doc/tutorial/kubernetes: add pkg dir in quick directory
But only generate it with an explicit update
Change-Id: Ic0ca17c0ce9c4338a269d35b69089aa3437296e3
Reviewed-on: https://cue-review.googlesource.com/c/cue/+/2241
Reviewed-by: Marcel van Lohuizen <mpvl@google.com>
diff --git a/doc/tutorial/kubernetes/README.md b/doc/tutorial/kubernetes/README.md
index 2bc87aa..50d84e1 100644
--- a/doc/tutorial/kubernetes/README.md
+++ b/doc/tutorial/kubernetes/README.md
@@ -74,7 +74,7 @@
for good measure.
```
-$ touch cue.mod
+$ touch ../cue.mod
cue mod init
```
-->
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/apps/v1beta1/generated.pb_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/apps/v1beta1/generated.pb_go_gen.cue
new file mode 100644
index 0000000..43b9795
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/apps/v1beta1/generated.pb_go_gen.cue
@@ -0,0 +1,34 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/apps/v1beta1
+
+/*
+ Package v1beta1 is a generated protocol buffer package.
+
+ It is generated from these files:
+ k8s.io/kubernetes/vendor/k8s.io/api/apps/v1beta1/generated.proto
+
+ It has these top-level messages:
+ ControllerRevision
+ ControllerRevisionList
+ Deployment
+ DeploymentCondition
+ DeploymentList
+ DeploymentRollback
+ DeploymentSpec
+ DeploymentStatus
+ DeploymentStrategy
+ RollbackConfig
+ RollingUpdateDeployment
+ RollingUpdateStatefulSetStrategy
+ Scale
+ ScaleSpec
+ ScaleStatus
+ StatefulSet
+ StatefulSetCondition
+ StatefulSetList
+ StatefulSetSpec
+ StatefulSetStatus
+ StatefulSetUpdateStrategy
+*/
+package v1beta1
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/apps/v1beta1/register_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/apps/v1beta1/register_go_gen.cue
new file mode 100644
index 0000000..36f6203
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/apps/v1beta1/register_go_gen.cue
@@ -0,0 +1,7 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/apps/v1beta1
+
+package v1beta1
+
+GroupName: "apps"
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/apps/v1beta1/types_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/apps/v1beta1/types_go_gen.cue
new file mode 100644
index 0000000..9470290
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/apps/v1beta1/types_go_gen.cue
@@ -0,0 +1,543 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/apps/v1beta1
+
+package v1beta1
+
+import (
+ "k8s.io/api/core/v1"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/util/intstr"
+)
+
+ControllerRevisionHashLabelKey: "controller-revision-hash"
+StatefulSetRevisionLabel: "controller-revision-hash"
+StatefulSetPodNameLabel: "statefulset.kubernetes.io/pod-name"
+
+// ScaleSpec describes the attributes of a scale subresource
+ScaleSpec: {
+ // desired number of instances for the scaled object.
+ // +optional
+ replicas?: int32 @go(Replicas) @protobuf(1,varint,opt)
+}
+
+// ScaleStatus represents the current status of a scale subresource.
+ScaleStatus: {
+ // actual number of observed instances of the scaled object.
+ replicas: int32 @go(Replicas) @protobuf(1,varint,opt)
+
+ // label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
+ // +optional
+ selector?: {<_>: string} @go(Selector,map[string]string) @protobuf(2,bytes,rep)
+
+ // label selector for pods that should match the replicas count. This is a serializated
+ // version of both map-based and more expressive set-based selectors. This is done to
+ // avoid introspection in the clients. The string will be in the same format as the
+ // query-param syntax. If the target type only supports map-based selectors, both this
+ // field and map-based selector field are populated.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ targetSelector?: string @go(TargetSelector) @protobuf(3,bytes,opt)
+}
+
+// Scale represents a scaling request for a resource.
+Scale: metav1.TypeMeta & {
+ // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata.
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status.
+ // +optional
+ spec?: ScaleSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status. Read-only.
+ // +optional
+ status?: ScaleStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// DEPRECATED - This group version of StatefulSet is deprecated by apps/v1beta2/StatefulSet. See the release notes for
+// more information.
+// StatefulSet represents a set of pods with consistent identities.
+// Identities are defined as:
+// - Network: A single stable DNS and hostname.
+// - Storage: As many VolumeClaims as requested.
+// The StatefulSet guarantees that a given network identity will always
+// map to the same storage identity.
+StatefulSet: metav1.TypeMeta & {
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec defines the desired identities of pods in this set.
+ // +optional
+ spec?: StatefulSetSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Status is the current status of Pods in this StatefulSet. This data
+ // may be out of date by some window of time.
+ // +optional
+ status?: StatefulSetStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// PodManagementPolicyType defines the policy for creating pods under a stateful set.
+PodManagementPolicyType: string // enumPodManagementPolicyType
+
+enumPodManagementPolicyType:
+ OrderedReadyPodManagement |
+ ParallelPodManagement
+
+// OrderedReadyPodManagement will create pods in strictly increasing order on
+// scale up and strictly decreasing order on scale down, progressing only when
+// the previous pod is ready or terminated. At most one pod will be changed
+// at any time.
+OrderedReadyPodManagement: PodManagementPolicyType & "OrderedReady"
+
+// ParallelPodManagement will create and delete pods as soon as the stateful set
+// replica count is changed, and will not wait for pods to be ready or complete
+// termination.
+ParallelPodManagement: PodManagementPolicyType & "Parallel"
+
+// StatefulSetUpdateStrategy indicates the strategy that the StatefulSet
+// controller will use to perform updates. It includes any additional parameters
+// necessary to perform the update for the indicated strategy.
+StatefulSetUpdateStrategy: {
+ // Type indicates the type of the StatefulSetUpdateStrategy.
+ type?: StatefulSetUpdateStrategyType @go(Type) @protobuf(1,bytes,opt,casttype=StatefulSetStrategyType)
+
+ // RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.
+ rollingUpdate?: null | RollingUpdateStatefulSetStrategy @go(RollingUpdate,*RollingUpdateStatefulSetStrategy) @protobuf(2,bytes,opt)
+}
+
+// StatefulSetUpdateStrategyType is a string enumeration type that enumerates
+// all possible update strategies for the StatefulSet controller.
+StatefulSetUpdateStrategyType: string
+
+// RollingUpdateStatefulSetStrategyType indicates that update will be
+// applied to all Pods in the StatefulSet with respect to the StatefulSet
+// ordering constraints. When a scale operation is performed with this
+// strategy, new Pods will be created from the specification version indicated
+// by the StatefulSet's updateRevision.
+RollingUpdateStatefulSetStrategyType: "RollingUpdate"
+
+// OnDeleteStatefulSetStrategyType triggers the legacy behavior. Version
+// tracking and ordered rolling restarts are disabled. Pods are recreated
+// from the StatefulSetSpec when they are manually deleted. When a scale
+// operation is performed with this strategy,specification version indicated
+// by the StatefulSet's currentRevision.
+OnDeleteStatefulSetStrategyType: "OnDelete"
+
+// RollingUpdateStatefulSetStrategy is used to communicate parameter for RollingUpdateStatefulSetStrategyType.
+RollingUpdateStatefulSetStrategy: {
+ // Partition indicates the ordinal at which the StatefulSet should be
+ // partitioned.
+ partition?: null | int32 @go(Partition,*int32) @protobuf(1,varint,opt)
+}
+
+// A StatefulSetSpec is the specification of a StatefulSet.
+StatefulSetSpec: {
+ // replicas is the desired number of replicas of the given Template.
+ // These are replicas in the sense that they are instantiations of the
+ // same Template, but individual replicas also have a consistent identity.
+ // If unspecified, defaults to 1.
+ // TODO: Consider a rename of this field.
+ // +optional
+ replicas?: null | int32 @go(Replicas,*int32) @protobuf(1,varint,opt)
+
+ // selector is a label query over pods that should match the replica count.
+ // If empty, defaulted to labels on the pod template.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ selector?: null | metav1.LabelSelector @go(Selector,*metav1.LabelSelector) @protobuf(2,bytes,opt)
+
+ // template is the object that describes the pod that will be created if
+ // insufficient replicas are detected. Each pod stamped out by the StatefulSet
+ // will fulfill this Template, but have a unique identity from the rest
+ // of the StatefulSet.
+ template: v1.PodTemplateSpec @go(Template) @protobuf(3,bytes,opt)
+
+ // volumeClaimTemplates is a list of claims that pods are allowed to reference.
+ // The StatefulSet controller is responsible for mapping network identities to
+ // claims in a way that maintains the identity of a pod. Every claim in
+ // this list must have at least one matching (by name) volumeMount in one
+ // container in the template. A claim in this list takes precedence over
+ // any volumes in the template, with the same name.
+ // TODO: Define the behavior if a claim already exists with the same name.
+ // +optional
+ volumeClaimTemplates?: [...v1.PersistentVolumeClaim] @go(VolumeClaimTemplates,[]v1.PersistentVolumeClaim) @protobuf(4,bytes,rep)
+
+ // serviceName is the name of the service that governs this StatefulSet.
+ // This service must exist before the StatefulSet, and is responsible for
+ // the network identity of the set. Pods get DNS/hostnames that follow the
+ // pattern: pod-specific-string.serviceName.default.svc.cluster.local
+ // where "pod-specific-string" is managed by the StatefulSet controller.
+ serviceName: string @go(ServiceName) @protobuf(5,bytes,opt)
+
+ // podManagementPolicy controls how pods are created during initial scale up,
+ // when replacing pods on nodes, or when scaling down. The default policy is
+ // `OrderedReady`, where pods are created in increasing order (pod-0, then
+ // pod-1, etc) and the controller will wait until each pod is ready before
+ // continuing. When scaling down, the pods are removed in the opposite order.
+ // The alternative policy is `Parallel` which will create pods in parallel
+ // to match the desired scale without waiting, and on scale down will delete
+ // all pods at once.
+ // +optional
+ podManagementPolicy?: PodManagementPolicyType @go(PodManagementPolicy) @protobuf(6,bytes,opt,casttype=PodManagementPolicyType)
+
+ // updateStrategy indicates the StatefulSetUpdateStrategy that will be
+ // employed to update Pods in the StatefulSet when a revision is made to
+ // Template.
+ updateStrategy?: StatefulSetUpdateStrategy @go(UpdateStrategy) @protobuf(7,bytes,opt)
+
+ // revisionHistoryLimit is the maximum number of revisions that will
+ // be maintained in the StatefulSet's revision history. The revision history
+ // consists of all revisions not represented by a currently applied
+ // StatefulSetSpec version. The default value is 10.
+ revisionHistoryLimit?: null | int32 @go(RevisionHistoryLimit,*int32) @protobuf(8,varint,opt)
+}
+
+// StatefulSetStatus represents the current state of a StatefulSet.
+StatefulSetStatus: {
+ // observedGeneration is the most recent generation observed for this StatefulSet. It corresponds to the
+ // StatefulSet's generation, which is updated on mutation by the API Server.
+ // +optional
+ observedGeneration?: null | int64 @go(ObservedGeneration,*int64) @protobuf(1,varint,opt)
+
+ // replicas is the number of Pods created by the StatefulSet controller.
+ replicas: int32 @go(Replicas) @protobuf(2,varint,opt)
+
+ // readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.
+ readyReplicas?: int32 @go(ReadyReplicas) @protobuf(3,varint,opt)
+
+ // currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version
+ // indicated by currentRevision.
+ currentReplicas?: int32 @go(CurrentReplicas) @protobuf(4,varint,opt)
+
+ // updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version
+ // indicated by updateRevision.
+ updatedReplicas?: int32 @go(UpdatedReplicas) @protobuf(5,varint,opt)
+
+ // currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the
+ // sequence [0,currentReplicas).
+ currentRevision?: string @go(CurrentRevision) @protobuf(6,bytes,opt)
+
+ // updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence
+ // [replicas-updatedReplicas,replicas)
+ updateRevision?: string @go(UpdateRevision) @protobuf(7,bytes,opt)
+
+ // collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller
+ // uses this field as a collision avoidance mechanism when it needs to create the name for the
+ // newest ControllerRevision.
+ // +optional
+ collisionCount?: null | int32 @go(CollisionCount,*int32) @protobuf(9,varint,opt)
+
+ // Represents the latest available observations of a statefulset's current state.
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ conditions?: [...StatefulSetCondition] @go(Conditions,[]StatefulSetCondition) @protobuf(10,bytes,rep)
+}
+
+StatefulSetConditionType: string
+
+// StatefulSetCondition describes the state of a statefulset at a certain point.
+StatefulSetCondition: {
+ // Type of statefulset condition.
+ type: StatefulSetConditionType @go(Type) @protobuf(1,bytes,opt,casttype=StatefulSetConditionType)
+
+ // Status of the condition, one of True, False, Unknown.
+ status: v1.ConditionStatus @go(Status) @protobuf(2,bytes,opt,casttype=k8s.io/api/core/v1.ConditionStatus)
+
+ // Last time the condition transitioned from one status to another.
+ // +optional
+ lastTransitionTime?: metav1.Time @go(LastTransitionTime) @protobuf(3,bytes,opt)
+
+ // The reason for the condition's last transition.
+ // +optional
+ reason?: string @go(Reason) @protobuf(4,bytes,opt)
+
+ // A human readable message indicating details about the transition.
+ // +optional
+ message?: string @go(Message) @protobuf(5,bytes,opt)
+}
+
+// StatefulSetList is a collection of StatefulSets.
+StatefulSetList: metav1.TypeMeta & {
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+ items: [...StatefulSet] @go(Items,[]StatefulSet) @protobuf(2,bytes,rep)
+}
+
+// DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for
+// more information.
+// Deployment enables declarative updates for Pods and ReplicaSets.
+Deployment: metav1.TypeMeta & {
+ // Standard object metadata.
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Specification of the desired behavior of the Deployment.
+ // +optional
+ spec?: DeploymentSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Most recently observed status of the Deployment.
+ // +optional
+ status?: DeploymentStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// DeploymentSpec is the specification of the desired behavior of the Deployment.
+DeploymentSpec: {
+ // Number of desired pods. This is a pointer to distinguish between explicit
+ // zero and not specified. Defaults to 1.
+ // +optional
+ replicas?: null | int32 @go(Replicas,*int32) @protobuf(1,varint,opt)
+
+ // Label selector for pods. Existing ReplicaSets whose pods are
+ // selected by this will be the ones affected by this deployment.
+ // +optional
+ selector?: null | metav1.LabelSelector @go(Selector,*metav1.LabelSelector) @protobuf(2,bytes,opt)
+
+ // Template describes the pods that will be created.
+ template: v1.PodTemplateSpec @go(Template) @protobuf(3,bytes,opt)
+
+ // The deployment strategy to use to replace existing pods with new ones.
+ // +optional
+ // +patchStrategy=retainKeys
+ strategy?: DeploymentStrategy @go(Strategy) @protobuf(4,bytes,opt)
+
+ // Minimum number of seconds for which a newly created pod should be ready
+ // without any of its container crashing, for it to be considered available.
+ // Defaults to 0 (pod will be considered available as soon as it is ready)
+ // +optional
+ minReadySeconds?: int32 @go(MinReadySeconds) @protobuf(5,varint,opt)
+
+ // The number of old ReplicaSets to retain to allow rollback.
+ // This is a pointer to distinguish between explicit zero and not specified.
+ // Defaults to 2.
+ // +optional
+ revisionHistoryLimit?: null | int32 @go(RevisionHistoryLimit,*int32) @protobuf(6,varint,opt)
+
+ // Indicates that the deployment is paused.
+ // +optional
+ paused?: bool @go(Paused) @protobuf(7,varint,opt)
+
+ // DEPRECATED.
+ // The config this deployment is rolling back to. Will be cleared after rollback is done.
+ // +optional
+ rollbackTo?: null | RollbackConfig @go(RollbackTo,*RollbackConfig) @protobuf(8,bytes,opt)
+
+ // The maximum time in seconds for a deployment to make progress before it
+ // is considered to be failed. The deployment controller will continue to
+ // process failed deployments and a condition with a ProgressDeadlineExceeded
+ // reason will be surfaced in the deployment status. Note that progress will
+ // not be estimated during the time a deployment is paused. Defaults to 600s.
+ // +optional
+ progressDeadlineSeconds?: null | int32 @go(ProgressDeadlineSeconds,*int32) @protobuf(9,varint,opt)
+}
+
+// DEPRECATED.
+// DeploymentRollback stores the information required to rollback a deployment.
+DeploymentRollback: metav1.TypeMeta & {
+ // Required: This must match the Name of a deployment.
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // The annotations to be updated to a deployment
+ // +optional
+ updatedAnnotations?: {<_>: string} @go(UpdatedAnnotations,map[string]string) @protobuf(2,bytes,rep)
+
+ // The config of this deployment rollback.
+ rollbackTo: RollbackConfig @go(RollbackTo) @protobuf(3,bytes,opt)
+}
+
+// DEPRECATED.
+RollbackConfig: {
+ // The revision to rollback to. If set to 0, rollback to the last revision.
+ // +optional
+ revision?: int64 @go(Revision) @protobuf(1,varint,opt)
+}
+
+// DefaultDeploymentUniqueLabelKey is the default key of the selector that is added
+// to existing ReplicaSets (and label key that is added to its pods) to prevent the existing ReplicaSets
+// to select new pods (and old pods being select by new ReplicaSet).
+DefaultDeploymentUniqueLabelKey: "pod-template-hash"
+
+// DeploymentStrategy describes how to replace existing pods with new ones.
+DeploymentStrategy: {
+ // Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate.
+ // +optional
+ type?: DeploymentStrategyType @go(Type) @protobuf(1,bytes,opt,casttype=DeploymentStrategyType)
+
+ // Rolling update config params. Present only if DeploymentStrategyType =
+ // RollingUpdate.
+ //---
+ // TODO: Update this to follow our convention for oneOf, whatever we decide it
+ // to be.
+ // +optional
+ rollingUpdate?: null | RollingUpdateDeployment @go(RollingUpdate,*RollingUpdateDeployment) @protobuf(2,bytes,opt)
+}
+
+DeploymentStrategyType: string // enumDeploymentStrategyType
+
+enumDeploymentStrategyType:
+ RecreateDeploymentStrategyType |
+ RollingUpdateDeploymentStrategyType
+
+// Kill all existing pods before creating new ones.
+RecreateDeploymentStrategyType: DeploymentStrategyType & "Recreate"
+
+// Replace the old ReplicaSets by new one using rolling update i.e gradually scale down the old ReplicaSets and scale up the new one.
+RollingUpdateDeploymentStrategyType: DeploymentStrategyType & "RollingUpdate"
+
+// Spec to control the desired behavior of rolling update.
+RollingUpdateDeployment: {
+ // The maximum number of pods that can be unavailable during the update.
+ // Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ // Absolute number is calculated from percentage by rounding down.
+ // This can not be 0 if MaxSurge is 0.
+ // Defaults to 25%.
+ // Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods
+ // immediately when the rolling update starts. Once new pods are ready, old ReplicaSet
+ // can be scaled down further, followed by scaling up the new ReplicaSet, ensuring
+ // that the total number of pods available at all times during the update is at
+ // least 70% of desired pods.
+ // +optional
+ maxUnavailable?: null | intstr.IntOrString @go(MaxUnavailable,*intstr.IntOrString) @protobuf(1,bytes,opt)
+
+ // The maximum number of pods that can be scheduled above the desired number of
+ // pods.
+ // Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ // This can not be 0 if MaxUnavailable is 0.
+ // Absolute number is calculated from percentage by rounding up.
+ // Defaults to 25%.
+ // Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when
+ // the rolling update starts, such that the total number of old and new pods do not exceed
+ // 130% of desired pods. Once old pods have been killed,
+ // new ReplicaSet can be scaled up further, ensuring that total number of pods running
+ // at any time during the update is at most 130% of desired pods.
+ // +optional
+ maxSurge?: null | intstr.IntOrString @go(MaxSurge,*intstr.IntOrString) @protobuf(2,bytes,opt)
+}
+
+// DeploymentStatus is the most recently observed status of the Deployment.
+DeploymentStatus: {
+ // The generation observed by the deployment controller.
+ // +optional
+ observedGeneration?: int64 @go(ObservedGeneration) @protobuf(1,varint,opt)
+
+ // Total number of non-terminated pods targeted by this deployment (their labels match the selector).
+ // +optional
+ replicas?: int32 @go(Replicas) @protobuf(2,varint,opt)
+
+ // Total number of non-terminated pods targeted by this deployment that have the desired template spec.
+ // +optional
+ updatedReplicas?: int32 @go(UpdatedReplicas) @protobuf(3,varint,opt)
+
+ // Total number of ready pods targeted by this deployment.
+ // +optional
+ readyReplicas?: int32 @go(ReadyReplicas) @protobuf(7,varint,opt)
+
+ // Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+ // +optional
+ availableReplicas?: int32 @go(AvailableReplicas) @protobuf(4,varint,opt)
+
+ // Total number of unavailable pods targeted by this deployment. This is the total number of
+ // pods that are still required for the deployment to have 100% available capacity. They may
+ // either be pods that are running but not yet available or pods that still have not been created.
+ // +optional
+ unavailableReplicas?: int32 @go(UnavailableReplicas) @protobuf(5,varint,opt)
+
+ // Represents the latest available observations of a deployment's current state.
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ conditions?: [...DeploymentCondition] @go(Conditions,[]DeploymentCondition) @protobuf(6,bytes,rep)
+
+ // Count of hash collisions for the Deployment. The Deployment controller uses this
+ // field as a collision avoidance mechanism when it needs to create the name for the
+ // newest ReplicaSet.
+ // +optional
+ collisionCount?: null | int32 @go(CollisionCount,*int32) @protobuf(8,varint,opt)
+}
+
+DeploymentConditionType: string // enumDeploymentConditionType
+
+enumDeploymentConditionType:
+ DeploymentAvailable |
+ DeploymentProgressing |
+ DeploymentReplicaFailure
+
+// Available means the deployment is available, ie. at least the minimum available
+// replicas required are up and running for at least minReadySeconds.
+DeploymentAvailable: DeploymentConditionType & "Available"
+
+// Progressing means the deployment is progressing. Progress for a deployment is
+// considered when a new replica set is created or adopted, and when new pods scale
+// up or old pods scale down. Progress is not estimated for paused deployments or
+// when progressDeadlineSeconds is not specified.
+DeploymentProgressing: DeploymentConditionType & "Progressing"
+
+// ReplicaFailure is added in a deployment when one of its pods fails to be created
+// or deleted.
+DeploymentReplicaFailure: DeploymentConditionType & "ReplicaFailure"
+
+// DeploymentCondition describes the state of a deployment at a certain point.
+DeploymentCondition: {
+ // Type of deployment condition.
+ type: DeploymentConditionType @go(Type) @protobuf(1,bytes,opt,casttype=DeploymentConditionType)
+
+ // Status of the condition, one of True, False, Unknown.
+ status: v1.ConditionStatus @go(Status) @protobuf(2,bytes,opt,casttype=k8s.io/api/core/v1.ConditionStatus)
+
+ // The last time this condition was updated.
+ lastUpdateTime?: metav1.Time @go(LastUpdateTime) @protobuf(6,bytes,opt)
+
+ // Last time the condition transitioned from one status to another.
+ lastTransitionTime?: metav1.Time @go(LastTransitionTime) @protobuf(7,bytes,opt)
+
+ // The reason for the condition's last transition.
+ reason?: string @go(Reason) @protobuf(4,bytes,opt)
+
+ // A human readable message indicating details about the transition.
+ message?: string @go(Message) @protobuf(5,bytes,opt)
+}
+
+// DeploymentList is a list of Deployments.
+DeploymentList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Items is the list of Deployments.
+ items: [...Deployment] @go(Items,[]Deployment) @protobuf(2,bytes,rep)
+}
+
+// DEPRECATED - This group version of ControllerRevision is deprecated by apps/v1beta2/ControllerRevision. See the
+// release notes for more information.
+// ControllerRevision implements an immutable snapshot of state data. Clients
+// are responsible for serializing and deserializing the objects that contain
+// their internal state.
+// Once a ControllerRevision has been successfully created, it can not be updated.
+// The API Server will fail validation of all requests that attempt to mutate
+// the Data field. ControllerRevisions may, however, be deleted. Note that, due to its use by both
+// the DaemonSet and StatefulSet controllers for update and rollback, this object is beta. However,
+// it may be subject to name and representation changes in future releases, and clients should not
+// depend on its stability. It is primarily for internal use by controllers.
+ControllerRevision: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Data is the serialized representation of the state.
+ data?: runtime.RawExtension @go(Data) @protobuf(2,bytes,opt)
+
+ // Revision indicates the revision of the state represented by Data.
+ revision: int64 @go(Revision) @protobuf(3,varint,opt)
+}
+
+// ControllerRevisionList is a resource containing a list of ControllerRevision objects.
+ControllerRevisionList: metav1.TypeMeta & {
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Items is the list of ControllerRevisions
+ items: [...ControllerRevision] @go(Items,[]ControllerRevision) @protobuf(2,bytes,rep)
+}
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/annotation_key_constants_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/annotation_key_constants_go_gen.cue
new file mode 100644
index 0000000..1798bdd
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/annotation_key_constants_go_gen.cue
@@ -0,0 +1,88 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/core/v1
+
+package v1
+
+// ImagePolicyFailedOpenKey is added to pods created by failing open when the image policy
+// webhook backend fails.
+ImagePolicyFailedOpenKey: "alpha.image-policy.k8s.io/failed-open"
+
+// PodPresetOptOutAnnotationKey represents the annotation key for a pod to exempt itself from pod preset manipulation
+PodPresetOptOutAnnotationKey: "podpreset.admission.kubernetes.io/exclude"
+
+// MirrorAnnotationKey represents the annotation key set by kubelets when creating mirror pods
+MirrorPodAnnotationKey: "kubernetes.io/config.mirror"
+
+// TolerationsAnnotationKey represents the key of tolerations data (json serialized)
+// in the Annotations of a Pod.
+TolerationsAnnotationKey: "scheduler.alpha.kubernetes.io/tolerations"
+
+// TaintsAnnotationKey represents the key of taints data (json serialized)
+// in the Annotations of a Node.
+TaintsAnnotationKey: "scheduler.alpha.kubernetes.io/taints"
+
+// SeccompPodAnnotationKey represents the key of a seccomp profile applied
+// to all containers of a pod.
+SeccompPodAnnotationKey: "seccomp.security.alpha.kubernetes.io/pod"
+
+// SeccompContainerAnnotationKeyPrefix represents the key of a seccomp profile applied
+// to one container of a pod.
+SeccompContainerAnnotationKeyPrefix: "container.seccomp.security.alpha.kubernetes.io/"
+
+// SeccompProfileRuntimeDefault represents the default seccomp profile used by container runtime.
+SeccompProfileRuntimeDefault: "runtime/default"
+
+// DeprecatedSeccompProfileDockerDefault represents the default seccomp profile used by docker.
+// This is now deprecated and should be replaced by SeccompProfileRuntimeDefault.
+DeprecatedSeccompProfileDockerDefault: "docker/default"
+
+// PreferAvoidPodsAnnotationKey represents the key of preferAvoidPods data (json serialized)
+// in the Annotations of a Node.
+PreferAvoidPodsAnnotationKey: "scheduler.alpha.kubernetes.io/preferAvoidPods"
+
+// ObjectTTLAnnotations represents a suggestion for kubelet for how long it can cache
+// an object (e.g. secret, config map) before fetching it again from apiserver.
+// This annotation can be attached to node.
+ObjectTTLAnnotationKey: "node.alpha.kubernetes.io/ttl"
+
+// annotation key prefix used to identify non-convertible json paths.
+NonConvertibleAnnotationPrefix: "non-convertible.kubernetes.io"
+
+// LastAppliedConfigAnnotation is the annotation used to store the previous
+// configuration of a resource for use in a three way diff by UpdateApplyAnnotation.
+LastAppliedConfigAnnotation: "kubectl.kubernetes.io/last-applied-configuration"
+
+// AnnotationLoadBalancerSourceRangesKey is the key of the annotation on a service to set allowed ingress ranges on their LoadBalancers
+//
+// It should be a comma-separated list of CIDRs, e.g. `0.0.0.0/0` to
+// allow full access (the default) or `18.0.0.0/8,56.0.0.0/8` to allow
+// access only from the CIDRs currently allocated to MIT & the USPS.
+//
+// Not all cloud providers support this annotation, though AWS & GCE do.
+AnnotationLoadBalancerSourceRangesKey: "service.beta.kubernetes.io/load-balancer-source-ranges"
+
+// EndpointsLastChangeTriggerTime is the annotation key, set for endpoints objects, that
+// represents the timestamp (stored as RFC 3339 date-time string, e.g. '2018-10-22T19:32:52.1Z')
+// of the last change, of some Pod or Service object, that triggered the endpoints object change.
+// In other words, if a Pod / Service changed at time T0, that change was observed by endpoints
+// controller at T1, and the Endpoints object was changed at T2, the
+// EndpointsLastChangeTriggerTime would be set to T0.
+//
+// The "endpoints change trigger" here means any Pod or Service change that resulted in the
+// Endpoints object change.
+//
+// Given the definition of the "endpoints change trigger", please note that this annotation will
+// be set ONLY for endpoints object changes triggered by either Pod or Service change. If the
+// Endpoints object changes due to other reasons, this annotation won't be set (or updated if it's
+// already set).
+//
+// This annotation will be used to compute the in-cluster network programming latency SLI, see
+// https://github.com/kubernetes/community/blob/master/sig-scalability/slos/network_programming_latency.md
+EndpointsLastChangeTriggerTime: "endpoints.kubernetes.io/last-change-trigger-time"
+
+// MigratedPluginsAnnotationKey is the annotation key, set for CSINode objects, that is a comma-separated
+// list of in-tree plugins that will be serviced by the CSI backend on the Node represented by CSINode.
+// This annotation is used by the Attach Detach Controller to determine whether to use the in-tree or
+// CSI Backend for a volume plugin on a specific node.
+MigratedPluginsAnnotationKey: "storage.alpha.kubernetes.io/migrated-plugins"
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/doc_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/doc_go_gen.cue
new file mode 100644
index 0000000..2bf1afc
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/doc_go_gen.cue
@@ -0,0 +1,6 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/core/v1
+
+// Package v1 is the v1 version of the core API.
