diff options
-rw-r--r-- | pkg/k8s.io/api/core/v1/taint.go | 39 | ||||
-rw-r--r-- | pkg/k8s.io/api/core/v1/toleration.go | 56 | ||||
-rw-r--r-- | pkg/k8s.io/api/core/v1/types.go | 1811 |
3 files changed, 0 insertions, 1906 deletions
diff --git a/pkg/k8s.io/api/core/v1/taint.go b/pkg/k8s.io/api/core/v1/taint.go deleted file mode 100644 index db71bd2fd..000000000 --- a/pkg/k8s.io/api/core/v1/taint.go +++ /dev/null @@ -1,39 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1 - -import "fmt" - -// MatchTaint checks if the taint matches taintToMatch. Taints are unique by key:effect, -// if the two taints have same key:effect, regard as they match. -func (t *Taint) MatchTaint(taintToMatch *Taint) bool { - return t.Key == taintToMatch.Key && t.Effect == taintToMatch.Effect -} - -// taint.ToString() converts taint struct to string in format '<key>=<value>:<effect>', '<key>=<value>:', '<key>:<effect>', or '<key>'. -func (t *Taint) ToString() string { - if len(t.Effect) == 0 { - if len(t.Value) == 0 { - return fmt.Sprintf("%v", t.Key) - } - return fmt.Sprintf("%v=%v:", t.Key, t.Value) - } - if len(t.Value) == 0 { - return fmt.Sprintf("%v:%v", t.Key, t.Effect) - } - return fmt.Sprintf("%v=%v:%v", t.Key, t.Value, t.Effect) -} diff --git a/pkg/k8s.io/api/core/v1/toleration.go b/pkg/k8s.io/api/core/v1/toleration.go deleted file mode 100644 index b203d335b..000000000 --- a/pkg/k8s.io/api/core/v1/toleration.go +++ /dev/null @@ -1,56 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1 - -// MatchToleration checks if the toleration matches tolerationToMatch. Tolerations are unique by <key,effect,operator,value>, -// if the two tolerations have same <key,effect,operator,value> combination, regard as they match. -// TODO: uniqueness check for tolerations in api validations. -func (t *Toleration) MatchToleration(tolerationToMatch *Toleration) bool { - return t.Key == tolerationToMatch.Key && - t.Effect == tolerationToMatch.Effect && - t.Operator == tolerationToMatch.Operator && - t.Value == tolerationToMatch.Value -} - -// ToleratesTaint checks if the toleration tolerates the taint. -// The matching follows the rules below: -// (1) Empty toleration.effect means to match all taint effects, -// otherwise taint effect must equal to toleration.effect. -// (2) If toleration.operator is 'Exists', it means to match all taint values. -// (3) Empty toleration.key means to match all taint keys. -// If toleration.key is empty, toleration.operator must be 'Exists'; -// this combination means to match all taint values and all taint keys. -func (t *Toleration) ToleratesTaint(taint *Taint) bool { - if len(t.Effect) > 0 && t.Effect != taint.Effect { - return false - } - - if len(t.Key) > 0 && t.Key != taint.Key { - return false - } - - // TODO: Use proper defaulting when Toleration becomes a field of PodSpec - switch t.Operator { - // empty operator means Equal - case "", TolerationOpEqual: - return t.Value == taint.Value - case TolerationOpExists: - return true - default: - return false - } -} diff --git a/pkg/k8s.io/api/core/v1/types.go b/pkg/k8s.io/api/core/v1/types.go index ab0e80cdb..833814bc6 100644 --- a/pkg/k8s.io/api/core/v1/types.go +++ b/pkg/k8s.io/api/core/v1/types.go @@ -23,15 +23,6 @@ import ( "github.com/containers/podman/v4/pkg/k8s.io/apimachinery/pkg/util/intstr" ) -const ( - // NamespaceDefault means the object is in the default namespace which is applied when not specified by clients - NamespaceDefault string = "default" - // NamespaceAll is the default argument to specify on a context when you want to list or filter resources across all namespaces - NamespaceAll string = "" - // NamespaceNodeLease is the namespace where we place node lease objects (used for node heartbeats) - NamespaceNodeLease string = "kube-node-lease" -) - // Volume represents a named volume in a pod that may be accessed by any container in the pod. type Volume struct { // Volume's name. @@ -57,133 +48,14 @@ type VolumeSource struct { // mount host directories as read/write. // +optional HostPath *HostPathVolumeSource `json:"hostPath,omitempty"` - // EmptyDir represents a temporary directory that shares a pod's lifetime. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - // +optional - EmptyDir *EmptyDirVolumeSource `json:"emptyDir,omitempty"` - // GCEPersistentDisk represents a GCE Disk resource that is attached to a - // kubelet's host machine and then exposed to the pod. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - // +optional - GCEPersistentDisk *GCEPersistentDiskVolumeSource `json:"gcePersistentDisk,omitempty"` - // AWSElasticBlockStore represents an AWS Disk resource that is attached to a - // kubelet's host machine and then exposed to the pod. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - // +optional - AWSElasticBlockStore *AWSElasticBlockStoreVolumeSource `json:"awsElasticBlockStore,omitempty"` - // GitRepo represents a git repository at a particular revision. - // DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an - // EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir - // into the Pod's container. - // +optional - GitRepo *GitRepoVolumeSource `json:"gitRepo,omitempty"` - // Secret represents a secret that should populate this volume. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - // +optional - Secret *SecretVolumeSource `json:"secret,omitempty"` - // NFS represents an NFS mount on the host that shares a pod's lifetime - // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - // +optional - NFS *NFSVolumeSource `json:"nfs,omitempty"` - // ISCSI represents an ISCSI Disk resource that is attached to a - // kubelet's host machine and then exposed to the pod. - // More info: https://examples.k8s.io/volumes/iscsi/README.md - // +optional - ISCSI *ISCSIVolumeSource `json:"iscsi,omitempty"` - // Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md - // +optional - Glusterfs *GlusterfsVolumeSource `json:"glusterfs,omitempty"` // PersistentVolumeClaimVolumeSource represents a reference to a // PersistentVolumeClaim in the same namespace. // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims // +optional PersistentVolumeClaim *PersistentVolumeClaimVolumeSource `json:"persistentVolumeClaim,omitempty"` - // RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. - // More info: https://examples.k8s.io/volumes/rbd/README.md - // +optional - RBD *RBDVolumeSource `json:"rbd,omitempty"` - // FlexVolume represents a generic volume resource that is - // provisioned/attached using an exec based plugin. - // +optional - FlexVolume *FlexVolumeSource `json:"flexVolume,omitempty"` - // Cinder represents a cinder volume attached and mounted on kubelets host machine. - // More info: https://examples.k8s.io/mysql-cinder-pd/README.md - // +optional - Cinder *CinderVolumeSource `json:"cinder,omitempty"` - // CephFS represents a Ceph FS mount on the host that shares a pod's lifetime - // +optional - CephFS *CephFSVolumeSource `json:"cephfs,omitempty"` - // Flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running - // +optional - Flocker *FlockerVolumeSource `json:"flocker,omitempty"` - // DownwardAPI represents downward API about the pod that should populate this volume - // +optional - DownwardAPI *DownwardAPIVolumeSource `json:"downwardAPI,omitempty"` - // FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. - // +optional - FC *FCVolumeSource `json:"fc,omitempty"` - // AzureFile represents an Azure File Service mount on the host and bind mount to the pod. - // +optional - AzureFile *AzureFileVolumeSource `json:"azureFile,omitempty"` // ConfigMap represents a configMap that should populate this volume // +optional ConfigMap *ConfigMapVolumeSource `json:"configMap,omitempty"` - // VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine - // +optional - VsphereVolume *VsphereVirtualDiskVolumeSource `json:"vsphereVolume,omitempty"` - // Quobyte represents a Quobyte mount on the host that shares a pod's lifetime - // +optional - Quobyte *QuobyteVolumeSource `json:"quobyte,omitempty"` - // AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. - // +optional - AzureDisk *AzureDiskVolumeSource `json:"azureDisk,omitempty"` - // PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine - PhotonPersistentDisk *PhotonPersistentDiskVolumeSource `json:"photonPersistentDisk,omitempty"` - // Items for all in one resources secrets, configmaps, and downward API - Projected *ProjectedVolumeSource `json:"projected,omitempty"` - // PortworxVolume represents a portworx volume attached and mounted on kubelets host machine - // +optional - PortworxVolume *PortworxVolumeSource `json:"portworxVolume,omitempty"` - // ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. - // +optional - ScaleIO *ScaleIOVolumeSource `json:"scaleIO,omitempty"` - // StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. - // +optional - StorageOS *StorageOSVolumeSource `json:"storageos,omitempty"` - // CSI (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). - // +optional - CSI *CSIVolumeSource `json:"csi,omitempty"` - // Ephemeral represents a volume that is handled by a cluster storage driver. - // The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, - // and deleted when the pod is removed. - // - // Use this if: - // a) the volume is only needed while the pod runs, - // b) features of normal volumes like restoring from snapshot or capacity - // tracking are needed, - // c) the storage driver is specified through a storage class, and - // d) the storage driver supports dynamic volume provisioning through - // a PersistentVolumeClaim (see EphemeralVolumeSource for more - // information on the connection between this volume type - // and PersistentVolumeClaim). - // - // Use PersistentVolumeClaim or one of the vendor-specific - // APIs for volumes that persist for longer than the lifecycle - // of an individual pod. - // - // Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to - // be used that way - see the documentation of the driver for - // more information. - // - // A pod can use both types of ephemeral volumes and - // persistent volumes at the same time. - // - // This is a beta feature and only available when the GenericEphemeralVolume - // feature gate is enabled. - // - // +optional - Ephemeral *EphemeralVolumeSource `json:"ephemeral,omitempty"` } // PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace. @@ -203,16 +75,6 @@ type PersistentVolumeClaimVolumeSource struct { // PersistentVolumeSource is similar to VolumeSource but meant for the // administrator who creates PVs. Exactly one of its members must be set. type PersistentVolumeSource struct { - // GCEPersistentDisk represents a GCE Disk resource that is attached to a - // kubelet's host machine and then exposed to the pod. Provisioned by an admin. