diff options
Diffstat (limited to 'vendor/k8s.io/api/core/v1/generated.proto')
| -rw-r--r-- | vendor/k8s.io/api/core/v1/generated.proto | 170 |
1 files changed, 96 insertions, 74 deletions
diff --git a/vendor/k8s.io/api/core/v1/generated.proto b/vendor/k8s.io/api/core/v1/generated.proto index 152ea29fd..ff63fd29f 100644 --- a/vendor/k8s.io/api/core/v1/generated.proto +++ b/vendor/k8s.io/api/core/v1/generated.proto @@ -498,6 +498,7 @@ message ConfigMapEnvSource { } // Selects a key from a ConfigMap. +// +structType=atomic message ConfigMapKeySelector { // The ConfigMap to select from. optional LocalObjectReference localObjectReference = 1; @@ -521,6 +522,7 @@ message ConfigMapList { } // ConfigMapNodeConfigSource contains the information to reference a ConfigMap as a config source for the Node. +// This API is deprecated since 1.22: https://git.k8s.io/enhancements/keps/sig-node/281-dynamic-kubelet-configuration message ConfigMapNodeConfigSource { // Namespace is the metadata.namespace of the referenced ConfigMap. // This field is required in all cases. @@ -621,10 +623,10 @@ message Container { // Entrypoint array. Not executed within a shell. // The docker image's ENTRYPOINT is used if this is not provided. // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax - // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - // regardless of whether the variable exists or not. - // Cannot be updated. + // cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + // to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + // produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + // of whether the variable exists or not. Cannot be updated. // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell // +optional repeated string command = 3; @@ -632,10 +634,10 @@ message Container { // Arguments to the entrypoint. // The docker image's CMD is used if this is not provided. // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax - // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - // regardless of whether the variable exists or not. - // Cannot be updated. + // cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + // to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + // produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + // of whether the variable exists or not. Cannot be updated. // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell // +optional repeated string args = 4; @@ -754,8 +756,8 @@ message Container { // +optional optional string imagePullPolicy = 14; - // Security options the pod should run with. - // More info: https://kubernetes.io/docs/concepts/policy/security-context/ + // SecurityContext defines the security options the container should be run with. + // If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. // More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ // +optional optional SecurityContext securityContext = 15; @@ -786,6 +788,7 @@ message Container { message ContainerImage { // Names by which this image is known. // e.g. ["k8s.gcr.io/hyperkube:v1.0.7", "dockerhub.io/google_containers/hyperkube:v1.0.7"] + // +optional repeated string names = 1; // The size of the image in bytes. @@ -1010,6 +1013,7 @@ message EmptyDirVolumeSource { } // EndpointAddress is a tuple that describes single IP address. +// +structType=atomic message EndpointAddress { // The IP of this endpoint. // May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16), @@ -1033,6 +1037,7 @@ message EndpointAddress { } // EndpointPort is a tuple that describes a single port. +// +structType=atomic message EndpointPort { // The name of this port. This must match the 'name' field in the // corresponding ServicePort. @@ -1056,8 +1061,6 @@ message EndpointPort { // RFC-6335 and http://www.iana.org/assignments/service-names). // Non-standard protocols should use prefixed names such as // mycompany.com/my-custom-protocol. - // This is a beta field that is guarded by the ServiceAppProtocol feature - // gate and enabled by default. // +optional optional string appProtocol = 4; } @@ -1150,11 +1153,12 @@ message EnvVar { optional string name = 1; // Variable references $(VAR_NAME) are expanded - // using the previous defined environment variables in the container and + // using the previously defined environment variables in the container and // any service environment variables. If a variable cannot be resolved, - // the reference in the input string will be unchanged. The $(VAR_NAME) - // syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped - // references will never be expanded, regardless of whether the variable + // the reference in the input string will be unchanged. Double $$ are reduced + // to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + // "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + // Escaped references will never be expanded, regardless of whether the variable // exists or not. // Defaults to "". // +optional @@ -1226,10 +1230,10 @@ message EphemeralContainerCommon { // Entrypoint array. Not executed within a shell. // The docker image's ENTRYPOINT is used if this is not provided. // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax - // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - // regardless of whether the variable exists or not. - // Cannot be updated. + // cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + // to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + // produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + // of whether the variable exists or not. Cannot be updated. // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell // +optional repeated string command = 3; @@ -1237,10 +1241,10 @@ message EphemeralContainerCommon { // Arguments to the entrypoint. // The docker image's CMD is used if this is not provided. // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax - // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - // regardless of whether the variable exists or not. - // Cannot be updated. + // cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + // to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + // produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + // of whether the variable exists or not. Cannot be updated. // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell // +optional repeated string args = 4; @@ -1333,7 +1337,8 @@ message EphemeralContainerCommon { // +optional optional string imagePullPolicy = 14; - // SecurityContext is not allowed for ephemeral containers. + // Optional: SecurityContext defines the security options the ephemeral container should be run with. + // If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. // +optional optional SecurityContext securityContext = 15; @@ -1359,19 +1364,6 @@ message EphemeralContainerCommon { optional bool tty = 18; } -// A list of ephemeral containers used with the Pod ephemeralcontainers subresource. -message EphemeralContainers { - // +optional - optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1; - - // A list of ephemeral containers associated with this pod. New ephemeral containers - // may be appended to this list, but existing ephemeral containers may not be removed - // or modified. - // +patchMergeKey=name - // +patchStrategy=merge - repeated EphemeralContainer ephemeralContainers = 2; -} - // Represents an ephemeral volume that is handled by a normal storage driver. message EphemeralVolumeSource { // Will be used to create a stand-alone PVC to provision the volume. @@ -2049,6 +2041,7 @@ message LoadBalancerStatus { // LocalObjectReference contains enough information to let you locate the // referenced object inside the same namespace. +// +structType=atomic message LocalObjectReference { // Name of the referent. // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -2240,6 +2233,7 @@ message NodeCondition { } // NodeConfigSource specifies a source of node configuration. Exactly one subfield (excluding metadata) must be non-nil. +// This API is deprecated since 1.22 message NodeConfigSource { // ConfigMap is a reference to a Node's ConfigMap optional ConfigMapNodeConfigSource configMap = 2; @@ -2330,6 +2324,7 @@ message NodeResources { // A node selector represents the union of the results of one or more label queries // over a set of nodes; that is, it represents the OR of the selectors represented // by the node selector terms. +// +structType=atomic message NodeSelector { // Required. A list of node selector terms. The terms are ORed. repeated NodeSelectorTerm nodeSelectorTerms = 1; @@ -2357,6 +2352,7 @@ message NodeSelectorRequirement { // A null or empty node selector term matches no objects. The requirements of // them are ANDed. // The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +// +structType=atomic message NodeSelectorTerm { // A list of node selector requirements by node's labels. // +optional @@ -2393,8 +2389,9 @@ message NodeSpec { // +optional repeated Taint taints = 5; - // If specified, the source to get node configuration from - // The DynamicKubeletConfig feature gate must be enabled for the Kubelet to use this field + // Deprecated. If specified, the source of the node's configuration. + // The DynamicKubeletConfig feature gate must be enabled for the Kubelet to use this field. + // This field is deprecated as of 1.22: https://git.k8s.io/enhancements/keps/sig-node/281-dynamic-kubelet-configuration // +optional optional NodeConfigSource configSource = 6; @@ -2504,6 +2501,7 @@ message NodeSystemInfo { } // ObjectFieldSelector selects an APIVersioned field of an object. +// +structType=atomic message ObjectFieldSelector { // Version of the schema the FieldPath is written in terms of, defaults to "v1". // +optional @@ -2529,6 +2527,7 @@ message ObjectFieldSelector { // Instead of using this type, create a locally provided and used type that is well-focused on your reference. // For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 . // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +structType=atomic message ObjectReference { // Kind of the referent. // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds @@ -2684,13 +2683,32 @@ message PersistentVolumeClaimSpec { // This field can be used to specify either: // * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) // * An existing PVC (PersistentVolumeClaim) - // * An existing custom resource that implements data population (Alpha) - // In order to use custom resource types that implement data population, - // the AnyVolumeDataSource feature gate must be enabled. // If the provisioner or an external controller can support the specified data source, // it will create a new volume based on the contents of the specified data source. + // If the AnyVolumeDataSource feature gate is enabled, this field will always have + // the same contents as the DataSourceRef field. // +optional optional TypedLocalObjectReference dataSource = 7; + + // Specifies the object from which to populate the