+package v1
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/generated.pb_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/generated.pb_go_gen.cue
new file mode 100644
index 0000000..7fb1095
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/generated.pb_go_gen.cue
@@ -0,0 +1,211 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/core/v1
+
+/*
+ Package v1 is a generated protocol buffer package.
+
+ It is generated from these files:
+ k8s.io/kubernetes/vendor/k8s.io/api/core/v1/generated.proto
+
+ It has these top-level messages:
+ AWSElasticBlockStoreVolumeSource
+ Affinity
+ AttachedVolume
+ AvoidPods
+ AzureDiskVolumeSource
+ AzureFilePersistentVolumeSource
+ AzureFileVolumeSource
+ Binding
+ CSIPersistentVolumeSource
+ CSIVolumeSource
+ Capabilities
+ CephFSPersistentVolumeSource
+ CephFSVolumeSource
+ CinderPersistentVolumeSource
+ CinderVolumeSource
+ ClientIPConfig
+ ComponentCondition
+ ComponentStatus
+ ComponentStatusList
+ ConfigMap
+ ConfigMapEnvSource
+ ConfigMapKeySelector
+ ConfigMapList
+ ConfigMapNodeConfigSource
+ ConfigMapProjection
+ ConfigMapVolumeSource
+ Container
+ ContainerImage
+ ContainerPort
+ ContainerState
+ ContainerStateRunning
+ ContainerStateTerminated
+ ContainerStateWaiting
+ ContainerStatus
+ DaemonEndpoint
+ DownwardAPIProjection
+ DownwardAPIVolumeFile
+ DownwardAPIVolumeSource
+ EmptyDirVolumeSource
+ EndpointAddress
+ EndpointPort
+ EndpointSubset
+ Endpoints
+ EndpointsList
+ EnvFromSource
+ EnvVar
+ EnvVarSource
+ Event
+ EventList
+ EventSeries
+ EventSource
+ ExecAction
+ FCVolumeSource
+ FlexPersistentVolumeSource
+ FlexVolumeSource
+ FlockerVolumeSource
+ GCEPersistentDiskVolumeSource
+ GitRepoVolumeSource
+ GlusterfsPersistentVolumeSource
+ GlusterfsVolumeSource
+ HTTPGetAction
+ HTTPHeader
+ Handler
+ HostAlias
+ HostPathVolumeSource
+ ISCSIPersistentVolumeSource
+ ISCSIVolumeSource
+ KeyToPath
+ Lifecycle
+ LimitRange
+ LimitRangeItem
+ LimitRangeList
+ LimitRangeSpec
+ List
+ LoadBalancerIngress
+ LoadBalancerStatus
+ LocalObjectReference
+ LocalVolumeSource
+ NFSVolumeSource
+ Namespace
+ NamespaceList
+ NamespaceSpec
+ NamespaceStatus
+ Node
+ NodeAddress
+ NodeAffinity
+ NodeCondition
+ NodeConfigSource
+ NodeConfigStatus
+ NodeDaemonEndpoints
+ NodeList
+ NodeProxyOptions
+ NodeResources
+ NodeSelector
+ NodeSelectorRequirement
+ NodeSelectorTerm
+ NodeSpec
+ NodeStatus
+ NodeSystemInfo
+ ObjectFieldSelector
+ ObjectReference
+ PersistentVolume
+ PersistentVolumeClaim
+ PersistentVolumeClaimCondition
+ PersistentVolumeClaimList
+ PersistentVolumeClaimSpec
+ PersistentVolumeClaimStatus
+ PersistentVolumeClaimVolumeSource
+ PersistentVolumeList
+ PersistentVolumeSource
+ PersistentVolumeSpec
+ PersistentVolumeStatus
+ PhotonPersistentDiskVolumeSource
+ Pod
+ PodAffinity
+ PodAffinityTerm
+ PodAntiAffinity
+ PodAttachOptions
+ PodCondition
+ PodDNSConfig
+ PodDNSConfigOption
+ PodExecOptions
+ PodList
+ PodLogOptions
+ PodPortForwardOptions
+ PodProxyOptions
+ PodReadinessGate
+ PodSecurityContext
+ PodSignature
+ PodSpec
+ PodStatus
+ PodStatusResult
+ PodTemplate
+ PodTemplateList
+ PodTemplateSpec
+ PortworxVolumeSource
+ Preconditions
+ PreferAvoidPodsEntry
+ PreferredSchedulingTerm
+ Probe
+ ProjectedVolumeSource
+ QuobyteVolumeSource
+ RBDPersistentVolumeSource
+ RBDVolumeSource
+ RangeAllocation
+ ReplicationController
+ ReplicationControllerCondition
+ ReplicationControllerList
+ ReplicationControllerSpec
+ ReplicationControllerStatus
+ ResourceFieldSelector
+ ResourceQuota
+ ResourceQuotaList
+ ResourceQuotaSpec
+ ResourceQuotaStatus
+ ResourceRequirements
+ SELinuxOptions
+ ScaleIOPersistentVolumeSource
+ ScaleIOVolumeSource
+ ScopeSelector
+ ScopedResourceSelectorRequirement
+ Secret
+ SecretEnvSource
+ SecretKeySelector
+ SecretList
+ SecretProjection
+ SecretReference
+ SecretVolumeSource
+ SecurityContext
+ SerializedReference
+ Service
+ ServiceAccount
+ ServiceAccountList
+ ServiceAccountTokenProjection
+ ServiceList
+ ServicePort
+ ServiceProxyOptions
+ ServiceSpec
+ ServiceStatus
+ SessionAffinityConfig
+ StorageOSPersistentVolumeSource
+ StorageOSVolumeSource
+ Sysctl
+ TCPSocketAction
+ Taint
+ Toleration
+ TopologySelectorLabelRequirement
+ TopologySelectorTerm
+ TypedLocalObjectReference
+ Volume
+ VolumeDevice
+ VolumeMount
+ VolumeNodeAffinity
+ VolumeProjection
+ VolumeSource
+ VsphereVirtualDiskVolumeSource
+ WeightedPodAffinityTerm
+ WindowsSecurityContextOptions
+*/
+package v1
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/register_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/register_go_gen.cue
new file mode 100644
index 0000000..2f90ee9
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/register_go_gen.cue
@@ -0,0 +1,7 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/core/v1
+
+package v1
+
+GroupName: ""
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/types_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/types_go_gen.cue
new file mode 100644
index 0000000..e2e0989
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/types_go_gen.cue
@@ -0,0 +1,5837 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/core/v1
+
+package v1
+
+import (
+ "k8s.io/apimachinery/pkg/api/resource"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/types"
+ "k8s.io/apimachinery/pkg/util/intstr"
+)
+
+// NamespaceDefault means the object is in the default namespace which is applied when not specified by clients
+NamespaceDefault: "default"
+
+// NamespaceAll is the default argument to specify on a context when you want to list or filter resources across all namespaces
+NamespaceAll: ""
+
+// NamespaceNodeLease is the namespace where we place node lease objects (used for node heartbeats)
+NamespaceNodeLease: "kube-node-lease"
+
+// Volume represents a named volume in a pod that may be accessed by any container in the pod.
+Volume: VolumeSource & {
+ // Volume's name.
+ // Must be a DNS_LABEL and unique within the pod.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ name: string @go(Name) @protobuf(1,bytes,opt)
+}
+
+// Represents the source of a volume to mount.
+// Only one of its members may be specified.
+VolumeSource: {
+ // HostPath represents a pre-existing file or directory on the host
+ // machine that is directly exposed to the container. This is generally
+ // used for system agents or other privileged things that are allowed
+ // to see the host machine. Most containers will NOT need this.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ // ---
+ // TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
+ // mount host directories as read/write.
+ // +optional
+ hostPath?: null | HostPathVolumeSource @go(HostPath,*HostPathVolumeSource) @protobuf(1,bytes,opt)
+
+ // EmptyDir represents a temporary directory that shares a pod's lifetime.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ // +optional
+ emptyDir?: null | EmptyDirVolumeSource @go(EmptyDir,*EmptyDirVolumeSource) @protobuf(2,bytes,opt)
+
+ // GCEPersistentDisk represents a GCE Disk resource that is attached to a
+ // kubelet's host machine and then exposed to the pod.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ // +optional
+ gcePersistentDisk?: null | GCEPersistentDiskVolumeSource @go(GCEPersistentDisk,*GCEPersistentDiskVolumeSource) @protobuf(3,bytes,opt)
+
+ // AWSElasticBlockStore represents an AWS Disk resource that is attached to a
+ // kubelet's host machine and then exposed to the pod.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ // +optional
+ awsElasticBlockStore?: null | AWSElasticBlockStoreVolumeSource @go(AWSElasticBlockStore,*AWSElasticBlockStoreVolumeSource) @protobuf(4,bytes,opt)
+
+ // GitRepo represents a git repository at a particular revision.
+ // DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
+ // EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
+ // into the Pod's container.
+ // +optional
+ gitRepo?: null | GitRepoVolumeSource @go(GitRepo,*GitRepoVolumeSource) @protobuf(5,bytes,opt)
+
+ // Secret represents a secret that should populate this volume.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
+ // +optional
+ secret?: null | SecretVolumeSource @go(Secret,*SecretVolumeSource) @protobuf(6,bytes,opt)
+
+ // NFS represents an NFS mount on the host that shares a pod's lifetime
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ // +optional
+ nfs?: null | NFSVolumeSource @go(NFS,*NFSVolumeSource) @protobuf(7,bytes,opt)
+
+ // ISCSI represents an ISCSI Disk resource that is attached to a
+ // kubelet's host machine and then exposed to the pod.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/iscsi/README.md
+ // +optional
+ iscsi?: null | ISCSIVolumeSource @go(ISCSI,*ISCSIVolumeSource) @protobuf(8,bytes,opt)
+
+ // Glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md
+ // +optional
+ glusterfs?: null | GlusterfsVolumeSource @go(Glusterfs,*GlusterfsVolumeSource) @protobuf(9,bytes,opt)
+
+ // PersistentVolumeClaimVolumeSource represents a reference to a
+ // PersistentVolumeClaim in the same namespace.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ // +optional
+ persistentVolumeClaim?: null | PersistentVolumeClaimVolumeSource @go(PersistentVolumeClaim,*PersistentVolumeClaimVolumeSource) @protobuf(10,bytes,opt)
+
+ // RBD represents a Rados Block Device mount on the host that shares a pod's lifetime.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md
+ // +optional
+ rbd?: null | RBDVolumeSource @go(RBD,*RBDVolumeSource) @protobuf(11,bytes,opt)
+
+ // FlexVolume represents a generic volume resource that is
+ // provisioned/attached using an exec based plugin.
+ // +optional
+ flexVolume?: null | FlexVolumeSource @go(FlexVolume,*FlexVolumeSource) @protobuf(12,bytes,opt)
+
+ // Cinder represents a cinder volume attached and mounted on kubelets host machine
+ // More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md
+ // +optional
+ cinder?: null | CinderVolumeSource @go(Cinder,*CinderVolumeSource) @protobuf(13,bytes,opt)
+
+ // CephFS represents a Ceph FS mount on the host that shares a pod's lifetime
+ // +optional
+ cephfs?: null | CephFSVolumeSource @go(CephFS,*CephFSVolumeSource) @protobuf(14,bytes,opt)
+
+ // Flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running
+ // +optional
+ flocker?: null | FlockerVolumeSource @go(Flocker,*FlockerVolumeSource) @protobuf(15,bytes,opt)
+
+ // DownwardAPI represents downward API about the pod that should populate this volume
+ // +optional
+ downwardAPI?: null | DownwardAPIVolumeSource @go(DownwardAPI,*DownwardAPIVolumeSource) @protobuf(16,bytes,opt)
+
+ // FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.
+ // +optional
+ fc?: null | FCVolumeSource @go(FC,*FCVolumeSource) @protobuf(17,bytes,opt)
+
+ // AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
+ // +optional
+ azureFile?: null | AzureFileVolumeSource @go(AzureFile,*AzureFileVolumeSource) @protobuf(18,bytes,opt)
+
+ // ConfigMap represents a configMap that should populate this volume
+ // +optional
+ configMap?: null | ConfigMapVolumeSource @go(ConfigMap,*ConfigMapVolumeSource) @protobuf(19,bytes,opt)
+
+ // VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
+ // +optional
+ vsphereVolume?: null | VsphereVirtualDiskVolumeSource @go(VsphereVolume,*VsphereVirtualDiskVolumeSource) @protobuf(20,bytes,opt)
+
+ // Quobyte represents a Quobyte mount on the host that shares a pod's lifetime
+ // +optional
+ quobyte?: null | QuobyteVolumeSource @go(Quobyte,*QuobyteVolumeSource) @protobuf(21,bytes,opt)
+
+ // AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
+ // +optional
+ azureDisk?: null | AzureDiskVolumeSource @go(AzureDisk,*AzureDiskVolumeSource) @protobuf(22,bytes,opt)
+
+ // PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
+ photonPersistentDisk?: null | PhotonPersistentDiskVolumeSource @go(PhotonPersistentDisk,*PhotonPersistentDiskVolumeSource) @protobuf(23,bytes,opt)
+
+ // Items for all in one resources secrets, configmaps, and downward API
+ projected?: null | ProjectedVolumeSource @go(Projected,*ProjectedVolumeSource) @protobuf(26,bytes,opt)
+
+ // PortworxVolume represents a portworx volume attached and mounted on kubelets host machine
+ // +optional
+ portworxVolume?: null | PortworxVolumeSource @go(PortworxVolume,*PortworxVolumeSource) @protobuf(24,bytes,opt)
+
+ // ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.
+ // +optional
+ scaleIO?: null | ScaleIOVolumeSource @go(ScaleIO,*ScaleIOVolumeSource) @protobuf(25,bytes,opt)
+
+ // StorageOS represents a StorageOS volume attached and mounted on Kubernetes nodes.
+ // +optional
+ storageos?: null | StorageOSVolumeSource @go(StorageOS,*StorageOSVolumeSource) @protobuf(27,bytes,opt)
+
+ // CSI (Container Storage Interface) represents storage that is handled by an external CSI driver (Alpha feature).
+ // +optional
+ csi?: null | CSIVolumeSource @go(CSI,*CSIVolumeSource) @protobuf(28,bytes,opt)
+}
+
+// PersistentVolumeClaimVolumeSource references the user's PVC in the same namespace.
+// This volume finds the bound PV and mounts that volume for the pod. A
+// PersistentVolumeClaimVolumeSource is, essentially, a wrapper around another
+// type of volume that is owned by someone else (the system).
+PersistentVolumeClaimVolumeSource: {
+ // ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ claimName: string @go(ClaimName) @protobuf(1,bytes,opt)
+
+ // Will force the ReadOnly setting in VolumeMounts.
+ // Default false.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(2,varint,opt)
+}
+
+// PersistentVolumeSource is similar to VolumeSource but meant for the
+// administrator who creates PVs. Exactly one of its members must be set.
+PersistentVolumeSource: {
+ // GCEPersistentDisk represents a GCE Disk resource that is attached to a
+ // kubelet's host machine and then exposed to the pod. Provisioned by an admin.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ // +optional
+ gcePersistentDisk?: null | GCEPersistentDiskVolumeSource @go(GCEPersistentDisk,*GCEPersistentDiskVolumeSource) @protobuf(1,bytes,opt)
+
+ // AWSElasticBlockStore represents an AWS Disk resource that is attached to a
+ // kubelet's host machine and then exposed to the pod.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ // +optional
+ awsElasticBlockStore?: null | AWSElasticBlockStoreVolumeSource @go(AWSElasticBlockStore,*AWSElasticBlockStoreVolumeSource) @protobuf(2,bytes,opt)
+
+ // HostPath represents a directory on the host.
+ // Provisioned by a developer or tester.
+ // This is useful for single-node development and testing only!
+ // On-host storage is not supported in any way and WILL NOT WORK in a multi-node cluster.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ // +optional
+ hostPath?: null | HostPathVolumeSource @go(HostPath,*HostPathVolumeSource) @protobuf(3,bytes,opt)
+
+ // Glusterfs represents a Glusterfs volume that is attached to a host and
+ // exposed to the pod. Provisioned by an admin.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md
+ // +optional
+ glusterfs?: null | GlusterfsPersistentVolumeSource @go(Glusterfs,*GlusterfsPersistentVolumeSource) @protobuf(4,bytes,opt)
+
+ // NFS represents an NFS mount on the host. Provisioned by an admin.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ // +optional
+ nfs?: null | NFSVolumeSource @go(NFS,*NFSVolumeSource) @protobuf(5,bytes,opt)
+
+ // RBD represents a Rados Block Device mount on the host that shares a pod's lifetime.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md
+ // +optional
+ rbd?: null | RBDPersistentVolumeSource @go(RBD,*RBDPersistentVolumeSource) @protobuf(6,bytes,opt)
+
+ // ISCSI represents an ISCSI Disk resource that is attached to a
+ // kubelet's host machine and then exposed to the pod. Provisioned by an admin.
+ // +optional
+ iscsi?: null | ISCSIPersistentVolumeSource @go(ISCSI,*ISCSIPersistentVolumeSource) @protobuf(7,bytes,opt)
+
+ // Cinder represents a cinder volume attached and mounted on kubelets host machine
+ // More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md
+ // +optional
+ cinder?: null | CinderPersistentVolumeSource @go(Cinder,*CinderPersistentVolumeSource) @protobuf(8,bytes,opt)
+
+ // CephFS represents a Ceph FS mount on the host that shares a pod's lifetime
+ // +optional
+ cephfs?: null | CephFSPersistentVolumeSource @go(CephFS,*CephFSPersistentVolumeSource) @protobuf(9,bytes,opt)
+
+ // FC represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.
+ // +optional
+ fc?: null | FCVolumeSource @go(FC,*FCVolumeSource) @protobuf(10,bytes,opt)
+
+ // Flocker represents a Flocker volume attached to a kubelet's host machine and exposed to the pod for its usage. This depends on the Flocker control service being running
+ // +optional
+ flocker?: null | FlockerVolumeSource @go(Flocker,*FlockerVolumeSource) @protobuf(11,bytes,opt)
+
+ // FlexVolume represents a generic volume resource that is
+ // provisioned/attached using an exec based plugin.
+ // +optional
+ flexVolume?: null | FlexPersistentVolumeSource @go(FlexVolume,*FlexPersistentVolumeSource) @protobuf(12,bytes,opt)
+
+ // AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
+ // +optional
+ azureFile?: null | AzureFilePersistentVolumeSource @go(AzureFile,*AzureFilePersistentVolumeSource) @protobuf(13,bytes,opt)
+
+ // VsphereVolume represents a vSphere volume attached and mounted on kubelets host machine
+ // +optional
+ vsphereVolume?: null | VsphereVirtualDiskVolumeSource @go(VsphereVolume,*VsphereVirtualDiskVolumeSource) @protobuf(14,bytes,opt)
+
+ // Quobyte represents a Quobyte mount on the host that shares a pod's lifetime
+ // +optional
+ quobyte?: null | QuobyteVolumeSource @go(Quobyte,*QuobyteVolumeSource) @protobuf(15,bytes,opt)
+
+ // AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
+ // +optional
+ azureDisk?: null | AzureDiskVolumeSource @go(AzureDisk,*AzureDiskVolumeSource) @protobuf(16,bytes,opt)
+
+ // PhotonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine
+ photonPersistentDisk?: null | PhotonPersistentDiskVolumeSource @go(PhotonPersistentDisk,*PhotonPersistentDiskVolumeSource) @protobuf(17,bytes,opt)
+
+ // PortworxVolume represents a portworx volume attached and mounted on kubelets host machine
+ // +optional
+ portworxVolume?: null | PortworxVolumeSource @go(PortworxVolume,*PortworxVolumeSource) @protobuf(18,bytes,opt)
+
+ // ScaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes.
+ // +optional
+ scaleIO?: null | ScaleIOPersistentVolumeSource @go(ScaleIO,*ScaleIOPersistentVolumeSource) @protobuf(19,bytes,opt)
+
+ // Local represents directly-attached storage with node affinity
+ // +optional
+ local?: null | LocalVolumeSource @go(Local,*LocalVolumeSource) @protobuf(20,bytes,opt)
+
+ // StorageOS represents a StorageOS volume that is attached to the kubelet's host machine and mounted into the pod
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/storageos/README.md
+ // +optional
+ storageos?: null | StorageOSPersistentVolumeSource @go(StorageOS,*StorageOSPersistentVolumeSource) @protobuf(21,bytes,opt)
+
+ // CSI represents storage that is handled by an external CSI driver (Beta feature).
+ // +optional
+ csi?: null | CSIPersistentVolumeSource @go(CSI,*CSIPersistentVolumeSource) @protobuf(22,bytes,opt)
+}
+
+// BetaStorageClassAnnotation represents the beta/previous StorageClass annotation.
+// It's currently still used and will be held for backwards compatibility
+BetaStorageClassAnnotation: "volume.beta.kubernetes.io/storage-class"
+
+// MountOptionAnnotation defines mount option annotation used in PVs
+MountOptionAnnotation: "volume.beta.kubernetes.io/mount-options"
+
+// PersistentVolume (PV) is a storage resource provisioned by an administrator.
+// It is analogous to a node.
+// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes
+PersistentVolume: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec defines a specification of a persistent volume owned by the cluster.
+ // Provisioned by an administrator.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes
+ // +optional
+ spec?: PersistentVolumeSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Status represents the current information/status for the persistent volume.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistent-volumes
+ // +optional
+ status?: PersistentVolumeStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// PersistentVolumeSpec is the specification of a persistent volume.
+PersistentVolumeSpec: PersistentVolumeSource & {
+ // A description of the persistent volume's resources and capacity.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity
+ // +optional
+ capacity?: ResourceList @go(Capacity) @protobuf(1,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // AccessModes contains all ways the volume can be mounted.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes
+ // +optional
+ accessModes?: [...PersistentVolumeAccessMode] @go(AccessModes,[]PersistentVolumeAccessMode) @protobuf(3,bytes,rep,casttype=PersistentVolumeAccessMode)
+
+ // ClaimRef is part of a bi-directional binding between PersistentVolume and PersistentVolumeClaim.
+ // Expected to be non-nil when bound.
+ // claim.VolumeName is the authoritative bind between PV and PVC.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#binding
+ // +optional
+ claimRef?: null | ObjectReference @go(ClaimRef,*ObjectReference) @protobuf(4,bytes,opt)
+
+ // What happens to a persistent volume when released from its claim.
+ // Valid options are Retain (default for manually created PersistentVolumes), Delete (default
+ // for dynamically provisioned PersistentVolumes), and Recycle (deprecated).
+ // Recycle must be supported by the volume plugin underlying this PersistentVolume.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#reclaiming
+ // +optional
+ persistentVolumeReclaimPolicy?: PersistentVolumeReclaimPolicy @go(PersistentVolumeReclaimPolicy) @protobuf(5,bytes,opt,casttype=PersistentVolumeReclaimPolicy)
+
+ // Name of StorageClass to which this persistent volume belongs. Empty value
+ // means that this volume does not belong to any StorageClass.
+ // +optional
+ storageClassName?: string @go(StorageClassName) @protobuf(6,bytes,opt)
+
+ // A list of mount options, e.g. ["ro", "soft"]. Not validated - mount will
+ // simply fail if one is invalid.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#mount-options
+ // +optional
+ mountOptions?: [...string] @go(MountOptions,[]string) @protobuf(7,bytes,opt)
+
+ // volumeMode defines if a volume is intended to be used with a formatted filesystem
+ // or to remain in raw block state. Value of Filesystem is implied when not included in spec.
+ // This is a beta feature.
+ // +optional
+ volumeMode?: null | PersistentVolumeMode @go(VolumeMode,*PersistentVolumeMode) @protobuf(8,bytes,opt,casttype=PersistentVolumeMode)
+
+ // NodeAffinity defines constraints that limit what nodes this volume can be accessed from.
+ // This field influences the scheduling of pods that use this volume.
+ // +optional
+ nodeAffinity?: null | VolumeNodeAffinity @go(NodeAffinity,*VolumeNodeAffinity) @protobuf(9,bytes,opt)
+}
+
+// VolumeNodeAffinity defines constraints that limit what nodes this volume can be accessed from.
+VolumeNodeAffinity: {
+ // Required specifies hard node constraints that must be met.
+ required?: null | NodeSelector @go(Required,*NodeSelector) @protobuf(1,bytes,opt)
+}
+
+// PersistentVolumeReclaimPolicy describes a policy for end-of-life maintenance of persistent volumes.
+PersistentVolumeReclaimPolicy: string // enumPersistentVolumeReclaimPolicy
+
+enumPersistentVolumeReclaimPolicy:
+ PersistentVolumeReclaimRecycle |
+ PersistentVolumeReclaimDelete |
+ PersistentVolumeReclaimRetain
+
+// PersistentVolumeReclaimRecycle means the volume will be recycled back into the pool of unbound persistent volumes on release from its claim.
+// The volume plugin must support Recycling.
+PersistentVolumeReclaimRecycle: PersistentVolumeReclaimPolicy & "Recycle"
+
+// PersistentVolumeReclaimDelete means the volume will be deleted from Kubernetes on release from its claim.
+// The volume plugin must support Deletion.
+PersistentVolumeReclaimDelete: PersistentVolumeReclaimPolicy & "Delete"
+
+// PersistentVolumeReclaimRetain means the volume will be left in its current phase (Released) for manual reclamation by the administrator.
+// The default policy is Retain.
+PersistentVolumeReclaimRetain: PersistentVolumeReclaimPolicy & "Retain"
+
+// PersistentVolumeMode describes how a volume is intended to be consumed, either Block or Filesystem.
+PersistentVolumeMode: string // enumPersistentVolumeMode
+
+enumPersistentVolumeMode:
+ PersistentVolumeBlock |
+ PersistentVolumeFilesystem
+
+// PersistentVolumeBlock means the volume will not be formatted with a filesystem and will remain a raw block device.
+PersistentVolumeBlock: PersistentVolumeMode & "Block"
+
+// PersistentVolumeFilesystem means the volume will be or is formatted with a filesystem.
+PersistentVolumeFilesystem: PersistentVolumeMode & "Filesystem"
+
+// PersistentVolumeStatus is the current status of a persistent volume.
+PersistentVolumeStatus: {
+ // Phase indicates if a volume is available, bound to a claim, or released by a claim.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase
+ // +optional
+ phase?: PersistentVolumePhase @go(Phase) @protobuf(1,bytes,opt,casttype=PersistentVolumePhase)
+
+ // A human-readable message indicating details about why the volume is in this state.
+ // +optional
+ message?: string @go(Message) @protobuf(2,bytes,opt)
+
+ // Reason is a brief CamelCase string that describes any failure and is meant
+ // for machine parsing and tidy display in the CLI.
+ // +optional
+ reason?: string @go(Reason) @protobuf(3,bytes,opt)
+}
+
+// PersistentVolumeList is a list of PersistentVolume items.
+PersistentVolumeList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of persistent volumes.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes
+ items: [...PersistentVolume] @go(Items,[]PersistentVolume) @protobuf(2,bytes,rep)
+}
+
+// PersistentVolumeClaim is a user's request for and claim to a persistent volume
+PersistentVolumeClaim: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec defines the desired characteristics of a volume requested by a pod author.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ // +optional
+ spec?: PersistentVolumeClaimSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Status represents the current information/status of a persistent volume claim.
+ // Read-only.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ // +optional
+ status?: PersistentVolumeClaimStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// PersistentVolumeClaimList is a list of PersistentVolumeClaim items.
+PersistentVolumeClaimList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // A list of persistent volume claims.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
+ items: [...PersistentVolumeClaim] @go(Items,[]PersistentVolumeClaim) @protobuf(2,bytes,rep)
+}
+
+// PersistentVolumeClaimSpec describes the common attributes of storage devices
+// and allows a Source for provider-specific attributes
+PersistentVolumeClaimSpec: {
+ // AccessModes contains the desired access modes the volume should have.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
+ // +optional
+ accessModes?: [...PersistentVolumeAccessMode] @go(AccessModes,[]PersistentVolumeAccessMode) @protobuf(1,bytes,rep,casttype=PersistentVolumeAccessMode)
+
+ // A label query over volumes to consider for binding.
+ // +optional
+ selector?: null | metav1.LabelSelector @go(Selector,*metav1.LabelSelector) @protobuf(4,bytes,opt)
+
+ // Resources represents the minimum resources the volume should have.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
+ // +optional
+ resources?: ResourceRequirements @go(Resources) @protobuf(2,bytes,opt)
+
+ // VolumeName is the binding reference to the PersistentVolume backing this claim.
+ // +optional
+ volumeName?: string @go(VolumeName) @protobuf(3,bytes,opt)
+
+ // Name of the StorageClass required by the claim.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+ // +optional
+ storageClassName?: null | string @go(StorageClassName,*string) @protobuf(5,bytes,opt)
+
+ // volumeMode defines what type of volume is required by the claim.
+ // Value of Filesystem is implied when not included in claim spec.
+ // This is a beta feature.
+ // +optional
+ volumeMode?: null | PersistentVolumeMode @go(VolumeMode,*PersistentVolumeMode) @protobuf(6,bytes,opt,casttype=PersistentVolumeMode)
+
+ // This field requires the VolumeSnapshotDataSource alpha feature gate to be
+ // enabled and currently VolumeSnapshot is the only supported data source.
+ // If the provisioner can support VolumeSnapshot data source, it will create
+ // a new volume and data will be restored to the volume at the same time.
+ // If the provisioner does not support VolumeSnapshot data source, volume will
+ // not be created and the failure will be reported as an event.
+ // In the future, we plan to support more data source types and the behavior
+ // of the provisioner may change.
+ // +optional
+ dataSource?: null | TypedLocalObjectReference @go(DataSource,*TypedLocalObjectReference) @protobuf(7,bytes,opt)
+}
+
+// PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
+PersistentVolumeClaimConditionType: string // enumPersistentVolumeClaimConditionType
+
+enumPersistentVolumeClaimConditionType:
+ PersistentVolumeClaimResizing |
+ PersistentVolumeClaimFileSystemResizePending
+
+// PersistentVolumeClaimResizing - a user trigger resize of pvc has been started
+PersistentVolumeClaimResizing: PersistentVolumeClaimConditionType & "Resizing"
+
+// PersistentVolumeClaimFileSystemResizePending - controller resize is finished and a file system resize is pending on node
+PersistentVolumeClaimFileSystemResizePending: PersistentVolumeClaimConditionType & "FileSystemResizePending"
+
+// PersistentVolumeClaimCondition contails details about state of pvc
+PersistentVolumeClaimCondition: {
+ type: PersistentVolumeClaimConditionType @go(Type) @protobuf(1,bytes,opt,casttype=PersistentVolumeClaimConditionType)
+ status: ConditionStatus @go(Status) @protobuf(2,bytes,opt,casttype=ConditionStatus)
+
+ // Last time we probed the condition.
