shares a pod's lifetime.
- // More info: https://examples.k8s.io/volumes/rbd/README.md
- // +optional
- RBD *RBDPersistentVolumeSource `json:"rbd,omitempty"`
- // ISCSI represents an ISCSI Disk resource that is attached to a
- // kubelet's host machine and then exposed to the pod. Provisioned by an admin.
- // +optional
- ISCSI *ISCSIPersistentVolumeSource `json:"iscsi,omitempty"`
- // Cinder represents a cinder volume attached and mounted on kubelets host machine.
- // More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- // +optional
- Cinder *CinderPersistentVolumeSource `json:"cinder,omitempty"`
- // CephFS represents a Ceph FS mount on the host that shares a pod's lifetime
- // +optional
- CephFS *CephFSPersistentVolumeSource `json:"cephfs,omitempty"`
- // FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.
- // +optional
- FC *FCVolumeSource `json:"fc,omitempty"`
- // Flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running
- // +optional
- Flocker *FlockerVolumeSource `json:"flocker,omitempty"`
- // FlexVolume represents a generic volume resource that is
- // provisioned/attached using an exec based plugin.
- // +optional
- FlexVolume *FlexPersistentVolumeSource `json:"flexVolume,omitempty"`
- // AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
- // +optional
- AzureFile *AzureFilePersistentVolumeSource `json:"azureFile,omitempty"`
- // VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
- // +optional
- VsphereVolume *VsphereVirtualDiskVolumeSource `json:"vsphereVolume,omitempty"`
- // Quobyte represents a Quobyte mount on the host that shares a pod's lifetime
- // +optional
- Quobyte *QuobyteVolumeSource `json:"quobyte,omitempty"`
- // AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
- // +optional
- AzureDisk *AzureDiskVolumeSource `json:"azureDisk,omitempty"`
- // PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
- PhotonPersistentDisk *PhotonPersistentDiskVolumeSource `json:"photonPersistentDisk,omitempty"`
- // PortworxVolume represents a portworx volume attached and mounted on kubelets host machine
- // +optional
- PortworxVolume *PortworxVolumeSource `json:"portworxVolume,omitempty"`
- // ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.
- // +optional
- ScaleIO *ScaleIOPersistentVolumeSource `json:"scaleIO,omitempty"`
- // Local represents directly-attached storage with node affinity
- // +optional
- Local *LocalVolumeSource `json:"local,omitempty"`
- // StorageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod
- // More info: https://examples.k8s.io/volumes/storageos/README.md
- // +optional
- StorageOS *StorageOSPersistentVolumeSource `json:"storageos,omitempty"`
- // CSI represents storage that is handled by an external CSI driver (Beta feature).
- // +optional
- CSI *CSIPersistentVolumeSource `json:"csi,omitempty"`
}
-const (
- // BetaStorageClassAnnotation represents the beta/previous StorageClass annotation.
- // It's currently still used and will be held for backwards compatibility
- BetaStorageClassAnnotation = "volume.beta.kubernetes.io/storage-class"
-
- // MountOptionAnnotation defines mount option annotation used in PVs
- MountOptionAnnotation = "volume.beta.kubernetes.io/mount-options"
-)
-
// +genclient
// +genclient:nonNamespaced
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
@@ -670,214 +459,6 @@ type EmptyDirVolumeSource struct {
SizeLimit *resource.Quantity `json:"sizeLimit,omitempty"`
}
-// Represents a Glusterfs mount that lasts the lifetime of a pod.
-// Glusterfs volumes do not support ownership management or SELinux relabeling.
-type GlusterfsVolumeSource struct {
- // EndpointsName is the endpoint name that details Glusterfs topology.
- // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- EndpointsName string `json:"endpoints"`
-
- // Path is the Glusterfs volume path.
- // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- Path string `json:"path"`
-
- // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions.
- // Defaults to false.
- // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// Represents a Glusterfs mount that lasts the lifetime of a pod.
-// Glusterfs volumes do not support ownership management or SELinux relabeling.
-type GlusterfsPersistentVolumeSource struct {
- // EndpointsName is the endpoint name that details Glusterfs topology.
- // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- EndpointsName string `json:"endpoints"`
-
- // Path is the Glusterfs volume path.
- // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- Path string `json:"path"`
-
- // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions.
- // Defaults to false.
- // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-
- // EndpointsNamespace is the namespace that contains Glusterfs endpoint.
- // If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC.
- // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod
- // +optional
- EndpointsNamespace *string `json:"endpointsNamespace,omitempty"`
-}
-
-// Represents a Rados Block Device mount that lasts the lifetime of a pod.
-// RBD volumes support ownership management and SELinux relabeling.
-type RBDVolumeSource struct {
- // A collection of Ceph monitors.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- CephMonitors []string `json:"monitors"`
- // The rados image name.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- RBDImage string `json:"image"`
- // Filesystem type of the volume that you want to mount.
- // Tip: Ensure that the filesystem type is supported by the host operating system.
- // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- // TODO: how do we prevent errors in the filesystem from compromising the machine
- // +optional
- FSType string `json:"fsType,omitempty"`
- // The rados pool name.
- // Default is rbd.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- // +optional
- RBDPool string `json:"pool,omitempty"`
- // The rados user name.
- // Default is admin.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- // +optional
- RadosUser string `json:"user,omitempty"`
- // Keyring is the path to key ring for RBDUser.
- // Default is /etc/ceph/keyring.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- // +optional
- Keyring string `json:"keyring,omitempty"`
- // SecretRef is name of the authentication secret for RBDUser. If provided
- // overrides keyring.
- // Default is nil.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- // +optional
- SecretRef *LocalObjectReference `json:"secretRef,omitempty"`
- // ReadOnly here will force the ReadOnly setting in VolumeMounts.
- // Defaults to false.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// Represents a Rados Block Device mount that lasts the lifetime of a pod.
-// RBD volumes support ownership management and SELinux relabeling.
-type RBDPersistentVolumeSource struct {
- // A collection of Ceph monitors.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- CephMonitors []string `json:"monitors"`
- // The rados image name.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- RBDImage string `json:"image"`
- // Filesystem type of the volume that you want to mount.
- // Tip: Ensure that the filesystem type is supported by the host operating system.
- // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- // TODO: how do we prevent errors in the filesystem from compromising the machine
- // +optional
- FSType string `json:"fsType,omitempty"`
- // The rados pool name.
- // Default is rbd.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- // +optional
- RBDPool string `json:"pool,omitempty"`
- // The rados user name.
- // Default is admin.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- // +optional
- RadosUser string `json:"user,omitempty"`
- // Keyring is the path to key ring for RBDUser.
- // Default is /etc/ceph/keyring.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- // +optional
- Keyring string `json:"keyring,omitempty"`
- // SecretRef is name of the authentication secret for RBDUser. If provided
- // overrides keyring.
- // Default is nil.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- // +optional
- SecretRef *SecretReference `json:"secretRef,omitempty"`
- // ReadOnly here will force the ReadOnly setting in VolumeMounts.
- // Defaults to false.
- // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// Represents a cinder volume resource in Openstack.
-// A Cinder volume must exist before mounting to a container.
-// The volume must also be in the same region as the kubelet.
-// Cinder volumes support ownership management and SELinux relabeling.
-type CinderVolumeSource struct {
- // volume id used to identify the volume in cinder.
- // More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- VolumeID string `json:"volumeID"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- // +optional
- FSType string `json:"fsType,omitempty"`
- // Optional: Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
- // Optional: points to a secret object containing parameters used to connect
- // to OpenStack.
- // +optional
- SecretRef *LocalObjectReference `json:"secretRef,omitempty"`
-}
-
-// Represents a cinder volume resource in Openstack.
-// A Cinder volume must exist before mounting to a container.
-// The volume must also be in the same region as the kubelet.
-// Cinder volumes support ownership management and SELinux relabeling.
-type CinderPersistentVolumeSource struct {
- // volume id used to identify the volume in cinder.
- // More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- VolumeID string `json:"volumeID"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- // +optional
- FSType string `json:"fsType,omitempty"`
- // Optional: Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // More info: https://examples.k8s.io/mysql-cinder-pd/README.md
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
- // Optional: points to a secret object containing parameters used to connect
- // to OpenStack.