volume with data, if a non-empty + // volume is desired. This may be any local object from a non-empty API group (non + // core object) or a PersistentVolumeClaim object. + // When this field is specified, volume binding will only succeed if the type of + // the specified object matches some installed volume populator or dynamic + // provisioner. + // This field will replace the functionality of the DataSource field and as such + // if both fields are non-empty, they must have the same value. For backwards + // compatibility, both fields (DataSource and DataSourceRef) will be set to the same + // value automatically if one of them is empty and the other is non-empty. + // There are two important differences between DataSource and DataSourceRef: + // * While DataSource only allows two specific types of objects, DataSourceRef + // allows any non-core object, as well as PersistentVolumeClaim objects. + // * While DataSource ignores disallowed values (dropping them), DataSourceRef + // preserves all values, and generates an error if a disallowed value is + // specified. + // (Alpha) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + // +optional + optional TypedLocalObjectReference dataSourceRef = 8; } // PersistentVolumeClaimStatus is the current status of a persistent volume claim. @@ -3024,7 +3042,7 @@ message PodAffinityTerm { // and the ones listed in the namespaces field. // null selector and null or empty namespaces list means "this pod's namespace". // An empty selector ({}) matches all namespaces. - // This field is alpha-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + // This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector namespaceSelector = 4; } @@ -3450,6 +3468,7 @@ message PodSpec { // Selector which must match a node's labels for the pod to be scheduled on that node. // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ // +optional + // +mapType=atomic map<string, string> nodeSelector = 7; // ServiceAccountName is the name of the ServiceAccount to use to run this pod. @@ -3571,7 +3590,7 @@ message PodSpec { // If specified, all readiness gates will be evaluated for pod readiness. // A pod is ready when all its containers are ready AND // all conditions specified in the readiness gates have status equal to "True" - // More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md + // More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates // +optional repeated PodReadinessGate readinessGates = 28; @@ -3579,7 +3598,7 @@ message PodSpec { // to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. // If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an // empty definition that uses the default runtime handler. - // More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md + // More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class // This is a beta feature as of Kubernetes v1.14. // +optional optional string runtimeClassName = 29; @@ -3603,8 +3622,8 @@ message PodSpec { // The RuntimeClass admission controller will reject Pod create requests which have the overhead already // set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value // defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. - // More info: https://git.k8s.io/enhancements/keps/sig-node/20190226-pod-overhead.md - // This field is alpha-level as of Kubernetes v1.16, and is only honored by servers that enable the PodOverhead feature. + // More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md + // This field is beta-level as of Kubernetes v1.18, and is only honored by servers that enable the PodOverhead feature. // +optional map<string, k8s.io.apimachinery.pkg.api.resource.Quantity> overhead = 32; @@ -3893,7 +3912,8 @@ message Probe { // value overrides the value provided by the pod spec. // Value must be non-negative integer. The value zero indicates stop immediately via // the kill signal (no opportunity to shut down). - // This is an alpha field and requires enabling ProbeTerminationGracePeriod feature gate. + // This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + // Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. // +optional optional int64 terminationGracePeriodSeconds = 7; } @@ -4138,6 +4158,7 @@ message ReplicationControllerSpec { // controller, if empty defaulted to labels on Pod template. // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors // +optional + // +mapType=atomic map<string, string> selector = 2; // Template is the object that describes the pod that will be created if @@ -4178,6 +4199,7 @@ message ReplicationControllerStatus { } // ResourceFieldSelector represents container resources (cpu, memory) and their output format +// +structType=atomic message ResourceFieldSelector { // Container name: required for volumes, optional for env vars // +optional @@ -4380,6 +4402,7 @@ message ScaleIOVolumeSource { // A scope selector represents the AND of the selectors represented // by the scoped-resource selector requirements. +// +structType=atomic message ScopeSelector { // A list of scope selector requirements by scope of the resources. // +optional @@ -4475,6 +4498,7 @@ message SecretEnvSource { } // SecretKeySelector selects a key of a Secret. +// +structType=atomic message SecretKeySelector { // The name of the secret in the pod's namespace to select from. optional LocalObjectReference localObjectReference = 1; @@ -4525,6 +4549,7 @@ message SecretProjection { // SecretReference represents a Secret Reference. It has enough information