+ // +optional
+ lastProbeTime?: metav1.Time @go(LastProbeTime) @protobuf(3,bytes,opt)
+
+ // Last time the condition transitioned from one status to another.
+ // +optional
+ lastTransitionTime?: metav1.Time @go(LastTransitionTime) @protobuf(4,bytes,opt)
+
+ // Unique, this should be a short, machine understandable string that gives the reason
+ // for condition's last transition. If it reports "ResizeStarted" that means the underlying
+ // persistent volume is being resized.
+ // +optional
+ reason?: string @go(Reason) @protobuf(5,bytes,opt)
+
+ // Human-readable message indicating details about last transition.
+ // +optional
+ message?: string @go(Message) @protobuf(6,bytes,opt)
+}
+
+// PersistentVolumeClaimStatus is the current status of a persistent volume claim.
+PersistentVolumeClaimStatus: {
+ // Phase represents the current phase of PersistentVolumeClaim.
+ // +optional
+ phase?: PersistentVolumeClaimPhase @go(Phase) @protobuf(1,bytes,opt,casttype=PersistentVolumeClaimPhase)
+
+ // AccessModes contains the actual access modes the volume backing the PVC has.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
+ // +optional
+ accessModes?: [...PersistentVolumeAccessMode] @go(AccessModes,[]PersistentVolumeAccessMode) @protobuf(2,bytes,rep,casttype=PersistentVolumeAccessMode)
+
+ // Represents the actual resources of the underlying volume.
+ // +optional
+ capacity?: ResourceList @go(Capacity) @protobuf(3,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // Current Condition of persistent volume claim. If underlying persistent volume is being
+ // resized then the Condition will be set to 'ResizeStarted'.
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ conditions?: [...PersistentVolumeClaimCondition] @go(Conditions,[]PersistentVolumeClaimCondition) @protobuf(4,bytes,rep)
+}
+
+PersistentVolumeAccessMode: string // enumPersistentVolumeAccessMode
+
+enumPersistentVolumeAccessMode:
+ ReadWriteOnce |
+ ReadOnlyMany |
+ ReadWriteMany
+
+// can be mounted in read/write mode to exactly 1 host
+ReadWriteOnce: PersistentVolumeAccessMode & "ReadWriteOnce"
+
+// can be mounted in read-only mode to many hosts
+ReadOnlyMany: PersistentVolumeAccessMode & "ReadOnlyMany"
+
+// can be mounted in read/write mode to many hosts
+ReadWriteMany: PersistentVolumeAccessMode & "ReadWriteMany"
+
+PersistentVolumePhase: string // enumPersistentVolumePhase
+
+enumPersistentVolumePhase:
+ VolumePending |
+ VolumeAvailable |
+ VolumeBound |
+ VolumeReleased |
+ VolumeFailed
+
+// used for PersistentVolumes that are not available
+VolumePending: PersistentVolumePhase & "Pending"
+
+// used for PersistentVolumes that are not yet bound
+// Available volumes are held by the binder and matched to PersistentVolumeClaims
+VolumeAvailable: PersistentVolumePhase & "Available"
+
+// used for PersistentVolumes that are bound
+VolumeBound: PersistentVolumePhase & "Bound"
+
+// used for PersistentVolumes where the bound PersistentVolumeClaim was deleted
+// released volumes must be recycled before becoming available again
+// this phase is used by the persistent volume claim binder to signal to another process to reclaim the resource
+VolumeReleased: PersistentVolumePhase & "Released"
+
+// used for PersistentVolumes that failed to be correctly recycled or deleted after being released from a claim
+VolumeFailed: PersistentVolumePhase & "Failed"
+
+PersistentVolumeClaimPhase: string // enumPersistentVolumeClaimPhase
+
+enumPersistentVolumeClaimPhase:
+ ClaimPending |
+ ClaimBound |
+ ClaimLost
+
+// used for PersistentVolumeClaims that are not yet bound
+ClaimPending: PersistentVolumeClaimPhase & "Pending"
+
+// used for PersistentVolumeClaims that are bound
+ClaimBound: PersistentVolumeClaimPhase & "Bound"
+
+// used for PersistentVolumeClaims that lost their underlying
+// PersistentVolume. The claim was bound to a PersistentVolume and this
+// volume does not exist any longer and all data on it was lost.
+ClaimLost: PersistentVolumeClaimPhase & "Lost"
+
+HostPathType: string // enumHostPathType
+
+enumHostPathType:
+ HostPathUnset |
+ HostPathDirectoryOrCreate |
+ HostPathDirectory |
+ HostPathFileOrCreate |
+ HostPathFile |
+ HostPathSocket |
+ HostPathCharDev |
+ HostPathBlockDev
+
+// For backwards compatible, leave it empty if unset
+HostPathUnset: HostPathType & ""
+
+// If nothing exists at the given path, an empty directory will be created there
+// as needed with file mode 0755, having the same group and ownership with Kubelet.
+HostPathDirectoryOrCreate: HostPathType & "DirectoryOrCreate"
+
+// A directory must exist at the given path
+HostPathDirectory: HostPathType & "Directory"
+
+// If nothing exists at the given path, an empty file will be created there
+// as needed with file mode 0644, having the same group and ownership with Kubelet.
+HostPathFileOrCreate: HostPathType & "FileOrCreate"
+
+// A file must exist at the given path
+HostPathFile: HostPathType & "File"
+
+// A UNIX socket must exist at the given path
+HostPathSocket: HostPathType & "Socket"
+
+// A character device must exist at the given path
+HostPathCharDev: HostPathType & "CharDevice"
+
+// A block device must exist at the given path
+HostPathBlockDev: HostPathType & "BlockDevice"
+
+// Represents a host path mapped into a pod.
+// Host path volumes do not support ownership management or SELinux relabeling.
+HostPathVolumeSource: {
+ // Path of the directory on the host.
+ // If the path is a symlink, it will follow the link to the real path.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ path: string @go(Path) @protobuf(1,bytes,opt)
+
+ // Type for HostPath Volume
+ // Defaults to ""
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+ // +optional
+ type?: null | HostPathType @go(Type,*HostPathType) @protobuf(2,bytes,opt)
+}
+
+// Represents an empty directory for a pod.
+// Empty directory volumes support ownership management and SELinux relabeling.
+EmptyDirVolumeSource: {
+ // What type of storage medium should back this directory.
+ // The default is "" which means to use the node's default medium.
+ // Must be an empty string (default) or Memory.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir
+ // +optional
+ medium?: StorageMedium @go(Medium) @protobuf(1,bytes,opt,casttype=StorageMedium)
+
+ // Total amount of local storage required for this EmptyDir volume.
+ // The size limit is also applicable for memory medium.
+ // The maximum usage on memory medium EmptyDir would be the minimum value between
+ // the SizeLimit specified here and the sum of memory limits of all containers in a pod.
+ // The default is nil which means that the limit is undefined.
+ // More info: http://kubernetes.io/docs/user-guide/volumes#emptydir
+ // +optional
+ sizeLimit?: null | resource.Quantity @go(SizeLimit,*resource.Quantity) @protobuf(2,bytes,opt)
+}
+
+// Represents a Glusterfs mount that lasts the lifetime of a pod.
+// Glusterfs volumes do not support ownership management or SELinux relabeling.
+GlusterfsVolumeSource: {
+ // EndpointsName is the endpoint name that details Glusterfs topology.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod
+ endpoints: string @go(EndpointsName) @protobuf(1,bytes,opt)
+
+ // Path is the Glusterfs volume path.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod
+ path: string @go(Path) @protobuf(2,bytes,opt)
+
+ // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions.
+ // Defaults to false.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(3,varint,opt)
+}
+
+// Represents a Glusterfs mount that lasts the lifetime of a pod.
+// Glusterfs volumes do not support ownership management or SELinux relabeling.
+GlusterfsPersistentVolumeSource: {
+ // EndpointsName is the endpoint name that details Glusterfs topology.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod
+ endpoints: string @go(EndpointsName) @protobuf(1,bytes,opt)
+
+ // Path is the Glusterfs volume path.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod
+ path: string @go(Path) @protobuf(2,bytes,opt)
+
+ // ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions.
+ // Defaults to false.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(3,varint,opt)
+
+ // EndpointsNamespace is the namespace that contains Glusterfs endpoint.
+ // If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/glusterfs/README.md#create-a-pod
+ // +optional
+ endpointsNamespace?: null | string @go(EndpointsNamespace,*string) @protobuf(4,bytes,opt)
+}
+
+// Represents a Rados Block Device mount that lasts the lifetime of a pod.
+// RBD volumes support ownership management and SELinux relabeling.
+RBDVolumeSource: {
+ // A collection of Ceph monitors.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ monitors: [...string] @go(CephMonitors,[]string) @protobuf(1,bytes,rep)
+
+ // The rados image name.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ image: string @go(RBDImage) @protobuf(2,bytes,opt)
+
+ // Filesystem type of the volume that you want to mount.
+ // Tip: Ensure that the filesystem type is supported by the host operating system.
+ // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ // TODO: how do we prevent errors in the filesystem from compromising the machine
+ // +optional
+ fsType?: string @go(FSType) @protobuf(3,bytes,opt)
+
+ // The rados pool name.
+ // Default is rbd.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ // +optional
+ pool?: string @go(RBDPool) @protobuf(4,bytes,opt)
+
+ // The rados user name.
+ // Default is admin.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ // +optional
+ user?: string @go(RadosUser) @protobuf(5,bytes,opt)
+
+ // Keyring is the path to key ring for RBDUser.
+ // Default is /etc/ceph/keyring.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ // +optional
+ keyring?: string @go(Keyring) @protobuf(6,bytes,opt)
+
+ // SecretRef is name of the authentication secret for RBDUser. If provided
+ // overrides keyring.
+ // Default is nil.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ // +optional
+ secretRef?: null | LocalObjectReference @go(SecretRef,*LocalObjectReference) @protobuf(7,bytes,opt)
+
+ // ReadOnly here will force the ReadOnly setting in VolumeMounts.
+ // Defaults to false.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(8,varint,opt)
+}
+
+// Represents a Rados Block Device mount that lasts the lifetime of a pod.
+// RBD volumes support ownership management and SELinux relabeling.
+RBDPersistentVolumeSource: {
+ // A collection of Ceph monitors.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ monitors: [...string] @go(CephMonitors,[]string) @protobuf(1,bytes,rep)
+
+ // The rados image name.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ image: string @go(RBDImage) @protobuf(2,bytes,opt)
+
+ // Filesystem type of the volume that you want to mount.
+ // Tip: Ensure that the filesystem type is supported by the host operating system.
+ // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
+ // TODO: how do we prevent errors in the filesystem from compromising the machine
+ // +optional
+ fsType?: string @go(FSType) @protobuf(3,bytes,opt)
+
+ // The rados pool name.
+ // Default is rbd.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ // +optional
+ pool?: string @go(RBDPool) @protobuf(4,bytes,opt)
+
+ // The rados user name.
+ // Default is admin.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ // +optional
+ user?: string @go(RadosUser) @protobuf(5,bytes,opt)
+
+ // Keyring is the path to key ring for RBDUser.
+ // Default is /etc/ceph/keyring.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ // +optional
+ keyring?: string @go(Keyring) @protobuf(6,bytes,opt)
+
+ // SecretRef is name of the authentication secret for RBDUser. If provided
+ // overrides keyring.
+ // Default is nil.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ // +optional
+ secretRef?: null | SecretReference @go(SecretRef,*SecretReference) @protobuf(7,bytes,opt)
+
+ // ReadOnly here will force the ReadOnly setting in VolumeMounts.
+ // Defaults to false.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/rbd/README.md#how-to-use-it
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(8,varint,opt)
+}
+
+// Represents a cinder volume resource in Openstack.
+// A Cinder volume must exist before mounting to a container.
+// The volume must also be in the same region as the kubelet.
+// Cinder volumes support ownership management and SELinux relabeling.
+CinderVolumeSource: {
+ // volume id used to identify the volume in cinder
+ // More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md
+ volumeID: string @go(VolumeID) @protobuf(1,bytes,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md
+ // +optional
+ fsType?: string @go(FSType) @protobuf(2,bytes,opt)
+
+ // Optional: Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(3,varint,opt)
+
+ // Optional: points to a secret object containing parameters used to connect
+ // to OpenStack.
+ // +optional
+ secretRef?: null | LocalObjectReference @go(SecretRef,*LocalObjectReference) @protobuf(4,bytes,opt)
+}
+
+// Represents a cinder volume resource in Openstack.
+// A Cinder volume must exist before mounting to a container.
+// The volume must also be in the same region as the kubelet.
+// Cinder volumes support ownership management and SELinux relabeling.
+CinderPersistentVolumeSource: {
+ // volume id used to identify the volume in cinder
+ // More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md
+ volumeID: string @go(VolumeID) @protobuf(1,bytes,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md
+ // +optional
+ fsType?: string @go(FSType) @protobuf(2,bytes,opt)
+
+ // Optional: Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // More info: https://releases.k8s.io/HEAD/examples/mysql-cinder-pd/README.md
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(3,varint,opt)
+
+ // Optional: points to a secret object containing parameters used to connect
+ // to OpenStack.
+ // +optional
+ secretRef?: null | SecretReference @go(SecretRef,*SecretReference) @protobuf(4,bytes,opt)
+}
+
+// Represents a Ceph Filesystem mount that lasts the lifetime of a pod
+// Cephfs volumes do not support ownership management or SELinux relabeling.
+CephFSVolumeSource: {
+ // Required: Monitors is a collection of Ceph monitors
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it
+ monitors: [...string] @go(Monitors,[]string) @protobuf(1,bytes,rep)
+
+ // Optional: Used as the mounted root, rather than the full Ceph tree, default is /
+ // +optional
+ path?: string @go(Path) @protobuf(2,bytes,opt)
+
+ // Optional: User is the rados user name, default is admin
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it
+ // +optional
+ user?: string @go(User) @protobuf(3,bytes,opt)
+
+ // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it
+ // +optional
+ secretFile?: string @go(SecretFile) @protobuf(4,bytes,opt)
+
+ // Optional: SecretRef is reference to the authentication secret for User, default is empty.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it
+ // +optional
+ secretRef?: null | LocalObjectReference @go(SecretRef,*LocalObjectReference) @protobuf(5,bytes,opt)
+
+ // Optional: Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(6,varint,opt)
+}
+
+// SecretReference represents a Secret Reference. It has enough information to retrieve secret
+// in any namespace
+SecretReference: {
+ // Name is unique within a namespace to reference a secret resource.
+ // +optional
+ name?: string @go(Name) @protobuf(1,bytes,opt)
+
+ // Namespace defines the space within which the secret name must be unique.
+ // +optional
+ namespace?: string @go(Namespace) @protobuf(2,bytes,opt)
+}
+
+// Represents a Ceph Filesystem mount that lasts the lifetime of a pod
+// Cephfs volumes do not support ownership management or SELinux relabeling.
+CephFSPersistentVolumeSource: {
+ // Required: Monitors is a collection of Ceph monitors
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it
+ monitors: [...string] @go(Monitors,[]string) @protobuf(1,bytes,rep)
+
+ // Optional: Used as the mounted root, rather than the full Ceph tree, default is /
+ // +optional
+ path?: string @go(Path) @protobuf(2,bytes,opt)
+
+ // Optional: User is the rados user name, default is admin
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it
+ // +optional
+ user?: string @go(User) @protobuf(3,bytes,opt)
+
+ // Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it
+ // +optional
+ secretFile?: string @go(SecretFile) @protobuf(4,bytes,opt)
+
+ // Optional: SecretRef is reference to the authentication secret for User, default is empty.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it
+ // +optional
+ secretRef?: null | SecretReference @go(SecretRef,*SecretReference) @protobuf(5,bytes,opt)
+
+ // Optional: Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // More info: https://releases.k8s.io/HEAD/examples/volumes/cephfs/README.md#how-to-use-it
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(6,varint,opt)
+}
+
+// Represents a Flocker volume mounted by the Flocker agent.
+// One and only one of datasetName and datasetUUID should be set.
+// Flocker volumes do not support ownership management or SELinux relabeling.
+FlockerVolumeSource: {
+ // Name of the dataset stored as metadata -> name on the dataset for Flocker
+ // should be considered as deprecated
+ // +optional
+ datasetName?: string @go(DatasetName) @protobuf(1,bytes,opt)
+
+ // UUID of the dataset. This is unique identifier of a Flocker dataset
+ // +optional
+ datasetUUID?: string @go(DatasetUUID) @protobuf(2,bytes,opt)
+}
+
+// StorageMedium defines ways that storage can be allocated to a volume.
+StorageMedium: string // enumStorageMedium
+
+enumStorageMedium:
+ StorageMediumDefault |
+ StorageMediumMemory |
+ StorageMediumHugePages
+
+StorageMediumDefault: StorageMedium & ""
+StorageMediumMemory: StorageMedium & "Memory"
+StorageMediumHugePages: StorageMedium & "HugePages"
+
+// Protocol defines network protocols supported for things like container ports.
+Protocol: string // enumProtocol
+
+enumProtocol:
+ ProtocolTCP |
+ ProtocolUDP |
+ ProtocolSCTP
+
+// ProtocolTCP is the TCP protocol.
+ProtocolTCP: Protocol & "TCP"
+
+// ProtocolUDP is the UDP protocol.
+ProtocolUDP: Protocol & "UDP"
+
+// ProtocolSCTP is the SCTP protocol.
+ProtocolSCTP: Protocol & "SCTP"
+
+// Represents a Persistent Disk resource in Google Compute Engine.
+//
+// A GCE PD must exist before mounting to a container. The disk must
+// also be in the same GCE project and zone as the kubelet. A GCE PD
+// can only be mounted as read/write once or read-only many times. GCE
+// PDs support ownership management and SELinux relabeling.
+GCEPersistentDiskVolumeSource: {
+ // Unique name of the PD resource in GCE. Used to identify the disk in GCE.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ pdName: string @go(PDName) @protobuf(1,bytes,opt)
+
+ // Filesystem type of the volume that you want to mount.
+ // Tip: Ensure that the filesystem type is supported by the host operating system.
+ // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ // TODO: how do we prevent errors in the filesystem from compromising the machine
+ // +optional
+ fsType?: string @go(FSType) @protobuf(2,bytes,opt)
+
+ // The partition in the volume that you want to mount.
+ // If omitted, the default is to mount by volume name.
+ // Examples: For volume /dev/sda1, you specify the partition as "1".
+ // Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ // +optional
+ partition?: int32 @go(Partition) @protobuf(3,varint,opt)
+
+ // ReadOnly here will force the ReadOnly setting in VolumeMounts.
+ // Defaults to false.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(4,varint,opt)
+}
+
+// Represents a Quobyte mount that lasts the lifetime of a pod.
+// Quobyte volumes do not support ownership management or SELinux relabeling.
+QuobyteVolumeSource: {
+ // Registry represents a single or multiple Quobyte Registry services
+ // specified as a string as host:port pair (multiple entries are separated with commas)
+ // which acts as the central registry for volumes
+ registry: string @go(Registry) @protobuf(1,bytes,opt)
+
+ // Volume is a string that references an already created Quobyte volume by name.
+ volume: string @go(Volume) @protobuf(2,bytes,opt)
+
+ // ReadOnly here will force the Quobyte volume to be mounted with read-only permissions.
+ // Defaults to false.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(3,varint,opt)
+
+ // User to map volume access to
+ // Defaults to serivceaccount user
+ // +optional
+ user?: string @go(User) @protobuf(4,bytes,opt)
+
+ // Group to map volume access to
+ // Default is no group
+ // +optional
+ group?: string @go(Group) @protobuf(5,bytes,opt)
+
+ // Tenant owning the given Quobyte volume in the Backend
+ // Used with dynamically provisioned Quobyte volumes, value is set by the plugin
+ // +optional
+ tenant?: string @go(Tenant) @protobuf(6,bytes,opt)
+}
+
+// FlexPersistentVolumeSource represents a generic persistent volume resource that is
+// provisioned/attached using an exec based plugin.
+FlexPersistentVolumeSource: {
+ // Driver is the name of the driver to use for this volume.
+ driver: string @go(Driver) @protobuf(1,bytes,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
+ // +optional
+ fsType?: string @go(FSType) @protobuf(2,bytes,opt)
+
+ // Optional: SecretRef is reference to the secret object containing
+ // sensitive information to pass to the plugin scripts. This may be
+ // empty if no secret object is specified. If the secret object
+ // contains more than one secret, all secrets are passed to the plugin
+ // scripts.
+ // +optional
+ secretRef?: null | SecretReference @go(SecretRef,*SecretReference) @protobuf(3,bytes,opt)
+
+ // Optional: Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(4,varint,opt)
+
+ // Optional: Extra command options if any.
+ // +optional
+ options?: {<_>: string} @go(Options,map[string]string) @protobuf(5,bytes,rep)
+}
+
+// FlexVolume represents a generic volume resource that is
+// provisioned/attached using an exec based plugin.
+FlexVolumeSource: {
+ // Driver is the name of the driver to use for this volume.
+ driver: string @go(Driver) @protobuf(1,bytes,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script.
+ // +optional
+ fsType?: string @go(FSType) @protobuf(2,bytes,opt)
+
+ // Optional: SecretRef is reference to the secret object containing
+ // sensitive information to pass to the plugin scripts. This may be
+ // empty if no secret object is specified. If the secret object
+ // contains more than one secret, all secrets are passed to the plugin
+ // scripts.
+ // +optional
+ secretRef?: null | LocalObjectReference @go(SecretRef,*LocalObjectReference) @protobuf(3,bytes,opt)
+
+ // Optional: Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(4,varint,opt)
+
+ // Optional: Extra command options if any.
+ // +optional
+ options?: {<_>: string} @go(Options,map[string]string) @protobuf(5,bytes,rep)
+}
+
+// Represents a Persistent Disk resource in AWS.
+//
+// An AWS EBS disk must exist before mounting to a container. The disk
+// must also be in the same AWS zone as the kubelet. An AWS EBS disk
+// can only be mounted as read/write once. AWS EBS volumes support
+// ownership management and SELinux relabeling.
+AWSElasticBlockStoreVolumeSource: {
+ // Unique ID of the persistent disk resource in AWS (Amazon EBS volume).
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ volumeID: string @go(VolumeID) @protobuf(1,bytes,opt)
+
+ // Filesystem type of the volume that you want to mount.
+ // Tip: Ensure that the filesystem type is supported by the host operating system.
+ // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ // TODO: how do we prevent errors in the filesystem from compromising the machine
+ // +optional
+ fsType?: string @go(FSType) @protobuf(2,bytes,opt)
+
+ // The partition in the volume that you want to mount.
+ // If omitted, the default is to mount by volume name.
+ // Examples: For volume /dev/sda1, you specify the partition as "1".
+ // Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).
+ // +optional
+ partition?: int32 @go(Partition) @protobuf(3,varint,opt)
+
+ // Specify "true" to force and set the ReadOnly property in VolumeMounts to "true".
+ // If omitted, the default is "false".
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(4,varint,opt)
+}
+
+// Represents a volume that is populated with the contents of a git repository.
+// Git repo volumes do not support ownership management.
+// Git repo volumes support SELinux relabeling.
+//
+// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an
+// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir
+// into the Pod's container.
+GitRepoVolumeSource: {
+ // Repository URL
+ repository: string @go(Repository) @protobuf(1,bytes,opt)
+
+ // Commit hash for the specified revision.
+ // +optional
+ revision?: string @go(Revision) @protobuf(2,bytes,opt)
+
+ // Target directory name.
+ // Must not contain or start with '..'. If '.' is supplied, the volume directory will be the
+ // git repository. Otherwise, if specified, the volume will contain the git repository in
+ // the subdirectory with the given name.
+ // +optional
+ directory?: string @go(Directory) @protobuf(3,bytes,opt)
+}
+
+// Adapts a Secret into a volume.
+//
+// The contents of the target Secret's Data field will be presented in a volume
+// as files using the keys in the Data field as the file names.
+// Secret volumes support ownership management and SELinux relabeling.
+SecretVolumeSource: {
+ // Name of the secret in the pod's namespace to use.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#secret
+ // +optional
+ secretName?: string @go(SecretName) @protobuf(1,bytes,opt)
+
+ // If unspecified, each key-value pair in the Data field of the referenced
+ // Secret will be projected into the volume as a file whose name is the
+ // key and content is the value. If specified, the listed keys will be
+ // projected into the specified paths, and unlisted keys will not be
+ // present. If a key is specified which is not present in the Secret,
+ // the volume setup will error unless it is marked optional. Paths must be
+ // relative and may not contain the '..' path or start with '..'.
+ // +optional
+ items?: [...KeyToPath] @go(Items,[]KeyToPath) @protobuf(2,bytes,rep)
+
+ // Optional: mode bits to use on created files by default. Must be a
+ // value between 0 and 0777. Defaults to 0644.
+ // Directories within the path are not affected by this setting.
+ // This might be in conflict with other options that affect the file
+ // mode, like fsGroup, and the result can be other mode bits set.
+ // +optional
+ defaultMode?: null | int32 @go(DefaultMode,*int32) @protobuf(3,bytes,opt)
+
+ // Specify whether the Secret or its keys must be defined
+ // +optional
+ optional?: null | bool @go(Optional,*bool) @protobuf(4,varint,opt)
+}
+
+SecretVolumeSourceDefaultMode: int32 & 0o644
+
+// Adapts a secret into a projected volume.
+//
+// The contents of the target Secret's Data field will be presented in a
+// projected volume as files using the keys in the Data field as the file names.
+// Note that this is identical to a secret volume source without the default
+// mode.
+SecretProjection: LocalObjectReference & {
+ // If unspecified, each key-value pair in the Data field of the referenced
+ // Secret will be projected into the volume as a file whose name is the
+ // key and content is the value. If specified, the listed keys will be
+ // projected into the specified paths, and unlisted keys will not be
+ // present. If a key is specified which is not present in the Secret,
+ // the volume setup will error unless it is marked optional. Paths must be
+ // relative and may not contain the '..' path or start with '..'.
+ // +optional
+ items?: [...KeyToPath] @go(Items,[]KeyToPath) @protobuf(2,bytes,rep)
+
+ // Specify whether the Secret or its key must be defined
+ // +optional
+ optional?: null | bool @go(Optional,*bool) @protobuf(4,varint,opt)
+}
+
+// Represents an NFS mount that lasts the lifetime of a pod.
+// NFS volumes do not support ownership management or SELinux relabeling.
+NFSVolumeSource: {
+ // Server is the hostname or IP address of the NFS server.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ server: string @go(Server) @protobuf(1,bytes,opt)
+
+ // Path that is exported by the NFS server.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ path: string @go(Path) @protobuf(2,bytes,opt)
+
+ // ReadOnly here will force
+ // the NFS export to be mounted with read-only permissions.
+ // Defaults to false.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(3,varint,opt)
+}
+
+// Represents an ISCSI disk.
+// ISCSI volumes can only be mounted as read/write once.
+// ISCSI volumes support ownership management and SELinux relabeling.
+ISCSIVolumeSource: {
+ // iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
+ // is other than default (typically TCP ports 860 and 3260).
+ targetPortal: string @go(TargetPortal) @protobuf(1,bytes,opt)
+
+ // Target iSCSI Qualified Name.
+ iqn: string @go(IQN) @protobuf(2,bytes,opt)
+
+ // iSCSI Target Lun number.
+ lun: int32 @go(Lun) @protobuf(3,varint,opt)
+
+ // iSCSI Interface Name that uses an iSCSI transport.
+ // Defaults to 'default' (tcp).
+ // +optional
+ iscsiInterface?: string @go(ISCSIInterface) @protobuf(4,bytes,opt)
+
+ // Filesystem type of the volume that you want to mount.
+ // Tip: Ensure that the filesystem type is supported by the host operating system.
+ // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ // TODO: how do we prevent errors in the filesystem from compromising the machine
+ // +optional
+ fsType?: string @go(FSType) @protobuf(5,bytes,opt)
+
+ // ReadOnly here will force the ReadOnly setting in VolumeMounts.
+ // Defaults to false.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(6,varint,opt)
+
+ // iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port
+ // is other than default (typically TCP ports 860 and 3260).
+ // +optional
+ portals?: [...string] @go(Portals,[]string) @protobuf(7,bytes,opt)
+
+ // whether support iSCSI Discovery CHAP authentication
+ // +optional
+ chapAuthDiscovery?: bool @go(DiscoveryCHAPAuth) @protobuf(8,varint,opt)
+
+ // whether support iSCSI Session CHAP authentication
+ // +optional
+ chapAuthSession?: bool @go(SessionCHAPAuth) @protobuf(11,varint,opt)
+
+ // CHAP Secret for iSCSI target and initiator authentication
+ // +optional
+ secretRef?: null | LocalObjectReference @go(SecretRef,*LocalObjectReference) @protobuf(10,bytes,opt)
+
+ // Custom iSCSI Initiator Name.
+ // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
+ // <target portal>:<volume name> will be created for the connection.
+ // +optional
+ initiatorName?: null | string @go(InitiatorName,*string) @protobuf(12,bytes,opt)
+}
+
+// ISCSIPersistentVolumeSource represents an ISCSI disk.
+// ISCSI volumes can only be mounted as read/write once.
+// ISCSI volumes support ownership management and SELinux relabeling.
+ISCSIPersistentVolumeSource: {
+ // iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port
+ // is other than default (typically TCP ports 860 and 3260).
+ targetPortal: string @go(TargetPortal) @protobuf(1,bytes,opt)
+
+ // Target iSCSI Qualified Name.
+ iqn: string @go(IQN) @protobuf(2,bytes,opt)
+
+ // iSCSI Target Lun number.
+ lun: int32 @go(Lun) @protobuf(3,varint,opt)
+
+ // iSCSI Interface Name that uses an iSCSI transport.
+ // Defaults to 'default' (tcp).
+ // +optional
+ iscsiInterface?: string @go(ISCSIInterface) @protobuf(4,bytes,opt)
+
+ // Filesystem type of the volume that you want to mount.