- // +optional
- SecretRef *SecretReference `json:"secretRef,omitempty"`
-}
-
-// Represents a Ceph Filesystem mount that lasts the lifetime of a pod
-// Cephfs volumes do not support ownership management or SELinux relabeling.
-type CephFSVolumeSource struct {
- // Required: Monitors is a collection of Ceph monitors
- // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- Monitors []string `json:"monitors"`
- // Optional: Used as the mounted root, rather than the full Ceph tree, default is /
- // +optional
- Path string `json:"path,omitempty"`
- // Optional: User is the rados user name, default is admin
- // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- // +optional
- User string `json:"user,omitempty"`
- // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
- // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- // +optional
- SecretFile string `json:"secretFile,omitempty"`
- // Optional: SecretRef is reference to the authentication secret for User, default is empty.
- // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- // +optional
- SecretRef *LocalObjectReference `json:"secretRef,omitempty"`
- // Optional: Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
// SecretReference represents a Secret Reference. It has enough information to retrieve secret
// in any namespace
// +structType=atomic
@@ -890,47 +471,6 @@ type SecretReference struct {
Namespace string `json:"namespace,omitempty"`
}
-// Represents a Ceph Filesystem mount that lasts the lifetime of a pod
-// Cephfs volumes do not support ownership management or SELinux relabeling.
-type CephFSPersistentVolumeSource struct {
- // Required: Monitors is a collection of Ceph monitors
- // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- Monitors []string `json:"monitors"`
- // Optional: Used as the mounted root, rather than the full Ceph tree, default is /
- // +optional
- Path string `json:"path,omitempty"`
- // Optional: User is the rados user name, default is admin
- // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- // +optional
- User string `json:"user,omitempty"`
- // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
- // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- // +optional
- SecretFile string `json:"secretFile,omitempty"`
- // Optional: SecretRef is reference to the authentication secret for User, default is empty.
- // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- // +optional
- SecretRef *SecretReference `json:"secretRef,omitempty"`
- // Optional: Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// Represents a Flocker volume mounted by the Flocker agent.
-// One and only one of datasetName and datasetUUID should be set.
-// Flocker volumes do not support ownership management or SELinux relabeling.
-type FlockerVolumeSource struct {
- // Name of the dataset stored as metadata -> name on the dataset for Flocker
- // should be considered as deprecated
- // +optional
- DatasetName string `json:"datasetName,omitempty"`
- // UUID of the dataset. This is unique identifier of a Flocker dataset
- // +optional
- DatasetUUID string `json:"datasetUUID,omitempty"`
-}
-
// StorageMedium defines ways that storage can be allocated to a volume.
type StorageMedium string
@@ -953,172 +493,6 @@ const (
ProtocolSCTP Protocol = "SCTP"
)
-// Represents a Persistent Disk resource in Google Compute Engine.
-//
-// A GCE PD must exist before mounting to a container. The disk must
-// also be in the same GCE project and zone as the kubelet. A GCE PD
-// can only be mounted as read/write once or read-only many times. GCE
-// PDs support ownership management and SELinux relabeling.
-type GCEPersistentDiskVolumeSource struct {
- // Unique name of the PD resource in GCE. Used to identify the disk in GCE.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- PDName string `json:"pdName"`
- // Filesystem type of the volume that you want to mount.
- // Tip: Ensure that the filesystem type is supported by the host operating system.
- // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- // TODO: how do we prevent errors in the filesystem from compromising the machine
- // +optional
- FSType string `json:"fsType,omitempty"`
- // The partition in the volume that you want to mount.
- // If omitted, the default is to mount by volume name.
- // Examples: For volume /dev/sda1, you specify the partition as "1".
- // Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- // +optional
- Partition int32 `json:"partition,omitempty"`
- // ReadOnly here will force the ReadOnly setting in VolumeMounts.
- // Defaults to false.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// Represents a Quobyte mount that lasts the lifetime of a pod.
-// Quobyte volumes do not support ownership management or SELinux relabeling.
-type QuobyteVolumeSource struct {
- // Registry represents a single or multiple Quobyte Registry services
- // specified as a string as host:port pair (multiple entries are separated with commas)
- // which acts as the central registry for volumes
- Registry string `json:"registry"`
-
- // Volume is a string that references an already created Quobyte volume by name.
- Volume string `json:"volume"`
-
- // ReadOnly here will force the Quobyte volume to be mounted with read-only permissions.
- // Defaults to false.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-
- // User to map volume access to
- // Defaults to serivceaccount user
- // +optional
- User string `json:"user,omitempty"`
-
- // Group to map volume access to
- // Default is no group
- // +optional
- Group string `json:"group,omitempty"`
-
- // Tenant owning the given Quobyte volume in the Backend
- // Used with dynamically provisioned Quobyte volumes, value is set by the plugin
- // +optional
- Tenant string `json:"tenant,omitempty"`
-}
-
-// FlexPersistentVolumeSource represents a generic persistent volume resource that is
-// provisioned/attached using an exec based plugin.
-type FlexPersistentVolumeSource struct {
- // Driver is the name of the driver to use for this volume.
- Driver string `json:"driver"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
- // +optional
- FSType string `json:"fsType,omitempty"`
- // Optional: SecretRef is reference to the secret object containing
- // sensitive information to pass to the plugin scripts. This may be
- // empty if no secret object is specified. If the secret object
- // contains more than one secret, all secrets are passed to the plugin
- // scripts.
- // +optional
- SecretRef *SecretReference `json:"secretRef,omitempty"`
- // Optional: Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
- // Optional: Extra command options if any.
- // +optional
- Options map[string]string `json:"options,omitempty"`
-}
-
-// FlexVolume represents a generic volume resource that is
-// provisioned/attached using an exec based plugin.
-type FlexVolumeSource struct {
- // Driver is the name of the driver to use for this volume.
- Driver string `json:"driver"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
- // +optional
- FSType string `json:"fsType,omitempty"`
- // Optional: SecretRef is reference to the secret object containing
- // sensitive information to pass to the plugin scripts. This may be
- // empty if no secret object is specified. If the secret object
- // contains more than one secret, all secrets are passed to the plugin
- // scripts.
- // +optional
- SecretRef *LocalObjectReference `json:"secretRef,omitempty"`
- // Optional: Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
- // Optional: Extra command options if any.
- // +optional
- Options map[string]string `json:"options,omitempty"`
-}
-
-// Represents a Persistent Disk resource in AWS.
-//
-// An AWS EBS disk must exist before mounting to a container. The disk
-// must also be in the same AWS zone as the kubelet. An AWS EBS disk
-// can only be mounted as read/write once. AWS EBS volumes support
-// ownership management and SELinux relabeling.
-type AWSElasticBlockStoreVolumeSource struct {
- // Unique ID of the persistent disk resource in AWS (Amazon EBS volume).
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- VolumeID string `json:"volumeID"`
- // Filesystem type of the volume that you want to mount.
- // Tip: Ensure that the filesystem type is supported by the host operating system.
- // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- // TODO: how do we prevent errors in the filesystem from compromising the machine
- // +optional
- FSType string `json:"fsType,omitempty"`
- // The partition in the volume that you want to mount.
- // If omitted, the default is to mount by volume name.
- // Examples: For volume /dev/sda1, you specify the partition as "1".
- // Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
- // +optional
- Partition int32 `json:"partition,omitempty"`
- // Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
- // If omitted, the default is "false".
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// Represents a volume that is populated with the contents of a git repository.
-// Git repo volumes do not support ownership management.
-// Git repo volumes support SELinux relabeling.
-//
-// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
-// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
-// into the Pod's container.
-type GitRepoVolumeSource struct {
- // Repository URL
- Repository string `json:"repository"`
- // Commit hash for the specified revision.
- // +optional
- Revision string `json:"revision,omitempty"`
- // Target directory name.
- // Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
- // git repository. Otherwise, if specified, the volume will contain the git repository in
- // the subdirectory with the given name.
- // +optional
- Directory string `json:"directory,omitempty"`
-}
-
// Adapts a Secret into a volume.