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - // +optional - GCEPersistentDisk *GCEPersistentDiskVolumeSource `json:"gcePersistentDisk,omitempty"` - // AWSElasticBlockStore represents an AWS Disk resource that is attached to a - // kubelet's host machine and then exposed to the pod. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - // +optional - AWSElasticBlockStore *AWSElasticBlockStoreVolumeSource `json:"awsElasticBlockStore,omitempty"` // HostPath represents a directory on the host. // Provisioned by a developer or tester. // This is useful for single-node development and testing only! @@ -220,81 +82,8 @@ type PersistentVolumeSource struct { // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath // +optional HostPath *HostPathVolumeSource `json:"hostPath,omitempty"` - // Glusterfs represents a Glusterfs volume that is attached to a host and - // exposed to the pod. Provisioned by an admin. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md - // +optional - Glusterfs *GlusterfsPersistentVolumeSource `json:"glusterfs,omitempty"` - // NFS represents an NFS mount on the host. Provisioned by an admin. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - // +optional - NFS *NFSVolumeSource `json:"nfs,omitempty"` - // RBD represents a Rados Block Device mount on the host that shares a pod's lifetime. - // More info: https://examples.k8s.io/volumes/rbd/README.md - // +optional - RBD *RBDPersistentVolumeSource `json:"rbd,omitempty"` - // ISCSI represents an ISCSI Disk resource that is attached to a - // kubelet's host machine and then exposed to the pod. Provisioned by an admin. - // +optional - ISCSI *ISCSIPersistentVolumeSource `json:"iscsi,omitempty"` - // Cinder represents a cinder volume attached and mounted on kubelets host machine. - // More info: https://examples.k8s.io/mysql-cinder-pd/README.md - // +optional - Cinder *CinderPersistentVolumeSource `json:"cinder,omitempty"` - // CephFS represents a Ceph FS mount on the host that shares a pod's lifetime - // +optional - CephFS *CephFSPersistentVolumeSource `json:"cephfs,omitempty"` - // FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. - // +optional - FC *FCVolumeSource `json:"fc,omitempty"` - // Flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running - // +optional - Flocker *FlockerVolumeSource `json:"flocker,omitempty"` - // FlexVolume represents a generic volume resource that is - // provisioned/attached using an exec based plugin. - // +optional - FlexVolume *FlexPersistentVolumeSource `json:"flexVolume,omitempty"` - // AzureFile represents an Azure File Service mount on the host and bind mount to the pod. - // +optional - AzureFile *AzureFilePersistentVolumeSource `json:"azureFile,omitempty"` - // VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine - // +optional - VsphereVolume *VsphereVirtualDiskVolumeSource `json:"vsphereVolume,omitempty"` - // Quobyte represents a Quobyte mount on the host that shares a pod's lifetime - // +optional - Quobyte *QuobyteVolumeSource `json:"quobyte,omitempty"` - // AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. - // +optional - AzureDisk *AzureDiskVolumeSource `json:"azureDisk,omitempty"` - // PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine - PhotonPersistentDisk *PhotonPersistentDiskVolumeSource `json:"photonPersistentDisk,omitempty"` - // PortworxVolume represents a portworx volume attached and mounted on kubelets host machine - // +optional - PortworxVolume *PortworxVolumeSource `json:"portworxVolume,omitempty"` - // ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. - // +optional - ScaleIO *ScaleIOPersistentVolumeSource `json:"scaleIO,omitempty"` - // Local represents directly-attached storage with node affinity - // +optional - Local *LocalVolumeSource `json:"local,omitempty"` - // StorageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod - // More info: https://examples.k8s.io/volumes/storageos/README.md - // +optional - StorageOS *StorageOSPersistentVolumeSource `json:"storageos,omitempty"` - // CSI represents storage that is handled by an external CSI driver (Beta feature). - // +optional - CSI *CSIPersistentVolumeSource `json:"csi,omitempty"` } -const ( - // BetaStorageClassAnnotation represents the beta/previous StorageClass annotation. - // It's currently still used and will be held for backwards compatibility - BetaStorageClassAnnotation = "volume.beta.kubernetes.io/storage-class" - - // MountOptionAnnotation defines mount option annotation used in PVs - MountOptionAnnotation = "volume.beta.kubernetes.io/mount-options" -) - // +genclient // +genclient:nonNamespaced // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object @@ -670,214 +459,6 @@ type EmptyDirVolumeSource struct { SizeLimit *resource.Quantity `json:"sizeLimit,omitempty"` } -// Represents a Glusterfs mount that lasts the lifetime of a pod. -// Glusterfs volumes do not support ownership management or SELinux relabeling. -type GlusterfsVolumeSource struct { - // EndpointsName is the endpoint name that details Glusterfs topology. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - EndpointsName string `json:"endpoints"` - - // Path is the Glusterfs volume path. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - Path string `json:"path"` - - // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. - // Defaults to false. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// Represents a Glusterfs mount that lasts the lifetime of a pod. -// Glusterfs volumes do not support ownership management or SELinux relabeling. -type GlusterfsPersistentVolumeSource struct { - // EndpointsName is the endpoint name that details Glusterfs topology. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - EndpointsName string `json:"endpoints"` - - // Path is the Glusterfs volume path. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - Path string `json:"path"` - - // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. - // Defaults to false. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - - // EndpointsNamespace is the namespace that contains Glusterfs endpoint. - // If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. - // More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - // +optional - EndpointsNamespace *string `json:"endpointsNamespace,omitempty"` -} - -// Represents a Rados Block Device mount that lasts the lifetime of a pod. -// RBD volumes support ownership management and SELinux relabeling. -type RBDVolumeSource struct { - // A collection of Ceph monitors. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - CephMonitors []string `json:"monitors"` - // The rados image name. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - RBDImage string `json:"image"` - // Filesystem type of the volume that you want to mount. - // Tip: Ensure that the filesystem type is supported by the host operating system. - // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string `json:"fsType,omitempty"` - // The rados pool name. - // Default is rbd. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - // +optional - RBDPool string `json:"pool,omitempty"` - // The rados user name. - // Default is admin. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - // +optional - RadosUser string `json:"user,omitempty"` - // Keyring is the path to key ring for RBDUser. - // Default is /etc/ceph/keyring. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - // +optional - Keyring string `json:"keyring,omitempty"` - // SecretRef is name of the authentication secret for RBDUser. If provided - // overrides keyring. - // Default is nil. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - // +optional - SecretRef *LocalObjectReference `json:"secretRef,omitempty"` - // ReadOnly here will force the ReadOnly setting in VolumeMounts. - // Defaults to false. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// Represents a Rados Block Device mount that lasts the lifetime of a pod. -// RBD volumes support ownership management and SELinux relabeling. -type RBDPersistentVolumeSource struct { - // A collection of Ceph monitors. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - CephMonitors []string `json:"monitors"` - // The rados image name. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - RBDImage string `json:"image"` - // Filesystem type of the volume that you want to mount. - // Tip: Ensure that the filesystem type is supported by the host operating system. - // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string `json:"fsType,omitempty"` - // The rados pool name. - // Default is rbd. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - // +optional - RBDPool string `json:"pool,omitempty"` - // The rados user name. - // Default is admin. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - // +optional - RadosUser string `json:"user,omitempty"` - // Keyring is the path to key ring for RBDUser. - // Default is /etc/ceph/keyring. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - // +optional - Keyring string `json:"keyring,omitempty"` - // SecretRef is name of the authentication secret for RBDUser. If provided - // overrides keyring. - // Default is nil. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - // +optional - SecretRef *SecretReference `json:"secretRef,omitempty"` - // ReadOnly here will force the ReadOnly setting in VolumeMounts. - // Defaults to false. - // More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// Represents a cinder volume resource in Openstack. -// A Cinder volume must exist before mounting to a container. -// The volume must also be in the same region as the kubelet. -// Cinder volumes support ownership management and SELinux relabeling. -type CinderVolumeSource struct { - // volume id used to identify the volume in cinder. - // More info: https://examples.k8s.io/mysql-cinder-pd/README.md - VolumeID string `json:"volumeID"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // More info: https://examples.k8s.io/mysql-cinder-pd/README.md - // +optional - FSType string `json:"fsType,omitempty"` - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // More info: https://examples.k8s.io/mysql-cinder-pd/README.md - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - // Optional: points to a secret object containing parameters used to connect - // to OpenStack. - // +optional - SecretRef *LocalObjectReference `json:"secretRef,omitempty"` -} - -// Represents a cinder volume resource in Openstack. -// A Cinder volume must exist before mounting to a container. -// The volume must also be in the same region as the kubelet. -// Cinder volumes support ownership management and SELinux relabeling. -type CinderPersistentVolumeSource struct { - // volume id used to identify the volume in cinder. - // More info: https://examples.k8s.io/mysql-cinder-pd/README.md - VolumeID string `json:"volumeID"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // More info: https://examples.k8s.io/mysql-cinder-pd/README.md - // +optional - FSType string `json:"fsType,omitempty"` - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // More info: https://examples.k8s.io/mysql-cinder-pd/README.md - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - // Optional: points to a secret object containing parameters used to connect - // to OpenStack. - // +optional - SecretRef *SecretReference `json:"secretRef,omitempty"` -} - -// Represents a Ceph Filesystem mount that lasts the lifetime of a pod -// Cephfs volumes do not support ownership management or SELinux relabeling. -type CephFSVolumeSource struct { - // Required: Monitors is a collection of Ceph monitors - // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - Monitors []string `json:"monitors"` - // Optional: Used as the mounted root, rather than the full Ceph tree, default is / - // +optional - Path string `json:"path,omitempty"` - // Optional: User is the rados user name, default is admin - // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - // +optional - User string `json:"user,omitempty"` - // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - // +optional - SecretFile string `json:"secretFile,omitempty"` - // Optional: SecretRef is reference to the authentication secret for User, default is empty. - // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - // +optional - SecretRef *LocalObjectReference `json:"secretRef,omitempty"` - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - // SecretReference represents a Secret Reference. It has enough information to retrieve secret // in any namespace // +structType=atomic @@ -890,47 +471,6 @@ type SecretReference struct { Namespace string `json:"namespace,omitempty"` } -// Represents a Ceph Filesystem mount that lasts the lifetime of a pod -// Cephfs volumes do not support ownership management or SELinux relabeling. -type CephFSPersistentVolumeSource struct { - // Required: Monitors is a collection of Ceph monitors - // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - Monitors []string `json:"monitors"` - // Optional: Used as the mounted root, rather than the full Ceph tree, default is / - // +optional - Path string `json:"path,omitempty"` - // Optional: User is the rados user name, default is admin - // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - // +optional - User string `json:"user,omitempty"` - // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - // +optional - SecretFile string `json:"secretFile,omitempty"` - // Optional: SecretRef is reference to the authentication secret for User, default is empty. - // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - // +optional - SecretRef *SecretReference `json:"secretRef,omitempty"` - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// Represents a Flocker volume mounted by the Flocker agent. -// One and only one of datasetName and datasetUUID should be set. -// Flocker volumes do not support ownership management or SELinux relabeling. -type FlockerVolumeSource struct { - // Name of the dataset stored as metadata -> name on the dataset for Flocker - // should be considered as deprecated - // +optional - DatasetName string `json:"datasetName,omitempty"` - // UUID of the dataset. This is unique identifier of a Flocker dataset - // +optional - DatasetUUID string `json:"datasetUUID,omitempty"` -} - // StorageMedium defines ways that storage can be allocated to a volume. type StorageMedium string @@ -953,172 +493,6 @@ const ( ProtocolSCTP Protocol = "SCTP" ) -// Represents a Persistent Disk resource in Google Compute Engine. -// -// A GCE PD must exist before mounting to a container. The disk must -// also be in the same GCE project and zone as the kubelet. A GCE PD -// can only be mounted as read/write once or read-only many times. GCE -// PDs support ownership management and SELinux relabeling. -type GCEPersistentDiskVolumeSource struct { - // Unique name of the PD resource in GCE. Used to identify the disk in GCE. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - PDName string `json:"pdName"` - // Filesystem type of the volume that you want to mount. - // Tip: Ensure that the filesystem type is supported by the host operating system. - // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string `json:"fsType,omitempty"` - // The partition in the volume that you want to mount. - // If omitted, the default is to mount by volume name. - // Examples: For volume /dev/sda1, you specify the partition as "1". - // Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - // +optional - Partition int32 `json:"partition,omitempty"` - // ReadOnly here will force the ReadOnly setting in VolumeMounts. - // Defaults to false. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// Represents a Quobyte mount that lasts the lifetime of a pod. -// Quobyte volumes do not support ownership management or SELinux relabeling. -type QuobyteVolumeSource struct { - // Registry represents a single or multiple Quobyte Registry services - // specified as a string as host:port pair (multiple entries are separated with commas) - // which acts as the central registry for volumes - Registry string `json:"registry"` - - // Volume is a string that references an already created Quobyte volume by name. - Volume string `json:"volume"` - - // ReadOnly here will force the Quobyte volume to be mounted with read-only permissions. - // Defaults to false. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - - // User to map volume access to - // Defaults to serivceaccount user - // +optional - User string `json:"user,omitempty"` - - // Group to map volume access to - // Default is no group - // +optional - Group string `json:"group,omitempty"` - - // Tenant owning the given Quobyte volume in the Backend - // Used with dynamically provisioned Quobyte volumes, value is set by the plugin - // +optional - Tenant string `json:"tenant,omitempty"` -} - -// FlexPersistentVolumeSource represents a generic persistent volume resource that is -// provisioned/attached using an exec based plugin. -type FlexPersistentVolumeSource struct { - // Driver is the name of the driver to use for this volume. - Driver string `json:"driver"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. - // +optional - FSType string `json:"fsType,omitempty"` - // Optional: SecretRef is reference to the secret object containing - // sensitive information to pass to the plugin scripts. This may be - // empty if no secret object is specified. If the secret object - // contains more than one secret, all secrets are passed to the plugin - // scripts. - // +optional - SecretRef *SecretReference `json:"secretRef,omitempty"` - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - // Optional: Extra command options if any. - // +optional - Options map[string]string `json:"options,omitempty"` -} - -// FlexVolume represents a generic volume resource that is -// provisioned/attached using an exec based plugin. -type FlexVolumeSource struct { - // Driver is the name of the driver to use for this volume. - Driver string `json:"driver"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. - // +optional - FSType string `json:"fsType,omitempty"` - // Optional: SecretRef is reference to the secret object containing - // sensitive information to pass to the plugin scripts. This may be - // empty if no secret object is specified. If the secret object - // contains more than one secret, all secrets are passed to the plugin - // scripts. - // +optional - SecretRef *LocalObjectReference `json:"secretRef,omitempty"` - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - // Optional: Extra command options if any. - // +optional - Options map[string]string `json:"options,omitempty"` -} - -// Represents a Persistent Disk resource in AWS. -// -// An AWS EBS disk must exist before mounting to a container. The disk -// must also be in the same AWS zone as the kubelet. An AWS EBS disk -// can only be mounted as read/write once. AWS EBS volumes support -// ownership management and SELinux relabeling. -type AWSElasticBlockStoreVolumeSource struct { - // Unique ID of the persistent disk resource in AWS (Amazon EBS volume). - // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - VolumeID string `json:"volumeID"` - // Filesystem type of the volume that you want to mount. - // Tip: Ensure that the filesystem type is supported by the host operating system. - // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string `json:"fsType,omitempty"` - // The partition in the volume that you want to mount. - // If omitted, the default is to mount by volume name. - // Examples: For volume /dev/sda1, you specify the partition as "1". - // Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - // +optional - Partition int32 `json:"partition,omitempty"` - // Specify "true" to force and set the ReadOnly property in VolumeMounts to "true". - // If omitted, the default is "false". - // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// Represents a volume that is populated with the contents of a git repository. -// Git repo volumes do not support ownership management. -// Git repo volumes support SELinux relabeling. -// -// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an -// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir -// into the Pod's container. -type GitRepoVolumeSource struct { - // Repository URL - Repository string `json:"repository"` - // Commit hash for the specified revision. - // +optional - Revision string `json:"revision,omitempty"` - // Target directory name. - // Must not contain or start with '..'. If '.' is supplied, the volume directory will be the - // git repository. Otherwise, if specified, the volume will contain the git repository in - // the subdirectory with the given name. - // +optional - Directory string `json:"directory,omitempty"` -} - // Adapts a Secret into a volume. // // The contents of the target Secret's Data field will be presented in a volume @@ -1178,377 +552,6 @@ type SecretProjection struct { Optional *bool `json:"optional,omitempty"` } -// Represents an NFS mount that lasts the lifetime of a pod. -// NFS volumes do not support ownership management or SELinux relabeling. -type NFSVolumeSource struct { - // Server is the hostname or IP address of the NFS server. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - Server string `json:"server"` - - // Path that is exported by the NFS server. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - Path string `json:"path"` - - // ReadOnly here will force - // the NFS export to be mounted with read-only permissions. - // Defaults to false. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// Represents an ISCSI disk. -// ISCSI volumes can only be mounted as read/write once. -// ISCSI volumes support ownership management and SELinux relabeling. -type ISCSIVolumeSource struct { - // iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port - // is other than default (typically TCP ports 860 and 3260). - TargetPortal string `json:"targetPortal"` - // Target iSCSI Qualified Name. - IQN string `json:"iqn"` - // iSCSI Target Lun number. - Lun int32 `json:"lun"` - // iSCSI Interface Name that uses an iSCSI transport. - // Defaults to 'default' (tcp). - // +optional - ISCSIInterface string `json:"iscsiInterface,omitempty"` - // Filesystem type of the volume that you want to mount. - // Tip: Ensure that the filesystem type is supported by the host operating system. - // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string `json:"fsType,omitempty"` - // ReadOnly here will force the ReadOnly setting in VolumeMounts. - // Defaults to false. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - // iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port - // is other than default (typically TCP ports 860 and 3260). - // +optional - Portals []string `json:"portals,omitempty"` - // whether support iSCSI Discovery CHAP authentication - // +optional - DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty"` - // whether support iSCSI Session CHAP authentication - // +optional - SessionCHAPAuth bool `json:"chapAuthSession,omitempty"` - // CHAP Secret for iSCSI target and initiator authentication - // +optional - SecretRef *LocalObjectReference `json:"secretRef,omitempty"` - // Custom iSCSI Initiator Name. - // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - // <target portal>:<volume name> will be created for the connection. - // +optional - InitiatorName *string `json:"initiatorName,omitempty"` -} - -// ISCSIPersistentVolumeSource represents an ISCSI disk. -// ISCSI volumes can only be mounted as read/write once. -// ISCSI volumes support ownership management and SELinux relabeling. -type ISCSIPersistentVolumeSource struct { - // iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port - // is other than default (typically TCP ports 860 and 3260). - TargetPortal string `json:"targetPortal"` - // Target iSCSI Qualified Name. - IQN string `json:"iqn"` - // iSCSI Target Lun number. - Lun int32 `json:"lun"` - // iSCSI Interface Name that uses an iSCSI transport. - // Defaults to 'default' (tcp). - // +optional - ISCSIInterface string `json:"iscsiInterface,omitempty"` - // Filesystem type of the volume that you want to mount. - // Tip: Ensure that the filesystem type is supported by the host operating system. - // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string `json:"fsType,omitempty"` - // ReadOnly here will force the ReadOnly setting in VolumeMounts. - // Defaults to false. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - // iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port - // is other than default (typically TCP ports 860 and 3260). - // +optional - Portals []string `json:"portals,omitempty"` - // whether support iSCSI Discovery CHAP authentication - // +optional - DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty"` - // whether support iSCSI Session CHAP authentication - // +optional - SessionCHAPAuth bool `json:"chapAuthSession,omitempty"` - // CHAP Secret for iSCSI target and initiator authentication - // +optional - SecretRef *SecretReference `json:"secretRef,omitempty"` - // Custom iSCSI Initiator Name. - // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - // <target portal>:<volume name> will be created for the connection. - // +optional - InitiatorName *string `json:"initiatorName,omitempty"` -} - -// Represents a Fibre Channel volume. -// Fibre Channel volumes can only be mounted as read/write once. -// Fibre Channel volumes support ownership management and SELinux relabeling. -type FCVolumeSource struct { - // Optional: FC target worldwide names (WWNs) - // +optional - TargetWWNs []string `json:"targetWWNs,omitempty"` - // Optional: FC target lun number - // +optional - Lun *int32 `json:"lun,omitempty"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // TODO: how do we prevent errors in the filesystem from compromising the machine - // +optional - FSType string `json:"fsType,omitempty"` - // Optional: Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - // Optional: FC volume world wide identifiers (wwids) - // Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. - // +optional - WWIDs []string `json:"wwids,omitempty"` -} - -// AzureFile represents an Azure File Service mount on the host and bind mount to the pod. -type AzureFileVolumeSource struct { - // the name of secret that contains Azure Storage Account Name and Key - SecretName string `json:"secretName"` - // Share Name - ShareName string `json:"shareName"` - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// AzureFile represents an Azure File Service mount on the host and bind mount to the pod. -type AzureFilePersistentVolumeSource struct { - // the name of secret that contains Azure Storage Account Name and Key - SecretName string `json:"secretName"` - // Share Name - ShareName string `json:"shareName"` - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - // the namespace of the secret that contains Azure Storage Account Name and Key - // default is the same as the Pod - // +optional - SecretNamespace *string `json:"secretNamespace"` -} - -// Represents a vSphere volume resource. -type VsphereVirtualDiskVolumeSource struct { - // Path that identifies vSphere volume vmdk - VolumePath string `json:"volumePath"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType string `json:"fsType,omitempty"` - // Storage Policy Based Management (SPBM) profile name. - // +optional - StoragePolicyName string `json:"storagePolicyName,omitempty"` - // Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - // +optional - StoragePolicyID string `json:"storagePolicyID,omitempty"` -} - -// Represents a Photon Controller persistent disk resource. -type PhotonPersistentDiskVolumeSource struct { - // ID that identifies Photon Controller persistent disk - PdID string `json:"pdID"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - FSType string `json:"fsType,omitempty"` -} - -type AzureDataDiskCachingMode string -type AzureDataDiskKind string - -const ( - AzureDataDiskCachingNone AzureDataDiskCachingMode = "None" - AzureDataDiskCachingReadOnly AzureDataDiskCachingMode = "ReadOnly" - AzureDataDiskCachingReadWrite AzureDataDiskCachingMode = "ReadWrite" - - AzureSharedBlobDisk AzureDataDiskKind = "Shared" - AzureDedicatedBlobDisk AzureDataDiskKind = "Dedicated" - AzureManagedDisk AzureDataDiskKind = "Managed" -) - -// AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. -type AzureDiskVolumeSource struct { - // The Name of the data disk in the blob storage - DiskName string `json:"diskName"` - // The URI the data disk in the blob storage - DataDiskURI string `json:"diskURI"` - // Host Caching mode: None, Read Only, Read Write. - // +optional - CachingMode *AzureDataDiskCachingMode `json:"cachingMode,omitempty"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType *string `json:"fsType,omitempty"` - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly *bool `json:"readOnly,omitempty"` - // Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared - Kind *AzureDataDiskKind `json:"kind,omitempty"` -} - -// PortworxVolumeSource represents a Portworx volume resource. -type PortworxVolumeSource struct { - // VolumeID uniquely identifies a Portworx volume - VolumeID string `json:"volumeID"` - // FSType represents the filesystem type to mount - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. - FSType string `json:"fsType,omitempty"` - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// ScaleIOVolumeSource represents a persistent ScaleIO volume -type ScaleIOVolumeSource struct { - // The host address of the ScaleIO API Gateway. - Gateway string `json:"gateway"` - // The name of the storage system as configured in ScaleIO. - System string `json:"system"` - // SecretRef references to the secret for ScaleIO user and other - // sensitive information. If this is not provided, Login operation will fail. - SecretRef *LocalObjectReference `json:"secretRef"` - // Flag to enable/disable SSL communication with Gateway, default false - // +optional - SSLEnabled bool `json:"sslEnabled,omitempty"` - // The name of the ScaleIO Protection Domain for the configured storage. - // +optional - ProtectionDomain string `json:"protectionDomain,omitempty"` - // The ScaleIO Storage Pool associated with the protection domain. - // +optional - StoragePool string `json:"storagePool,omitempty"` - // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - // Default is ThinProvisioned. - // +optional - StorageMode string `json:"storageMode,omitempty"` - // The name of a volume already created in the ScaleIO system - // that is associated with this volume source. - VolumeName string `json:"volumeName,omitempty"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". - // Default is "xfs". - // +optional - FSType string `json:"fsType,omitempty"` - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// ScaleIOPersistentVolumeSource represents a persistent ScaleIO volume -type ScaleIOPersistentVolumeSource struct { - // The host address of the ScaleIO API Gateway. - Gateway string `json:"gateway"` - // The name of the storage system as configured in ScaleIO. - System string `json:"system"` - // SecretRef references to the secret for ScaleIO user and other - // sensitive information. If this is not provided, Login operation will fail. - SecretRef *SecretReference `json:"secretRef"` - // Flag to enable/disable SSL communication with Gateway, default false - // +optional - SSLEnabled bool `json:"sslEnabled,omitempty"` - // The name of