+ // Tip: Ensure that the filesystem type is supported by the host operating system.
+ // Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
+ // TODO: how do we prevent errors in the filesystem from compromising the machine
+ // +optional
+ fsType?: string @go(FSType) @protobuf(5,bytes,opt)
+
+ // ReadOnly here will force the ReadOnly setting in VolumeMounts.
+ // Defaults to false.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(6,varint,opt)
+
+ // iSCSI Target Portal List. The Portal is either an IP or ip_addr:port if the port
+ // is other than default (typically TCP ports 860 and 3260).
+ // +optional
+ portals?: [...string] @go(Portals,[]string) @protobuf(7,bytes,opt)
+
+ // whether support iSCSI Discovery CHAP authentication
+ // +optional
+ chapAuthDiscovery?: bool @go(DiscoveryCHAPAuth) @protobuf(8,varint,opt)
+
+ // whether support iSCSI Session CHAP authentication
+ // +optional
+ chapAuthSession?: bool @go(SessionCHAPAuth) @protobuf(11,varint,opt)
+
+ // CHAP Secret for iSCSI target and initiator authentication
+ // +optional
+ secretRef?: null | SecretReference @go(SecretRef,*SecretReference) @protobuf(10,bytes,opt)
+
+ // Custom iSCSI Initiator Name.
+ // If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface
+ // <target portal>:<volume name> will be created for the connection.
+ // +optional
+ initiatorName?: null | string @go(InitiatorName,*string) @protobuf(12,bytes,opt)
+}
+
+// Represents a Fibre Channel volume.
+// Fibre Channel volumes can only be mounted as read/write once.
+// Fibre Channel volumes support ownership management and SELinux relabeling.
+FCVolumeSource: {
+ // Optional: FC target worldwide names (WWNs)
+ // +optional
+ targetWWNs?: [...string] @go(TargetWWNs,[]string) @protobuf(1,bytes,rep)
+
+ // Optional: FC target lun number
+ // +optional
+ lun?: null | int32 @go(Lun,*int32) @protobuf(2,varint,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // TODO: how do we prevent errors in the filesystem from compromising the machine
+ // +optional
+ fsType?: string @go(FSType) @protobuf(3,bytes,opt)
+
+ // Optional: Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(4,varint,opt)
+
+ // Optional: FC volume world wide identifiers (wwids)
+ // Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.
+ // +optional
+ wwids?: [...string] @go(WWIDs,[]string) @protobuf(5,bytes,rep)
+}
+
+// AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
+AzureFileVolumeSource: {
+ // the name of secret that contains Azure Storage Account Name and Key
+ secretName: string @go(SecretName) @protobuf(1,bytes,opt)
+
+ // Share Name
+ shareName: string @go(ShareName) @protobuf(2,bytes,opt)
+
+ // Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(3,varint,opt)
+}
+
+// AzureFile represents an Azure File Service mount on the host and bind mount to the pod.
+AzureFilePersistentVolumeSource: {
+ // the name of secret that contains Azure Storage Account Name and Key
+ secretName: string @go(SecretName) @protobuf(1,bytes,opt)
+
+ // Share Name
+ shareName: string @go(ShareName) @protobuf(2,bytes,opt)
+
+ // Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(3,varint,opt)
+
+ // the namespace of the secret that contains Azure Storage Account Name and Key
+ // default is the same as the Pod
+ // +optional
+ secretNamespace: null | string @go(SecretNamespace,*string) @protobuf(4,bytes,opt)
+}
+
+// Represents a vSphere volume resource.
+VsphereVirtualDiskVolumeSource: {
+ // Path that identifies vSphere volume vmdk
+ volumePath: string @go(VolumePath) @protobuf(1,bytes,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // +optional
+ fsType?: string @go(FSType) @protobuf(2,bytes,opt)
+
+ // Storage Policy Based Management (SPBM) profile name.
+ // +optional
+ storagePolicyName?: string @go(StoragePolicyName) @protobuf(3,bytes,opt)
+
+ // Storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.
+ // +optional
+ storagePolicyID?: string @go(StoragePolicyID) @protobuf(4,bytes,opt)
+}
+
+// Represents a Photon Controller persistent disk resource.
+PhotonPersistentDiskVolumeSource: {
+ // ID that identifies Photon Controller persistent disk
+ pdID: string @go(PdID) @protobuf(1,bytes,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ fsType?: string @go(FSType) @protobuf(2,bytes,opt)
+}
+
+AzureDataDiskCachingMode: string // enumAzureDataDiskCachingMode
+
+enumAzureDataDiskCachingMode:
+ AzureDataDiskCachingNone |
+ AzureDataDiskCachingReadOnly |
+ AzureDataDiskCachingReadWrite
+
+AzureDataDiskKind: string // enumAzureDataDiskKind
+
+enumAzureDataDiskKind:
+ AzureSharedBlobDisk |
+ AzureDedicatedBlobDisk |
+ AzureManagedDisk
+
+AzureDataDiskCachingNone: AzureDataDiskCachingMode & "None"
+AzureDataDiskCachingReadOnly: AzureDataDiskCachingMode & "ReadOnly"
+AzureDataDiskCachingReadWrite: AzureDataDiskCachingMode & "ReadWrite"
+AzureSharedBlobDisk: AzureDataDiskKind & "Shared"
+AzureDedicatedBlobDisk: AzureDataDiskKind & "Dedicated"
+AzureManagedDisk: AzureDataDiskKind & "Managed"
+
+// AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
+AzureDiskVolumeSource: {
+ // The Name of the data disk in the blob storage
+ diskName: string @go(DiskName) @protobuf(1,bytes,opt)
+
+ // The URI the data disk in the blob storage
+ diskURI: string @go(DataDiskURI) @protobuf(2,bytes,opt)
+
+ // Host Caching mode: None, Read Only, Read Write.
+ // +optional
+ cachingMode?: null | AzureDataDiskCachingMode @go(CachingMode,*AzureDataDiskCachingMode) @protobuf(3,bytes,opt,casttype=AzureDataDiskCachingMode)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // +optional
+ fsType?: null | string @go(FSType,*string) @protobuf(4,bytes,opt)
+
+ // Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: null | bool @go(ReadOnly,*bool) @protobuf(5,varint,opt)
+
+ // Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared
+ kind?: null | AzureDataDiskKind @go(Kind,*AzureDataDiskKind) @protobuf(6,bytes,opt,casttype=AzureDataDiskKind)
+}
+
+// PortworxVolumeSource represents a Portworx volume resource.
+PortworxVolumeSource: {
+ // VolumeID uniquely identifies a Portworx volume
+ volumeID: string @go(VolumeID) @protobuf(1,bytes,opt)
+
+ // FSType represents the filesystem type to mount
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified.
+ fsType?: string @go(FSType) @protobuf(2,bytes,opt)
+
+ // Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(3,varint,opt)
+}
+
+// ScaleIOVolumeSource represents a persistent ScaleIO volume
+ScaleIOVolumeSource: {
+ // The host address of the ScaleIO API Gateway.
+ gateway: string @go(Gateway) @protobuf(1,bytes,opt)
+
+ // The name of the storage system as configured in ScaleIO.
+ system: string @go(System) @protobuf(2,bytes,opt)
+
+ // SecretRef references to the secret for ScaleIO user and other
+ // sensitive information. If this is not provided, Login operation will fail.
+ secretRef: null | LocalObjectReference @go(SecretRef,*LocalObjectReference) @protobuf(3,bytes,opt)
+
+ // Flag to enable/disable SSL communication with Gateway, default false
+ // +optional
+ sslEnabled?: bool @go(SSLEnabled) @protobuf(4,varint,opt)
+
+ // The name of the ScaleIO Protection Domain for the configured storage.
+ // +optional
+ protectionDomain?: string @go(ProtectionDomain) @protobuf(5,bytes,opt)
+
+ // The ScaleIO Storage Pool associated with the protection domain.
+ // +optional
+ storagePool?: string @go(StoragePool) @protobuf(6,bytes,opt)
+
+ // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
+ // Default is ThinProvisioned.
+ // +optional
+ storageMode?: string @go(StorageMode) @protobuf(7,bytes,opt)
+
+ // The name of a volume already created in the ScaleIO system
+ // that is associated with this volume source.
+ volumeName?: string @go(VolumeName) @protobuf(8,bytes,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs".
+ // Default is "xfs".
+ // +optional
+ fsType?: string @go(FSType) @protobuf(9,bytes,opt)
+
+ // Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(10,varint,opt)
+}
+
+// ScaleIOPersistentVolumeSource represents a persistent ScaleIO volume
+ScaleIOPersistentVolumeSource: {
+ // The host address of the ScaleIO API Gateway.
+ gateway: string @go(Gateway) @protobuf(1,bytes,opt)
+
+ // The name of the storage system as configured in ScaleIO.
+ system: string @go(System) @protobuf(2,bytes,opt)
+
+ // SecretRef references to the secret for ScaleIO user and other
+ // sensitive information. If this is not provided, Login operation will fail.
+ secretRef: null | SecretReference @go(SecretRef,*SecretReference) @protobuf(3,bytes,opt)
+
+ // Flag to enable/disable SSL communication with Gateway, default false
+ // +optional
+ sslEnabled?: bool @go(SSLEnabled) @protobuf(4,varint,opt)
+
+ // The name of the ScaleIO Protection Domain for the configured storage.
+ // +optional
+ protectionDomain?: string @go(ProtectionDomain) @protobuf(5,bytes,opt)
+
+ // The ScaleIO Storage Pool associated with the protection domain.
+ // +optional
+ storagePool?: string @go(StoragePool) @protobuf(6,bytes,opt)
+
+ // Indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.
+ // Default is ThinProvisioned.
+ // +optional
+ storageMode?: string @go(StorageMode) @protobuf(7,bytes,opt)
+
+ // The name of a volume already created in the ScaleIO system
+ // that is associated with this volume source.
+ volumeName?: string @go(VolumeName) @protobuf(8,bytes,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs".
+ // Default is "xfs"
+ // +optional
+ fsType?: string @go(FSType) @protobuf(9,bytes,opt)
+
+ // Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(10,varint,opt)
+}
+
+// Represents a StorageOS persistent volume resource.
+StorageOSVolumeSource: {
+ // VolumeName is the human-readable name of the StorageOS volume. Volume
+ // names are only unique within a namespace.
+ volumeName?: string @go(VolumeName) @protobuf(1,bytes,opt)
+
+ // VolumeNamespace specifies the scope of the volume within StorageOS. If no
+ // namespace is specified then the Pod's namespace will be used. This allows the
+ // Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
+ // Set VolumeName to any name to override the default behaviour.
+ // Set to "default" if you are not using namespaces within StorageOS.
+ // Namespaces that do not pre-exist within StorageOS will be created.
+ // +optional
+ volumeNamespace?: string @go(VolumeNamespace) @protobuf(2,bytes,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // +optional
+ fsType?: string @go(FSType) @protobuf(3,bytes,opt)
+
+ // Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(4,varint,opt)
+
+ // SecretRef specifies the secret to use for obtaining the StorageOS API
+ // credentials. If not specified, default values will be attempted.
+ // +optional
+ secretRef?: null | LocalObjectReference @go(SecretRef,*LocalObjectReference) @protobuf(5,bytes,opt)
+}
+
+// Represents a StorageOS persistent volume resource.
+StorageOSPersistentVolumeSource: {
+ // VolumeName is the human-readable name of the StorageOS volume. Volume
+ // names are only unique within a namespace.
+ volumeName?: string @go(VolumeName) @protobuf(1,bytes,opt)
+
+ // VolumeNamespace specifies the scope of the volume within StorageOS. If no
+ // namespace is specified then the Pod's namespace will be used. This allows the
+ // Kubernetes name scoping to be mirrored within StorageOS for tighter integration.
+ // Set VolumeName to any name to override the default behaviour.
+ // Set to "default" if you are not using namespaces within StorageOS.
+ // Namespaces that do not pre-exist within StorageOS will be created.
+ // +optional
+ volumeNamespace?: string @go(VolumeNamespace) @protobuf(2,bytes,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified.
+ // +optional
+ fsType?: string @go(FSType) @protobuf(3,bytes,opt)
+
+ // Defaults to false (read/write). ReadOnly here will force
+ // the ReadOnly setting in VolumeMounts.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(4,varint,opt)
+
+ // SecretRef specifies the secret to use for obtaining the StorageOS API
+ // credentials. If not specified, default values will be attempted.
+ // +optional
+ secretRef?: null | ObjectReference @go(SecretRef,*ObjectReference) @protobuf(5,bytes,opt)
+}
+
+// Adapts a ConfigMap into a volume.
+//
+// The contents of the target ConfigMap's Data field will be presented in a
+// volume as files using the keys in the Data field as the file names, unless
+// the items element is populated with specific mappings of keys to paths.
+// ConfigMap volumes support ownership management and SELinux relabeling.
+ConfigMapVolumeSource: LocalObjectReference & {
+ // If unspecified, each key-value pair in the Data field of the referenced
+ // ConfigMap will be projected into the volume as a file whose name is the
+ // key and content is the value. If specified, the listed keys will be
+ // projected into the specified paths, and unlisted keys will not be
+ // present. If a key is specified which is not present in the ConfigMap,
+ // the volume setup will error unless it is marked optional. Paths must be
+ // relative and may not contain the '..' path or start with '..'.
+ // +optional
+ items?: [...KeyToPath] @go(Items,[]KeyToPath) @protobuf(2,bytes,rep)
+
+ // Optional: mode bits to use on created files by default. Must be a
+ // value between 0 and 0777. Defaults to 0644.
+ // Directories within the path are not affected by this setting.
+ // This might be in conflict with other options that affect the file
+ // mode, like fsGroup, and the result can be other mode bits set.
+ // +optional
+ defaultMode?: null | int32 @go(DefaultMode,*int32) @protobuf(3,varint,opt)
+
+ // Specify whether the ConfigMap or its keys must be defined
+ // +optional
+ optional?: null | bool @go(Optional,*bool) @protobuf(4,varint,opt)
+}
+
+ConfigMapVolumeSourceDefaultMode: int32 & 0o644
+
+// Adapts a ConfigMap into a projected volume.
+//
+// The contents of the target ConfigMap's Data field will be presented in a
+// projected volume as files using the keys in the Data field as the file names,
+// unless the items element is populated with specific mappings of keys to paths.
+// Note that this is identical to a configmap volume source without the default
+// mode.
+ConfigMapProjection: LocalObjectReference & {
+ // If unspecified, each key-value pair in the Data field of the referenced
+ // ConfigMap will be projected into the volume as a file whose name is the
+ // key and content is the value. If specified, the listed keys will be
+ // projected into the specified paths, and unlisted keys will not be
+ // present. If a key is specified which is not present in the ConfigMap,
+ // the volume setup will error unless it is marked optional. Paths must be
+ // relative and may not contain the '..' path or start with '..'.
+ // +optional
+ items?: [...KeyToPath] @go(Items,[]KeyToPath) @protobuf(2,bytes,rep)
+
+ // Specify whether the ConfigMap or its keys must be defined
+ // +optional
+ optional?: null | bool @go(Optional,*bool) @protobuf(4,varint,opt)
+}
+
+// ServiceAccountTokenProjection represents a projected service account token
+// volume. This projection can be used to insert a service account token into
+// the pods runtime filesystem for use against APIs (Kubernetes API Server or
+// otherwise).
+ServiceAccountTokenProjection: {
+ // Audience is the intended audience of the token. A recipient of a token
+ // must identify itself with an identifier specified in the audience of the
+ // token, and otherwise should reject the token. The audience defaults to the
+ // identifier of the apiserver.
+ //+optional
+ audience?: string @go(Audience) @protobuf(1,bytes,rep)
+
+ // ExpirationSeconds is the requested duration of validity of the service
+ // account token. As the token approaches expiration, the kubelet volume
+ // plugin will proactively rotate the service account token. The kubelet will
+ // start trying to rotate the token if the token is older than 80 percent of
+ // its time to live or if the token is older than 24 hours.Defaults to 1 hour
+ // and must be at least 10 minutes.
+ //+optional
+ expirationSeconds?: null | int64 @go(ExpirationSeconds,*int64) @protobuf(2,varint,opt)
+
+ // Path is the path relative to the mount point of the file to project the
+ // token into.
+ path: string @go(Path) @protobuf(3,bytes,opt)
+}
+
+// Represents a projected volume source
+ProjectedVolumeSource: {
+ // list of volume projections
+ sources: [...VolumeProjection] @go(Sources,[]VolumeProjection) @protobuf(1,bytes,rep)
+
+ // Mode bits to use on created files by default. Must be a value between
+ // 0 and 0777.
+ // Directories within the path are not affected by this setting.
+ // This might be in conflict with other options that affect the file
+ // mode, like fsGroup, and the result can be other mode bits set.
+ // +optional
+ defaultMode?: null | int32 @go(DefaultMode,*int32) @protobuf(2,varint,opt)
+}
+
+// Projection that may be projected along with other supported volume types
+VolumeProjection: {
+ // information about the secret data to project
+ // +optional
+ secret?: null | SecretProjection @go(Secret,*SecretProjection) @protobuf(1,bytes,opt)
+
+ // information about the downwardAPI data to project
+ // +optional
+ downwardAPI?: null | DownwardAPIProjection @go(DownwardAPI,*DownwardAPIProjection) @protobuf(2,bytes,opt)
+
+ // information about the configMap data to project
+ // +optional
+ configMap?: null | ConfigMapProjection @go(ConfigMap,*ConfigMapProjection) @protobuf(3,bytes,opt)
+
+ // information about the serviceAccountToken data to project
+ // +optional
+ serviceAccountToken?: null | ServiceAccountTokenProjection @go(ServiceAccountToken,*ServiceAccountTokenProjection) @protobuf(4,bytes,opt)
+}
+
+ProjectedVolumeSourceDefaultMode: int32 & 0o644
+
+// Maps a string key to a path within a volume.
+KeyToPath: {
+ // The key to project.
+ key: string @go(Key) @protobuf(1,bytes,opt)
+
+ // The relative path of the file to map the key to.
+ // May not be an absolute path.
+ // May not contain the path element '..'.
+ // May not start with the string '..'.
+ path: string @go(Path) @protobuf(2,bytes,opt)
+
+ // Optional: mode bits to use on this file, must be a value between 0
+ // and 0777. If not specified, the volume defaultMode will be used.
+ // This might be in conflict with other options that affect the file
+ // mode, like fsGroup, and the result can be other mode bits set.
+ // +optional
+ mode?: null | int32 @go(Mode,*int32) @protobuf(3,varint,opt)
+}
+
+// Local represents directly-attached storage with node affinity (Beta feature)
+LocalVolumeSource: {
+ // The full path to the volume on the node.
+ // It can be either a directory or block device (disk, partition, ...).
+ path: string @go(Path) @protobuf(1,bytes,opt)
+
+ // Filesystem type to mount.
+ // It applies only when the Path is a block device.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs". The default value is to auto-select a fileystem if unspecified.
+ // +optional
+ fsType?: null | string @go(FSType,*string) @protobuf(2,bytes,opt)
+}
+
+// Represents storage that is managed by an external CSI volume driver (Beta feature)
+CSIPersistentVolumeSource: {
+ // Driver is the name of the driver to use for this volume.
+ // Required.
+ driver: string @go(Driver) @protobuf(1,bytes,opt)
+
+ // VolumeHandle is the unique volume name returned by the CSI volume
+ // plugin’s CreateVolume to refer to the volume on all subsequent calls.
+ // Required.
+ volumeHandle: string @go(VolumeHandle) @protobuf(2,bytes,opt)
+
+ // Optional: The value to pass to ControllerPublishVolumeRequest.
+ // Defaults to false (read/write).
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(3,varint,opt)
+
+ // Filesystem type to mount.
+ // Must be a filesystem type supported by the host operating system.
+ // Ex. "ext4", "xfs", "ntfs".
+ // +optional
+ fsType?: string @go(FSType) @protobuf(4,bytes,opt)
+
+ // Attributes of the volume to publish.
+ // +optional
+ volumeAttributes?: {<_>: string} @go(VolumeAttributes,map[string]string) @protobuf(5,bytes,rep)
+
+ // ControllerPublishSecretRef is a reference to the secret object containing
+ // sensitive information to pass to the CSI driver to complete the CSI
+ // ControllerPublishVolume and ControllerUnpublishVolume calls.
+ // This field is optional, and may be empty if no secret is required. If the
+ // secret object contains more than one secret, all secrets are passed.
+ // +optional
+ controllerPublishSecretRef?: null | SecretReference @go(ControllerPublishSecretRef,*SecretReference) @protobuf(6,bytes,opt)
+
+ // NodeStageSecretRef is a reference to the secret object containing sensitive
+ // information to pass to the CSI driver to complete the CSI NodeStageVolume
+ // and NodeStageVolume and NodeUnstageVolume calls.
+ // This field is optional, and may be empty if no secret is required. If the
+ // secret object contains more than one secret, all secrets are passed.
+ // +optional
+ nodeStageSecretRef?: null | SecretReference @go(NodeStageSecretRef,*SecretReference) @protobuf(7,bytes,opt)
+
+ // NodePublishSecretRef is a reference to the secret object containing
+ // sensitive information to pass to the CSI driver to complete the CSI
+ // NodePublishVolume and NodeUnpublishVolume calls.
+ // This field is optional, and may be empty if no secret is required. If the
+ // secret object contains more than one secret, all secrets are passed.
+ // +optional
+ nodePublishSecretRef?: null | SecretReference @go(NodePublishSecretRef,*SecretReference) @protobuf(8,bytes,opt)
+
+ // ControllerExpandSecretRef is a reference to the secret object containing
+ // sensitive information to pass to the CSI driver to complete the CSI
+ // ControllerExpandVolume call.
+ // This is an alpha field and requires enabling ExpandCSIVolumes feature gate.
+ // This field is optional, and may be empty if no secret is required. If the
+ // secret object contains more than one secret, all secrets are passed.
+ // +optional
+ controllerExpandSecretRef?: null | SecretReference @go(ControllerExpandSecretRef,*SecretReference) @protobuf(9,bytes,opt)
+}
+
+// Represents a source location of a volume to mount, managed by an external CSI driver
+CSIVolumeSource: {
+ // Driver is the name of the CSI driver that handles this volume.
+ // Consult with your admin for the correct name as registered in the cluster.
+ driver: string @go(Driver) @protobuf(1,bytes,opt)
+
+ // Specifies a read-only configuration for the volume.
+ // Defaults to false (read/write).
+ // +optional
+ readOnly?: null | bool @go(ReadOnly,*bool) @protobuf(2,varint,opt)
+
+ // Filesystem type to mount. Ex. "ext4", "xfs", "ntfs".
+ // If not provided, the empty value is passed to the associated CSI driver
+ // which will determine the default filesystem to apply.
+ // +optional
+ fsType?: null | string @go(FSType,*string) @protobuf(3,bytes,opt)
+
+ // VolumeAttributes stores driver-specific properties that are passed to the CSI
+ // driver. Consult your driver's documentation for supported values.
+ // +optional
+ volumeAttributes?: {<_>: string} @go(VolumeAttributes,map[string]string) @protobuf(4,bytes,rep)
+
+ // NodePublishSecretRef is a reference to the secret object containing
+ // sensitive information to pass to the CSI driver to complete the CSI
+ // NodePublishVolume and NodeUnpublishVolume calls.
+ // This field is optional, and may be empty if no secret is required. If the
+ // secret object contains more than one secret, all secret references are passed.
+ // +optional
+ nodePublishSecretRef?: null | LocalObjectReference @go(NodePublishSecretRef,*LocalObjectReference) @protobuf(5,bytes,opt)
+}
+
+// ContainerPort represents a network port in a single container.
+ContainerPort: {
+ // If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
+ // named port in a pod must have a unique name. Name for the port that can be
+ // referred to by services.
+ // +optional
+ name?: string @go(Name) @protobuf(1,bytes,opt)
+
+ // Number of port to expose on the host.
+ // If specified, this must be a valid port number, 0 < x < 65536.
+ // If HostNetwork is specified, this must match ContainerPort.
+ // Most containers do not need this.
+ // +optional
+ hostPort?: int32 @go(HostPort) @protobuf(2,varint,opt)
+
+ // Number of port to expose on the pod's IP address.
+ // This must be a valid port number, 0 < x < 65536.
+ containerPort: int32 @go(ContainerPort) @protobuf(3,varint,opt)
+
+ // Protocol for port. Must be UDP, TCP, or SCTP.
+ // Defaults to "TCP".
+ // +optional
+ protocol?: Protocol @go(Protocol) @protobuf(4,bytes,opt,casttype=Protocol)
+
+ // What host IP to bind the external port to.
+ // +optional
+ hostIP?: string @go(HostIP) @protobuf(5,bytes,opt)
+}
+
+// VolumeMount describes a mounting of a Volume within a container.
+VolumeMount: {
+ // This must match the Name of a Volume.
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // Mounted read-only if true, read-write otherwise (false or unspecified).
+ // Defaults to false.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(2,varint,opt)
+
+ // Path within the container at which the volume should be mounted. Must
+ // not contain ':'.
+ mountPath: string @go(MountPath) @protobuf(3,bytes,opt)
+
+ // Path within the volume from which the container's volume should be mounted.
+ // Defaults to "" (volume's root).
+ // +optional
+ subPath?: string @go(SubPath) @protobuf(4,bytes,opt)
+
+ // mountPropagation determines how mounts are propagated from the host
+ // to container and the other way around.
+ // When not set, MountPropagationNone is used.
+ // This field is beta in 1.10.
+ // +optional
+ mountPropagation?: null | MountPropagationMode @go(MountPropagation,*MountPropagationMode) @protobuf(5,bytes,opt,casttype=MountPropagationMode)
+
+ // Expanded path within the volume from which the container's volume should be mounted.
+ // Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
+ // Defaults to "" (volume's root).
+ // SubPathExpr and SubPath are mutually exclusive.
+ // This field is beta in 1.15.
+ // +optional
+ subPathExpr?: string @go(SubPathExpr) @protobuf(6,bytes,opt)
+}
+
+// MountPropagationMode describes mount propagation.
+MountPropagationMode: string // enumMountPropagationMode
+
+enumMountPropagationMode:
+ MountPropagationNone |
+ MountPropagationHostToContainer |
+ MountPropagationBidirectional
+
+// MountPropagationNone means that the volume in a container will
+// not receive new mounts from the host or other containers, and filesystems
+// mounted inside the container won't be propagated to the host or other
+// containers.
+// Note that this mode corresponds to "private" in Linux terminology.
+MountPropagationNone: MountPropagationMode & "None"
+
+// MountPropagationHostToContainer means that the volume in a container will
+// receive new mounts from the host or other containers, but filesystems
+// mounted inside the container won't be propagated to the host or other
+// containers.
+// Note that this mode is recursively applied to all mounts in the volume
+// ("rslave" in Linux terminology).
+MountPropagationHostToContainer: MountPropagationMode & "HostToContainer"
+
+// MountPropagationBidirectional means that the volume in a container will
+// receive new mounts from the host or other containers, and its own mounts
+// will be propagated from the container to the host or other containers.
+// Note that this mode is recursively applied to all mounts in the volume
+// ("rshared" in Linux terminology).
+MountPropagationBidirectional: MountPropagationMode & "Bidirectional"
+
+// volumeDevice describes a mapping of a raw block device within a container.
+VolumeDevice: {
+ // name must match the name of a persistentVolumeClaim in the pod
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // devicePath is the path inside of the container that the device will be mapped to.
+ devicePath: string @go(DevicePath) @protobuf(2,bytes,opt)
+}
+
+// EnvVar represents an environment variable present in a Container.
+EnvVar: {
+ // Name of the environment variable. Must be a C_IDENTIFIER.
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // Variable references $(VAR_NAME) are expanded
+ // using the previous defined environment variables in the container and
+ // any service environment variables. If a variable cannot be resolved,
+ // the reference in the input string will be unchanged. The $(VAR_NAME)
+ // syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
+ // references will never be expanded, regardless of whether the variable
+ // exists or not.
+ // Defaults to "".
+ // +optional
+ value?: string @go(Value) @protobuf(2,bytes,opt)
+
+ // Source for the environment variable's value. Cannot be used if value is not empty.
+ // +optional
+ valueFrom?: null | EnvVarSource @go(ValueFrom,*EnvVarSource) @protobuf(3,bytes,opt)
+}
+
+// EnvVarSource represents a source for the value of an EnvVar.
+EnvVarSource: {
+ // Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations,
+ // spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP.
+ // +optional
+ fieldRef?: null | ObjectFieldSelector @go(FieldRef,*ObjectFieldSelector) @protobuf(1,bytes,opt)
+
+ // Selects a resource of the container: only resources limits and requests
+ // (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
+ // +optional
+ resourceFieldRef?: null | ResourceFieldSelector @go(ResourceFieldRef,*ResourceFieldSelector) @protobuf(2,bytes,opt)
+
+ // Selects a key of a ConfigMap.
+ // +optional
+ configMapKeyRef?: null | ConfigMapKeySelector @go(ConfigMapKeyRef,*ConfigMapKeySelector) @protobuf(3,bytes,opt)
+
+ // Selects a key of a secret in the pod's namespace
+ // +optional
+ secretKeyRef?: null | SecretKeySelector @go(SecretKeyRef,*SecretKeySelector) @protobuf(4,bytes,opt)
+}
+
+// ObjectFieldSelector selects an APIVersioned field of an object.
+ObjectFieldSelector: {
+ // Version of the schema the FieldPath is written in terms of, defaults to "v1".
+ // +optional
+ apiVersion?: string @go(APIVersion) @protobuf(1,bytes,opt)
+
+ // Path of the field to select in the specified API version.
+ fieldPath: string @go(FieldPath) @protobuf(2,bytes,opt)
+}
+
+// ResourceFieldSelector represents container resources (cpu, memory) and their output format
+ResourceFieldSelector: {
+ // Container name: required for volumes, optional for env vars
+ // +optional
+ containerName?: string @go(ContainerName) @protobuf(1,bytes,opt)
+
+ // Required: resource to select
+ resource: string @go(Resource) @protobuf(2,bytes,opt)
+
+ // Specifies the output format of the exposed resources, defaults to "1"
+ // +optional
+ divisor?: resource.Quantity @go(Divisor) @protobuf(3,bytes,opt)
+}
+
+// Selects a key from a ConfigMap.
+ConfigMapKeySelector: LocalObjectReference & {
+ // The key to select.