//
// The contents of the target Secret's Data field will be presented in a volume
@@ -1178,377 +552,6 @@ type SecretProjection struct {
Optional *bool `json:"optional,omitempty"`
}
-// Represents an NFS mount that lasts the lifetime of a pod.
-// NFS volumes do not support ownership management or SELinux relabeling.
-type NFSVolumeSource struct {
- // Server is the hostname or IP address of the NFS server.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- Server string `json:"server"`
-
- // Path that is exported by the NFS server.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- Path string `json:"path"`
-
- // ReadOnly here will force
- // the NFS export to be mounted with read-only permissions.
- // Defaults to false.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// Represents an ISCSI disk.
-// ISCSI volumes can only be mounted as read/write once.
-// ISCSI volumes support ownership management and SELinux relabeling.
-type ISCSIVolumeSource struct {
- // iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
- // is other than default (typically TCP ports 860 and 3260).
- TargetPortal string `json:"targetPortal"`
- // Target iSCSI Qualified Name.
- IQN string `json:"iqn"`
- // iSCSI Target Lun number.
- Lun int32 `json:"lun"`
- // iSCSI Interface Name that uses an iSCSI transport.
- // Defaults to 'default' (tcp).
- // +optional
- ISCSIInterface string `json:"iscsiInterface,omitempty"`
- // Filesystem type of the volume that you want to mount.
- // Tip: Ensure that the filesystem type is supported by the host operating system.
- // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- // TODO: how do we prevent errors in the filesystem from compromising the machine
- // +optional
- FSType string `json:"fsType,omitempty"`
- // ReadOnly here will force the ReadOnly setting in VolumeMounts.
- // Defaults to false.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
- // iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
- // is other than default (typically TCP ports 860 and 3260).
- // +optional
- Portals []string `json:"portals,omitempty"`
- // whether support iSCSI Discovery CHAP authentication
- // +optional
- DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty"`
- // whether support iSCSI Session CHAP authentication
- // +optional
- SessionCHAPAuth bool `json:"chapAuthSession,omitempty"`
- // CHAP Secret for iSCSI target and initiator authentication
- // +optional
- SecretRef *LocalObjectReference `json:"secretRef,omitempty"`
- // Custom iSCSI Initiator Name.
- // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
- // <target portal>:<volume name> will be created for the connection.
- // +optional
- InitiatorName *string `json:"initiatorName,omitempty"`
-}
-
-// ISCSIPersistentVolumeSource represents an ISCSI disk.
-// ISCSI volumes can only be mounted as read/write once.
-// ISCSI volumes support ownership management and SELinux relabeling.
-type ISCSIPersistentVolumeSource struct {
- // iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
- // is other than default (typically TCP ports 860 and 3260).
- TargetPortal string `json:"targetPortal"`
- // Target iSCSI Qualified Name.
- IQN string `json:"iqn"`
- // iSCSI Target Lun number.
- Lun int32 `json:"lun"`
- // iSCSI Interface Name that uses an iSCSI transport.
- // Defaults to 'default' (tcp).
- // +optional
- ISCSIInterface string `json:"iscsiInterface,omitempty"`
- // Filesystem type of the volume that you want to mount.
- // Tip: Ensure that the filesystem type is supported by the host operating system.
- // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- // TODO: how do we prevent errors in the filesystem from compromising the machine
- // +optional
- FSType string `json:"fsType,omitempty"`
- // ReadOnly here will force the ReadOnly setting in VolumeMounts.
- // Defaults to false.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
- // iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port
- // is other than default (typically TCP ports 860 and 3260).
- // +optional
- Portals []string `json:"portals,omitempty"`
- // whether support iSCSI Discovery CHAP authentication
- // +optional
- DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty"`
- // whether support iSCSI Session CHAP authentication
- // +optional
- SessionCHAPAuth bool `json:"chapAuthSession,omitempty"`
- // CHAP Secret for iSCSI target and initiator authentication
- // +optional
- SecretRef *SecretReference `json:"secretRef,omitempty"`
- // Custom iSCSI Initiator Name.
- // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
- // <target portal>:<volume name> will be created for the connection.
- // +optional
- InitiatorName *string `json:"initiatorName,omitempty"`
-}
-
-// Represents a Fibre Channel volume.
-// Fibre Channel volumes can only be mounted as read/write once.
-// Fibre Channel volumes support ownership management and SELinux relabeling.
-type FCVolumeSource struct {
- // Optional: FC target worldwide names (WWNs)
- // +optional
- TargetWWNs []string `json:"targetWWNs,omitempty"`
- // Optional: FC target lun number
- // +optional
- Lun *int32 `json:"lun,omitempty"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // TODO: how do we prevent errors in the filesystem from compromising the machine
- // +optional
- FSType string `json:"fsType,omitempty"`
- // Optional: Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
- // Optional: FC volume world wide identifiers (wwids)
- // Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
- // +optional
- WWIDs []string `json:"wwids,omitempty"`
-}
-
-// AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
-type AzureFileVolumeSource struct {
- // the name of secret that contains Azure Storage Account Name and Key
- SecretName string `json:"secretName"`
- // Share Name
- ShareName string `json:"shareName"`
- // Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
-type AzureFilePersistentVolumeSource struct {
- // the name of secret that contains Azure Storage Account Name and Key
- SecretName string `json:"secretName"`
- // Share Name
- ShareName string `json:"shareName"`
- // Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
- // the namespace of the secret that contains Azure Storage Account Name and Key
- // default is the same as the Pod
- // +optional
- SecretNamespace *string `json:"secretNamespace"`
-}
-
-// Represents a vSphere volume resource.
-type VsphereVirtualDiskVolumeSource struct {
- // Path that identifies vSphere volume vmdk
- VolumePath string `json:"volumePath"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // +optional
- FSType string `json:"fsType,omitempty"`
- // Storage Policy Based Management (SPBM) profile name.
- // +optional
- StoragePolicyName string `json:"storagePolicyName,omitempty"`
- // Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.
- // +optional
- StoragePolicyID string `json:"storagePolicyID,omitempty"`
-}
-
-// Represents a Photon Controller persistent disk resource.
-type PhotonPersistentDiskVolumeSource struct {
- // ID that identifies Photon Controller persistent disk
- PdID string `json:"pdID"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- FSType string `json:"fsType,omitempty"`
-}
-
-type AzureDataDiskCachingMode string
-type AzureDataDiskKind string
-
-const (
- AzureDataDiskCachingNone AzureDataDiskCachingMode = "None"
- AzureDataDiskCachingReadOnly AzureDataDiskCachingMode = "ReadOnly"
- AzureDataDiskCachingReadWrite AzureDataDiskCachingMode = "ReadWrite"
-
- AzureSharedBlobDisk AzureDataDiskKind = "Shared"
- AzureDedicatedBlobDisk AzureDataDiskKind = "Dedicated"
- AzureManagedDisk AzureDataDiskKind = "Managed"
-)
-
-// AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
-type AzureDiskVolumeSource struct {
- // The Name of the data disk in the blob storage
- DiskName string `json:"diskName"`
- // The URI the data disk in the blob storage
- DataDiskURI string `json:"diskURI"`
- // Host Caching mode: None, Read Only, Read Write.
- // +optional
- CachingMode *AzureDataDiskCachingMode `json:"cachingMode,omitempty"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // +optional
- FSType *string `json:"fsType,omitempty"`
- // Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly *bool `json:"readOnly,omitempty"`
- // Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared
- Kind *AzureDataDiskKind `json:"kind,omitempty"`
-}
-
-// PortworxVolumeSource represents a Portworx volume resource.
-type PortworxVolumeSource struct {
- // VolumeID uniquely identifies a Portworx volume
- VolumeID string `json:"volumeID"`
- // FSType represents the filesystem type to mount
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
- FSType string `json:"fsType,omitempty"`
- // Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// ScaleIOVolumeSource represents a persistent ScaleIO volume
-type ScaleIOVolumeSource struct {
- // The host address of the ScaleIO API Gateway.
- Gateway string `json:"gateway"`
- // The name of the storage system as configured in ScaleIO.
- System string `json:"system"`
- // SecretRef references to the secret for ScaleIO user and other
- // sensitive information. If this is not provided, Login operation will fail.