to retrieve secret // in any namespace +// +structType=atomic message SecretReference { // Name is unique within a namespace to reference a secret resource. // +optional @@ -4780,8 +4805,6 @@ message ServicePort { // RFC-6335 and http://www.iana.org/assignments/service-names). // Non-standard protocols should use prefixed names such as // mycompany.com/my-custom-protocol. - // This is a beta field that is guarded by the ServiceAppProtocol feature - // gate and enabled by default. // +optional optional string appProtocol = 6; @@ -4841,6 +4864,7 @@ message ServiceSpec { // Ignored if type is ExternalName. // More info: https://kubernetes.io/docs/concepts/services-networking/service/ // +optional + // +mapType=atomic map<string, string> selector = 2; // clusterIP is the IP address of the service and is usually assigned @@ -4937,7 +4961,7 @@ message ServiceSpec { // If specified and supported by the platform, this will restrict traffic through the cloud-provider // load-balancer will be restricted to the specified client IPs. This field will be ignored if the // cloud-provider does not support the feature." - // More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/ + // More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/ // +optional repeated string loadBalancerSourceRanges = 9; @@ -4984,23 +5008,6 @@ message ServiceSpec { // +optional optional SessionAffinityConfig sessionAffinityConfig = 14; - // topologyKeys is a preference-order list of topology keys which - // implementations of services should use to preferentially sort endpoints - // when accessing this Service, it can not be used at the same time as - // externalTrafficPolicy=Local. - // Topology keys must be valid label keys and at most 16 keys may be specified. - // Endpoints are chosen based on the first topology key with available backends. - // If this field is specified and all entries have no backends that match - // the topology of the client, the service has no backends for that client - // and connections should fail. - // The special value "*" may be used to mean "any topology". This catch-all - // value, if used, only makes sense as the last value in the list. - // If this is not specified or empty, no topology constraints will be applied. - // This field is alpha-level and is only honored by servers that enable the ServiceTopology feature. - // This field is deprecated and will be removed in a future version. - // +optional - repeated string topologyKeys = 16; - // IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this // service, and is gated by the "IPv6DualStack" feature gate. This field // is usually assigned automatically based on cluster configuration and the @@ -5035,11 +5042,14 @@ message ServiceSpec { optional string ipFamilyPolicy = 17; // allocateLoadBalancerNodePorts defines if NodePorts will be automatically - // allocated for services with type LoadBalancer. Default is "true". It may be - // set to "false" if the cluster load-balancer does not rely on NodePorts. - // allocateLoadBalancerNodePorts may only be set for services with type LoadBalancer - // and will be cleared if the type is changed to any other type. - // This field is alpha-level and is only honored by servers that enable the ServiceLBNodePortControl feature. + // allocated for services with type LoadBalancer. Default is "true". It + // may be set to "false" if the cluster load-balancer does not rely on + // NodePorts. If the caller requests specific NodePorts (by specifying a + // value), those requests will be respected, regardless of this field. + // This field may only be set for services with type LoadBalancer and will + // be cleared if the type is changed to any other type. + // This field is beta-level and is only honored by servers that enable the ServiceLBNodePortControl feature. + // +featureGate=ServiceLBNodePortControl // +optional optional bool allocateLoadBalancerNodePorts = 20; @@ -5246,6 +5256,7 @@ message TopologySelectorLabelRequirement { // The requirements of them are ANDed. // It provides a subset of functionality as NodeSelectorTerm. // This is an alpha feature and may change in the future. +// +structType=atomic message TopologySelectorTerm { // A list of topology selector requirements by labels. // +optional @@ -5312,6 +5323,7 @@ message TopologySpreadConstraint { // TypedLocalObjectReference contains enough information to let you locate the // typed referenced object inside the same namespace. +// +structType=atomic message TypedLocalObjectReference { // APIGroup is the group for the resource being referenced. // If APIGroup is not specified, the specified Kind must be in the core API group. @@ -5625,5 +5637,15 @@ message WindowsSecurityContextOptions { // PodSecurityContext, the value specified in SecurityContext takes precedence. // +optional optional string runAsUserName = 3; + + // HostProcess determines if a container should be run as a 'Host Process' container. + // This field is alpha-level and will only be honored by components that enable the + // WindowsHostProcessContainers feature flag. Setting this field without the feature + // flag will result in errors when validating the Pod. All of a Pod's containers must + // have the same effective HostProcess value (it is not allowed to have a mix of HostProcess + // containers and non-HostProcess containers). In addition, if HostProcess is true + // then HostNetwork must also be set to true. + // +optional + optional bool hostProcess = 4; } |