+ key: string @go(Key) @protobuf(2,bytes,opt)
+
+ // Specify whether the ConfigMap or its key must be defined
+ // +optional
+ optional?: null | bool @go(Optional,*bool) @protobuf(3,varint,opt)
+}
+
+// SecretKeySelector selects a key of a Secret.
+SecretKeySelector: LocalObjectReference & {
+ // The key of the secret to select from. Must be a valid secret key.
+ key: string @go(Key) @protobuf(2,bytes,opt)
+
+ // Specify whether the Secret or its key must be defined
+ // +optional
+ optional?: null | bool @go(Optional,*bool) @protobuf(3,varint,opt)
+}
+
+// EnvFromSource represents the source of a set of ConfigMaps
+EnvFromSource: {
+ // An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
+ // +optional
+ prefix?: string @go(Prefix) @protobuf(1,bytes,opt)
+
+ // The ConfigMap to select from
+ // +optional
+ configMapRef?: null | ConfigMapEnvSource @go(ConfigMapRef,*ConfigMapEnvSource) @protobuf(2,bytes,opt)
+
+ // The Secret to select from
+ // +optional
+ secretRef?: null | SecretEnvSource @go(SecretRef,*SecretEnvSource) @protobuf(3,bytes,opt)
+}
+
+// ConfigMapEnvSource selects a ConfigMap to populate the environment
+// variables with.
+//
+// The contents of the target ConfigMap's Data field will represent the
+// key-value pairs as environment variables.
+ConfigMapEnvSource: LocalObjectReference & {
+ // Specify whether the ConfigMap must be defined
+ // +optional
+ optional?: null | bool @go(Optional,*bool) @protobuf(2,varint,opt)
+}
+
+// SecretEnvSource selects a Secret to populate the environment
+// variables with.
+//
+// The contents of the target Secret's Data field will represent the
+// key-value pairs as environment variables.
+SecretEnvSource: LocalObjectReference & {
+ // Specify whether the Secret must be defined
+ // +optional
+ optional?: null | bool @go(Optional,*bool) @protobuf(2,varint,opt)
+}
+
+// HTTPHeader describes a custom header to be used in HTTP probes
+HTTPHeader: {
+ // The header field name
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // The header field value
+ value: string @go(Value) @protobuf(2,bytes,opt)
+}
+
+// HTTPGetAction describes an action based on HTTP Get requests.
+HTTPGetAction: {
+ // Path to access on the HTTP server.
+ // +optional
+ path?: string @go(Path) @protobuf(1,bytes,opt)
+
+ // Name or number of the port to access on the container.
+ // Number must be in the range 1 to 65535.
+ // Name must be an IANA_SVC_NAME.
+ port: intstr.IntOrString @go(Port) @protobuf(2,bytes,opt)
+
+ // Host name to connect to, defaults to the pod IP. You probably want to set
+ // "Host" in httpHeaders instead.
+ // +optional
+ host?: string @go(Host) @protobuf(3,bytes,opt)
+
+ // Scheme to use for connecting to the host.
+ // Defaults to HTTP.
+ // +optional
+ scheme?: URIScheme @go(Scheme) @protobuf(4,bytes,opt,casttype=URIScheme)
+
+ // Custom headers to set in the request. HTTP allows repeated headers.
+ // +optional
+ httpHeaders?: [...HTTPHeader] @go(HTTPHeaders,[]HTTPHeader) @protobuf(5,bytes,rep)
+}
+
+// URIScheme identifies the scheme used for connection to a host for Get actions
+URIScheme: string // enumURIScheme
+
+enumURIScheme:
+ URISchemeHTTP |
+ URISchemeHTTPS
+
+// URISchemeHTTP means that the scheme used will be http://
+URISchemeHTTP: URIScheme & "HTTP"
+
+// URISchemeHTTPS means that the scheme used will be https://
+URISchemeHTTPS: URIScheme & "HTTPS"
+
+// TCPSocketAction describes an action based on opening a socket
+TCPSocketAction: {
+ // Number or name of the port to access on the container.
+ // Number must be in the range 1 to 65535.
+ // Name must be an IANA_SVC_NAME.
+ port: intstr.IntOrString @go(Port) @protobuf(1,bytes,opt)
+
+ // Optional: Host name to connect to, defaults to the pod IP.
+ // +optional
+ host?: string @go(Host) @protobuf(2,bytes,opt)
+}
+
+// ExecAction describes a "run in container" action.
+ExecAction: {
+ // Command is the command line to execute inside the container, the working directory for the
+ // command is root ('/') in the container's filesystem. The command is simply exec'd, it is
+ // not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
+ // a shell, you need to explicitly call out to that shell.
+ // Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
+ // +optional
+ command?: [...string] @go(Command,[]string) @protobuf(1,bytes,rep)
+}
+
+// Probe describes a health check to be performed against a container to determine whether it is
+// alive or ready to receive traffic.
+Probe: Handler & {
+ // Number of seconds after the container has started before liveness probes are initiated.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ // +optional
+ initialDelaySeconds?: int32 @go(InitialDelaySeconds) @protobuf(2,varint,opt)
+
+ // Number of seconds after which the probe times out.
+ // Defaults to 1 second. Minimum value is 1.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ // +optional
+ timeoutSeconds?: int32 @go(TimeoutSeconds) @protobuf(3,varint,opt)
+
+ // How often (in seconds) to perform the probe.
+ // Default to 10 seconds. Minimum value is 1.
+ // +optional
+ periodSeconds?: int32 @go(PeriodSeconds) @protobuf(4,varint,opt)
+
+ // Minimum consecutive successes for the probe to be considered successful after having failed.
+ // Defaults to 1. Must be 1 for liveness. Minimum value is 1.
+ // +optional
+ successThreshold?: int32 @go(SuccessThreshold) @protobuf(5,varint,opt)
+
+ // Minimum consecutive failures for the probe to be considered failed after having succeeded.
+ // Defaults to 3. Minimum value is 1.
+ // +optional
+ failureThreshold?: int32 @go(FailureThreshold) @protobuf(6,varint,opt)
+}
+
+// PullPolicy describes a policy for if/when to pull a container image
+PullPolicy: string // enumPullPolicy
+
+enumPullPolicy:
+ PullAlways |
+ PullNever |
+ PullIfNotPresent
+
+// PullAlways means that kubelet always attempts to pull the latest image. Container will fail If the pull fails.
+PullAlways: PullPolicy & "Always"
+
+// PullNever means that kubelet never pulls an image, but only uses a local image. Container will fail if the image isn't present
+PullNever: PullPolicy & "Never"
+
+// PullIfNotPresent means that kubelet pulls if the image isn't present on disk. Container will fail if the image isn't present and the pull fails.
+PullIfNotPresent: PullPolicy & "IfNotPresent"
+
+// PreemptionPolicy describes a policy for if/when to preempt a pod.
+PreemptionPolicy: string // enumPreemptionPolicy
+
+enumPreemptionPolicy:
+ PreemptLowerPriority |
+ PreemptNever
+
+// PreemptLowerPriority means that pod can preempt other pods with lower priority.
+PreemptLowerPriority: PreemptionPolicy & "PreemptLowerPriority"
+
+// PreemptNever means that pod never preempts other pods with lower priority.
+PreemptNever: PreemptionPolicy & "Never"
+
+// TerminationMessagePolicy describes how termination messages are retrieved from a container.
+TerminationMessagePolicy: string // enumTerminationMessagePolicy
+
+enumTerminationMessagePolicy:
+ TerminationMessageReadFile |
+ TerminationMessageFallbackToLogsOnError
+
+// TerminationMessageReadFile is the default behavior and will set the container status message to
+// the contents of the container's terminationMessagePath when the container exits.
+TerminationMessageReadFile: TerminationMessagePolicy & "File"
+
+// TerminationMessageFallbackToLogsOnError will read the most recent contents of the container logs
+// for the container status message when the container exits with an error and the
+// terminationMessagePath has no contents.
+TerminationMessageFallbackToLogsOnError: TerminationMessagePolicy & "FallbackToLogsOnError"
+
+// Capability represent POSIX capabilities type
+Capability: string
+
+// Adds and removes POSIX capabilities from running containers.
+Capabilities: {
+ // Added capabilities
+ // +optional
+ add?: [...Capability] @go(Add,[]Capability) @protobuf(1,bytes,rep,casttype=Capability)
+
+ // Removed capabilities
+ // +optional
+ drop?: [...Capability] @go(Drop,[]Capability) @protobuf(2,bytes,rep,casttype=Capability)
+}
+
+// ResourceRequirements describes the compute resource requirements.
+ResourceRequirements: {
+ // Limits describes the maximum amount of compute resources allowed.
+ // More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+ // +optional
+ limits?: ResourceList @go(Limits) @protobuf(1,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // Requests describes the minimum amount of compute resources required.
+ // If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
+ // otherwise to an implementation-defined value.
+ // More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+ // +optional
+ requests?: ResourceList @go(Requests) @protobuf(2,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+}
+
+// TerminationMessagePathDefault means the default path to capture the application termination message running in a container
+TerminationMessagePathDefault: "/dev/termination-log"
+
+// A single application container that you want to run within a pod.
+Container: {
+ // Name of the container specified as a DNS_LABEL.
+ // Each container in a pod must have a unique name (DNS_LABEL).
+ // Cannot be updated.
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // Docker image name.
+ // More info: https://kubernetes.io/docs/concepts/containers/images
+ // This field is optional to allow higher level config management to default or override
+ // container images in workload controllers like Deployments and StatefulSets.
+ // +optional
+ image?: string @go(Image) @protobuf(2,bytes,opt)
+
+ // Entrypoint array. Not executed within a shell.
+ // The docker image's ENTRYPOINT is used if this is not provided.
+ // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax
+ // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
+ // regardless of whether the variable exists or not.
+ // Cannot be updated.
+ // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ // +optional
+ command?: [...string] @go(Command,[]string) @protobuf(3,bytes,rep)
+
+ // Arguments to the entrypoint.
+ // The docker image's CMD is used if this is not provided.
+ // Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
+ // cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax
+ // can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
+ // regardless of whether the variable exists or not.
+ // Cannot be updated.
+ // More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
+ // +optional
+ args?: [...string] @go(Args,[]string) @protobuf(4,bytes,rep)
+
+ // Container's working directory.
+ // If not specified, the container runtime's default will be used, which
+ // might be configured in the container image.
+ // Cannot be updated.
+ // +optional
+ workingDir?: string @go(WorkingDir) @protobuf(5,bytes,opt)
+
+ // List of ports to expose from the container. Exposing a port here gives
+ // the system additional information about the network connections a
+ // container uses, but is primarily informational. Not specifying a port here
+ // DOES NOT prevent that port from being exposed. Any port which is
+ // listening on the default "0.0.0.0" address inside a container will be
+ // accessible from the network.
+ // Cannot be updated.
+ // +optional
+ // +patchMergeKey=containerPort
+ // +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=containerPort
+ // +listMapKey=protocol
+ ports?: [...ContainerPort] @go(Ports,[]ContainerPort) @protobuf(6,bytes,rep)
+
+ // List of sources to populate environment variables in the container.
+ // The keys defined within a source must be a C_IDENTIFIER. All invalid keys
+ // will be reported as an event when the container is starting. When a key exists in multiple
+ // sources, the value associated with the last source will take precedence.
+ // Values defined by an Env with a duplicate key will take precedence.
+ // Cannot be updated.
+ // +optional
+ envFrom?: [...EnvFromSource] @go(EnvFrom,[]EnvFromSource) @protobuf(19,bytes,rep)
+
+ // List of environment variables to set in the container.
+ // Cannot be updated.
+ // +optional
+ // +patchMergeKey=name
+ // +patchStrategy=merge
+ env?: [...EnvVar] @go(Env,[]EnvVar) @protobuf(7,bytes,rep)
+
+ // Compute Resources required by this container.
+ // Cannot be updated.
+ // More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+ // +optional
+ resources?: ResourceRequirements @go(Resources) @protobuf(8,bytes,opt)
+
+ // Pod volumes to mount into the container's filesystem.
+ // Cannot be updated.
+ // +optional
+ // +patchMergeKey=mountPath
+ // +patchStrategy=merge
+ volumeMounts?: [...VolumeMount] @go(VolumeMounts,[]VolumeMount) @protobuf(9,bytes,rep)
+
+ // volumeDevices is the list of block devices to be used by the container.
+ // This is a beta feature.
+ // +patchMergeKey=devicePath
+ // +patchStrategy=merge
+ // +optional
+ volumeDevices?: [...VolumeDevice] @go(VolumeDevices,[]VolumeDevice) @protobuf(21,bytes,rep)
+
+ // Periodic probe of container liveness.
+ // Container will be restarted if the probe fails.
+ // Cannot be updated.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ // +optional
+ livenessProbe?: null | Probe @go(LivenessProbe,*Probe) @protobuf(10,bytes,opt)
+
+ // Periodic probe of container service readiness.
+ // Container will be removed from service endpoints if the probe fails.
+ // Cannot be updated.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
+ // +optional
+ readinessProbe?: null | Probe @go(ReadinessProbe,*Probe) @protobuf(11,bytes,opt)
+
+ // Actions that the management system should take in response to container lifecycle events.
+ // Cannot be updated.
+ // +optional
+ lifecycle?: null | Lifecycle @go(Lifecycle,*Lifecycle) @protobuf(12,bytes,opt)
+
+ // Optional: Path at which the file to which the container's termination message
+ // will be written is mounted into the container's filesystem.
+ // Message written is intended to be brief final status, such as an assertion failure message.
+ // Will be truncated by the node if greater than 4096 bytes. The total message length across
+ // all containers will be limited to 12kb.
+ // Defaults to /dev/termination-log.
+ // Cannot be updated.
+ // +optional
+ terminationMessagePath?: string @go(TerminationMessagePath) @protobuf(13,bytes,opt)
+
+ // Indicate how the termination message should be populated. File will use the contents of
+ // terminationMessagePath to populate the container status message on both success and failure.
+ // FallbackToLogsOnError will use the last chunk of container log output if the termination
+ // message file is empty and the container exited with an error.
+ // The log output is limited to 2048 bytes or 80 lines, whichever is smaller.
+ // Defaults to File.
+ // Cannot be updated.
+ // +optional
+ terminationMessagePolicy?: TerminationMessagePolicy @go(TerminationMessagePolicy) @protobuf(20,bytes,opt,casttype=TerminationMessagePolicy)
+
+ // Image pull policy.
+ // One of Always, Never, IfNotPresent.
+ // Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+ // Cannot be updated.
+ // More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
+ // +optional
+ imagePullPolicy?: PullPolicy @go(ImagePullPolicy) @protobuf(14,bytes,opt,casttype=PullPolicy)
+
+ // Security options the pod should run with.
+ // More info: https://kubernetes.io/docs/concepts/policy/security-context/
+ // More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ // +optional
+ securityContext?: null | SecurityContext @go(SecurityContext,*SecurityContext) @protobuf(15,bytes,opt)
+
+ // Whether this container should allocate a buffer for stdin in the container runtime. If this
+ // is not set, reads from stdin in the container will always result in EOF.
+ // Default is false.
+ // +optional
+ stdin?: bool @go(Stdin) @protobuf(16,varint,opt)
+
+ // Whether the container runtime should close the stdin channel after it has been opened by
+ // a single attach. When stdin is true the stdin stream will remain open across multiple attach
+ // sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the
+ // first client attaches to stdin, and then remains open and accepts data until the client disconnects,
+ // at which time stdin is closed and remains closed until the container is restarted. If this
+ // flag is false, a container processes that reads from stdin will never receive an EOF.
+ // Default is false
+ // +optional
+ stdinOnce?: bool @go(StdinOnce) @protobuf(17,varint,opt)
+
+ // Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.
+ // Default is false.
+ // +optional
+ tty?: bool @go(TTY) @protobuf(18,varint,opt)
+}
+
+// Handler defines a specific action that should be taken
+// TODO: pass structured data to these actions, and document that data here.
+Handler: {
+ // One and only one of the following should be specified.
+ // Exec specifies the action to take.
+ // +optional
+ exec?: null | ExecAction @go(Exec,*ExecAction) @protobuf(1,bytes,opt)
+
+ // HTTPGet specifies the http request to perform.
+ // +optional
+ httpGet?: null | HTTPGetAction @go(HTTPGet,*HTTPGetAction) @protobuf(2,bytes,opt)
+
+ // TCPSocket specifies an action involving a TCP port.
+ // TCP hooks not yet supported
+ // TODO: implement a realistic TCP lifecycle hook
+ // +optional
+ tcpSocket?: null | TCPSocketAction @go(TCPSocket,*TCPSocketAction) @protobuf(3,bytes,opt)
+}
+
+// Lifecycle describes actions that the management system should take in response to container lifecycle
+// events. For the PostStart and PreStop lifecycle handlers, management of the container blocks
+// until the action is complete, unless the container process fails, in which case the handler is aborted.
+Lifecycle: {
+ // PostStart is called immediately after a container is created. If the handler fails,
+ // the container is terminated and restarted according to its restart policy.
+ // Other management of the container blocks until the hook completes.
+ // More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ // +optional
+ postStart?: null | Handler @go(PostStart,*Handler) @protobuf(1,bytes,opt)
+
+ // PreStop is called immediately before a container is terminated due to an
+ // API request or management event such as liveness probe failure,
+ // preemption, resource contention, etc. The handler is not called if the
+ // container crashes or exits. The reason for termination is passed to the
+ // handler. The Pod's termination grace period countdown begins before the
+ // PreStop hooked is executed. Regardless of the outcome of the handler, the
+ // container will eventually terminate within the Pod's termination grace
+ // period. Other management of the container blocks until the hook completes
+ // or until the termination grace period is reached.
+ // More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
+ // +optional
+ preStop?: null | Handler @go(PreStop,*Handler) @protobuf(2,bytes,opt)
+}
+
+ConditionStatus: string // enumConditionStatus
+
+enumConditionStatus:
+ ConditionTrue |
+ ConditionFalse |
+ ConditionUnknown
+
+ConditionTrue: ConditionStatus & "True"
+ConditionFalse: ConditionStatus & "False"
+ConditionUnknown: ConditionStatus & "Unknown"
+
+// ContainerStateWaiting is a waiting state of a container.
+ContainerStateWaiting: {
+ // (brief) reason the container is not yet running.
+ // +optional
+ reason?: string @go(Reason) @protobuf(1,bytes,opt)
+
+ // Message regarding why the container is not yet running.
+ // +optional
+ message?: string @go(Message) @protobuf(2,bytes,opt)
+}
+
+// ContainerStateRunning is a running state of a container.
+ContainerStateRunning: {
+ // Time at which the container was last (re-)started
+ // +optional
+ startedAt?: metav1.Time @go(StartedAt) @protobuf(1,bytes,opt)
+}
+
+// ContainerStateTerminated is a terminated state of a container.
+ContainerStateTerminated: {
+ // Exit status from the last termination of the container
+ exitCode: int32 @go(ExitCode) @protobuf(1,varint,opt)
+
+ // Signal from the last termination of the container
+ // +optional
+ signal?: int32 @go(Signal) @protobuf(2,varint,opt)
+
+ // (brief) reason from the last termination of the container
+ // +optional
+ reason?: string @go(Reason) @protobuf(3,bytes,opt)
+
+ // Message regarding the last termination of the container
+ // +optional
+ message?: string @go(Message) @protobuf(4,bytes,opt)
+
+ // Time at which previous execution of the container started
+ // +optional
+ startedAt?: metav1.Time @go(StartedAt) @protobuf(5,bytes,opt)
+
+ // Time at which the container last terminated
+ // +optional
+ finishedAt?: metav1.Time @go(FinishedAt) @protobuf(6,bytes,opt)
+
+ // Container's ID in the format 'docker://<container_id>'
+ // +optional
+ containerID?: string @go(ContainerID) @protobuf(7,bytes,opt)
+}
+
+// ContainerState holds a possible state of container.
+// Only one of its members may be specified.
+// If none of them is specified, the default one is ContainerStateWaiting.
+ContainerState: {
+ // Details about a waiting container
+ // +optional
+ waiting?: null | ContainerStateWaiting @go(Waiting,*ContainerStateWaiting) @protobuf(1,bytes,opt)
+
+ // Details about a running container
+ // +optional
+ running?: null | ContainerStateRunning @go(Running,*ContainerStateRunning) @protobuf(2,bytes,opt)
+
+ // Details about a terminated container
+ // +optional
+ terminated?: null | ContainerStateTerminated @go(Terminated,*ContainerStateTerminated) @protobuf(3,bytes,opt)
+}
+
+// ContainerStatus contains details for the current status of this container.
+ContainerStatus: {
+ // This must be a DNS_LABEL. Each container in a pod must have a unique name.
+ // Cannot be updated.
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // Details about the container's current condition.
+ // +optional
+ state?: ContainerState @go(State) @protobuf(2,bytes,opt)
+
+ // Details about the container's last termination condition.
+ // +optional
+ lastState?: ContainerState @go(LastTerminationState) @protobuf(3,bytes,opt)
+
+ // Specifies whether the container has passed its readiness probe.
+ ready: bool @go(Ready) @protobuf(4,varint,opt)
+
+ // The number of times the container has been restarted, currently based on
+ // the number of dead containers that have not yet been removed.
+ // Note that this is calculated from dead containers. But those containers are subject to
+ // garbage collection. This value will get capped at 5 by GC.
+ restartCount: int32 @go(RestartCount) @protobuf(5,varint,opt)
+
+ // The image the container is running.
+ // More info: https://kubernetes.io/docs/concepts/containers/images
+ // TODO(dchen1107): Which image the container is running with?
+ image: string @go(Image) @protobuf(6,bytes,opt)
+
+ // ImageID of the container's image.
+ imageID: string @go(ImageID) @protobuf(7,bytes,opt)
+
+ // Container's ID in the format 'docker://<container_id>'.
+ // +optional
+ containerID?: string @go(ContainerID) @protobuf(8,bytes,opt)
+}
+
+// PodPhase is a label for the condition of a pod at the current time.
+PodPhase: string // enumPodPhase
+
+enumPodPhase:
+ PodPending |
+ PodRunning |
+ PodSucceeded |
+ PodFailed |
+ PodUnknown
+
+// PodPending means the pod has been accepted by the system, but one or more of the containers
+// has not been started. This includes time before being bound to a node, as well as time spent
+// pulling images onto the host.
+PodPending: PodPhase & "Pending"
+
+// PodRunning means the pod has been bound to a node and all of the containers have been started.
+// At least one container is still running or is in the process of being restarted.
+PodRunning: PodPhase & "Running"
+
+// PodSucceeded means that all containers in the pod have voluntarily terminated
+// with a container exit code of 0, and the system is not going to restart any of these containers.
+PodSucceeded: PodPhase & "Succeeded"
+
+// PodFailed means that all containers in the pod have terminated, and at least one container has
+// terminated in a failure (exited with a non-zero exit code or was stopped by the system).
+PodFailed: PodPhase & "Failed"
+
+// PodUnknown means that for some reason the state of the pod could not be obtained, typically due
+// to an error in communicating with the host of the pod.
+PodUnknown: PodPhase & "Unknown"
+
+// PodConditionType is a valid value for PodCondition.Type
+PodConditionType: string // enumPodConditionType
+
+enumPodConditionType:
+ ContainersReady |
+ PodInitialized |
+ PodReady |
+ PodScheduled
+
+// ContainersReady indicates whether all containers in the pod are ready.
+ContainersReady: PodConditionType & "ContainersReady"
+
+// PodInitialized means that all init containers in the pod have started successfully.
+PodInitialized: PodConditionType & "Initialized"
+
+// PodReady means the pod is able to service requests and should be added to the
+// load balancing pools of all matching services.
+PodReady: PodConditionType & "Ready"
+
+// PodScheduled represents status of the scheduling process for this pod.
+PodScheduled: PodConditionType & "PodScheduled"
+
+// PodReasonUnschedulable reason in PodScheduled PodCondition means that the scheduler
+// can't schedule the pod right now, for example due to insufficient resources in the cluster.
+PodReasonUnschedulable: "Unschedulable"
+
+// PodCondition contains details for the current condition of this pod.
+PodCondition: {
+ // Type is the type of the condition.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
+ type: PodConditionType @go(Type) @protobuf(1,bytes,opt,casttype=PodConditionType)
+
+ // Status is the status of the condition.
+ // Can be True, False, Unknown.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
+ status: ConditionStatus @go(Status) @protobuf(2,bytes,opt,casttype=ConditionStatus)
+
+ // Last time we probed the condition.
+ // +optional
+ lastProbeTime?: metav1.Time @go(LastProbeTime) @protobuf(3,bytes,opt)
+
+ // Last time the condition transitioned from one status to another.
+ // +optional
+ lastTransitionTime?: metav1.Time @go(LastTransitionTime) @protobuf(4,bytes,opt)
+
+ // Unique, one-word, CamelCase reason for the condition's last transition.
+ // +optional
+ reason?: string @go(Reason) @protobuf(5,bytes,opt)
+
+ // Human-readable message indicating details about last transition.
+ // +optional
+ message?: string @go(Message) @protobuf(6,bytes,opt)
+}
+
+// RestartPolicy describes how the container should be restarted.
+// Only one of the following restart policies may be specified.
+// If none of the following policies is specified, the default one
+// is RestartPolicyAlways.
+RestartPolicy: string // enumRestartPolicy
+
+enumRestartPolicy:
+ RestartPolicyAlways |
+ RestartPolicyOnFailure |
+ RestartPolicyNever
+
+RestartPolicyAlways: RestartPolicy & "Always"
+RestartPolicyOnFailure: RestartPolicy & "OnFailure"
+RestartPolicyNever: RestartPolicy & "Never"
+
+// DNSPolicy defines how a pod's DNS will be configured.
+DNSPolicy: string // enumDNSPolicy
+
+enumDNSPolicy:
+ DNSClusterFirstWithHostNet |
+ DNSClusterFirst |
+ DNSDefault |
+ DNSNone
+
+// DNSClusterFirstWithHostNet indicates that the pod should use cluster DNS
+// first, if it is available, then fall back on the default
+// (as determined by kubelet) DNS settings.
+DNSClusterFirstWithHostNet: DNSPolicy & "ClusterFirstWithHostNet"
+
+// DNSClusterFirst indicates that the pod should use cluster DNS
+// first unless hostNetwork is true, if it is available, then
+// fall back on the default (as determined by kubelet) DNS settings.
+DNSClusterFirst: DNSPolicy & "ClusterFirst"
+
+// DNSDefault indicates that the pod should use the default (as
+// determined by kubelet) DNS settings.
+DNSDefault: DNSPolicy & "Default"
+
+// DNSNone indicates that the pod should use empty DNS settings. DNS
+// parameters such as nameservers and search paths should be defined via
+// DNSConfig.
+DNSNone: DNSPolicy & "None"
+
+// DefaultTerminationGracePeriodSeconds indicates the default duration in
+// seconds a pod needs to terminate gracefully.
+DefaultTerminationGracePeriodSeconds: 30
+
+// A node selector represents the union of the results of one or more label queries
+// over a set of nodes; that is, it represents the OR of the selectors represented
+// by the node selector terms.
+NodeSelector: {
+ //Required. A list of node selector terms. The terms are ORed.
+ nodeSelectorTerms: [...NodeSelectorTerm] @go(NodeSelectorTerms,[]NodeSelectorTerm) @protobuf(1,bytes,rep)
+}
+
+// A null or empty node selector term matches no objects. The requirements of
+// them are ANDed.
+// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
+NodeSelectorTerm: {
+ // A list of node selector requirements by node's labels.
+ // +optional
+ matchExpressions?: [...NodeSelectorRequirement] @go(MatchExpressions,[]NodeSelectorRequirement) @protobuf(1,bytes,rep)
+
+ // A list of node selector requirements by node's fields.
+ // +optional
+ matchFields?: [...NodeSelectorRequirement] @go(MatchFields,[]NodeSelectorRequirement) @protobuf(2,bytes,rep)
+}
+
+// A node selector requirement is a selector that contains values, a key, and an operator
+// that relates the key and values.
+NodeSelectorRequirement: {
+ // The label key that the selector applies to.
+ key: string @go(Key) @protobuf(1,bytes,opt)
+
+ // Represents a key's relationship to a set of values.
+ // Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
+ operator: NodeSelectorOperator @go(Operator) @protobuf(2,bytes,opt,casttype=NodeSelectorOperator)
+
+ // An array of string values. If the operator is In or NotIn,
+ // the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ // the values array must be empty. If the operator is Gt or Lt, the values
+ // array must have a single element, which will be interpreted as an integer.
+ // This array is replaced during a strategic merge patch.
+ // +optional
+ values?: [...string] @go(Values,[]string) @protobuf(3,bytes,rep)
+}
+
+// A node selector operator is the set of operators that can be used in
+// a node selector requirement.
+NodeSelectorOperator: string // enumNodeSelectorOperator
+
+enumNodeSelectorOperator:
+ NodeSelectorOpIn |
+ NodeSelectorOpNotIn |
+ NodeSelectorOpExists |
+ NodeSelectorOpDoesNotExist |
+ NodeSelectorOpGt |
+ NodeSelectorOpLt
+
+NodeSelectorOpIn: NodeSelectorOperator & "In"
+NodeSelectorOpNotIn: NodeSelectorOperator & "NotIn"
+NodeSelectorOpExists: NodeSelectorOperator & "Exists"
+NodeSelectorOpDoesNotExist: NodeSelectorOperator & "DoesNotExist"
+NodeSelectorOpGt: NodeSelectorOperator & "Gt"
+NodeSelectorOpLt: NodeSelectorOperator & "Lt"
+
+// A topology selector term represents the result of label queries.
+// A null or empty topology selector term matches no objects.
+// The requirements of them are ANDed.
+// It provides a subset of functionality as NodeSelectorTerm.
+// This is an alpha feature and may change in the future.
+TopologySelectorTerm: {
+ // A list of topology selector requirements by labels.
+ // +optional
+ matchLabelExpressions?: [...TopologySelectorLabelRequirement] @go(MatchLabelExpressions,[]TopologySelectorLabelRequirement) @protobuf(1,bytes,rep)
+}
+
+// A topology selector requirement is a selector that matches given label.
+// This is an alpha feature and may change in the future.
+TopologySelectorLabelRequirement: {
+ // The label key that the selector applies to.
+ key: string @go(Key) @protobuf(1,bytes,opt)
+
+ // An array of string values. One value must match the label to be selected.
+ // Each entry in Values is ORed.