- SecretRef *LocalObjectReference `json:"secretRef"`
- // Flag to enable/disable SSL communication with Gateway, default false
- // +optional
- SSLEnabled bool `json:"sslEnabled,omitempty"`
- // The name of the ScaleIO Protection Domain for the configured storage.
- // +optional
- ProtectionDomain string `json:"protectionDomain,omitempty"`
- // The ScaleIO Storage Pool associated with the protection domain.
- // +optional
- StoragePool string `json:"storagePool,omitempty"`
- // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
- // Default is ThinProvisioned.
- // +optional
- StorageMode string `json:"storageMode,omitempty"`
- // The name of a volume already created in the ScaleIO system
- // that is associated with this volume source.
- VolumeName string `json:"volumeName,omitempty"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs".
- // Default is "xfs".
- // +optional
- FSType string `json:"fsType,omitempty"`
- // Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// ScaleIOPersistentVolumeSource represents a persistent ScaleIO volume
-type ScaleIOPersistentVolumeSource struct {
- // The host address of the ScaleIO API Gateway.
- Gateway string `json:"gateway"`
- // The name of the storage system as configured in ScaleIO.
- System string `json:"system"`
- // SecretRef references to the secret for ScaleIO user and other
- // sensitive information. If this is not provided, Login operation will fail.
- SecretRef *SecretReference `json:"secretRef"`
- // Flag to enable/disable SSL communication with Gateway, default false
- // +optional
- SSLEnabled bool `json:"sslEnabled,omitempty"`
- // The name of the ScaleIO Protection Domain for the configured storage.
- // +optional
- ProtectionDomain string `json:"protectionDomain,omitempty"`
- // The ScaleIO Storage Pool associated with the protection domain.
- // +optional
- StoragePool string `json:"storagePool,omitempty"`
- // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
- // Default is ThinProvisioned.
- // +optional
- StorageMode string `json:"storageMode,omitempty"`
- // The name of a volume already created in the ScaleIO system
- // that is associated with this volume source.
- VolumeName string `json:"volumeName,omitempty"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs".
- // Default is "xfs"
- // +optional
- FSType string `json:"fsType,omitempty"`
- // Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-}
-
-// Represents a StorageOS persistent volume resource.
-type StorageOSVolumeSource struct {
- // VolumeName is the human-readable name of the StorageOS volume. Volume
- // names are only unique within a namespace.
- VolumeName string `json:"volumeName,omitempty"`
- // VolumeNamespace specifies the scope of the volume within StorageOS. If no
- // namespace is specified then the Pod's namespace will be used. This allows the
- // Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
- // Set VolumeName to any name to override the default behaviour.
- // Set to "default" if you are not using namespaces within StorageOS.
- // Namespaces that do not pre-exist within StorageOS will be created.
- // +optional
- VolumeNamespace string `json:"volumeNamespace,omitempty"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // +optional
- FSType string `json:"fsType,omitempty"`
- // Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
- // SecretRef specifies the secret to use for obtaining the StorageOS API
- // credentials. If not specified, default values will be attempted.
- // +optional
- SecretRef *LocalObjectReference `json:"secretRef,omitempty"`
-}
-
-// Represents a StorageOS persistent volume resource.
-type StorageOSPersistentVolumeSource struct {
- // VolumeName is the human-readable name of the StorageOS volume. Volume
- // names are only unique within a namespace.
- VolumeName string `json:"volumeName,omitempty"`
- // VolumeNamespace specifies the scope of the volume within StorageOS. If no
- // namespace is specified then the Pod's namespace will be used. This allows the
- // Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
- // Set VolumeName to any name to override the default behaviour.
- // Set to "default" if you are not using namespaces within StorageOS.
- // Namespaces that do not pre-exist within StorageOS will be created.
- // +optional
- VolumeNamespace string `json:"volumeNamespace,omitempty"`
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
- // +optional
- FSType string `json:"fsType,omitempty"`
- // Defaults to false (read/write). ReadOnly here will force
- // the ReadOnly setting in VolumeMounts.
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
- // SecretRef specifies the secret to use for obtaining the StorageOS API
- // credentials. If not specified, default values will be attempted.
- // +optional
- SecretRef *ObjectReference `json:"secretRef,omitempty"`
-}
-
// Adapts a ConfigMap into a volume.
//
// The contents of the target ConfigMap's Data field will be presented in a
@@ -1688,140 +691,6 @@ type KeyToPath struct {
Mode *int32 `json:"mode,omitempty"`
}
-// Local represents directly-attached storage with node affinity (Beta feature)
-type LocalVolumeSource struct {
- // The full path to the volume on the node.
- // It can be either a directory or block device (disk, partition, ...).
- Path string `json:"path"`
-
- // Filesystem type to mount.
- // It applies only when the Path is a block device.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs". The default value is to auto-select a fileystem if unspecified.
- // +optional
- FSType *string `json:"fsType,omitempty"`
-}
-
-// Represents storage that is managed by an external CSI volume driver (Beta feature)
-type CSIPersistentVolumeSource struct {
- // Driver is the name of the driver to use for this volume.
- // Required.
- Driver string `json:"driver"`
-
- // VolumeHandle is the unique volume name returned by the CSI volume
- // plugin’s CreateVolume to refer to the volume on all subsequent calls.
- // Required.
- VolumeHandle string `json:"volumeHandle"`
-
- // Optional: The value to pass to ControllerPublishVolumeRequest.
- // Defaults to false (read/write).
- // +optional
- ReadOnly bool `json:"readOnly,omitempty"`
-
- // Filesystem type to mount.
- // Must be a filesystem type supported by the host operating system.
- // Ex. "ext4", "xfs", "ntfs".
- // +optional
- FSType string `json:"fsType,omitempty"`
-
- // Attributes of the volume to publish.
- // +optional
- VolumeAttributes map[string]string `json:"volumeAttributes,omitempty"`
-
- // ControllerPublishSecretRef is a reference to the secret object containing
- // sensitive information to pass to the CSI driver to complete the CSI
- // ControllerPublishVolume and ControllerUnpublishVolume calls.
- // This field is optional, and may be empty if no secret is required. If the
- // secret object contains more than one secret, all secrets are passed.
- // +optional
- ControllerPublishSecretRef *SecretReference `json:"controllerPublishSecretRef,omitempty"`
-
- // NodeStageSecretRef is a reference to the secret object containing sensitive
- // information to pass to the CSI driver to complete the CSI NodeStageVolume
- // and NodeStageVolume and NodeUnstageVolume calls.
- // This field is optional, and may be empty if no secret is required. If the
- // secret object contains more than one secret, all secrets are passed.
- // +optional
- NodeStageSecretRef *SecretReference `json:"nodeStageSecretRef,omitempty"`
-
- // NodePublishSecretRef is a reference to the secret object containing
- // sensitive information to pass to the CSI driver to complete the CSI
- // NodePublishVolume and NodeUnpublishVolume calls.
- // This field is optional, and may be empty if no secret is required. If the
- // secret object contains more than one secret, all secrets are passed.
- // +optional
- NodePublishSecretRef *SecretReference `json:"nodePublishSecretRef,omitempty"`
-
- // ControllerExpandSecretRef is a reference to the secret object containing
- // sensitive information to pass to the CSI driver to complete the CSI
- // ControllerExpandVolume call.
- // This is an alpha field and requires enabling ExpandCSIVolumes feature gate.
- // This field is optional, and may be empty if no secret is required. If the
- // secret object contains more than one secret, all secrets are passed.
- // +optional
- ControllerExpandSecretRef *SecretReference `json:"controllerExpandSecretRef,omitempty"`
-}
-
-// Represents a source location of a volume to mount, managed by an external CSI driver
-type CSIVolumeSource struct {
- // Driver is the name of the CSI driver that handles this volume.
- // Consult with your admin for the correct name as registered in the cluster.
- Driver string `json:"driver"`
-
- // Specifies a read-only configuration for the volume.
- // Defaults to false (read/write).
- // +optional
- ReadOnly *bool `json:"readOnly,omitempty"`
-
- // Filesystem type to mount. Ex. "ext4", "xfs", "ntfs".