the ScaleIO Protection Domain for the configured storage. - // +optional - ProtectionDomain string `json:"protectionDomain,omitempty"` - // The ScaleIO Storage Pool associated with the protection domain. - // +optional - StoragePool string `json:"storagePool,omitempty"` - // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - // Default is ThinProvisioned. - // +optional - StorageMode string `json:"storageMode,omitempty"` - // The name of a volume already created in the ScaleIO system - // that is associated with this volume source. - VolumeName string `json:"volumeName,omitempty"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". - // Default is "xfs" - // +optional - FSType string `json:"fsType,omitempty"` - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` -} - -// Represents a StorageOS persistent volume resource. -type StorageOSVolumeSource struct { - // VolumeName is the human-readable name of the StorageOS volume. Volume - // names are only unique within a namespace. - VolumeName string `json:"volumeName,omitempty"` - // VolumeNamespace specifies the scope of the volume within StorageOS. If no - // namespace is specified then the Pod's namespace will be used. This allows the - // Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - // Set VolumeName to any name to override the default behaviour. - // Set to "default" if you are not using namespaces within StorageOS. - // Namespaces that do not pre-exist within StorageOS will be created. - // +optional - VolumeNamespace string `json:"volumeNamespace,omitempty"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType string `json:"fsType,omitempty"` - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - // SecretRef specifies the secret to use for obtaining the StorageOS API - // credentials. If not specified, default values will be attempted. - // +optional - SecretRef *LocalObjectReference `json:"secretRef,omitempty"` -} - -// Represents a StorageOS persistent volume resource. -type StorageOSPersistentVolumeSource struct { - // VolumeName is the human-readable name of the StorageOS volume. Volume - // names are only unique within a namespace. - VolumeName string `json:"volumeName,omitempty"` - // VolumeNamespace specifies the scope of the volume within StorageOS. If no - // namespace is specified then the Pod's namespace will be used. This allows the - // Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - // Set VolumeName to any name to override the default behaviour. - // Set to "default" if you are not using namespaces within StorageOS. - // Namespaces that do not pre-exist within StorageOS will be created. - // +optional - VolumeNamespace string `json:"volumeNamespace,omitempty"` - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - // +optional - FSType string `json:"fsType,omitempty"` - // Defaults to false (read/write). ReadOnly here will force - // the ReadOnly setting in VolumeMounts. - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - // SecretRef specifies the secret to use for obtaining the StorageOS API - // credentials. If not specified, default values will be attempted. - // +optional - SecretRef *ObjectReference `json:"secretRef,omitempty"` -} - // Adapts a ConfigMap into a volume. // // The contents of the target ConfigMap's Data field will be presented in a @@ -1688,140 +691,6 @@ type KeyToPath struct { Mode *int32 `json:"mode,omitempty"` } -// Local represents directly-attached storage with node affinity (Beta feature) -type LocalVolumeSource struct { - // The full path to the volume on the node. - // It can be either a directory or block device (disk, partition, ...). - Path string `json:"path"` - - // Filesystem type to mount. - // It applies only when the Path is a block device. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". The default value is to auto-select a fileystem if unspecified. - // +optional - FSType *string `json:"fsType,omitempty"` -} - -// Represents storage that is managed by an external CSI volume driver (Beta feature) -type CSIPersistentVolumeSource struct { - // Driver is the name of the driver to use for this volume. - // Required. - Driver string `json:"driver"` - - // VolumeHandle is the unique volume name returned by the CSI volume - // plugin’s CreateVolume to refer to the volume on all subsequent calls. - // Required. - VolumeHandle string `json:"volumeHandle"` - - // Optional: The value to pass to ControllerPublishVolumeRequest. - // Defaults to false (read/write). - // +optional - ReadOnly bool `json:"readOnly,omitempty"` - - // Filesystem type to mount. - // Must be a filesystem type supported by the host operating system. - // Ex. "ext4", "xfs", "ntfs". - // +optional - FSType string `json:"fsType,omitempty"` - - // Attributes of the volume to publish. - // +optional - VolumeAttributes map[string]string `json:"volumeAttributes,omitempty"` - - // ControllerPublishSecretRef is a reference to the secret object containing - // sensitive information to pass to the CSI driver to complete the CSI - // ControllerPublishVolume and ControllerUnpublishVolume calls. - // This field is optional, and may be empty if no secret is required. If the - // secret object contains more than one secret, all secrets are passed. - // +optional - ControllerPublishSecretRef *SecretReference `json:"controllerPublishSecretRef,omitempty"` - - // NodeStageSecretRef is a reference to the secret object containing sensitive - // information to pass to the CSI driver to complete the CSI NodeStageVolume - // and NodeStageVolume and NodeUnstageVolume calls. - // This field is optional, and may be empty if no secret is required. If the - // secret object contains more than one secret, all secrets are passed. - // +optional - NodeStageSecretRef *SecretReference `json:"nodeStageSecretRef,omitempty"` - - // NodePublishSecretRef is a reference to the secret object containing - // sensitive information to pass to the CSI driver to complete the CSI - // NodePublishVolume and NodeUnpublishVolume calls. - // This field is optional, and may be empty if no secret is required. If the - // secret object contains more than one secret, all secrets are passed. - // +optional - NodePublishSecretRef *SecretReference `json:"nodePublishSecretRef,omitempty"` - - // ControllerExpandSecretRef is a reference to the secret object containing - // sensitive information to pass to the CSI driver to complete the CSI - // ControllerExpandVolume call. - // This is an alpha field and requires enabling ExpandCSIVolumes feature gate. - // This field is optional, and may be empty if no secret is required. If the - // secret object contains more than one secret, all secrets are passed. - // +optional - ControllerExpandSecretRef *SecretReference `json:"controllerExpandSecretRef,omitempty"` -} - -// Represents a source location of a volume to mount, managed by an external CSI driver -type CSIVolumeSource struct { - // Driver is the name of the CSI driver that handles this volume. - // Consult with your admin for the correct name as registered in the cluster. - Driver string `json:"driver"` - - // Specifies a read-only configuration for the volume. - // Defaults to false (read/write). - // +optional - ReadOnly *bool `json:"readOnly,omitempty"` - - // Filesystem type to mount. Ex. "ext4", "xfs", "ntfs". - // If not provided, the empty value is passed to the associated CSI driver - // which will determine the default filesystem to apply. - // +optional - FSType *string `json:"fsType,omitempty"` - - // VolumeAttributes stores driver-specific properties that are passed to the CSI - // driver. Consult your driver's documentation for supported values. - // +optional - VolumeAttributes map[string]string `json:"volumeAttributes,omitempty"` - - // NodePublishSecretRef is a reference to the secret object containing - // sensitive information to pass to the CSI driver to complete the CSI - // NodePublishVolume and NodeUnpublishVolume calls. - // This field is optional, and may be empty if no secret is required. If the - // secret object contains more than one secret, all secret references are passed. - // +optional - NodePublishSecretRef *LocalObjectReference `json:"nodePublishSecretRef,omitempty"` -} - -// Represents an ephemeral volume that is handled by a normal storage driver. -type EphemeralVolumeSource struct { - // Will be used to create a stand-alone PVC to provision the volume. - // The pod in which this EphemeralVolumeSource is embedded will be the - // owner of the PVC, i.e. the PVC will be deleted together with the - // pod. The name of the PVC will be `<pod name>-<volume name>` where - // `<volume name>` is the name from the `PodSpec.Volumes` array - // entry. Pod validation will reject the pod if the concatenated name - // is not valid for a PVC (for example, too long). - // - // An existing PVC with that name that is not owned by the pod - // will *not* be used for the pod to avoid using an unrelated - // volume by mistake. Starting the pod is then blocked until - // the unrelated PVC is removed. If such a pre-created PVC is - // meant to be used by the pod, the PVC has to updated with an - // owner reference to the pod once the pod exists. Normally - // this should not be necessary, but it may be useful when - // manually reconstructing a broken cluster. - // - // This field is read-only and no changes will be made by Kubernetes - // to the PVC after it has been created. - // - // Required, must not be nil. - VolumeClaimTemplate *PersistentVolumeClaimTemplate `json:"volumeClaimTemplate,omitempty"` - - // ReadOnly is tombstoned to show why 2 is a reserved protobuf tag. - // ReadOnly bool `json:"readOnly,omitempty"` -} - // PersistentVolumeClaimTemplate is used to produce // PersistentVolumeClaim objects as part of an EphemeralVolumeSource. type PersistentVolumeClaimTemplate struct { @@ -2880,84 +1749,6 @@ type PreferredSchedulingTerm struct { Preference NodeSelectorTerm `json:"preference"` } -// The node this Taint is attached to has the "effect" on -// any pod that does not tolerate the Taint. -type Taint struct { - // Required. The taint key to be applied to a node. - Key string `json:"key"` - // The taint value corresponding to the taint key. - // +optional - Value string `json:"value,omitempty"` - // Required. The effect of the taint on pods - // that do not tolerate the taint. - // Valid effects are NoSchedule, PreferNoSchedule and NoExecute. - Effect TaintEffect `json:"effect"` - // TimeAdded represents the time at which the taint was added. - // It is only written for NoExecute taints. - // +optional - TimeAdded *metav1.Time `json:"timeAdded,omitempty"` -} - -type TaintEffect string - -const ( - // Do not allow new pods to schedule onto the node unless they tolerate the taint, - // but allow all pods submitted to Kubelet without going through the scheduler - // to start, and allow all already-running pods to continue running. - // Enforced by the scheduler. - TaintEffectNoSchedule TaintEffect = "NoSchedule" - // Like TaintEffectNoSchedule, but the scheduler tries not to schedule - // new pods onto the node, rather than prohibiting new pods from scheduling - // onto the node entirely. Enforced by the scheduler. - TaintEffectPreferNoSchedule TaintEffect = "PreferNoSchedule" - // NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. - // Like TaintEffectNoSchedule, but additionally do not allow pods submitted to - // Kubelet without going through the scheduler to start. - // Enforced by Kubelet and the scheduler. - // TaintEffectNoScheduleNoAdmit TaintEffect = "NoScheduleNoAdmit" - - // Evict any already-running pods that do not tolerate the taint. - // Currently enforced by NodeController. - TaintEffectNoExecute TaintEffect = "NoExecute" -) - -// The pod this Toleration is attached to tolerates any taint that matches -// the triple <key,value,effect> using the matching operator <operator>. -type Toleration struct { - // Key is the taint key that the toleration applies to. Empty means match all taint keys. - // If the key is empty, operator must be Exists; this combination means to match all values and all keys. - // +optional - Key string `json:"key,omitempty"` - // Operator represents a key's relationship to the value. - // Valid operators are Exists and Equal. Defaults to Equal. - // Exists is equivalent to wildcard for value, so that a pod can - // tolerate all taints of a particular category. - // +optional - Operator TolerationOperator `json:"operator,omitempty"` - // Value is the taint value the toleration matches to. - // If the operator is Exists, the value should be empty, otherwise just a regular string. - // +optional - Value string `json:"value,omitempty"` - // Effect indicates the taint effect to match. Empty means match all taint effects. - // When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - // +optional - Effect TaintEffect `json:"effect,omitempty"` - // TolerationSeconds represents the period of time the toleration (which must be - // of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - // it is not set, which means tolerate the taint forever (do not evict). Zero and - // negative values will be treated as 0 (evict immediately) by the system. - // +optional - TolerationSeconds *int64 `json:"tolerationSeconds,omitempty"` -} - -// A toleration operator is the set of operators that can be used in a toleration. -type TolerationOperator string - -const ( - TolerationOpExists TolerationOperator = "Exists" - TolerationOpEqual TolerationOperator = "Equal" -) - // PodReadinessGate contains the reference to a pod condition type PodReadinessGate struct { // ConditionType refers to a condition in the pod's condition list with matching type. @@ -3109,9 +1900,6 @@ type PodSpec struct { // If not specified, the pod will be dispatched by default scheduler. // +optional SchedulerName string `json:"schedulerName,omitempty"` - // If specified, the pod's tolerations. - // +optional - Tolerations []Toleration `json:"tolerations,omitempty"` // HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts // file if specified. This is only valid for non-hostNetwork pods. // +optional @@ -3299,11 +2087,6 @@ type PodSecurityContext struct { // takes precedence for that container. // +optional SELinuxOptions *SELinuxOptions `json:"seLinuxOptions,omitempty"` - // The Windows specific settings applied to all containers. - // If unspecified, the options within a container's SecurityContext will be used. - // If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - // +optional - WindowsOptions *WindowsSecurityContextOptions `json:"windowsOptions,omitempty"` // The UID to run the entrypoint of the container process. // Defaults to user specified in image metadata if unspecified. // May also be set in SecurityContext. If set in both SecurityContext and @@ -4589,74 +3372,6 @@ type EndpointPort struct { AppProtocol *string `json:"appProtocol,omitempty"` } -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// EndpointsList is a list of endpoints. -type EndpointsList struct { - metav1.TypeMeta `json:",inline"` - // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - // +optional - metav1.ListMeta `json:"metadata,omitempty"` - - // List of endpoints. - Items []Endpoints `json:"items"` -} - -// NodeSpec describes the attributes that a node is created with. -type NodeSpec struct { - // PodCIDR represents the pod IP range assigned to the node. - // +optional - PodCIDR string `json:"podCIDR,omitempty"` - - // podCIDRs represents the IP ranges assigned to the node for usage by Pods on that node. If this - // field is specified, the 0th entry must match the podCIDR field. It may contain at most 1 value for - // each of IPv4 and IPv6. - // +optional - // +patchStrategy=merge - PodCIDRs []string `json:"podCIDRs,omitempty"` - - // ID of the node assigned by the cloud provider in the format: <ProviderName>://<ProviderSpecificNodeID> - // +optional - ProviderID string `json:"providerID,omitempty"` - // Unschedulable controls node schedulability of new pods. By default, node is schedulable. - // More info: https://kubernetes.io/docs/concepts/nodes/node/#manual-node-administration - // +optional - Unschedulable bool `json:"unschedulable,omitempty"` - // If specified, the node's taints. - // +optional - Taints []Taint `json:"taints,omitempty"` - - // Deprecated. If specified, the source of the node's configuration. - // The DynamicKubeletConfig feature gate must be enabled for the Kubelet to use this field. - // This field is deprecated as of 1.22: https://git.k8s.io/enhancements/keps/sig-node/281-dynamic-kubelet-configuration - // +optional - ConfigSource *NodeConfigSource `json:"configSource,omitempty"` - - // Deprecated. Not all kubelets will set this field. Remove field after 1.13. - // see: https://issues.k8s.io/61966 - // +optional - DoNotUseExternalID string `json:"externalID,omitempty"` -} - -// NodeConfigSource specifies a source of node configuration. Exactly one subfield (excluding metadata) must be non-nil. -// This API is deprecated since 1.22 -type NodeConfigSource struct { - // For historical context, regarding the below kind, apiVersion, and configMapRef deprecation tags: - // 1. kind/apiVersion were used by the kubelet to persist this struct to disk (they had no protobuf tags) - // 2. configMapRef and proto tag 1 were used by the API to refer to a configmap, - // but used a generic ObjectReference type that didn't really have the fields we needed - // All uses/persistence of the NodeConfigSource struct prior to 1.11 were gated by alpha feature flags, - // so there was no persisted data for these fields that needed to be migrated/handled. - - // +k8s:deprecated=kind - // +k8s:deprecated=apiVersion - // +k8s:deprecated=configMapRef,protobuf=1 - - // ConfigMap is a reference to a Node's ConfigMap - ConfigMap *ConfigMapNodeConfigSource `json:"configMap,omitempty"` -} - // ConfigMapNodeConfigSource contains the information to reference a ConfigMap as a config source for the Node. // This API is deprecated since 1.22: https://git.k8s.io/enhancements/keps/sig-node/281-dynamic-kubelet-configuration type ConfigMapNodeConfigSource struct { @@ -4683,196 +3398,6 @@ type ConfigMapNodeConfigSource struct { KubeletConfigKey string `json:"kubeletConfigKey"` } -// DaemonEndpoint contains information about a single Daemon endpoint. -type DaemonEndpoint struct { - /* - The port tag was not properly in quotes in earlier releases, so it must be - uppercased for backwards compat (since it was falling back to var name of - 'Port'). - */ - - // Port number of the given endpoint. - Port int32 `json:"Port"` -} - -// NodeDaemonEndpoints lists ports opened by daemons running on the Node. -type NodeDaemonEndpoints struct { - // Endpoint on which Kubelet is listening. - // +optional - KubeletEndpoint DaemonEndpoint `json:"kubeletEndpoint,omitempty"` -} - -// NodeSystemInfo is a set of ids/uuids to uniquely identify the node. -type NodeSystemInfo struct { - // MachineID reported by the node. For unique machine identification - // in the cluster this field is preferred. Learn more from man(5) - // machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html - MachineID string `json:"machineID"` - // SystemUUID reported by the node. For unique machine identification - // MachineID is preferred. This field is specific to Red Hat hosts - // https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid - SystemUUID string `json:"systemUUID"` - // Boot ID reported by the node. - BootID string `json:"bootID"` - // Kernel Version reported by the node from 'uname -r' (e.g. 3.16.0-0.bpo.4-amd64). - KernelVersion string `json:"kernelVersion"` - // OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux 7 (wheezy)). - OSImage string `json:"osImage"` - // ContainerRuntime Version reported by the node through runtime remote API (e.g. docker://1.5.0). - ContainerRuntimeVersion string `json:"containerRuntimeVersion"` - // Kubelet Version reported by the node. - KubeletVersion string `json:"kubeletVersion"` - // KubeProxy Version reported by the node. - KubeProxyVersion string `json:"kubeProxyVersion"` - // The Operating System reported by the node - OperatingSystem string `json:"operatingSystem"` - // The Architecture reported by the node - Architecture string `json:"architecture"` -} - -// NodeConfigStatus describes the status of the config assigned by Node.Spec.ConfigSource. -type NodeConfigStatus struct { - // Assigned reports the checkpointed config the node will try to use. - // When Node.Spec.ConfigSource is updated, the node checkpoints the associated - // config payload to local disk, along with a record indicating intended - // config. The node refers to this record to choose its config checkpoint, and - // reports this record in Assigned. Assigned only updates in the status after - // the record has been checkpointed to disk. When the Kubelet is restarted, - // it tries to make the Assigned config the Active config by loading and - // validating the checkpointed payload identified by Assigned. - // +optional - Assigned *NodeConfigSource `json:"assigned,omitempty"` - // Active reports the checkpointed config the node is actively