+ values: [...string] @go(Values,[]string) @protobuf(2,bytes,rep)
+}
+
+// Affinity is a group of affinity scheduling rules.
+Affinity: {
+ // Describes node affinity scheduling rules for the pod.
+ // +optional
+ nodeAffinity?: null | NodeAffinity @go(NodeAffinity,*NodeAffinity) @protobuf(1,bytes,opt)
+
+ // Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
+ // +optional
+ podAffinity?: null | PodAffinity @go(PodAffinity,*PodAffinity) @protobuf(2,bytes,opt)
+
+ // Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
+ // +optional
+ podAntiAffinity?: null | PodAntiAffinity @go(PodAntiAffinity,*PodAntiAffinity) @protobuf(3,bytes,opt)
+}
+
+// Pod affinity is a group of inter pod affinity scheduling rules.
+PodAffinity: {
+ // If the affinity requirements specified by this field are not met at
+ // scheduling time, the pod will not be scheduled onto the node.
+ // If the affinity requirements specified by this field cease to be met
+ // at some point during pod execution (e.g. due to a pod label update), the
+ // system may or may not try to eventually evict the pod from its node.
+ // When there are multiple elements, the lists of nodes corresponding to each
+ // podAffinityTerm are intersected, i.e. all terms must be satisfied.
+ // +optional
+ requiredDuringSchedulingIgnoredDuringExecution?: [...PodAffinityTerm] @go(RequiredDuringSchedulingIgnoredDuringExecution,[]PodAffinityTerm) @protobuf(1,bytes,rep)
+
+ // The scheduler will prefer to schedule pods to nodes that satisfy
+ // the affinity expressions specified by this field, but it may choose
+ // a node that violates one or more of the expressions. The node that is
+ // most preferred is the one with the greatest sum of weights, i.e.
+ // for each node that meets all of the scheduling requirements (resource
+ // request, requiredDuringScheduling affinity expressions, etc.),
+ // compute a sum by iterating through the elements of this field and adding
+ // "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
+ // node(s) with the highest sum are the most preferred.
+ // +optional
+ preferredDuringSchedulingIgnoredDuringExecution?: [...WeightedPodAffinityTerm] @go(PreferredDuringSchedulingIgnoredDuringExecution,[]WeightedPodAffinityTerm) @protobuf(2,bytes,rep)
+}
+
+// Pod anti affinity is a group of inter pod anti affinity scheduling rules.
+PodAntiAffinity: {
+ // If the anti-affinity requirements specified by this field are not met at
+ // scheduling time, the pod will not be scheduled onto the node.
+ // If the anti-affinity requirements specified by this field cease to be met
+ // at some point during pod execution (e.g. due to a pod label update), the
+ // system may or may not try to eventually evict the pod from its node.
+ // When there are multiple elements, the lists of nodes corresponding to each
+ // podAffinityTerm are intersected, i.e. all terms must be satisfied.
+ // +optional
+ requiredDuringSchedulingIgnoredDuringExecution?: [...PodAffinityTerm] @go(RequiredDuringSchedulingIgnoredDuringExecution,[]PodAffinityTerm) @protobuf(1,bytes,rep)
+
+ // The scheduler will prefer to schedule pods to nodes that satisfy
+ // the anti-affinity expressions specified by this field, but it may choose
+ // a node that violates one or more of the expressions. The node that is
+ // most preferred is the one with the greatest sum of weights, i.e.
+ // for each node that meets all of the scheduling requirements (resource
+ // request, requiredDuringScheduling anti-affinity expressions, etc.),
+ // compute a sum by iterating through the elements of this field and adding
+ // "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the
+ // node(s) with the highest sum are the most preferred.
+ // +optional
+ preferredDuringSchedulingIgnoredDuringExecution?: [...WeightedPodAffinityTerm] @go(PreferredDuringSchedulingIgnoredDuringExecution,[]WeightedPodAffinityTerm) @protobuf(2,bytes,rep)
+}
+
+// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
+WeightedPodAffinityTerm: {
+ // weight associated with matching the corresponding podAffinityTerm,
+ // in the range 1-100.
+ weight: int32 @go(Weight) @protobuf(1,varint,opt)
+
+ // Required. A pod affinity term, associated with the corresponding weight.
+ podAffinityTerm: PodAffinityTerm @go(PodAffinityTerm) @protobuf(2,bytes,opt)
+}
+
+// Defines a set of pods (namely those matching the labelSelector
+// relative to the given namespace(s)) that this pod should be
+// co-located (affinity) or not co-located (anti-affinity) with,
+// where co-located is defined as running on a node whose value of
+// the label with key <topologyKey> matches that of any node on which
+// a pod of the set of pods is running
+PodAffinityTerm: {
+ // A label query over a set of resources, in this case pods.
+ // +optional
+ labelSelector?: null | metav1.LabelSelector @go(LabelSelector,*metav1.LabelSelector) @protobuf(1,bytes,opt)
+
+ // namespaces specifies which namespaces the labelSelector applies to (matches against);
+ // null or empty list means "this pod's namespace"
+ // +optional
+ namespaces?: [...string] @go(Namespaces,[]string) @protobuf(2,bytes,rep)
+
+ // This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
+ // the labelSelector in the specified namespaces, where co-located is defined as running on a node
+ // whose value of the label with key topologyKey matches that of any node on which any of the
+ // selected pods is running.
+ // Empty topologyKey is not allowed.
+ topologyKey: string @go(TopologyKey) @protobuf(3,bytes,opt)
+}
+
+// Node affinity is a group of node affinity scheduling rules.
+NodeAffinity: {
+ // If the affinity requirements specified by this field are not met at
+ // scheduling time, the pod will not be scheduled onto the node.
+ // If the affinity requirements specified by this field cease to be met
+ // at some point during pod execution (e.g. due to an update), the system
+ // may or may not try to eventually evict the pod from its node.
+ // +optional
+ requiredDuringSchedulingIgnoredDuringExecution?: null | NodeSelector @go(RequiredDuringSchedulingIgnoredDuringExecution,*NodeSelector) @protobuf(1,bytes,opt)
+
+ // The scheduler will prefer to schedule pods to nodes that satisfy
+ // the affinity expressions specified by this field, but it may choose
+ // a node that violates one or more of the expressions. The node that is
+ // most preferred is the one with the greatest sum of weights, i.e.
+ // for each node that meets all of the scheduling requirements (resource
+ // request, requiredDuringScheduling affinity expressions, etc.),
+ // compute a sum by iterating through the elements of this field and adding
+ // "weight" to the sum if the node matches the corresponding matchExpressions; the
+ // node(s) with the highest sum are the most preferred.
+ // +optional
+ preferredDuringSchedulingIgnoredDuringExecution?: [...PreferredSchedulingTerm] @go(PreferredDuringSchedulingIgnoredDuringExecution,[]PreferredSchedulingTerm) @protobuf(2,bytes,rep)
+}
+
+// An empty preferred scheduling term matches all objects with implicit weight 0
+// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
+PreferredSchedulingTerm: {
+ // Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
+ weight: int32 @go(Weight) @protobuf(1,varint,opt)
+
+ // A node selector term, associated with the corresponding weight.
+ preference: NodeSelectorTerm @go(Preference) @protobuf(2,bytes,opt)
+}
+
+// The node this Taint is attached to has the "effect" on
+// any pod that does not tolerate the Taint.
+Taint: {
+ // Required. The taint key to be applied to a node.
+ key: string @go(Key) @protobuf(1,bytes,opt)
+
+ // Required. The taint value corresponding to the taint key.
+ // +optional
+ value?: string @go(Value) @protobuf(2,bytes,opt)
+
+ // Required. The effect of the taint on pods
+ // that do not tolerate the taint.
+ // Valid effects are NoSchedule, PreferNoSchedule and NoExecute.
+ effect: TaintEffect @go(Effect) @protobuf(3,bytes,opt,casttype=TaintEffect)
+
+ // TimeAdded represents the time at which the taint was added.
+ // It is only written for NoExecute taints.
+ // +optional
+ timeAdded?: null | metav1.Time @go(TimeAdded,*metav1.Time) @protobuf(4,bytes,opt)
+}
+
+TaintEffect: string // enumTaintEffect
+
+enumTaintEffect:
+ TaintEffectNoSchedule |
+ TaintEffectPreferNoSchedule |
+ TaintEffectNoExecute
+
+// Do not allow new pods to schedule onto the node unless they tolerate the taint,
+// but allow all pods submitted to Kubelet without going through the scheduler
+// to start, and allow all already-running pods to continue running.
+// Enforced by the scheduler.
+TaintEffectNoSchedule: TaintEffect & "NoSchedule"
+
+// Like TaintEffectNoSchedule, but the scheduler tries not to schedule
+// new pods onto the node, rather than prohibiting new pods from scheduling
+// onto the node entirely. Enforced by the scheduler.
+TaintEffectPreferNoSchedule: TaintEffect & "PreferNoSchedule"
+
+// Evict any already-running pods that do not tolerate the taint.
+// Currently enforced by NodeController.
+TaintEffectNoExecute: TaintEffect & "NoExecute"
+
+// The pod this Toleration is attached to tolerates any taint that matches
+// the triple <key,value,effect> using the matching operator <operator>.
+Toleration: {
+ // Key is the taint key that the toleration applies to. Empty means match all taint keys.
+ // If the key is empty, operator must be Exists; this combination means to match all values and all keys.
+ // +optional
+ key?: string @go(Key) @protobuf(1,bytes,opt)
+
+ // Operator represents a key's relationship to the value.
+ // Valid operators are Exists and Equal. Defaults to Equal.
+ // Exists is equivalent to wildcard for value, so that a pod can
+ // tolerate all taints of a particular category.
+ // +optional
+ operator?: TolerationOperator @go(Operator) @protobuf(2,bytes,opt,casttype=TolerationOperator)
+
+ // Value is the taint value the toleration matches to.
+ // If the operator is Exists, the value should be empty, otherwise just a regular string.
+ // +optional
+ value?: string @go(Value) @protobuf(3,bytes,opt)
+
+ // Effect indicates the taint effect to match. Empty means match all taint effects.
+ // When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
+ // +optional
+ effect?: TaintEffect @go(Effect) @protobuf(4,bytes,opt,casttype=TaintEffect)
+
+ // TolerationSeconds represents the period of time the toleration (which must be
+ // of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
+ // it is not set, which means tolerate the taint forever (do not evict). Zero and
+ // negative values will be treated as 0 (evict immediately) by the system.
+ // +optional
+ tolerationSeconds?: null | int64 @go(TolerationSeconds,*int64) @protobuf(5,varint,opt)
+}
+
+// A toleration operator is the set of operators that can be used in a toleration.
+TolerationOperator: string // enumTolerationOperator
+
+enumTolerationOperator:
+ TolerationOpExists |
+ TolerationOpEqual
+
+TolerationOpExists: TolerationOperator & "Exists"
+TolerationOpEqual: TolerationOperator & "Equal"
+
+// PodReadinessGate contains the reference to a pod condition
+PodReadinessGate: {
+ // ConditionType refers to a condition in the pod's condition list with matching type.
+ conditionType: PodConditionType @go(ConditionType) @protobuf(1,bytes,opt,casttype=PodConditionType)
+}
+
+// PodSpec is a description of a pod.
+PodSpec: {
+ // List of volumes that can be mounted by containers belonging to the pod.
+ // More info: https://kubernetes.io/docs/concepts/storage/volumes
+ // +optional
+ // +patchMergeKey=name
+ // +patchStrategy=merge,retainKeys
+ volumes?: [...Volume] @go(Volumes,[]Volume) @protobuf(1,bytes,rep)
+
+ // List of initialization containers belonging to the pod.
+ // Init containers are executed in order prior to containers being started. If any
+ // init container fails, the pod is considered to have failed and is handled according
+ // to its restartPolicy. The name for an init container or normal container must be
+ // unique among all containers.
+ // Init containers may not have Lifecycle actions, Readiness probes, or Liveness probes.
+ // The resourceRequirements of an init container are taken into account during scheduling
+ // by finding the highest request/limit for each resource type, and then using the max of
+ // of that value or the sum of the normal containers. Limits are applied to init containers
+ // in a similar fashion.
+ // Init containers cannot currently be added or removed.
+ // Cannot be updated.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+ // +patchMergeKey=name
+ // +patchStrategy=merge
+ initContainers?: [...Container] @go(InitContainers,[]Container) @protobuf(20,bytes,rep)
+
+ // List of containers belonging to the pod.
+ // Containers cannot currently be added or removed.
+ // There must be at least one container in a Pod.
+ // Cannot be updated.
+ // +patchMergeKey=name
+ // +patchStrategy=merge
+ containers: [...Container] @go(Containers,[]Container) @protobuf(2,bytes,rep)
+
+ // Restart policy for all containers within the pod.
+ // One of Always, OnFailure, Never.
+ // Default to Always.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy
+ // +optional
+ restartPolicy?: RestartPolicy @go(RestartPolicy) @protobuf(3,bytes,opt,casttype=RestartPolicy)
+
+ // Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request.
+ // Value must be non-negative integer. The value zero indicates delete immediately.
+ // If this value is nil, the default grace period will be used instead.
+ // The grace period is the duration in seconds after the processes running in the pod are sent
+ // a termination signal and the time when the processes are forcibly halted with a kill signal.
+ // Set this value longer than the expected cleanup time for your process.
+ // Defaults to 30 seconds.
+ // +optional
+ terminationGracePeriodSeconds?: null | int64 @go(TerminationGracePeriodSeconds,*int64) @protobuf(4,varint,opt)
+
+ // Optional duration in seconds the pod may be active on the node relative to
+ // StartTime before the system will actively try to mark it failed and kill associated containers.
+ // Value must be a positive integer.
+ // +optional
+ activeDeadlineSeconds?: null | int64 @go(ActiveDeadlineSeconds,*int64) @protobuf(5,varint,opt)
+
+ // Set DNS policy for the pod.
+ // Defaults to "ClusterFirst".
+ // Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.
+ // DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.
+ // To have DNS options set along with hostNetwork, you have to specify DNS policy
+ // explicitly to 'ClusterFirstWithHostNet'.
+ // +optional
+ dnsPolicy?: DNSPolicy @go(DNSPolicy) @protobuf(6,bytes,opt,casttype=DNSPolicy)
+
+ // NodeSelector is a selector which must be true for the pod to fit on a node.
+ // Selector which must match a node's labels for the pod to be scheduled on that node.
+ // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+ // +optional
+ nodeSelector?: {<_>: string} @go(NodeSelector,map[string]string) @protobuf(7,bytes,rep)
+
+ // ServiceAccountName is the name of the ServiceAccount to use to run this pod.
+ // More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+ // +optional
+ serviceAccountName?: string @go(ServiceAccountName) @protobuf(8,bytes,opt)
+
+ // DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.
+ // Deprecated: Use serviceAccountName instead.
+ // +k8s:conversion-gen=false
+ // +optional
+ serviceAccount?: string @go(DeprecatedServiceAccount) @protobuf(9,bytes,opt)
+
+ // AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.
+ // +optional
+ automountServiceAccountToken?: null | bool @go(AutomountServiceAccountToken,*bool) @protobuf(21,varint,opt)
+
+ // NodeName is a request to schedule this pod onto a specific node. If it is non-empty,
+ // the scheduler simply schedules this pod onto that node, assuming that it fits resource
+ // requirements.
+ // +optional
+ nodeName?: string @go(NodeName) @protobuf(10,bytes,opt)
+
+ // Host networking requested for this pod. Use the host's network namespace.
+ // If this option is set, the ports that will be used must be specified.
+ // Default to false.
+ // +k8s:conversion-gen=false
+ // +optional
+ hostNetwork?: bool @go(HostNetwork) @protobuf(11,varint,opt)
+
+ // Use the host's pid namespace.
+ // Optional: Default to false.
+ // +k8s:conversion-gen=false
+ // +optional
+ hostPID?: bool @go(HostPID) @protobuf(12,varint,opt)
+
+ // Use the host's ipc namespace.
+ // Optional: Default to false.
+ // +k8s:conversion-gen=false
+ // +optional
+ hostIPC?: bool @go(HostIPC) @protobuf(13,varint,opt)
+
+ // Share a single process namespace between all of the containers in a pod.
+ // When this is set containers will be able to view and signal processes from other containers
+ // in the same pod, and the first process in each container will not be assigned PID 1.
+ // HostPID and ShareProcessNamespace cannot both be set.
+ // Optional: Default to false.
+ // This field is beta-level and may be disabled with the PodShareProcessNamespace feature.
+ // +k8s:conversion-gen=false
+ // +optional
+ shareProcessNamespace?: null | bool @go(ShareProcessNamespace,*bool) @protobuf(27,varint,opt)
+
+ // SecurityContext holds pod-level security attributes and common container settings.
+ // Optional: Defaults to empty. See type description for default values of each field.
+ // +optional
+ securityContext?: null | PodSecurityContext @go(SecurityContext,*PodSecurityContext) @protobuf(14,bytes,opt)
+
+ // ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.
+ // If specified, these secrets will be passed to individual puller implementations for them to use. For example,
+ // in the case of docker, only DockerConfig type secrets are honored.
+ // More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod
+ // +optional
+ // +patchMergeKey=name
+ // +patchStrategy=merge
+ imagePullSecrets?: [...LocalObjectReference] @go(ImagePullSecrets,[]LocalObjectReference) @protobuf(15,bytes,rep)
+
+ // Specifies the hostname of the Pod
+ // If not specified, the pod's hostname will be set to a system-defined value.
+ // +optional
+ hostname?: string @go(Hostname) @protobuf(16,bytes,opt)
+
+ // If specified, the fully qualified Pod hostname will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>".
+ // If not specified, the pod will not have a domainname at all.
+ // +optional
+ subdomain?: string @go(Subdomain) @protobuf(17,bytes,opt)
+
+ // If specified, the pod's scheduling constraints
+ // +optional
+ affinity?: null | Affinity @go(Affinity,*Affinity) @protobuf(18,bytes,opt)
+
+ // If specified, the pod will be dispatched by specified scheduler.
+ // If not specified, the pod will be dispatched by default scheduler.
+ // +optional
+ schedulerName?: string @go(SchedulerName) @protobuf(19,bytes,opt)
+
+ // If specified, the pod's tolerations.
+ // +optional
+ tolerations?: [...Toleration] @go(Tolerations,[]Toleration) @protobuf(22,bytes,opt)
+
+ // HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts
+ // file if specified. This is only valid for non-hostNetwork pods.
+ // +optional
+ // +patchMergeKey=ip
+ // +patchStrategy=merge
+ hostAliases?: [...HostAlias] @go(HostAliases,[]HostAlias) @protobuf(23,bytes,rep)
+
+ // If specified, indicates the pod's priority. "system-node-critical" and
+ // "system-cluster-critical" are two special keywords which indicate the
+ // highest priorities with the former being the highest priority. Any other
+ // name must be defined by creating a PriorityClass object with that name.
+ // If not specified, the pod priority will be default or zero if there is no
+ // default.
+ // +optional
+ priorityClassName?: string @go(PriorityClassName) @protobuf(24,bytes,opt)
+
+ // The priority value. Various system components use this field to find the
+ // priority of the pod. When Priority Admission Controller is enabled, it
+ // prevents users from setting this field. The admission controller populates
+ // this field from PriorityClassName.
+ // The higher the value, the higher the priority.
+ // +optional
+ priority?: null | int32 @go(Priority,*int32) @protobuf(25,bytes,opt)
+
+ // Specifies the DNS parameters of a pod.
+ // Parameters specified here will be merged to the generated DNS
+ // configuration based on DNSPolicy.
+ // +optional
+ dnsConfig?: null | PodDNSConfig @go(DNSConfig,*PodDNSConfig) @protobuf(26,bytes,opt)
+
+ // If specified, all readiness gates will be evaluated for pod readiness.
+ // A pod is ready when all its containers are ready AND
+ // all conditions specified in the readiness gates have status equal to "True"
+ // More info: https://git.k8s.io/enhancements/keps/sig-network/0007-pod-ready%2B%2B.md
+ // +optional
+ readinessGates?: [...PodReadinessGate] @go(ReadinessGates,[]PodReadinessGate) @protobuf(28,bytes,opt)
+
+ // RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used
+ // to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.
+ // If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an
+ // empty definition that uses the default runtime handler.
+ // More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md
+ // This is a beta feature as of Kubernetes v1.14.
+ // +optional
+ runtimeClassName?: null | string @go(RuntimeClassName,*string) @protobuf(29,bytes,opt)
+
+ // EnableServiceLinks indicates whether information about services should be injected into pod's
+ // environment variables, matching the syntax of Docker links.
+ // Optional: Defaults to true.
+ // +optional
+ enableServiceLinks?: null | bool @go(EnableServiceLinks,*bool) @protobuf(30,varint,opt)
+
+ // PreemptionPolicy is the Policy for preempting pods with lower priority.
+ // One of Never, PreemptLowerPriority.
+ // Defaults to PreemptLowerPriority if unset.
+ // This field is alpha-level and is only honored by servers that enable the NonPreemptingPriority feature.
+ // +optional
+ preemptionPolicy?: null | PreemptionPolicy @go(PreemptionPolicy,*PreemptionPolicy) @protobuf(31,bytes,opt)
+}
+
+// The default value for enableServiceLinks attribute.
+DefaultEnableServiceLinks: true
+
+// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the
+// pod's hosts file.
+HostAlias: {
+ // IP address of the host file entry.
+ ip?: string @go(IP) @protobuf(1,bytes,opt)
+
+ // Hostnames for the above IP address.
+ hostnames?: [...string] @go(Hostnames,[]string) @protobuf(2,bytes,rep)
+}
+
+// PodSecurityContext holds pod-level security attributes and common container settings.
+// Some fields are also present in container.securityContext. Field values of
+// container.securityContext take precedence over field values of PodSecurityContext.
+PodSecurityContext: {
+ // The SELinux context to be applied to all containers.
+ // If unspecified, the container runtime will allocate a random SELinux context for each
+ // container. May also be set in SecurityContext. If set in
+ // both SecurityContext and PodSecurityContext, the value specified in SecurityContext
+ // takes precedence for that container.
+ // +optional
+ seLinuxOptions?: null | SELinuxOptions @go(SELinuxOptions,*SELinuxOptions) @protobuf(1,bytes,opt)
+
+ // Windows security options.
+ // +optional
+ windowsOptions?: null | WindowsSecurityContextOptions @go(WindowsOptions,*WindowsSecurityContextOptions) @protobuf(8,bytes,opt)
+
+ // The UID to run the entrypoint of the container process.
+ // Defaults to user specified in image metadata if unspecified.
+ // May also be set in SecurityContext. If set in both SecurityContext and
+ // PodSecurityContext, the value specified in SecurityContext takes precedence
+ // for that container.
+ // +optional
+ runAsUser?: null | int64 @go(RunAsUser,*int64) @protobuf(2,varint,opt)
+
+ // The GID to run the entrypoint of the container process.
+ // Uses runtime default if unset.
+ // May also be set in SecurityContext. If set in both SecurityContext and
+ // PodSecurityContext, the value specified in SecurityContext takes precedence
+ // for that container.
+ // +optional
+ runAsGroup?: null | int64 @go(RunAsGroup,*int64) @protobuf(6,varint,opt)
+
+ // Indicates that the container must run as a non-root user.
+ // If true, the Kubelet will validate the image at runtime to ensure that it
+ // does not run as UID 0 (root) and fail to start the container if it does.
+ // If unset or false, no such validation will be performed.
+ // May also be set in SecurityContext. If set in both SecurityContext and
+ // PodSecurityContext, the value specified in SecurityContext takes precedence.
+ // +optional
+ runAsNonRoot?: null | bool @go(RunAsNonRoot,*bool) @protobuf(3,varint,opt)
+
+ // A list of groups applied to the first process run in each container, in addition
+ // to the container's primary GID. If unspecified, no groups will be added to
+ // any container.
+ // +optional
+ supplementalGroups?: [...int64] @go(SupplementalGroups,[]int64) @protobuf(4,varint,rep)
+
+ // A special supplemental group that applies to all containers in a pod.
+ // Some volume types allow the Kubelet to change the ownership of that volume
+ // to be owned by the pod:
+ //
+ // 1. The owning GID will be the FSGroup
+ // 2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
+ // 3. The permission bits are OR'd with rw-rw----
+ //
+ // If unset, the Kubelet will not modify the ownership and permissions of any volume.
+ // +optional
+ fsGroup?: null | int64 @go(FSGroup,*int64) @protobuf(5,varint,opt)
+
+ // Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
+ // sysctls (by the container runtime) might fail to launch.
+ // +optional
+ sysctls?: [...Sysctl] @go(Sysctls,[]Sysctl) @protobuf(7,bytes,rep)
+}
+
+// PodQOSClass defines the supported qos classes of Pods.
+PodQOSClass: string // enumPodQOSClass
+
+enumPodQOSClass:
+ PodQOSGuaranteed |
+ PodQOSBurstable |
+ PodQOSBestEffort
+
+// PodQOSGuaranteed is the Guaranteed qos class.
+PodQOSGuaranteed: PodQOSClass & "Guaranteed"
+
+// PodQOSBurstable is the Burstable qos class.
+PodQOSBurstable: PodQOSClass & "Burstable"
+
+// PodQOSBestEffort is the BestEffort qos class.
+PodQOSBestEffort: PodQOSClass & "BestEffort"
+
+// PodDNSConfig defines the DNS parameters of a pod in addition to
+// those generated from DNSPolicy.
+PodDNSConfig: {
+ // A list of DNS name server IP addresses.
+ // This will be appended to the base nameservers generated from DNSPolicy.
+ // Duplicated nameservers will be removed.
+ // +optional
+ nameservers?: [...string] @go(Nameservers,[]string) @protobuf(1,bytes,rep)
+
+ // A list of DNS search domains for host-name lookup.
+ // This will be appended to the base search paths generated from DNSPolicy.
+ // Duplicated search paths will be removed.
+ // +optional
+ searches?: [...string] @go(Searches,[]string) @protobuf(2,bytes,rep)
+
+ // A list of DNS resolver options.
+ // This will be merged with the base options generated from DNSPolicy.
+ // Duplicated entries will be removed. Resolution options given in Options
+ // will override those that appear in the base DNSPolicy.
+ // +optional
+ options?: [...PodDNSConfigOption] @go(Options,[]PodDNSConfigOption) @protobuf(3,bytes,rep)
+}
+
+// PodDNSConfigOption defines DNS resolver options of a pod.
+PodDNSConfigOption: {
+ // Required.
+ name?: string @go(Name) @protobuf(1,bytes,opt)
+
+ // +optional
+ value?: null | string @go(Value,*string) @protobuf(2,bytes,opt)
+}
+
+// PodStatus represents information about the status of a pod. Status may trail the actual
+// state of a system, especially if the node that hosts the pod cannot contact the control
+// plane.
+PodStatus: {
+ // The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle.
+ // The conditions array, the reason and message fields, and the individual container status
+ // arrays contain more detail about the pod's status.
+ // There are five possible phase values:
+ //
+ // Pending: The pod has been accepted by the Kubernetes system, but one or more of the
+ // container images has not been created. This includes time before being scheduled as
+ // well as time spent downloading images over the network, which could take a while.
+ // Running: The pod has been bound to a node, and all of the containers have been created.
+ // At least one container is still running, or is in the process of starting or restarting.
+ // Succeeded: All containers in the pod have terminated in success, and will not be restarted.
+ // Failed: All containers in the pod have terminated, and at least one container has
+ // terminated in failure. The container either exited with non-zero status or was terminated
+ // by the system.
+ // Unknown: For some reason the state of the pod could not be obtained, typically due to an
+ // error in communicating with the host of the pod.
+ //
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase
+ // +optional
+ phase?: PodPhase @go(Phase) @protobuf(1,bytes,opt,casttype=PodPhase)
+
+ // Current service state of pod.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ conditions?: [...PodCondition] @go(Conditions,[]PodCondition) @protobuf(2,bytes,rep)
+
+ // A human readable message indicating details about why the pod is in this condition.
+ // +optional
+ message?: string @go(Message) @protobuf(3,bytes,opt)
+
+ // A brief CamelCase message indicating details about why the pod is in this state.
+ // e.g. 'Evicted'
+ // +optional
+ reason?: string @go(Reason) @protobuf(4,bytes,opt)
+
+ // nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be
+ // scheduled right away as preemption victims receive their graceful termination periods.
+ // This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide
+ // to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to
+ // give the resources on this node to a higher priority pod that is created after preemption.
+ // As a result, this field may be different than PodSpec.nodeName when the pod is
+ // scheduled.
+ // +optional
+ nominatedNodeName?: string @go(NominatedNodeName) @protobuf(11,bytes,opt)
+
+ // IP address of the host to which the pod is assigned. Empty if not yet scheduled.
+ // +optional
+ hostIP?: string @go(HostIP) @protobuf(5,bytes,opt)
+
+ // IP address allocated to the pod. Routable at least within the cluster.
+ // Empty if not yet allocated.
+ // +optional
+ podIP?: string @go(PodIP) @protobuf(6,bytes,opt)
+
+ // RFC 3339 date and time at which the object was acknowledged by the Kubelet.
+ // This is before the Kubelet pulled the container image(s) for the pod.
+ // +optional
+ startTime?: null | metav1.Time @go(StartTime,*metav1.Time) @protobuf(7,bytes,opt)
+
+ // The list has one entry per init container in the manifest. The most recent successful
+ // init container will have ready = true, the most recently started container will have
+ // startTime set.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status
+ initContainerStatuses?: [...ContainerStatus] @go(InitContainerStatuses,[]ContainerStatus) @protobuf(10,bytes,rep)
+
+ // The list has one entry per container in the manifest. Each entry is currently the output
+ // of `docker inspect`.
+ // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status
+ // +optional
+ containerStatuses?: [...ContainerStatus] @go(ContainerStatuses,[]ContainerStatus) @protobuf(8,bytes,rep)
+
+ // The Quality of Service (QOS) classification assigned to the pod based on resource requirements
+ // See PodQOSClass type for available QOS classes
+ // More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md
+ // +optional
+ qosClass?: PodQOSClass @go(QOSClass) @protobuf(9,bytes,rep)
+}
+
+// PodStatusResult is a wrapper for PodStatus returned by kubelet that can be encode/decoded
+PodStatusResult: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Most recently observed status of the pod.
+ // This data may not be up to date.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ status?: PodStatus @go(Status) @protobuf(2,bytes,opt)
+}
+
+// Pod is a collection of containers that can run on a host. This resource is created
+// by clients and scheduled onto hosts.