- // If not provided, the empty value is passed to the associated CSI driver
- // which will determine the default filesystem to apply.
- // +optional
- FSType *string `json:"fsType,omitempty"`
-
- // VolumeAttributes stores driver-specific properties that are passed to the CSI
- // driver. Consult your driver's documentation for supported values.
- // +optional
- VolumeAttributes map[string]string `json:"volumeAttributes,omitempty"`
-
- // NodePublishSecretRef is a reference to the secret object containing
- // sensitive information to pass to the CSI driver to complete the CSI
- // NodePublishVolume and NodeUnpublishVolume calls.
- // This field is optional, and may be empty if no secret is required. If the
- // secret object contains more than one secret, all secret references are passed.
- // +optional
- NodePublishSecretRef *LocalObjectReference `json:"nodePublishSecretRef,omitempty"`
-}
-
-// Represents an ephemeral volume that is handled by a normal storage driver.
-type EphemeralVolumeSource struct {
- // Will be used to create a stand-alone PVC to provision the volume.
- // The pod in which this EphemeralVolumeSource is embedded will be the
- // owner of the PVC, i.e. the PVC will be deleted together with the
- // pod. The name of the PVC will be `<pod name>-<volume name>` where
- // `<volume name>` is the name from the `PodSpec.Volumes` array
- // entry. Pod validation will reject the pod if the concatenated name
- // is not valid for a PVC (for example, too long).
- //
- // An existing PVC with that name that is not owned by the pod
- // will *not* be used for the pod to avoid using an unrelated
- // volume by mistake. Starting the pod is then blocked until
- // the unrelated PVC is removed. If such a pre-created PVC is
- // meant to be used by the pod, the PVC has to updated with an
- // owner reference to the pod once the pod exists. Normally
- // this should not be necessary, but it may be useful when
- // manually reconstructing a broken cluster.
- //
- // This field is read-only and no changes will be made by Kubernetes
- // to the PVC after it has been created.
- //
- // Required, must not be nil.
- VolumeClaimTemplate *PersistentVolumeClaimTemplate `json:"volumeClaimTemplate,omitempty"`
-
- // ReadOnly is tombstoned to show why 2 is a reserved protobuf tag.
- // ReadOnly bool `json:"readOnly,omitempty"`
-}
-
// PersistentVolumeClaimTemplate is used to produce
// PersistentVolumeClaim objects as part of an EphemeralVolumeSource.
type PersistentVolumeClaimTemplate struct {
@@ -2880,84 +1749,6 @@ type PreferredSchedulingTerm struct {
Preference NodeSelectorTerm `json:"preference"`
}
-// The node this Taint is attached to has the "effect" on
-// any pod that does not tolerate the Taint.
-type Taint struct {
- // Required. The taint key to be applied to a node.
- Key string `json:"key"`
- // The taint value corresponding to the taint key.
- // +optional
- Value string `json:"value,omitempty"`
- // Required. The effect of the taint on pods
- // that do not tolerate the taint.
- // Valid effects are NoSchedule, PreferNoSchedule and NoExecute.
- Effect TaintEffect `json:"effect"`
- // TimeAdded represents the time at which the taint was added.
- // It is only written for NoExecute taints.
- // +optional
- TimeAdded *metav1.Time `json:"timeAdded,omitempty"`
-}
-
-type TaintEffect string
-
-const (
- // Do not allow new pods to schedule onto the node unless they tolerate the taint,
- // but allow all pods submitted to Kubelet without going through the scheduler
- // to start, and allow all already-running pods to continue running.
- // Enforced by the scheduler.
- TaintEffectNoSchedule TaintEffect = "NoSchedule"
- // Like TaintEffectNoSchedule, but the scheduler tries not to schedule
- // new pods onto the node, rather than prohibiting new pods from scheduling
- // onto the node entirely. Enforced by the scheduler.
- TaintEffectPreferNoSchedule TaintEffect = "PreferNoSchedule"
- // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented.
- // Like TaintEffectNoSchedule, but additionally do not allow pods submitted to
- // Kubelet without going through the scheduler to start.
- // Enforced by Kubelet and the scheduler.
- // TaintEffectNoScheduleNoAdmit TaintEffect = "NoScheduleNoAdmit"
-
- // Evict any already-running pods that do not tolerate the taint.
- // Currently enforced by NodeController.
- TaintEffectNoExecute TaintEffect = "NoExecute"
-)
-
-// The pod this Toleration is attached to tolerates any taint that matches
-// the triple <key,value,effect> using the matching operator <operator>.
-type Toleration struct {
- // Key is the taint key that the toleration applies to. Empty means match all taint keys.
- // If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- // +optional
- Key string `json:"key,omitempty"`
- // Operator represents a key's relationship to the value.
- // Valid operators are Exists and Equal. Defaults to Equal.
- // Exists is equivalent to wildcard for value, so that a pod can
- // tolerate all taints of a particular category.
- // +optional
- Operator TolerationOperator `json:"operator,omitempty"`
- // Value is the taint value the toleration matches to.
- // If the operator is Exists, the value should be empty, otherwise just a regular string.
- // +optional
- Value string `json:"value,omitempty"`
- // Effect indicates the taint effect to match. Empty means match all taint effects.
- // When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- // +optional
- Effect TaintEffect `json:"effect,omitempty"`
- // TolerationSeconds represents the period of time the toleration (which must be
- // of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
- // it is not set, which means tolerate the taint forever (do not evict). Zero and
- // negative values will be treated as 0 (evict immediately) by the system.
- // +optional
- TolerationSeconds *int64 `json:"tolerationSeconds,omitempty"`
-}
-
-// A toleration operator is the set of operators that can be used in a toleration.
-type TolerationOperator string
-
-const (
- TolerationOpExists TolerationOperator = "Exists"
- TolerationOpEqual TolerationOperator = "Equal"
-)
-
// PodReadinessGate contains the reference to a pod condition
type PodReadinessGate struct {
// ConditionType refers to a condition in the pod's condition list with matching type.
@@ -3109,9 +1900,6 @@ type PodSpec struct {
// If not specified, the pod will be dispatched by default scheduler.
// +optional
SchedulerName string `json:"schedulerName,omitempty"`
- // If specified, the pod's tolerations.
- // +optional
- Tolerations []Toleration `json:"tolerations,omitempty"`
// HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts
// file if specified. This is only valid for non-hostNetwork pods.
// +optional
@@ -3299,11 +2087,6 @@ type PodSecurityContext struct {
// takes precedence for that container.
// +optional
SELinuxOptions *SELinuxOptions `json:"seLinuxOptions,omitempty"`
- // The Windows specific settings applied to all containers.
- // If unspecified, the options within a container's SecurityContext will be used.
- // If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
- // +optional
- WindowsOptions *WindowsSecurityContextOptions `json:"windowsOptions,omitempty"`
// The UID to run the entrypoint of the container process.
// Defaults to user specified in image metadata if unspecified.
// May also be set in SecurityContext. If set in both SecurityContext and
@@ -4589,74 +3372,6 @@ type EndpointPort struct {
AppProtocol *string `json:"appProtocol,omitempty"`
}
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// EndpointsList is a list of endpoints.
-type EndpointsList struct {
- metav1.TypeMeta `json:",inline"`
- // Standard list metadata.
- // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- // +optional
- metav1.ListMeta `json:"metadata,omitempty"`
-
- // List of endpoints.
- Items []Endpoints `json:"items"`
-}
-
-// NodeSpec describes the attributes that a node is created with.
-type NodeSpec struct {
- // PodCIDR represents the pod IP range assigned to the node.
- // +optional
- PodCIDR string `json:"podCIDR,omitempty"`
-
- // podCIDRs represents the IP ranges assigned to the node for usage by Pods on that node. If this
- // field is specified, the 0th entry must match the podCIDR field. It may contain at most 1 value for
- // each of IPv4 and IPv6.
- // +optional
- // +patchStrategy=merge
- PodCIDRs []string `json:"podCIDRs,omitempty"`
-
- // ID of the node assigned by the cloud provider in the format: <ProviderName>://<ProviderSpecificNodeID>
- // +optional
- ProviderID string `json:"providerID,omitempty"`
- // Unschedulable controls node schedulability of new pods. By default, node is schedulable.