using. - // Active will represent either the current version of the Assigned config, - // or the current LastKnownGood config, depending on whether attempting to use the - // Assigned config results in an error. - // +optional - Active *NodeConfigSource `json:"active,omitempty"` - // LastKnownGood reports the checkpointed config the node will fall back to - // when it encounters an error attempting to use the Assigned config. - // The Assigned config becomes the LastKnownGood config when the node determines - // that the Assigned config is stable and correct. - // This is currently implemented as a 10-minute soak period starting when the local - // record of Assigned config is updated. If the Assigned config is Active at the end - // of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is - // reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil, - // because the local default config is always assumed good. - // You should not make assumptions about the node's method of determining config stability - // and correctness, as this may change or become configurable in the future. - // +optional - LastKnownGood *NodeConfigSource `json:"lastKnownGood,omitempty"` - // Error describes any problems reconciling the Spec.ConfigSource to the Active config. - // Errors may occur, for example, attempting to checkpoint Spec.ConfigSource to the local Assigned - // record, attempting to checkpoint the payload associated with Spec.ConfigSource, attempting - // to load or validate the Assigned config, etc. - // Errors may occur at different points while syncing config. Earlier errors (e.g. download or - // checkpointing errors) will not result in a rollback to LastKnownGood, and may resolve across - // Kubelet retries. Later errors (e.g. loading or validating a checkpointed config) will result in - // a rollback to LastKnownGood. In the latter case, it is usually possible to resolve the error - // by fixing the config assigned in Spec.ConfigSource. - // You can find additional information for debugging by searching the error message in the Kubelet log. - // Error is a human-readable description of the error state; machines can check whether or not Error - // is empty, but should not rely on the stability of the Error text across Kubelet versions. - // +optional - Error string `json:"error,omitempty"` -} - -// NodeStatus is information about the current status of a node. -type NodeStatus struct { - // Capacity represents the total resources of a node. - // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity - // +optional - Capacity ResourceList `json:"capacity,omitempty"` - // Allocatable represents the resources of a node that are available for scheduling. - // Defaults to Capacity. - // +optional - Allocatable ResourceList `json:"allocatable,omitempty"` - // NodePhase is the recently observed lifecycle phase of the node. - // More info: https://kubernetes.io/docs/concepts/nodes/node/#phase - // The field is never populated, and now is deprecated. - // +optional - Phase NodePhase `json:"phase,omitempty"` - // Conditions is an array of current observed node conditions. - // More info: https://kubernetes.io/docs/concepts/nodes/node/#condition - // +optional - // +patchMergeKey=type - // +patchStrategy=merge - Conditions []NodeCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` - // List of addresses reachable to the node. - // Queried from cloud provider, if available. - // More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses - // Note: This field is declared as mergeable, but the merge key is not sufficiently - // unique, which can cause data corruption when it is merged. Callers should instead - // use a full-replacement patch. See http://pr.k8s.io/79391 for an example. - // +optional - // +patchMergeKey=type - // +patchStrategy=merge - Addresses []NodeAddress `json:"addresses,omitempty" patchStrategy:"merge" patchMergeKey:"type"` - // Endpoints of daemons running on the Node. - // +optional - DaemonEndpoints NodeDaemonEndpoints `json:"daemonEndpoints,omitempty"` - // Set of ids/uuids to uniquely identify the node. - // More info: https://kubernetes.io/docs/concepts/nodes/node/#info - // +optional - NodeInfo NodeSystemInfo `json:"nodeInfo,omitempty"` - // List of container images on this node - // +optional - Images []ContainerImage `json:"images,omitempty"` - // List of attachable volumes in use (mounted) by the node. - // +optional - VolumesInUse []UniqueVolumeName `json:"volumesInUse,omitempty"` - // List of volumes that are attached to the node. - // +optional - VolumesAttached []AttachedVolume `json:"volumesAttached,omitempty"` - // Status of the config assigned to the node via the dynamic Kubelet config feature. - // +optional - Config *NodeConfigStatus `json:"config,omitempty"` -} - -type UniqueVolumeName string - -// AttachedVolume describes a volume attached to a node -type AttachedVolume struct { - // Name of the attached volume - Name UniqueVolumeName `json:"name"` - - // DevicePath represents the device path where the volume should be available - DevicePath string `json:"devicePath"` -} - -// AvoidPods describes pods that should avoid this node. This is the value for a -// Node annotation with key scheduler.alpha.kubernetes.io/preferAvoidPods and -// will eventually become a field of NodeStatus. -type AvoidPods struct { - // Bounded-sized list of signatures of pods that should avoid this node, sorted - // in timestamp order from oldest to newest. Size of the slice is unspecified. - // +optional - PreferAvoidPods []PreferAvoidPodsEntry `json:"preferAvoidPods,omitempty"` -} - -// Describes a class of pods that should avoid this node. -type PreferAvoidPodsEntry struct { - // The class of pods. - PodSignature PodSignature `json:"podSignature"` - // Time at which this entry was added to the list. - // +optional - EvictionTime metav1.Time `json:"evictionTime,omitempty"` - // (brief) reason why this entry was added to the list. - // +optional - Reason string `json:"reason,omitempty"` - // Human readable message indicating why this entry was added to the list. - // +optional - Message string `json:"message,omitempty"` -} - -// Describes the class of pods that should avoid this node. -// Exactly one field should be set. -type PodSignature struct { - // Reference to controller whose pods should avoid this node. - // +optional - PodController *metav1.OwnerReference `json:"podController,omitempty"` -} - // Describe a container image type ContainerImage struct { // Names by which this image is known. @@ -4884,108 +3409,6 @@ type ContainerImage struct { SizeBytes int64 `json:"sizeBytes,omitempty"` } -type NodePhase string - -// These are the valid phases of node. -const ( - // NodePending means the node has been created/added by the system, but not configured. - NodePending NodePhase = "Pending" - // NodeRunning means the node has been configured and has Kubernetes components running. - NodeRunning NodePhase = "Running" - // NodeTerminated means the node has been removed from the cluster. - NodeTerminated NodePhase = "Terminated" -) - -type NodeConditionType string - -// These are valid conditions of node. Currently, we don't have enough information to decide -// node condition. In the future, we will add more. The proposed set of conditions are: -// NodeReachable, NodeLive, NodeReady, NodeSchedulable, NodeRunnable. -const ( - // NodeReady means kubelet is healthy and ready to accept pods. - NodeReady NodeConditionType = "Ready" - // NodeMemoryPressure means the kubelet is under pressure due to insufficient available memory. - NodeMemoryPressure NodeConditionType = "MemoryPressure" - // NodeDiskPressure means the kubelet is under pressure due to insufficient available disk. - NodeDiskPressure NodeConditionType = "DiskPressure" - // NodePIDPressure means the kubelet is under pressure due to insufficient available PID. - NodePIDPressure NodeConditionType = "PIDPressure" - // NodeNetworkUnavailable means that network for the node is not correctly configured. - NodeNetworkUnavailable NodeConditionType = "NetworkUnavailable" -) - -// NodeCondition contains condition information for a node. -type NodeCondition struct { - // Type of node condition. - Type NodeConditionType `json:"type"` - // Status of the condition, one of True, False, Unknown. - Status ConditionStatus `json:"status"` - // Last time we got an update on a given condition. - // +optional - LastHeartbeatTime metav1.Time `json:"lastHeartbeatTime,omitempty"` - // Last time the condition transit from one status to another. - // +optional - LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"` - // (brief) reason for the condition's last transition. - // +optional - Reason string `json:"reason,omitempty"` - // Human readable message indicating details about last transition. - // +optional - Message string `json:"message,omitempty"` -} - -type NodeAddressType string - -// These are valid address type of node. -const ( - // NodeHostName identifies a name of the node. Although every node can be assumed - // to have a NodeAddress of this type, its exact syntax and semantics are not - // defined, and are not consistent between different clusters. - NodeHostName NodeAddressType = "Hostname" - - // NodeInternalIP identifies an IP address which is assigned to one of the node's - // network interfaces. Every node should have at least one address of this type. - // - // An internal IP is normally expected to be reachable from every other node, but - // may not be visible to hosts outside the cluster. By default it is assumed that - // kube-apiserver can reach node internal IPs, though it is possible to configure - // clusters where this is not the case. - // - // NodeInternalIP is the default type of node IP, and does not necessarily imply - // that the IP is ONLY reachable internally. If a node has multiple internal IPs, - // no specific semantics are assigned to the additional IPs. - NodeInternalIP NodeAddressType = "InternalIP" - - // NodeExternalIP identifies an IP address which is, in some way, intended to be - // more usable from outside the cluster then an internal IP, though no specific - // semantics are defined. It may be a globally routable IP, though it is not - // required to be. - // - // External IPs may be assigned directly to an interface on the node, like a - // NodeInternalIP, or alternatively, packets sent to the external IP may be NAT'ed - // to an internal node IP rather than being delivered directly (making the IP less - // efficient for node-to-node traffic than a NodeInternalIP). - NodeExternalIP NodeAddressType = "ExternalIP" - - // NodeInternalDNS identifies a DNS name which resolves to an IP address which has - // the characteristics of a NodeInternalIP. The IP it resolves to may or may not - // be a listed NodeInternalIP address. - NodeInternalDNS NodeAddressType = "InternalDNS" - - // NodeExternalDNS identifies a DNS name which resolves to an IP address which has - // the characteristics of a NodeExternalIP. The IP it resolves to may or may not - // be a listed NodeExternalIP address. - NodeExternalDNS NodeAddressType = "ExternalDNS" -) - -// NodeAddress contains information for the node's address. -type NodeAddress struct { - // Node address type, one of Hostname, ExternalIP or InternalIP. - Type NodeAddressType `json:"type"` - // The node address. - Address string `json:"address"` -} - // ResourceName is the name identifying various resources in a ResourceList. type ResourceName string @@ -5018,189 +3441,6 @@ const ( // ResourceList is a set of (resource name, quantity) pairs. type ResourceList map[ResourceName]resource.Quantity -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Node is a worker node in Kubernetes. -// Each node will have a unique identifier in the cache (i.e. in etcd). -type Node struct { - metav1.TypeMeta `json:",inline"` - // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - // +optional - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec defines the behavior of a node. - // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - // +optional - Spec NodeSpec `json:"spec,omitempty"` - - // Most recently observed status of the node. - // Populated by the system. - // Read-only. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - // +optional - Status NodeStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// NodeList is the whole list of all Nodes which have been registered with master. -type NodeList struct { - metav1.TypeMeta `json:",inline"` - // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - // +optional - metav1.ListMeta `json:"metadata,omitempty"` - - // List of nodes - Items []Node `json:"items"` -} - -// FinalizerName is the name identifying a finalizer during namespace lifecycle. -type FinalizerName string - -// These are internal finalizer values to Kubernetes, must be qualified name unless defined here or -// in metav1. -const ( - FinalizerKubernetes FinalizerName = "kubernetes" -) - -// NamespaceSpec describes the attributes on a Namespace. -type NamespaceSpec struct { - // Finalizers is an opaque list of values that must be empty to permanently remove object from storage. - // More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/ - // +optional - Finalizers []FinalizerName `json:"finalizers,omitempty"` -} - -// NamespaceStatus is information about the current status of a Namespace. -type NamespaceStatus struct { - // Phase is the current lifecycle phase of the namespace. - // More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/ - // +optional - Phase NamespacePhase `json:"phase,omitempty"` - - // Represents the latest available observations of a namespace's current state. - // +optional - // +patchMergeKey=type - // +patchStrategy=merge - Conditions []NamespaceCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"` -} - -type NamespacePhase string - -// These are the valid phases of a namespace. -const ( - // NamespaceActive means the namespace is available for use in the system - NamespaceActive NamespacePhase = "Active" - // NamespaceTerminating means the namespace is undergoing graceful termination - NamespaceTerminating NamespacePhase = "Terminating" -) - -const ( - // NamespaceTerminatingCause is returned as a defaults.cause item when a change is - // forbidden due to the namespace being terminated. - NamespaceTerminatingCause metav1.CauseType = "NamespaceTerminating" -) - -type NamespaceConditionType string - -// These are valid conditions of a namespace. -const ( - // NamespaceDeletionDiscoveryFailure contains information about namespace deleter errors during resource discovery. - NamespaceDeletionDiscoveryFailure NamespaceConditionType = "NamespaceDeletionDiscoveryFailure" - // NamespaceDeletionContentFailure contains information about namespace deleter errors during deletion of resources. - NamespaceDeletionContentFailure NamespaceConditionType = "NamespaceDeletionContentFailure" - // NamespaceDeletionGVParsingFailure contains information about namespace deleter errors parsing GV for legacy types. - NamespaceDeletionGVParsingFailure NamespaceConditionType = "NamespaceDeletionGroupVersionParsingFailure" - // NamespaceContentRemaining contains information about resources remaining in a namespace. - NamespaceContentRemaining NamespaceConditionType = "NamespaceContentRemaining" - // NamespaceFinalizersRemaining contains information about which finalizers are on resources remaining in a namespace. - NamespaceFinalizersRemaining NamespaceConditionType = "NamespaceFinalizersRemaining" -) - -// NamespaceCondition contains details about state of namespace. -type NamespaceCondition struct { - // Type of namespace controller condition. - Type NamespaceConditionType `json:"type"` - // Status of the condition, one of True, False, Unknown. - Status ConditionStatus `json:"status"` - // +optional - LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"` - // +optional - Reason string `json:"reason,omitempty"` - // +optional - Message string `json:"message,omitempty"` -} - -// +genclient -// +genclient:nonNamespaced -// +genclient:skipVerbs=deleteCollection -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Namespace provides a scope for Names. -// Use of multiple namespaces is optional. -type Namespace struct { - metav1.TypeMeta `json:",inline"` - // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - // +optional - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Spec defines the behavior of the Namespace. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - // +optional - Spec NamespaceSpec `json:"spec,omitempty"` - - // Status describes the current status of a Namespace. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status - // +optional - Status NamespaceStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// NamespaceList is a list of Namespaces. -type NamespaceList struct { - metav1.TypeMeta `json:",inline"` - // Standard list metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - // +optional - metav1.ListMeta `json:"metadata,omitempty"` - - // Items is the list of Namespace objects in the list. - // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - Items []Namespace `json:"items"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Binding ties one object to another; for example, a pod is bound to a node by a scheduler. -// Deprecated in 1.7, please use the bindings subresource of pods instead. -type Binding struct { - metav1.TypeMeta `json:",inline"` - // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - // +optional - metav1.ObjectMeta `json:"metadata,omitempty"` - - // The target object that you want to bind to the standard object. - Target ObjectReference `json:"target"` -} - -// Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out. -// +k8s:openapi-gen=false -type Preconditions struct { - // Specifies the target UID. - // +optional - UID *types.UID `json:"uid,omitempty"` -} - -// +k8s:conversion-gen:explicit-from=net/url.Values -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - // PodLogOptions is the query options for a Pod's logs REST call. type PodLogOptions struct { metav1.TypeMeta `json:",inline"` @@ -6069,11 +4309,6 @@ type SecurityContext struct { // PodSecurityContext, the value specified in SecurityContext takes precedence. // +optional SELinuxOptions *SELinuxOptions `json:"seLinuxOptions,omitempty"` - // The Windows specific settings applied to all containers. - // If unspecified, the options from the PodSecurityContext will be used. - // If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - // +optional - WindowsOptions *WindowsSecurityContextOptions `json:"windowsOptions,omitempty"` // The UID to run the entrypoint of the container process. // Defaults to user specified in image metadata if unspecified. // May also be set in PodSecurityContext. If set in both SecurityContext and @@ -6149,52 +4384,6 @@ type SELinuxOptions struct { Level string `json:"level,omitempty"` } -// WindowsSecurityContextOptions contain Windows-specific options and credentials. -type WindowsSecurityContextOptions struct { - // GMSACredentialSpecName is the name of the GMSA credential spec to use. - // +optional - GMSACredentialSpecName *string `json:"gmsaCredentialSpecName,omitempty"` - - // GMSACredentialSpec is where the GMSA admission webhook - // (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - // GMSA credential spec named by the GMSACredentialSpecName field. - // +optional - GMSACredentialSpec *string `json:"gmsaCredentialSpec,omitempty"` - - // The UserName in Windows to run the entrypoint of the container process. - // Defaults to the user specified in image metadata if unspecified. - // May also be set in PodSecurityContext. If set in both SecurityContext and - // PodSecurityContext, the value specified in SecurityContext takes precedence. - // +optional - RunAsUserName *string `json:"runAsUserName,omitempty"` - - // HostProcess determines if a container should be run as a 'Host Process' container. - // This field is alpha-level and will only be honored by components that enable the - // WindowsHostProcessContainers feature flag. Setting this field without the feature - // flag will result in errors when validating the Pod. All of a Pod's containers must - // have the same effective HostProcess value (it is not allowed to have a mix of HostProcess - // containers and non-HostProcess containers). In addition, if HostProcess is true - // then HostNetwork must also be set to true. - // +optional - HostProcess *bool `json:"hostProcess,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// RangeAllocation is not a public type. -type RangeAllocation struct { - metav1.TypeMeta `json:",inline"` - // Standard object's metadata. - // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - // +optional - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Range is string that identifies the range represented by 'data'. - Range string `json:"range"` - // Data is a bit array containing all allocated addresses in the previous segment. - Data []byte `json:"data"` -} - const ( // DefaultSchedulerName defines the name of default scheduler. DefaultSchedulerName = "default-scheduler" |