+Pod: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Specification of the desired behavior of the pod.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ spec?: PodSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Most recently observed status of the pod.
+ // This data may not be up to date.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ status?: PodStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// PodList is a list of Pods.
+PodList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of pods.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md
+ items: [...Pod] @go(Items,[]Pod) @protobuf(2,bytes,rep)
+}
+
+// PodTemplateSpec describes the data a pod should have when created from a template
+PodTemplateSpec: {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Specification of the desired behavior of the pod.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ spec?: PodSpec @go(Spec) @protobuf(2,bytes,opt)
+}
+
+// PodTemplate describes a template for creating copies of a predefined pod.
+PodTemplate: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Template defines the pods that will be created from this pod template.
+ // https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ template?: PodTemplateSpec @go(Template) @protobuf(2,bytes,opt)
+}
+
+// PodTemplateList is a list of PodTemplates.
+PodTemplateList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of pod templates
+ items: [...PodTemplate] @go(Items,[]PodTemplate) @protobuf(2,bytes,rep)
+}
+
+// ReplicationControllerSpec is the specification of a replication controller.
+ReplicationControllerSpec: {
+ // Replicas is the number of desired replicas.
+ // This is a pointer to distinguish between explicit zero and unspecified.
+ // Defaults to 1.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
+ // +optional
+ replicas?: null | int32 @go(Replicas,*int32) @protobuf(1,varint,opt)
+
+ // Minimum number of seconds for which a newly created pod should be ready
+ // without any of its container crashing, for it to be considered available.
+ // Defaults to 0 (pod will be considered available as soon as it is ready)
+ // +optional
+ minReadySeconds?: int32 @go(MinReadySeconds) @protobuf(4,varint,opt)
+
+ // Selector is a label query over pods that should match the Replicas count.
+ // If Selector is empty, it is defaulted to the labels present on the Pod template.
+ // Label keys and values that must match in order to be controlled by this replication
+ // controller, if empty defaulted to labels on Pod template.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ selector?: {<_>: string} @go(Selector,map[string]string) @protobuf(2,bytes,rep)
+
+ // Template is the object that describes the pod that will be created if
+ // insufficient replicas are detected. This takes precedence over a TemplateRef.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+ // +optional
+ template?: null | PodTemplateSpec @go(Template,*PodTemplateSpec) @protobuf(3,bytes,opt)
+}
+
+// ReplicationControllerStatus represents the current status of a replication
+// controller.
+ReplicationControllerStatus: {
+ // Replicas is the most recently oberved number of replicas.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
+ replicas: int32 @go(Replicas) @protobuf(1,varint,opt)
+
+ // The number of pods that have labels matching the labels of the pod template of the replication controller.
+ // +optional
+ fullyLabeledReplicas?: int32 @go(FullyLabeledReplicas) @protobuf(2,varint,opt)
+
+ // The number of ready replicas for this replication controller.
+ // +optional
+ readyReplicas?: int32 @go(ReadyReplicas) @protobuf(4,varint,opt)
+
+ // The number of available replicas (ready for at least minReadySeconds) for this replication controller.
+ // +optional
+ availableReplicas?: int32 @go(AvailableReplicas) @protobuf(5,varint,opt)
+
+ // ObservedGeneration reflects the generation of the most recently observed replication controller.
+ // +optional
+ observedGeneration?: int64 @go(ObservedGeneration) @protobuf(3,varint,opt)
+
+ // Represents the latest available observations of a replication controller's current state.
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ conditions?: [...ReplicationControllerCondition] @go(Conditions,[]ReplicationControllerCondition) @protobuf(6,bytes,rep)
+}
+
+ReplicationControllerConditionType: string // enumReplicationControllerConditionType
+
+enumReplicationControllerConditionType:
+ ReplicationControllerReplicaFailure
+
+// ReplicationControllerReplicaFailure is added in a replication controller when one of its pods
+// fails to be created due to insufficient quota, limit ranges, pod security policy, node selectors,
+// etc. or deleted due to kubelet being down or finalizers are failing.
+ReplicationControllerReplicaFailure: ReplicationControllerConditionType & "ReplicaFailure"
+
+// ReplicationControllerCondition describes the state of a replication controller at a certain point.
+ReplicationControllerCondition: {
+ // Type of replication controller condition.
+ type: ReplicationControllerConditionType @go(Type) @protobuf(1,bytes,opt,casttype=ReplicationControllerConditionType)
+
+ // Status of the condition, one of True, False, Unknown.
+ status: ConditionStatus @go(Status) @protobuf(2,bytes,opt,casttype=ConditionStatus)
+
+ // The last time the condition transitioned from one status to another.
+ // +optional
+ lastTransitionTime?: metav1.Time @go(LastTransitionTime) @protobuf(3,bytes,opt)
+
+ // The reason for the condition's last transition.
+ // +optional
+ reason?: string @go(Reason) @protobuf(4,bytes,opt)
+
+ // A human readable message indicating details about the transition.
+ // +optional
+ message?: string @go(Message) @protobuf(5,bytes,opt)
+}
+
+// ReplicationController represents the configuration of a replication controller.
+ReplicationController: metav1.TypeMeta & {
+ // If the Labels of a ReplicationController are empty, they are defaulted to
+ // be the same as the Pod(s) that the replication controller manages.
+ // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec defines the specification of the desired behavior of the replication controller.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ spec?: ReplicationControllerSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Status is the most recently observed status of the replication controller.
+ // This data may be out of date by some window of time.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ status?: ReplicationControllerStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// ReplicationControllerList is a collection of replication controllers.
+ReplicationControllerList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of replication controllers.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
+ items: [...ReplicationController] @go(Items,[]ReplicationController) @protobuf(2,bytes,rep)
+}
+
+// Session Affinity Type string
+ServiceAffinity: string // enumServiceAffinity
+
+enumServiceAffinity:
+ ServiceAffinityClientIP |
+ ServiceAffinityNone
+
+// ServiceAffinityClientIP is the Client IP based.
+ServiceAffinityClientIP: ServiceAffinity & "ClientIP"
+
+// ServiceAffinityNone - no session affinity.
+ServiceAffinityNone: ServiceAffinity & "None"
+
+DefaultClientIPServiceAffinitySeconds: int32 & 10800
+
+// SessionAffinityConfig represents the configurations of session affinity.
+SessionAffinityConfig: {
+ // clientIP contains the configurations of Client IP based session affinity.
+ // +optional
+ clientIP?: null | ClientIPConfig @go(ClientIP,*ClientIPConfig) @protobuf(1,bytes,opt)
+}
+
+// ClientIPConfig represents the configurations of Client IP based session affinity.
+ClientIPConfig: {
+ // timeoutSeconds specifies the seconds of ClientIP type session sticky time.
+ // The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP".
+ // Default value is 10800(for 3 hours).
+ // +optional
+ timeoutSeconds?: null | int32 @go(TimeoutSeconds,*int32) @protobuf(1,varint,opt)
+}
+
+// Service Type string describes ingress methods for a service
+ServiceType: string // enumServiceType
+
+enumServiceType:
+ ServiceTypeClusterIP |
+ ServiceTypeNodePort |
+ ServiceTypeLoadBalancer |
+ ServiceTypeExternalName
+
+// ServiceTypeClusterIP means a service will only be accessible inside the
+// cluster, via the cluster IP.
+ServiceTypeClusterIP: ServiceType & "ClusterIP"
+
+// ServiceTypeNodePort means a service will be exposed on one port of
+// every node, in addition to 'ClusterIP' type.
+ServiceTypeNodePort: ServiceType & "NodePort"
+
+// ServiceTypeLoadBalancer means a service will be exposed via an
+// external load balancer (if the cloud provider supports it), in addition
+// to 'NodePort' type.
+ServiceTypeLoadBalancer: ServiceType & "LoadBalancer"
+
+// ServiceTypeExternalName means a service consists of only a reference to
+// an external name that kubedns or equivalent will return as a CNAME
+// record, with no exposing or proxying of any pods involved.
+ServiceTypeExternalName: ServiceType & "ExternalName"
+
+// Service External Traffic Policy Type string
+ServiceExternalTrafficPolicyType: string // enumServiceExternalTrafficPolicyType
+
+enumServiceExternalTrafficPolicyType:
+ ServiceExternalTrafficPolicyTypeLocal |
+ ServiceExternalTrafficPolicyTypeCluster
+
+// ServiceExternalTrafficPolicyTypeLocal specifies node-local endpoints behavior.
+ServiceExternalTrafficPolicyTypeLocal: ServiceExternalTrafficPolicyType & "Local"
+
+// ServiceExternalTrafficPolicyTypeCluster specifies node-global (legacy) behavior.
+ServiceExternalTrafficPolicyTypeCluster: ServiceExternalTrafficPolicyType & "Cluster"
+
+// ServiceStatus represents the current status of a service.
+ServiceStatus: {
+ // LoadBalancer contains the current status of the load-balancer,
+ // if one is present.
+ // +optional
+ loadBalancer?: LoadBalancerStatus @go(LoadBalancer) @protobuf(1,bytes,opt)
+}
+
+// LoadBalancerStatus represents the status of a load-balancer.
+LoadBalancerStatus: {
+ // Ingress is a list containing ingress points for the load-balancer.
+ // Traffic intended for the service should be sent to these ingress points.
+ // +optional
+ ingress?: [...LoadBalancerIngress] @go(Ingress,[]LoadBalancerIngress) @protobuf(1,bytes,rep)
+}
+
+// LoadBalancerIngress represents the status of a load-balancer ingress point:
+// traffic intended for the service should be sent to an ingress point.
+LoadBalancerIngress: {
+ // IP is set for load-balancer ingress points that are IP based
+ // (typically GCE or OpenStack load-balancers)
+ // +optional
+ ip?: string @go(IP) @protobuf(1,bytes,opt)
+
+ // Hostname is set for load-balancer ingress points that are DNS based
+ // (typically AWS load-balancers)
+ // +optional
+ hostname?: string @go(Hostname) @protobuf(2,bytes,opt)
+}
+
+// ServiceSpec describes the attributes that a user creates on a service.
+ServiceSpec: {
+ // The list of ports that are exposed by this service.
+ // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
+ // +patchMergeKey=port
+ // +patchStrategy=merge
+ // +listType=map
+ // +listMapKey=port
+ // +listMapKey=protocol
+ ports?: [...ServicePort] @go(Ports,[]ServicePort) @protobuf(1,bytes,rep)
+
+ // Route service traffic to pods with label keys and values matching this
+ // selector. If empty or not present, the service is assumed to have an
+ // external process managing its endpoints, which Kubernetes will not
+ // modify. Only applies to types ClusterIP, NodePort, and LoadBalancer.
+ // Ignored if type is ExternalName.
+ // More info: https://kubernetes.io/docs/concepts/services-networking/service/
+ // +optional
+ selector?: {<_>: string} @go(Selector,map[string]string) @protobuf(2,bytes,rep)
+
+ // clusterIP is the IP address of the service and is usually assigned
+ // randomly by the master. If an address is specified manually and is not in
+ // use by others, it will be allocated to the service; otherwise, creation
+ // of the service will fail. This field can not be changed through updates.
+ // Valid values are "None", empty string (""), or a valid IP address. "None"
+ // can be specified for headless services when proxying is not required.
+ // Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if
+ // type is ExternalName.
+ // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
+ // +optional
+ clusterIP?: string @go(ClusterIP) @protobuf(3,bytes,opt)
+
+ // type determines how the Service is exposed. Defaults to ClusterIP. Valid
+ // options are ExternalName, ClusterIP, NodePort, and LoadBalancer.
+ // "ExternalName" maps to the specified externalName.
+ // "ClusterIP" allocates a cluster-internal IP address for load-balancing to
+ // endpoints. Endpoints are determined by the selector or if that is not
+ // specified, by manual construction of an Endpoints object. If clusterIP is
+ // "None", no virtual IP is allocated and the endpoints are published as a
+ // set of endpoints rather than a stable IP.
+ // "NodePort" builds on ClusterIP and allocates a port on every node which
+ // routes to the clusterIP.
+ // "LoadBalancer" builds on NodePort and creates an
+ // external load-balancer (if supported in the current cloud) which routes
+ // to the clusterIP.
+ // More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
+ // +optional
+ type?: ServiceType @go(Type) @protobuf(4,bytes,opt,casttype=ServiceType)
+
+ // externalIPs is a list of IP addresses for which nodes in the cluster
+ // will also accept traffic for this service. These IPs are not managed by
+ // Kubernetes. The user is responsible for ensuring that traffic arrives
+ // at a node with this IP. A common example is external load-balancers
+ // that are not part of the Kubernetes system.
+ // +optional
+ externalIPs?: [...string] @go(ExternalIPs,[]string) @protobuf(5,bytes,rep)
+
+ // Supports "ClientIP" and "None". Used to maintain session affinity.
+ // Enable client IP based session affinity.
+ // Must be ClientIP or None.
+ // Defaults to None.
+ // More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
+ // +optional
+ sessionAffinity?: ServiceAffinity @go(SessionAffinity) @protobuf(7,bytes,opt,casttype=ServiceAffinity)
+
+ // Only applies to Service Type: LoadBalancer
+ // LoadBalancer will get created with the IP specified in this field.
+ // This feature depends on whether the underlying cloud-provider supports specifying
+ // the loadBalancerIP when a load balancer is created.
+ // This field will be ignored if the cloud-provider does not support the feature.
+ // +optional
+ loadBalancerIP?: string @go(LoadBalancerIP) @protobuf(8,bytes,opt)
+
+ // If specified and supported by the platform, this will restrict traffic through the cloud-provider
+ // load-balancer will be restricted to the specified client IPs. This field will be ignored if the
+ // cloud-provider does not support the feature."
+ // More info: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/
+ // +optional
+ loadBalancerSourceRanges?: [...string] @go(LoadBalancerSourceRanges,[]string) @protobuf(9,bytes,opt)
+
+ // externalName is the external reference that kubedns or equivalent will
+ // return as a CNAME record for this service. No proxying will be involved.
+ // Must be a valid RFC-1123 hostname (https://tools.ietf.org/html/rfc1123)
+ // and requires Type to be ExternalName.
+ // +optional
+ externalName?: string @go(ExternalName) @protobuf(10,bytes,opt)
+
+ // externalTrafficPolicy denotes if this Service desires to route external
+ // traffic to node-local or cluster-wide endpoints. "Local" preserves the
+ // client source IP and avoids a second hop for LoadBalancer and Nodeport
+ // type services, but risks potentially imbalanced traffic spreading.
+ // "Cluster" obscures the client source IP and may cause a second hop to
+ // another node, but should have good overall load-spreading.
+ // +optional
+ externalTrafficPolicy?: ServiceExternalTrafficPolicyType @go(ExternalTrafficPolicy) @protobuf(11,bytes,opt)
+
+ // healthCheckNodePort specifies the healthcheck nodePort for the service.
+ // If not specified, HealthCheckNodePort is created by the service api
+ // backend with the allocated nodePort. Will use user-specified nodePort value
+ // if specified by the client. Only effects when Type is set to LoadBalancer
+ // and ExternalTrafficPolicy is set to Local.
+ // +optional
+ healthCheckNodePort?: int32 @go(HealthCheckNodePort) @protobuf(12,bytes,opt)
+
+ // publishNotReadyAddresses, when set to true, indicates that DNS implementations
+ // must publish the notReadyAddresses of subsets for the Endpoints associated with
+ // the Service. The default value is false.
+ // The primary use case for setting this field is to use a StatefulSet's Headless Service
+ // to propagate SRV records for its Pods without respect to their readiness for purpose
+ // of peer discovery.
+ // +optional
+ publishNotReadyAddresses?: bool @go(PublishNotReadyAddresses) @protobuf(13,varint,opt)
+
+ // sessionAffinityConfig contains the configurations of session affinity.
+ // +optional
+ sessionAffinityConfig?: null | SessionAffinityConfig @go(SessionAffinityConfig,*SessionAffinityConfig) @protobuf(14,bytes,opt)
+}
+
+// ServicePort contains information on service's port.
+ServicePort: {
+ // The name of this port within the service. This must be a DNS_LABEL.
+ // All ports within a ServiceSpec must have unique names. This maps to
+ // the 'Name' field in EndpointPort objects.
+ // Optional if only one ServicePort is defined on this service.
+ // +optional
+ name?: string @go(Name) @protobuf(1,bytes,opt)
+
+ // The IP protocol for this port. Supports "TCP", "UDP", and "SCTP".
+ // Default is TCP.
+ // +optional
+ protocol?: Protocol @go(Protocol) @protobuf(2,bytes,opt,casttype=Protocol)
+
+ // The port that will be exposed by this service.
+ port: int32 @go(Port) @protobuf(3,varint,opt)
+
+ // Number or name of the port to access on the pods targeted by the service.
+ // Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
+ // If this is a string, it will be looked up as a named port in the
+ // target Pod's container ports. If this is not specified, the value
+ // of the 'port' field is used (an identity map).
+ // This field is ignored for services with clusterIP=None, and should be
+ // omitted or set equal to the 'port' field.
+ // More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service
+ // +optional
+ targetPort?: intstr.IntOrString @go(TargetPort) @protobuf(4,bytes,opt)
+
+ // The port on each node on which this service is exposed when type=NodePort or LoadBalancer.
+ // Usually assigned by the system. If specified, it will be allocated to the service
+ // if unused or else creation of the service will fail.
+ // Default is to auto-allocate a port if the ServiceType of this Service requires one.
+ // More info: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+ // +optional
+ nodePort?: int32 @go(NodePort) @protobuf(5,varint,opt)
+}
+
+// Service is a named abstraction of software service (for example, mysql) consisting of local port
+// (for example 3306) that the proxy listens on, and the selector that determines which pods
+// will answer requests sent through the proxy.
+Service: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec defines the behavior of a service.
+ // https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ spec?: ServiceSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Most recently observed status of the service.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ status?: ServiceStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// ClusterIPNone - do not assign a cluster IP
+// no proxying required and no environment variables should be created for pods
+ClusterIPNone: "None"
+
+// ServiceList holds a list of services.
+ServiceList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of services
+ items: [...Service] @go(Items,[]Service) @protobuf(2,bytes,rep)
+}
+
+// ServiceAccount binds together:
+// * a name, understood by users, and perhaps by peripheral systems, for an identity
+// * a principal that can be authenticated and authorized
+// * a set of secrets
+ServiceAccount: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount.
+ // More info: https://kubernetes.io/docs/concepts/configuration/secret
+ // +optional
+ // +patchMergeKey=name
+ // +patchStrategy=merge
+ secrets?: [...ObjectReference] @go(Secrets,[]ObjectReference) @protobuf(2,bytes,rep)
+
+ // ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images
+ // in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets
+ // can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet.
+ // More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
+ // +optional
+ imagePullSecrets?: [...LocalObjectReference] @go(ImagePullSecrets,[]LocalObjectReference) @protobuf(3,bytes,rep)
+
+ // AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted.
+ // Can be overridden at the pod level.
+ // +optional
+ automountServiceAccountToken?: null | bool @go(AutomountServiceAccountToken,*bool) @protobuf(4,varint,opt)
+}
+
+// ServiceAccountList is a list of ServiceAccount objects
+ServiceAccountList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of ServiceAccounts.
+ // More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+ items: [...ServiceAccount] @go(Items,[]ServiceAccount) @protobuf(2,bytes,rep)
+}
+
+// Endpoints is a collection of endpoints that implement the actual service. Example:
+// Name: "mysvc",
+// Subsets: [
+// {
+// Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}],
+// Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}]
+// },
+// {
+// Addresses: [{"ip": "10.10.3.3"}],
+// Ports: [{"name": "a", "port": 93}, {"name": "b", "port": 76}]
+// },
+// ]
+Endpoints: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // The set of all endpoints is the union of all subsets. Addresses are placed into
+ // subsets according to the IPs they share. A single address with multiple ports,
+ // some of which are ready and some of which are not (because they come from
+ // different containers) will result in the address being displayed in different
+ // subsets for the different ports. No address will appear in both Addresses and
+ // NotReadyAddresses in the same subset.
+ // Sets of addresses and ports that comprise a service.
+ // +optional
+ subsets?: [...EndpointSubset] @go(Subsets,[]EndpointSubset) @protobuf(2,bytes,rep)
+}
+
+// EndpointSubset is a group of addresses with a common set of ports. The
+// expanded set of endpoints is the Cartesian product of Addresses x Ports.
+// For example, given:
+// {
+// Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}],
+// Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}]
+// }
+// The resulting set of endpoints can be viewed as:
+// a: [ 10.10.1.1:8675, 10.10.2.2:8675 ],
+// b: [ 10.10.1.1:309, 10.10.2.2:309 ]
+EndpointSubset: {
+ // IP addresses which offer the related ports that are marked as ready. These endpoints
+ // should be considered safe for load balancers and clients to utilize.
+ // +optional
+ addresses?: [...EndpointAddress] @go(Addresses,[]EndpointAddress) @protobuf(1,bytes,rep)
+
+ // IP addresses which offer the related ports but are not currently marked as ready
+ // because they have not yet finished starting, have recently failed a readiness check,
+ // or have recently failed a liveness check.
+ // +optional
+ notReadyAddresses?: [...EndpointAddress] @go(NotReadyAddresses,[]EndpointAddress) @protobuf(2,bytes,rep)
+
+ // Port numbers available on the related IP addresses.
+ // +optional
+ ports?: [...EndpointPort] @go(Ports,[]EndpointPort) @protobuf(3,bytes,rep)
+}
+
+// EndpointAddress is a tuple that describes single IP address.
+EndpointAddress: {
+ // The IP of this endpoint.
+ // May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16),
+ // or link-local multicast ((224.0.0.0/24).
+ // IPv6 is also accepted but not fully supported on all platforms. Also, certain
+ // kubernetes components, like kube-proxy, are not IPv6 ready.
+ // TODO: This should allow hostname or IP, See #4447.
+ ip: string @go(IP) @protobuf(1,bytes,opt)
+
+ // The Hostname of this endpoint
+ // +optional
+ hostname?: string @go(Hostname) @protobuf(3,bytes,opt)
+
+ // Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.
+ // +optional
+ nodeName?: null | string @go(NodeName,*string) @protobuf(4,bytes,opt)
+
+ // Reference to object providing the endpoint.
+ // +optional
+ targetRef?: null | ObjectReference @go(TargetRef,*ObjectReference) @protobuf(2,bytes,opt)
+}
+
+// EndpointPort is a tuple that describes a single port.
+EndpointPort: {
+ // The name of this port (corresponds to ServicePort.Name).
+ // Must be a DNS_LABEL.
+ // Optional only if one port is defined.
+ // +optional
+ name?: string @go(Name) @protobuf(1,bytes,opt)
+
+ // The port number of the endpoint.
+ port: int32 @go(Port) @protobuf(2,varint,opt)
+
+ // The IP protocol for this port.
+ // Must be UDP, TCP, or SCTP.
+ // Default is TCP.
+ // +optional
+ protocol?: Protocol @go(Protocol) @protobuf(3,bytes,opt,casttype=Protocol)
+}
+
+// EndpointsList is a list of endpoints.
+EndpointsList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of endpoints.
+ items: [...Endpoints] @go(Items,[]Endpoints) @protobuf(2,bytes,rep)
+}
+
+// NodeSpec describes the attributes that a node is created with.
+NodeSpec: {
+ // PodCIDR represents the pod IP range assigned to the node.
+ // +optional
+ podCIDR?: string @go(PodCIDR) @protobuf(1,bytes,opt)
+
+ // ID of the node assigned by the cloud provider in the format: <ProviderName>://<ProviderSpecificNodeID>
+ // +optional
+ providerID?: string @go(ProviderID) @protobuf(3,bytes,opt)
+
+ // Unschedulable controls node schedulability of new pods. By default, node is schedulable.
+ // More info: https://kubernetes.io/docs/concepts/nodes/node/#manual-node-administration
+ // +optional
+ unschedulable?: bool @go(Unschedulable) @protobuf(4,varint,opt)
+
+ // If specified, the node's taints.
+ // +optional
+ taints?: [...Taint] @go(Taints,[]Taint) @protobuf(5,bytes,opt)
+
+ // If specified, the source to get node configuration from
+ // The DynamicKubeletConfig feature gate must be enabled for the Kubelet to use this field
+ // +optional
+ configSource?: null | NodeConfigSource @go(ConfigSource,*NodeConfigSource) @protobuf(6,bytes,opt)
+
+ // Deprecated. Not all kubelets will set this field. Remove field after 1.13.
+ // see: https://issues.k8s.io/61966
+ // +optional
+ externalID?: string @go(DoNotUse_ExternalID) @protobuf(2,bytes,opt)
+}
+
+// NodeConfigSource specifies a source of node configuration. Exactly one subfield (excluding metadata) must be non-nil.
+NodeConfigSource: {
+ // ConfigMap is a reference to a Node's ConfigMap
+ configMap?: null | ConfigMapNodeConfigSource @go(ConfigMap,*ConfigMapNodeConfigSource) @protobuf(2,bytes,opt)
+}
+
+// ConfigMapNodeConfigSource contains the information to reference a ConfigMap as a config source for the Node.
+ConfigMapNodeConfigSource: {
+ // Namespace is the metadata.namespace of the referenced ConfigMap.
+ // This field is required in all cases.
+ namespace: string @go(Namespace) @protobuf(1,bytes,opt)
+
+ // Name is the metadata.name of the referenced ConfigMap.
+ // This field is required in all cases.
+ name: string @go(Name) @protobuf(2,bytes,opt)
+
+ // UID is the metadata.UID of the referenced ConfigMap.
+ // This field is forbidden in Node.Spec, and required in Node.Status.
+ // +optional
+ uid?: types.UID @go(UID) @protobuf(3,bytes,opt)
+
+ // ResourceVersion is the metadata.ResourceVersion of the referenced ConfigMap.
+ // This field is forbidden in Node.Spec, and required in Node.Status.
+ // +optional
+ resourceVersion?: string @go(ResourceVersion) @protobuf(4,bytes,opt)
+
+ // KubeletConfigKey declares which key of the referenced ConfigMap corresponds to the KubeletConfiguration structure
+ // This field is required in all cases.
+ kubeletConfigKey: string @go(KubeletConfigKey) @protobuf(5,bytes,opt)
+}
+
+// DaemonEndpoint contains information about a single Daemon endpoint.
+DaemonEndpoint: {
+ // Port number of the given endpoint.
+ Port: int32 @protobuf(1,varint,opt)
+}
+
+// NodeDaemonEndpoints lists ports opened by daemons running on the Node.
+NodeDaemonEndpoints: {
+ // Endpoint on which Kubelet is listening.
+ // +optional
+ kubeletEndpoint?: DaemonEndpoint @go(KubeletEndpoint) @protobuf(1,bytes,opt)
+}
+
+// NodeSystemInfo is a set of ids/uuids to uniquely identify the node.
+NodeSystemInfo: {
+ // MachineID reported by the node. For unique machine identification
+ // in the cluster this field is preferred. Learn more from man(5)
+ // machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html
+ machineID: string @go(MachineID) @protobuf(1,bytes,opt)
+
+ // SystemUUID reported by the node. For unique machine identification
+ // MachineID is preferred. This field is specific to Red Hat hosts
+ // https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/getting-system-uuid.html
+ systemUUID: string @go(SystemUUID) @protobuf(2,bytes,opt)
+
+ // Boot ID reported by the node.
+ bootID: string @go(BootID) @protobuf(3,bytes,opt)
+
+ // Kernel Version reported by the node from 'uname -r' (e.g. 3.16.0-0.bpo.4-amd64).
+ kernelVersion: string @go(KernelVersion) @protobuf(4,bytes,opt)
+
+ // OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux 7 (wheezy)).
+ osImage: string @go(OSImage) @protobuf(5,bytes,opt)
+
+ // ContainerRuntime Version reported by the node through runtime remote API (e.g. docker://1.5.0).
+ containerRuntimeVersion: string @go(ContainerRuntimeVersion) @protobuf(6,bytes,opt)
+
+ // Kubelet Version reported by the node.
+ kubeletVersion: string @go(KubeletVersion) @protobuf(7,bytes,opt)
+
+ // KubeProxy Version reported by the node.
+ kubeProxyVersion: string @go(KubeProxyVersion) @protobuf(8,bytes,opt)
+
+ // The Operating System reported by the node
+ operatingSystem: string @go(OperatingSystem) @protobuf(9,bytes,opt)
+
+ // The Architecture reported by the node
+ architecture: string @go(Architecture) @protobuf(10,bytes,opt)
+}
+
+// NodeConfigStatus describes the status of the config assigned by Node.Spec.ConfigSource.
+NodeConfigStatus: {
+ // Assigned reports the checkpointed config the node will try to use.
+ // When Node.Spec.ConfigSource is updated, the node checkpoints the associated
+ // config payload to local disk, along with a record indicating intended
+ // config. The node refers to this record to choose its config checkpoint, and
+ // reports this record in Assigned. Assigned only updates in the status after
+ // the record has been checkpointed to disk. When the Kubelet is restarted,
+ // it tries to make the Assigned config the Active config by loading and
+ // validating the checkpointed payload identified by Assigned.
+ // +optional
+ assigned?: null | NodeConfigSource @go(Assigned,*NodeConfigSource) @protobuf(1,bytes,opt)
+
+ // Active reports the checkpointed config the node is actively using.
+ // Active will represent either the current version of the Assigned config,
+ // or the current LastKnownGood config, depending on whether attempting to use the
+ // Assigned config results in an error.
+ // +optional
+ active?: null | NodeConfigSource @go(Active,*NodeConfigSource) @protobuf(2,bytes,opt)
+
+ // LastKnownGood reports the checkpointed config the node will fall back to
+ // when it encounters an error attempting to use the Assigned config.
+ // The Assigned config becomes the LastKnownGood config when the node determines
+ // that the Assigned config is stable and correct.
+ // This is currently implemented as a 10-minute soak period starting when the local
+ // record of Assigned config is updated. If the Assigned config is Active at the end
+ // of this period, it becomes the LastKnownGood. Note that if Spec.ConfigSource is
+ // reset to nil (use local defaults), the LastKnownGood is also immediately reset to nil,
+ // because the local default config is always assumed good.
+ // You should not make assumptions about the node's method of determining config stability
+ // and correctness, as this may change or become configurable in the future.