- // More info: https://kubernetes.io/docs/concepts/nodes/node/#manual-node-administration
- // +optional
- Unschedulable bool `json:"unschedulable,omitempty"`
- // If specified, the node's taints.
- // +optional
- Taints []Taint `json:"taints,omitempty"`
-
- // Deprecated. If specified, the source of the node's configuration.
- // The DynamicKubeletConfig feature gate must be enabled for the Kubelet to use this field.
- // This field is deprecated as of 1.22: https://git.k8s.io/enhancements/keps/sig-node/281-dynamic-kubelet-configuration
- // +optional
- ConfigSource *NodeConfigSource `json:"configSource,omitempty"`
-
- // Deprecated. Not all kubelets will set this field. Remove field after 1.13.
- // see: https://issues.k8s.io/61966
- // +optional
- DoNotUseExternalID string `json:"externalID,omitempty"`
-}
-
-// NodeConfigSource specifies a source of node configuration. Exactly one subfield (excluding metadata) must be non-nil.
-// This API is deprecated since 1.22
-type NodeConfigSource struct {
- // For historical context, regarding the below kind, apiVersion, and configMapRef deprecation tags:
- // 1. kind/apiVersion were used by the kubelet to persist this struct to disk (they had no protobuf tags)
- // 2. configMapRef and proto tag 1 were used by the API to refer to a configmap,
- // but used a generic ObjectReference type that didn't really have the fields we needed
- // All uses/persistence of the NodeConfigSource struct prior to 1.11 were gated by alpha feature flags,
- // so there was no persisted data for these fields that needed to be migrated/handled.
-
- // +k8s:deprecated=kind
- // +k8s:deprecated=apiVersion
- // +k8s:deprecated=configMapRef,protobuf=1
-
- // ConfigMap is a reference to a Node's ConfigMap
- ConfigMap *ConfigMapNodeConfigSource `json:"configMap,omitempty"`
-}
-
// ConfigMapNodeConfigSource contains the information to reference a ConfigMap as a config source for the Node.
// This API is deprecated since 1.22: https://git.k8s.io/enhancements/keps/sig-node/281-dynamic-kubelet-configuration
type ConfigMapNodeConfigSource struct {
@@ -4683,196 +3398,6 @@ type ConfigMapNodeConfigSource struct {
KubeletConfigKey string `json:"kubeletConfigKey"`
}
-// DaemonEndpoint contains information about a single Daemon endpoint.
-type DaemonEndpoint struct {
- /*
- The port tag was not properly in quotes in earlier releases, so it must be
- uppercased for backwards compat (since it was falling back to var name of
- 'Port').
- */
-
- // Port number of the given endpoint.
- Port int32 `json:"Port"`
-}
-
-// NodeDaemonEndpoints lists ports opened by daemons running on the Node.
-type NodeDaemonEndpoints struct {
- // Endpoint on which Kubelet is listening.
- // +optional
- KubeletEndpoint DaemonEndpoint `json:"kubeletEndpoint,omitempty"`
-}
-
-// NodeSystemInfo is a set of ids/uuids to uniquely identify the node.
-type NodeSystemInfo struct {
- // MachineID reported by the node. For unique machine identification
- // in the cluster this field is preferred. Learn more from man(5)
- // machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html
- MachineID string `json:"machineID"`
- // SystemUUID reported by the node. For unique machine identification
- // MachineID is preferred. This field is specific to Red Hat hosts
- // https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid
- SystemUUID string `json:"systemUUID"`
- // Boot ID reported by the node.
- BootID string `json:"bootID"`
- // Kernel Version reported by the node from 'uname -r' (e.g. 3.16.0-0.bpo.4-amd64).
- KernelVersion string `json:"kernelVersion"`
- // OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux 7 (wheezy)).
- OSImage string `json:"osImage"`
- // ContainerRuntime Version reported by the node through runtime remote API (e.g. docker://1.5.0).
- ContainerRuntimeVersion string `json:"containerRuntimeVersion"`
- // Kubelet Version reported by the node.
- KubeletVersion string `json:"kubeletVersion"`
- // KubeProxy Version reported by the node.
- KubeProxyVersion string `json:"kubeProxyVersion"`
- // The Operating System reported by the node
- OperatingSystem string `json:"operatingSystem"`
- // The Architecture reported by the node
- Architecture string `json:"architecture"`
-}
-
-// NodeConfigStatus describes the status of the config assigned by Node.Spec.ConfigSource.
-type NodeConfigStatus struct {
- // Assigned reports the checkpointed config the node will try to use.
- // When Node.Spec.ConfigSource is updated, the node checkpoints the associated
- // config payload to local disk, along with a record indicating intended
- // config. The node refers to this record to choose its config checkpoint, and
- // reports this record in Assigned. Assigned only updates in the status after
- // the record has been checkpointed to disk. When the Kubelet is restarted,
- // it tries to make the Assigned config the Active config by loading and
- // validating the checkpointed payload identified by Assigned.
- // +optional
- Assigned *NodeConfigSource `json:"assigned,omitempty"`
- // Active reports the checkpointed config the node is actively using.
- // Active will represent either the current version of the Assigned config,
- // or the current LastKnownGood config, depending on whether attempting to use the
- // Assigned config results in an error.
- // +optional
- Active *NodeConfigSource `json:"active,omitempty"`
- // LastKnownGood reports the checkpointed config the node will fall back to
- // when it encounters an error attempting to use the Assigned config.
- // The Assigned config becomes the LastKnownGood config when the node determines
- // that the Assigned config is stable and correct.
- // This is currently implemented as a 10-minute soak period starting when the local
- // record of Assigned config is updated. If the Assigned config is Active at the end
- // of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is
- // reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil,
- // because the local default config is always assumed good.
- // You should not make assumptions about the node's method of determining config stability
- // and correctness, as this may change or become configurable in the future.
- // +optional
- LastKnownGood *NodeConfigSource `json:"lastKnownGood,omitempty"`
- // Error describes any problems reconciling the Spec.ConfigSource to the Active config.
- // Errors may occur, for example, attempting to checkpoint Spec.ConfigSource to the local Assigned
- // record, attempting to checkpoint the payload associated with Spec.ConfigSource, attempting
- // to load or validate the Assigned config, etc.
- // Errors may occur at different points while syncing config. Earlier errors (e.g. download or
- // checkpointing errors) will not result in a rollback to LastKnownGood, and may resolve across
- // Kubelet retries. Later errors (e.g. loading or validating a checkpointed config) will result in
- // a rollback to LastKnownGood. In the latter case, it is usually possible to resolve the error
- // by fixing the config assigned in Spec.ConfigSource.
- // You can find additional information for debugging by searching the error message in the Kubelet log.
- // Error is a human-readable description of the error state; machines can check whether or not Error
- // is empty, but should not rely on the stability of the Error text across Kubelet versions.
- // +optional
- Error string `json:"error,omitempty"`
-}
-
-// NodeStatus is information about the current status of a node.
-type NodeStatus struct {
- // Capacity represents the total resources of a node.
- // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity
- // +optional
- Capacity ResourceList `json:"capacity,omitempty"`
- // Allocatable represents the resources of a node that are available for scheduling.
- // Defaults to Capacity.
- // +optional
- Allocatable ResourceList `json:"allocatable,omitempty"`
- // NodePhase is the recently observed lifecycle phase of the node.
- // More info: https://kubernetes.io/docs/concepts/nodes/node/#phase
- // The field is never populated, and now is deprecated.
- // +optional
- Phase NodePhase `json:"phase,omitempty"`
- // Conditions is an array of current observed node conditions.
- // More info: https://kubernetes.io/docs/concepts/nodes/node/#condition
- // +optional
- // +patchMergeKey=type
- // +patchStrategy=merge
- Conditions []NodeCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
- // List of addresses reachable to the node.
- // Queried from cloud provider, if available.
- // More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses
- // Note: This field is declared as mergeable, but the merge key is not sufficiently
- // unique, which can cause data corruption when it is merged. Callers should instead
- // use a full-replacement patch. See http://pr.k8s.io/79391 for an example.
- // +optional
- // +patchMergeKey=type
- // +patchStrategy=merge
- Addresses []NodeAddress `json:"addresses,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
- // Endpoints of daemons running on the Node.
- // +optional
- DaemonEndpoints NodeDaemonEndpoints `json:"daemonEndpoints,omitempty"`
- // Set of ids/uuids to uniquely identify the node.
- // More info: https://kubernetes.io/docs/concepts/nodes/node/#info
- // +optional
- NodeInfo NodeSystemInfo `json:"nodeInfo,omitempty"`
- // List of container images on this node
- // +optional
- Images []ContainerImage `json:"images,omitempty"`
- // List of attachable volumes in use (mounted) by the node.
- // +optional
- VolumesInUse []UniqueVolumeName `json:"volumesInUse,omitempty"`
- // List of volumes that are attached to the node.
- // +optional
- VolumesAttached []AttachedVolume `json:"volumesAttached,omitempty"`
- // Status of the config assigned to the node via the dynamic Kubelet config feature.
- // +optional
- Config *NodeConfigStatus `json:"config,omitempty"`
-}
-
-type UniqueVolumeName string
-
-// AttachedVolume describes a volume attached to a node
-type AttachedVolume struct {
- // Name of the attached volume
- Name UniqueVolumeName `json:"name"`
-
- // DevicePath represents the device path where the volume should be available
- DevicePath string `json:"devicePath"`
-}
-
-// AvoidPods describes pods that should avoid this node. This is the value for a
-// Node annotation with key scheduler.alpha.kubernetes.io/preferAvoidPods and
-// will eventually become a field of NodeStatus.
-type AvoidPods struct {
- // Bounded-sized list of signatures of pods that should avoid this node, sorted
- // in timestamp order from oldest to newest. Size of the slice is unspecified.
- // +optional
- PreferAvoidPods []PreferAvoidPodsEntry `json:"preferAvoidPods,omitempty"`
-}
-
-// Describes a class of pods that should avoid this node.
-type PreferAvoidPodsEntry struct {
- // The class of pods.
- PodSignature PodSignature `json:"podSignature"`
- // Time at which this entry was added to the list.
- // +optional
- EvictionTime metav1.Time `json:"evictionTime,omitempty"`
- // (brief) reason why this entry was added to the list.
- // +optional
- Reason string `json:"reason,omitempty"`
- // Human readable message indicating why this entry was added to the list.
- // +optional
- Message string `json:"message,omitempty"`
-}
-
-// Describes the class of pods that should avoid this node.
-// Exactly one field should be set.
-type PodSignature struct {
- // Reference to controller whose pods should avoid this node.
- // +optional
- PodController *metav1.OwnerReference `json:"podController,omitempty"`
-}
-
// Describe a container image
type ContainerImage struct {
// Names by which this image is known.
@@ -4884,108 +3409,6 @@ type ContainerImage struct {
SizeBytes int64 `json:"sizeBytes,omitempty"`
}
-type NodePhase string
-
-// These are the valid phases of node.
-const (
- // NodePending means the node has been created/added by the system, but not configured.
- NodePending NodePhase = "Pending"
- // NodeRunning means the node has been configured and has Kubernetes components running.
- NodeRunning NodePhase = "Running"
- // NodeTerminated means the node has been removed from the cluster.
- NodeTerminated NodePhase = "Terminated"
-)
-
-type NodeConditionType string
-
-// These are valid conditions of node. Currently, we don't have enough information to decide
-// node condition. In the future, we will add more. The proposed set of conditions are:
-// NodeReachable, NodeLive, NodeReady, NodeSchedulable, NodeRunnable.
-const (
- // NodeReady means kubelet is healthy and ready to accept pods.
- NodeReady NodeConditionType = "Ready"
- // NodeMemoryPressure means the kubelet is under pressure due to insufficient available memory.
- NodeMemoryPressure NodeConditionType = "MemoryPressure"
- // NodeDiskPressure means the kubelet is under pressure due to insufficient available disk.
- NodeDiskPressure NodeConditionType = "DiskPressure"
- // NodePIDPressure means the kubelet is under pressure due to insufficient available PID.
- NodePIDPressure NodeConditionType = "PIDPressure"
- // NodeNetworkUnavailable means that network for the node is not correctly configured.
- NodeNetworkUnavailable NodeConditionType = "NetworkUnavailable"
-)
-
-// NodeCondition contains condition information for a node.
-type NodeCondition struct {
- // Type of node condition.
- Type NodeConditionType `json:"type"`
- // Status of the condition, one of True, False, Unknown.
- Status ConditionStatus `json:"status"`
- // Last time we got an update on a given condition.
- // +optional
- LastHeartbeatTime metav1.Time `json:"lastHeartbeatTime,omitempty"`
- // Last time the condition transit from one status to another.
- // +optional
- LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
- // (brief) reason for the condition's last transition.
- // +optional
- Reason string `json:"reason,omitempty"`
- // Human readable message indicating details about last transition.
- // +optional
- Message string `json:"message,omitempty"`
-}
-
-type NodeAddressType string
-
-// These are valid address type of node.
-const (
- // NodeHostName identifies a name of the node. Although every node can be assumed
- // to have a NodeAddress of this type, its exact syntax and semantics are not
- // defined, and are not consistent between different clusters.
- NodeHostName NodeAddressType = "Hostname"
-
- // NodeInternalIP identifies an IP address which is assigned to one of the node's
- // network interfaces. Every node should have at least one address of this type.
- //
- // An internal IP is normally expected to be reachable from every other node, but
- // may not be visible to hosts outside the cluster. By default it is assumed that
- // kube-apiserver can reach node internal IPs, though it is possible to configure
- // clusters where this is not the case.
- //
- // NodeInternalIP is the default type of node IP, and does not necessarily imply
- // that the IP is ONLY reachable internally. If a node has multiple internal IPs,
- // no specific semantics are assigned to the additional IPs.
- NodeInternalIP NodeAddressType = "InternalIP"
-
- // NodeExternalIP identifies an IP address which is, in some way, intended to be
- // more usable from outside the cluster then an internal IP, though no specific
- // semantics are defined. It may be a globally routable IP, though it is not
- // required to be.
- //
- // External IPs may be assigned directly to an interface on the node, like a
- // NodeInternalIP, or alternatively, packets sent to the external IP may be NAT'ed
- // to an internal node IP rather than being delivered directly (making the IP less
- // efficient for node-to-node traffic than a NodeInternalIP).
- NodeExternalIP NodeAddressType = "ExternalIP"
-
- // NodeInternalDNS identifies a DNS name which resolves to an IP address which has
- // the characteristics of a NodeInternalIP. The IP it resolves to may or may not
- // be a listed NodeInternalIP address.
- NodeInternalDNS NodeAddressType = "InternalDNS"
-
- // NodeExternalDNS identifies a DNS name which resolves to an IP address which has
- // the characteristics of a NodeExternalIP. The IP it resolves to may or may not
- // be a listed NodeExternalIP address.
- NodeExternalDNS NodeAddressType = "ExternalDNS"
-)
-
-// NodeAddress contains information for the node's address.
-type NodeAddress struct {
- // Node address type, one of Hostname, ExternalIP or InternalIP.
- Type NodeAddressType `json:"type"`
- // The node address.
- Address string `json:"address"`
-}
-
// ResourceName is the name identifying various resources in a ResourceList.
type ResourceName string
@@ -5018,189 +3441,6 @@ const (
// ResourceList is a set of (resource name, quantity) pairs.
type ResourceList map[ResourceName]resource.Quantity
-// +genclient
-// +genclient:nonNamespaced
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// Node is a worker node in Kubernetes.
-// Each node will have a unique identifier in the cache (i.e. in etcd).
-type Node struct {
- metav1.TypeMeta `json:",inline"`
- // Standard object's metadata.
- // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
- // +optional
- metav1.ObjectMeta `json:"metadata,omitempty"`
-
- // Spec defines the behavior of a node.
- // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
- // +optional
- Spec NodeSpec `json:"spec,omitempty"`
-
- // Most recently observed status of the node.
- // Populated by the system.
- // Read-only.
- // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
- // +optional
- Status NodeStatus `json:"status,omitempty"`
-}
-
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// NodeList is the whole list of all Nodes which have been registered with master.
-type NodeList struct {
- metav1.TypeMeta `json:",inline"`
- // Standard list metadata.
- // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- // +optional
- metav1.ListMeta `json:"metadata,omitempty"`
-
- // List of nodes
- Items []Node `json:"items"`
-}
-
-// FinalizerName is the name identifying a finalizer during namespace lifecycle.
-type FinalizerName string
-
-// These are internal finalizer values to Kubernetes, must be qualified name unless defined here or
-// in metav1.
-const (
- FinalizerKubernetes FinalizerName = "kubernetes"
-)
-
-// NamespaceSpec describes the attributes on a Namespace.
-type NamespaceSpec struct {
- // Finalizers is an opaque list of values that must be empty to permanently remove object from storage.
- // More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/
- // +optional
- Finalizers []FinalizerName `json:"finalizers,omitempty"`
-}
-
-// NamespaceStatus is information about the current status of a Namespace.
-type NamespaceStatus struct {
- // Phase is the current lifecycle phase of the namespace.
- // More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/
- // +optional
- Phase NamespacePhase `json:"phase,omitempty"`
-
- // Represents the latest available observations of a namespace's current state.
- // +optional
- // +patchMergeKey=type
- // +patchStrategy=merge
- Conditions []NamespaceCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
-}
-
-type NamespacePhase string
-
-// These are the valid phases of a namespace.
-const (
- // NamespaceActive means the namespace is available for use in the system
- NamespaceActive NamespacePhase = "Active"
- // NamespaceTerminating means the namespace is undergoing graceful termination
- NamespaceTerminating NamespacePhase = "Terminating"
-)
-
-const (
- // NamespaceTerminatingCause is returned as a defaults.cause item when a change is
- // forbidden due to the namespace being terminated.
- NamespaceTerminatingCause metav1.CauseType = "NamespaceTerminating"
-)
-
-type NamespaceConditionType string
-
-// These are valid conditions of a namespace.
-const (
- // NamespaceDeletionDiscoveryFailure contains information about namespace deleter errors during resource discovery.
- NamespaceDeletionDiscoveryFailure NamespaceConditionType = "NamespaceDeletionDiscoveryFailure"
- // NamespaceDeletionContentFailure contains information about namespace deleter errors during deletion of resources.
- NamespaceDeletionContentFailure NamespaceConditionType = "NamespaceDeletionContentFailure"
- // NamespaceDeletionGVParsingFailure contains information about namespace deleter errors parsing GV for legacy types.
- NamespaceDeletionGVParsingFailure NamespaceConditionType = "NamespaceDeletionGroupVersionParsingFailure"
- // NamespaceContentRemaining contains information about resources remaining in a namespace.
- NamespaceContentRemaining NamespaceConditionType = "NamespaceContentRemaining"
- // NamespaceFinalizersRemaining contains information about which finalizers are on resources remaining in a namespace.
- NamespaceFinalizersRemaining NamespaceConditionType = "NamespaceFinalizersRemaining"
-)
-
-// NamespaceCondition contains details about state of namespace.
-type NamespaceCondition struct {
- // Type of namespace controller condition.
- Type NamespaceConditionType `json:"type"`
- // Status of the condition, one of True, False, Unknown.
- Status ConditionStatus `json:"status"`
- // +optional
- LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
- // +optional
- Reason string `json:"reason,omitempty"`
- // +optional
- Message string `json:"message,omitempty"`
-}
-
-// +genclient
-// +genclient:nonNamespaced
-// +genclient:skipVerbs=deleteCollection
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// Namespace provides a scope for Names.
-// Use of multiple namespaces is optional.
-type Namespace struct {
- metav1.TypeMeta `json:",inline"`
- // Standard object's metadata.
- // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
- // +optional
- metav1.ObjectMeta `json:"metadata,omitempty"`
-
- // Spec defines the behavior of the Namespace.
- // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
- // +optional
- Spec NamespaceSpec `json:"spec,omitempty"`
-
- // Status describes the current status of a Namespace.
- // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
- // +optional
- Status NamespaceStatus `json:"status,omitempty"`
-}
-
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// NamespaceList is a list of Namespaces.
-type NamespaceList struct {
- metav1.TypeMeta `json:",inline"`
- // Standard list metadata.
- // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- // +optional
- metav1.ListMeta `json:"metadata,omitempty"`
-
- // Items is the list of Namespace objects in the list.
- // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
- Items []Namespace `json:"items"`
-}
-
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// Binding ties one object to another; for example, a pod is bound to a node by a scheduler.
-// Deprecated in 1.7, please use the bindings subresource of pods instead.
-type Binding struct {
- metav1.TypeMeta `json:",inline"`
- // Standard object's metadata.
- // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
- // +optional
- metav1.ObjectMeta `json:"metadata,omitempty"`
-
- // The target object that you want to bind to the standard object.
- Target ObjectReference `json:"target"`
-}
-
-// Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.
-// +k8s:openapi-gen=false
-type Preconditions struct {
- // Specifies the target UID.
- // +optional
- UID *types.UID `json:"uid,omitempty"`
-}
-
-// +k8s:conversion-gen:explicit-from=net/url.Values
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
// PodLogOptions is the query options for a Pod's logs REST call.
type PodLogOptions struct {
metav1.TypeMeta `json:",inline"`
@@ -6069,11 +4309,6 @@ type SecurityContext struct {
// PodSecurityContext, the value specified in SecurityContext takes precedence.
// +optional
SELinuxOptions *SELinuxOptions `json:"seLinuxOptions,omitempty"`
- // The Windows specific settings applied to all containers.
- // If unspecified, the options from the PodSecurityContext will be used.
- // If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
- // +optional
- WindowsOptions *WindowsSecurityContextOptions `json:"windowsOptions,omitempty"`
// The UID to run the entrypoint of the container process.
// Defaults to user specified in image metadata if unspecified.
// May also be set in PodSecurityContext. If set in both SecurityContext and
@@ -6149,52 +4384,6 @@ type SELinuxOptions struct {
Level string `json:"level,omitempty"`
}
-// WindowsSecurityContextOptions contain Windows-specific options and credentials.
-type WindowsSecurityContextOptions struct {
- // GMSACredentialSpecName is the name of the GMSA credential spec to use.
- // +optional
- GMSACredentialSpecName *string `json:"gmsaCredentialSpecName,omitempty"`
-
- // GMSACredentialSpec is where the GMSA admission webhook
- // (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
- // GMSA credential spec named by the GMSACredentialSpecName field.
- // +optional
- GMSACredentialSpec *string `json:"gmsaCredentialSpec,omitempty"`
-
- // The UserName in Windows to run the entrypoint of the container process.
- // Defaults to the user specified in image metadata if unspecified.
- // May also be set in PodSecurityContext. If set in both SecurityContext and
- // PodSecurityContext, the value specified in SecurityContext takes precedence.
- // +optional
- RunAsUserName *string `json:"runAsUserName,omitempty"`
-
- // HostProcess determines if a container should be run as a 'Host Process' container.
- // This field is alpha-level and will only be honored by components that enable the
- // WindowsHostProcessContainers feature flag. Setting this field without the feature
- // flag will result in errors when validating the Pod. All of a Pod's containers must
- // have the same effective HostProcess value (it is not allowed to have a mix of HostProcess
- // containers and non-HostProcess containers). In addition, if HostProcess is true
- // then HostNetwork must also be set to true.
- // +optional
- HostProcess *bool `json:"hostProcess,omitempty"`
-}
-
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
-// RangeAllocation is not a public type.
-type RangeAllocation struct {
- metav1.TypeMeta `json:",inline"`
- // Standard object's metadata.
- // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
- // +optional
- metav1.ObjectMeta `json:"metadata,omitempty"`
-
- // Range is string that identifies the range represented by 'data'.
- Range string `json:"range"`
- // Data is a bit array containing all allocated addresses in the previous segment.
- Data []byte `json:"data"`
-}
-
const (
// DefaultSchedulerName defines the name of default scheduler.
DefaultSchedulerName = "default-scheduler"