+ // +optional
+ lastKnownGood?: null | NodeConfigSource @go(LastKnownGood,*NodeConfigSource) @protobuf(3,bytes,opt)
+
+ // Error describes any problems reconciling the Spec.ConfigSource to the Active config.
+ // Errors may occur, for example, attempting to checkpoint Spec.ConfigSource to the local Assigned
+ // record, attempting to checkpoint the payload associated with Spec.ConfigSource, attempting
+ // to load or validate the Assigned config, etc.
+ // Errors may occur at different points while syncing config. Earlier errors (e.g. download or
+ // checkpointing errors) will not result in a rollback to LastKnownGood, and may resolve across
+ // Kubelet retries. Later errors (e.g. loading or validating a checkpointed config) will result in
+ // a rollback to LastKnownGood. In the latter case, it is usually possible to resolve the error
+ // by fixing the config assigned in Spec.ConfigSource.
+ // You can find additional information for debugging by searching the error message in the Kubelet log.
+ // Error is a human-readable description of the error state; machines can check whether or not Error
+ // is empty, but should not rely on the stability of the Error text across Kubelet versions.
+ // +optional
+ error?: string @go(Error) @protobuf(4,bytes,opt)
+}
+
+// NodeStatus is information about the current status of a node.
+NodeStatus: {
+ // Capacity represents the total resources of a node.
+ // More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#capacity
+ // +optional
+ capacity?: ResourceList @go(Capacity) @protobuf(1,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // Allocatable represents the resources of a node that are available for scheduling.
+ // Defaults to Capacity.
+ // +optional
+ allocatable?: ResourceList @go(Allocatable) @protobuf(2,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // NodePhase is the recently observed lifecycle phase of the node.
+ // More info: https://kubernetes.io/docs/concepts/nodes/node/#phase
+ // The field is never populated, and now is deprecated.
+ // +optional
+ phase?: NodePhase @go(Phase) @protobuf(3,bytes,opt,casttype=NodePhase)
+
+ // Conditions is an array of current observed node conditions.
+ // More info: https://kubernetes.io/docs/concepts/nodes/node/#condition
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ conditions?: [...NodeCondition] @go(Conditions,[]NodeCondition) @protobuf(4,bytes,rep)
+
+ // List of addresses reachable to the node.
+ // Queried from cloud provider, if available.
+ // More info: https://kubernetes.io/docs/concepts/nodes/node/#addresses
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ addresses?: [...NodeAddress] @go(Addresses,[]NodeAddress) @protobuf(5,bytes,rep)
+
+ // Endpoints of daemons running on the Node.
+ // +optional
+ daemonEndpoints?: NodeDaemonEndpoints @go(DaemonEndpoints) @protobuf(6,bytes,opt)
+
+ // Set of ids/uuids to uniquely identify the node.
+ // More info: https://kubernetes.io/docs/concepts/nodes/node/#info
+ // +optional
+ nodeInfo?: NodeSystemInfo @go(NodeInfo) @protobuf(7,bytes,opt)
+
+ // List of container images on this node
+ // +optional
+ images?: [...ContainerImage] @go(Images,[]ContainerImage) @protobuf(8,bytes,rep)
+
+ // List of attachable volumes in use (mounted) by the node.
+ // +optional
+ volumesInUse?: [...UniqueVolumeName] @go(VolumesInUse,[]UniqueVolumeName) @protobuf(9,bytes,rep)
+
+ // List of volumes that are attached to the node.
+ // +optional
+ volumesAttached?: [...AttachedVolume] @go(VolumesAttached,[]AttachedVolume) @protobuf(10,bytes,rep)
+
+ // Status of the config assigned to the node via the dynamic Kubelet config feature.
+ // +optional
+ config?: null | NodeConfigStatus @go(Config,*NodeConfigStatus) @protobuf(11,bytes,opt)
+}
+
+UniqueVolumeName: string
+
+// AttachedVolume describes a volume attached to a node
+AttachedVolume: {
+ // Name of the attached volume
+ name: UniqueVolumeName @go(Name) @protobuf(1,bytes,rep)
+
+ // DevicePath represents the device path where the volume should be available
+ devicePath: string @go(DevicePath) @protobuf(2,bytes,rep)
+}
+
+// AvoidPods describes pods that should avoid this node. This is the value for a
+// Node annotation with key scheduler.alpha.kubernetes.io/preferAvoidPods and
+// will eventually become a field of NodeStatus.
+AvoidPods: {
+ // Bounded-sized list of signatures of pods that should avoid this node, sorted
+ // in timestamp order from oldest to newest. Size of the slice is unspecified.
+ // +optional
+ preferAvoidPods?: [...PreferAvoidPodsEntry] @go(PreferAvoidPods,[]PreferAvoidPodsEntry) @protobuf(1,bytes,rep)
+}
+
+// Describes a class of pods that should avoid this node.
+PreferAvoidPodsEntry: {
+ // The class of pods.
+ podSignature: PodSignature @go(PodSignature) @protobuf(1,bytes,opt)
+
+ // Time at which this entry was added to the list.
+ // +optional
+ evictionTime?: metav1.Time @go(EvictionTime) @protobuf(2,bytes,opt)
+
+ // (brief) reason why this entry was added to the list.
+ // +optional
+ reason?: string @go(Reason) @protobuf(3,bytes,opt)
+
+ // Human readable message indicating why this entry was added to the list.
+ // +optional
+ message?: string @go(Message) @protobuf(4,bytes,opt)
+}
+
+// Describes the class of pods that should avoid this node.
+// Exactly one field should be set.
+PodSignature: {
+ // Reference to controller whose pods should avoid this node.
+ // +optional
+ podController?: null | metav1.OwnerReference @go(PodController,*metav1.OwnerReference) @protobuf(1,bytes,opt)
+}
+
+// Describe a container image
+ContainerImage: {
+ // Names by which this image is known.
+ // e.g. ["k8s.gcr.io/hyperkube:v1.0.7", "dockerhub.io/google_containers/hyperkube:v1.0.7"]
+ names: [...string] @go(Names,[]string) @protobuf(1,bytes,rep)
+
+ // The size of the image in bytes.
+ // +optional
+ sizeBytes?: int64 @go(SizeBytes) @protobuf(2,varint,opt)
+}
+
+NodePhase: string // enumNodePhase
+
+enumNodePhase:
+ NodePending |
+ NodeRunning |
+ NodeTerminated
+
+// NodePending means the node has been created/added by the system, but not configured.
+NodePending: NodePhase & "Pending"
+
+// NodeRunning means the node has been configured and has Kubernetes components running.
+NodeRunning: NodePhase & "Running"
+
+// NodeTerminated means the node has been removed from the cluster.
+NodeTerminated: NodePhase & "Terminated"
+
+NodeConditionType: string // enumNodeConditionType
+
+enumNodeConditionType:
+ NodeReady |
+ NodeOutOfDisk |
+ NodeMemoryPressure |
+ NodeDiskPressure |
+ NodePIDPressure |
+ NodeNetworkUnavailable
+
+// NodeReady means kubelet is healthy and ready to accept pods.
+NodeReady: NodeConditionType & "Ready"
+
+// NodeOutOfDisk means the kubelet will not accept new pods due to insufficient free disk
+// space on the node.
+NodeOutOfDisk: NodeConditionType & "OutOfDisk"
+
+// NodeMemoryPressure means the kubelet is under pressure due to insufficient available memory.
+NodeMemoryPressure: NodeConditionType & "MemoryPressure"
+
+// NodeDiskPressure means the kubelet is under pressure due to insufficient available disk.
+NodeDiskPressure: NodeConditionType & "DiskPressure"
+
+// NodePIDPressure means the kubelet is under pressure due to insufficient available PID.
+NodePIDPressure: NodeConditionType & "PIDPressure"
+
+// NodeNetworkUnavailable means that network for the node is not correctly configured.
+NodeNetworkUnavailable: NodeConditionType & "NetworkUnavailable"
+
+// NodeCondition contains condition information for a node.
+NodeCondition: {
+ // Type of node condition.
+ type: NodeConditionType @go(Type) @protobuf(1,bytes,opt,casttype=NodeConditionType)
+
+ // Status of the condition, one of True, False, Unknown.
+ status: ConditionStatus @go(Status) @protobuf(2,bytes,opt,casttype=ConditionStatus)
+
+ // Last time we got an update on a given condition.
+ // +optional
+ lastHeartbeatTime?: metav1.Time @go(LastHeartbeatTime) @protobuf(3,bytes,opt)
+
+ // Last time the condition transit from one status to another.
+ // +optional
+ lastTransitionTime?: metav1.Time @go(LastTransitionTime) @protobuf(4,bytes,opt)
+
+ // (brief) reason for the condition's last transition.
+ // +optional
+ reason?: string @go(Reason) @protobuf(5,bytes,opt)
+
+ // Human readable message indicating details about last transition.
+ // +optional
+ message?: string @go(Message) @protobuf(6,bytes,opt)
+}
+
+NodeAddressType: string // enumNodeAddressType
+
+enumNodeAddressType:
+ NodeHostName |
+ NodeExternalIP |
+ NodeInternalIP |
+ NodeExternalDNS |
+ NodeInternalDNS
+
+NodeHostName: NodeAddressType & "Hostname"
+NodeExternalIP: NodeAddressType & "ExternalIP"
+NodeInternalIP: NodeAddressType & "InternalIP"
+NodeExternalDNS: NodeAddressType & "ExternalDNS"
+NodeInternalDNS: NodeAddressType & "InternalDNS"
+
+// NodeAddress contains information for the node's address.
+NodeAddress: {
+ // Node address type, one of Hostname, ExternalIP or InternalIP.
+ type: NodeAddressType @go(Type) @protobuf(1,bytes,opt,casttype=NodeAddressType)
+
+ // The node address.
+ address: string @go(Address) @protobuf(2,bytes,opt)
+}
+
+// ResourceName is the name identifying various resources in a ResourceList.
+ResourceName: string // enumResourceName
+
+enumResourceName:
+ ResourceCPU |
+ ResourceMemory |
+ ResourceStorage |
+ ResourceEphemeralStorage |
+ ResourcePods |
+ ResourceServices |
+ ResourceReplicationControllers |
+ ResourceQuotas |
+ ResourceSecrets |
+ ResourceConfigMaps |
+ ResourcePersistentVolumeClaims |
+ ResourceServicesNodePorts |
+ ResourceServicesLoadBalancers |
+ ResourceRequestsCPU |
+ ResourceRequestsMemory |
+ ResourceRequestsStorage |
+ ResourceRequestsEphemeralStorage |
+ ResourceLimitsCPU |
+ ResourceLimitsMemory |
+ ResourceLimitsEphemeralStorage
+
+// CPU, in cores. (500m = .5 cores)
+ResourceCPU: ResourceName & "cpu"
+
+// Memory, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
+ResourceMemory: ResourceName & "memory"
+
+// Volume size, in bytes (e,g. 5Gi = 5GiB = 5 * 1024 * 1024 * 1024)
+ResourceStorage: ResourceName & "storage"
+
+// Local ephemeral storage, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
+// The resource name for ResourceEphemeralStorage is alpha and it can change across releases.
+ResourceEphemeralStorage: ResourceName & "ephemeral-storage"
+
+// Default namespace prefix.
+ResourceDefaultNamespacePrefix: "kubernetes.io/"
+
+// Name prefix for huge page resources (alpha).
+ResourceHugePagesPrefix: "hugepages-"
+
+// Name prefix for storage resource limits
+ResourceAttachableVolumesPrefix: "attachable-volumes-"
+
+// ResourceList is a set of (resource name, quantity) pairs.
+ResourceList: {<_>: resource.Quantity}
+
+// Node is a worker node in Kubernetes.
+// Each node will have a unique identifier in the cache (i.e. in etcd).
+Node: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec defines the behavior of a node.
+ // https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ spec?: NodeSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Most recently observed status of the node.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ status?: NodeStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// NodeList is the whole list of all Nodes which have been registered with master.
+NodeList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of nodes
+ items: [...Node] @go(Items,[]Node) @protobuf(2,bytes,rep)
+}
+
+// FinalizerName is the name identifying a finalizer during namespace lifecycle.
+FinalizerName: string // enumFinalizerName
+
+enumFinalizerName:
+ FinalizerKubernetes
+
+FinalizerKubernetes: FinalizerName & "kubernetes"
+
+// NamespaceSpec describes the attributes on a Namespace.
+NamespaceSpec: {
+ // Finalizers is an opaque list of values that must be empty to permanently remove object from storage.
+ // More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/
+ // +optional
+ finalizers?: [...FinalizerName] @go(Finalizers,[]FinalizerName) @protobuf(1,bytes,rep,casttype=FinalizerName)
+}
+
+// NamespaceStatus is information about the current status of a Namespace.
+NamespaceStatus: {
+ // Phase is the current lifecycle phase of the namespace.
+ // More info: https://kubernetes.io/docs/tasks/administer-cluster/namespaces/
+ // +optional
+ phase?: NamespacePhase @go(Phase) @protobuf(1,bytes,opt,casttype=NamespacePhase)
+}
+
+NamespacePhase: string // enumNamespacePhase
+
+enumNamespacePhase:
+ NamespaceActive |
+ NamespaceTerminating
+
+// NamespaceActive means the namespace is available for use in the system
+NamespaceActive: NamespacePhase & "Active"
+
+// NamespaceTerminating means the namespace is undergoing graceful termination
+NamespaceTerminating: NamespacePhase & "Terminating"
+
+// Namespace provides a scope for Names.
+// Use of multiple namespaces is optional.
+Namespace: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec defines the behavior of the Namespace.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ spec?: NamespaceSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Status describes the current status of a Namespace.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ status?: NamespaceStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// NamespaceList is a list of Namespaces.
+NamespaceList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Items is the list of Namespace objects in the list.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ items: [...Namespace] @go(Items,[]Namespace) @protobuf(2,bytes,rep)
+}
+
+// Binding ties one object to another; for example, a pod is bound to a node by a scheduler.
+// Deprecated in 1.7, please use the bindings subresource of pods instead.
+Binding: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // The target object that you want to bind to the standard object.
+ target: ObjectReference @go(Target) @protobuf(2,bytes,opt)
+}
+
+// Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.
+// +k8s:openapi-gen=false
+Preconditions: {
+ // Specifies the target UID.
+ // +optional
+ uid?: null | types.UID @go(UID,*types.UID) @protobuf(1,bytes,opt,casttype=k8s.io/apimachinery/pkg/types.UID)
+}
+
+// PodLogOptions is the query options for a Pod's logs REST call.
+PodLogOptions: metav1.TypeMeta & {
+ // The container for which to stream logs. Defaults to only container if there is one container in the pod.
+ // +optional
+ container?: string @go(Container) @protobuf(1,bytes,opt)
+
+ // Follow the log stream of the pod. Defaults to false.
+ // +optional
+ follow?: bool @go(Follow) @protobuf(2,varint,opt)
+
+ // Return previous terminated container logs. Defaults to false.
+ // +optional
+ previous?: bool @go(Previous) @protobuf(3,varint,opt)
+
+ // A relative time in seconds before the current time from which to show logs. If this value
+ // precedes the time a pod was started, only logs since the pod start will be returned.
+ // If this value is in the future, no logs will be returned.
+ // Only one of sinceSeconds or sinceTime may be specified.
+ // +optional
+ sinceSeconds?: null | int64 @go(SinceSeconds,*int64) @protobuf(4,varint,opt)
+
+ // An RFC3339 timestamp from which to show logs. If this value
+ // precedes the time a pod was started, only logs since the pod start will be returned.
+ // If this value is in the future, no logs will be returned.
+ // Only one of sinceSeconds or sinceTime may be specified.
+ // +optional
+ sinceTime?: null | metav1.Time @go(SinceTime,*metav1.Time) @protobuf(5,bytes,opt)
+
+ // If true, add an RFC3339 or RFC3339Nano timestamp at the beginning of every line
+ // of log output. Defaults to false.
+ // +optional
+ timestamps?: bool @go(Timestamps) @protobuf(6,varint,opt)
+
+ // If set, the number of lines from the end of the logs to show. If not specified,
+ // logs are shown from the creation of the container or sinceSeconds or sinceTime
+ // +optional
+ tailLines?: null | int64 @go(TailLines,*int64) @protobuf(7,varint,opt)
+
+ // If set, the number of bytes to read from the server before terminating the
+ // log output. This may not display a complete final line of logging, and may return
+ // slightly more or slightly less than the specified limit.
+ // +optional
+ limitBytes?: null | int64 @go(LimitBytes,*int64) @protobuf(8,varint,opt)
+}
+
+// PodAttachOptions is the query options to a Pod's remote attach call.
+// ---
+// TODO: merge w/ PodExecOptions below for stdin, stdout, etc
+// and also when we cut V2, we should export a "StreamOptions" or somesuch that contains Stdin, Stdout, Stder and TTY
+PodAttachOptions: metav1.TypeMeta & {
+ // Stdin if true, redirects the standard input stream of the pod for this call.
+ // Defaults to false.
+ // +optional
+ stdin?: bool @go(Stdin) @protobuf(1,varint,opt)
+
+ // Stdout if true indicates that stdout is to be redirected for the attach call.
+ // Defaults to true.
+ // +optional
+ stdout?: bool @go(Stdout) @protobuf(2,varint,opt)
+
+ // Stderr if true indicates that stderr is to be redirected for the attach call.
+ // Defaults to true.
+ // +optional
+ stderr?: bool @go(Stderr) @protobuf(3,varint,opt)
+
+ // TTY if true indicates that a tty will be allocated for the attach call.
+ // This is passed through the container runtime so the tty
+ // is allocated on the worker node by the container runtime.
+ // Defaults to false.
+ // +optional
+ tty?: bool @go(TTY) @protobuf(4,varint,opt)
+
+ // The container in which to execute the command.
+ // Defaults to only container if there is only one container in the pod.
+ // +optional
+ container?: string @go(Container) @protobuf(5,bytes,opt)
+}
+
+// PodExecOptions is the query options to a Pod's remote exec call.
+// ---
+// TODO: This is largely identical to PodAttachOptions above, make sure they stay in sync and see about merging
+// and also when we cut V2, we should export a "StreamOptions" or somesuch that contains Stdin, Stdout, Stder and TTY
+PodExecOptions: metav1.TypeMeta & {
+ // Redirect the standard input stream of the pod for this call.
+ // Defaults to false.
+ // +optional
+ stdin?: bool @go(Stdin) @protobuf(1,varint,opt)
+
+ // Redirect the standard output stream of the pod for this call.
+ // Defaults to true.
+ // +optional
+ stdout?: bool @go(Stdout) @protobuf(2,varint,opt)
+
+ // Redirect the standard error stream of the pod for this call.
+ // Defaults to true.
+ // +optional
+ stderr?: bool @go(Stderr) @protobuf(3,varint,opt)
+
+ // TTY if true indicates that a tty will be allocated for the exec call.
+ // Defaults to false.
+ // +optional
+ tty?: bool @go(TTY) @protobuf(4,varint,opt)
+
+ // Container in which to execute the command.
+ // Defaults to only container if there is only one container in the pod.
+ // +optional
+ container?: string @go(Container) @protobuf(5,bytes,opt)
+
+ // Command is the remote command to execute. argv array. Not executed within a shell.
+ command: [...string] @go(Command,[]string) @protobuf(6,bytes,rep)
+}
+
+// PodPortForwardOptions is the query options to a Pod's port forward call
+// when using WebSockets.
+// The `port` query parameter must specify the port or
+// ports (comma separated) to forward over.
+// Port forwarding over SPDY does not use these options. It requires the port
+// to be passed in the `port` header as part of request.
+PodPortForwardOptions: metav1.TypeMeta & {
+ // List of ports to forward
+ // Required when using WebSockets
+ // +optional
+ ports?: [...int32] @go(Ports,[]int32) @protobuf(1,varint,rep)
+}
+
+// PodProxyOptions is the query options to a Pod's proxy call.
+PodProxyOptions: metav1.TypeMeta & {
+ // Path is the URL path to use for the current proxy request to pod.
+ // +optional
+ path?: string @go(Path) @protobuf(1,bytes,opt)
+}
+
+// NodeProxyOptions is the query options to a Node's proxy call.
+NodeProxyOptions: metav1.TypeMeta & {
+ // Path is the URL path to use for the current proxy request to node.
+ // +optional
+ path?: string @go(Path) @protobuf(1,bytes,opt)
+}
+
+// ServiceProxyOptions is the query options to a Service's proxy call.
+ServiceProxyOptions: metav1.TypeMeta & {
+ // Path is the part of URLs that include service endpoints, suffixes,
+ // and parameters to use for the current proxy request to service.
+ // For example, the whole request URL is
+ // http://localhost/api/v1/namespaces/kube-system/services/elasticsearch-logging/_search?q=user:kimchy.
+ // Path is _search?q=user:kimchy.
+ // +optional
+ path?: string @go(Path) @protobuf(1,bytes,opt)
+}
+
+// ObjectReference contains enough information to let you inspect or modify the referred object.
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+ObjectReference: {
+ // Kind of the referent.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ kind?: string @go(Kind) @protobuf(1,bytes,opt)
+
+ // Namespace of the referent.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ // +optional
+ namespace?: string @go(Namespace) @protobuf(2,bytes,opt)
+
+ // Name of the referent.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ // +optional
+ name?: string @go(Name) @protobuf(3,bytes,opt)
+
+ // UID of the referent.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+ // +optional
+ uid?: types.UID @go(UID) @protobuf(4,bytes,opt,casttype=k8s.io/apimachinery/pkg/types.UID)
+
+ // API version of the referent.
+ // +optional
+ apiVersion?: string @go(APIVersion) @protobuf(5,bytes,opt)
+
+ // Specific resourceVersion to which this reference is made, if any.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+ // +optional
+ resourceVersion?: string @go(ResourceVersion) @protobuf(6,bytes,opt)
+
+ // If referring to a piece of an object instead of an entire object, this string
+ // should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+ // For example, if the object reference is to a container within a pod, this would take on a value like:
+ // "spec.containers{name}" (where "name" refers to the name of the container that triggered
+ // the event) or if no container name is specified "spec.containers[2]" (container with
+ // index 2 in this pod). This syntax is chosen only to have some well-defined way of
+ // referencing a part of an object.
+ // TODO: this design is not final and this field is subject to change in the future.
+ // +optional
+ fieldPath?: string @go(FieldPath) @protobuf(7,bytes,opt)
+}
+
+// LocalObjectReference contains enough information to let you locate the
+// referenced object inside the same namespace.
+LocalObjectReference: {
+ // Name of the referent.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ // TODO: Add other useful fields. apiVersion, kind, uid?
+ // +optional
+ name?: string @go(Name) @protobuf(1,bytes,opt)
+}
+
+// TypedLocalObjectReference contains enough information to let you locate the
+// typed referenced object inside the same namespace.
+TypedLocalObjectReference: {
+ // APIGroup is the group for the resource being referenced.
+ // If APIGroup is not specified, the specified Kind must be in the core API group.
+ // For any other third-party types, APIGroup is required.
+ // +optional
+ apiGroup: null | string @go(APIGroup,*string) @protobuf(1,bytes,opt)
+
+ // Kind is the type of resource being referenced
+ kind: string @go(Kind) @protobuf(2,bytes,opt)
+
+ // Name is the name of resource being referenced
+ name: string @go(Name) @protobuf(3,bytes,opt)
+}
+
+// SerializedReference is a reference to serialized object.
+SerializedReference: metav1.TypeMeta & {
+ // The reference to an object in the system.
+ // +optional
+ reference?: ObjectReference @go(Reference) @protobuf(1,bytes,opt)
+}
+
+// EventSource contains information for an event.
+EventSource: {
+ // Component from which the event is generated.
+ // +optional
+ component?: string @go(Component) @protobuf(1,bytes,opt)
+
+ // Node name on which the event is generated.
+ // +optional
+ host?: string @go(Host) @protobuf(2,bytes,opt)
+}
+
+// Information only and will not cause any problems
+EventTypeNormal: "Normal"
+
+// These events are to warn that something might go wrong
+EventTypeWarning: "Warning"
+
+// Event is a report of an event somewhere in the cluster.
+Event: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ metadata: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // The object that this event is about.
+ involvedObject: ObjectReference @go(InvolvedObject) @protobuf(2,bytes,opt)
+
+ // This should be a short, machine understandable string that gives the reason
+ // for the transition into the object's current status.
+ // TODO: provide exact specification for format.
+ // +optional
+ reason?: string @go(Reason) @protobuf(3,bytes,opt)
+
+ // A human-readable description of the status of this operation.
+ // TODO: decide on maximum length.
+ // +optional
+ message?: string @go(Message) @protobuf(4,bytes,opt)
+
+ // The component reporting this event. Should be a short machine understandable string.
+ // +optional
+ source?: EventSource @go(Source) @protobuf(5,bytes,opt)
+
+ // The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)
+ // +optional
+ firstTimestamp?: metav1.Time @go(FirstTimestamp) @protobuf(6,bytes,opt)
+
+ // The time at which the most recent occurrence of this event was recorded.
+ // +optional
+ lastTimestamp?: metav1.Time @go(LastTimestamp) @protobuf(7,bytes,opt)
+
+ // The number of times this event has occurred.
+ // +optional
+ count?: int32 @go(Count) @protobuf(8,varint,opt)
+
+ // Type of this event (Normal, Warning), new types could be added in the future
+ // +optional
+ type?: string @go(Type) @protobuf(9,bytes,opt)
+
+ // Time when this Event was first observed.
+ // +optional
+ eventTime?: metav1.MicroTime @go(EventTime) @protobuf(10,bytes,opt)
+
+ // Data about the Event series this event represents or nil if it's a singleton Event.
+ // +optional
+ series?: null | EventSeries @go(Series,*EventSeries) @protobuf(11,bytes,opt)
+
+ // What action was taken/failed regarding to the Regarding object.
+ // +optional
+ action?: string @go(Action) @protobuf(12,bytes,opt)
+
+ // Optional secondary object for more complex actions.
+ // +optional
+ related?: null | ObjectReference @go(Related,*ObjectReference) @protobuf(13,bytes,opt)
+
+ // Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`.
+ // +optional
+ reportingComponent: string @go(ReportingController) @protobuf(14,bytes,opt)
+
+ // ID of the controller instance, e.g. `kubelet-xyzf`.
+ // +optional
+ reportingInstance: string @go(ReportingInstance) @protobuf(15,bytes,opt)
+}
+
+// EventSeries contain information on series of events, i.e. thing that was/is happening
+// continuously for some time.
+EventSeries: {
+ // Number of occurrences in this series up to the last heartbeat time
+ count?: int32 @go(Count) @protobuf(1,varint)
+
+ // Time of the last occurrence observed
+ lastObservedTime?: metav1.MicroTime @go(LastObservedTime) @protobuf(2,bytes)
+
+ // State of this Series: Ongoing or Finished
+ // Deprecated. Planned removal for 1.18
+ state?: EventSeriesState @go(State) @protobuf(3,bytes)
+}
+
+EventSeriesState: string // enumEventSeriesState
+
+enumEventSeriesState:
+ EventSeriesStateOngoing |
+ EventSeriesStateFinished |
+ EventSeriesStateUnknown
+
+EventSeriesStateOngoing: EventSeriesState & "Ongoing"
+EventSeriesStateFinished: EventSeriesState & "Finished"
+EventSeriesStateUnknown: EventSeriesState & "Unknown"
+
+// EventList is a list of events.
+EventList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of events
+ items: [...Event] @go(Items,[]Event) @protobuf(2,bytes,rep)
+}
+
+// List holds a list of objects, which may not be known by the server.
+List: metav1.List
+
+// LimitType is a type of object that is limited
+LimitType: string // enumLimitType
+
+enumLimitType:
+ LimitTypePod |
+ LimitTypeContainer |
+ LimitTypePersistentVolumeClaim
+
+// Limit that applies to all pods in a namespace
+LimitTypePod: LimitType & "Pod"
+
+// Limit that applies to all containers in a namespace
+LimitTypeContainer: LimitType & "Container"
+
+// Limit that applies to all persistent volume claims in a namespace
+LimitTypePersistentVolumeClaim: LimitType & "PersistentVolumeClaim"
+
+// LimitRangeItem defines a min/max usage limit for any resource that matches on kind.
+LimitRangeItem: {
+ // Type of resource that this limit applies to.
+ // +optional
+ type?: LimitType @go(Type) @protobuf(1,bytes,opt,casttype=LimitType)
+
+ // Max usage constraints on this kind by resource name.
+ // +optional
+ max?: ResourceList @go(Max) @protobuf(2,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // Min usage constraints on this kind by resource name.
+ // +optional
+ min?: ResourceList @go(Min) @protobuf(3,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // Default resource requirement limit value by resource name if resource limit is omitted.
+ // +optional
+ default?: ResourceList @go(Default) @protobuf(4,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // DefaultRequest is the default resource requirement request value by resource name if resource request is omitted.
+ // +optional
+ defaultRequest?: ResourceList @go(DefaultRequest) @protobuf(5,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // MaxLimitRequestRatio if specified, the named resource must have a request and limit that are both non-zero where limit divided by request is less than or equal to the enumerated value; this represents the max burst for the named resource.
+ // +optional
+ maxLimitRequestRatio?: ResourceList @go(MaxLimitRequestRatio) @protobuf(6,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+}
+
+// LimitRangeSpec defines a min/max usage limit for resources that match on kind.
+LimitRangeSpec: {
+ // Limits is the list of LimitRangeItem objects that are enforced.
+ limits: [...LimitRangeItem] @go(Limits,[]LimitRangeItem) @protobuf(1,bytes,rep)
+}
+
+// LimitRange sets resource usage limits for each kind of resource in a Namespace.
+LimitRange: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec defines the limits enforced.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ spec?: LimitRangeSpec @go(Spec) @protobuf(2,bytes,opt)
+}
+
+// LimitRangeList is a list of LimitRange items.
+LimitRangeList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Items is a list of LimitRange objects.
+ // More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+ items: [...LimitRange] @go(Items,[]LimitRange) @protobuf(2,bytes,rep)
+}
+
+// Pods, number
+ResourcePods: ResourceName & "pods"
+
+// Services, number
+ResourceServices: ResourceName & "services"
+
+// ReplicationControllers, number
+ResourceReplicationControllers: ResourceName & "replicationcontrollers"
+
+// ResourceQuotas, number
+ResourceQuotas: ResourceName & "resourcequotas"
+
+// ResourceSecrets, number
+ResourceSecrets: ResourceName & "secrets"
+
+// ResourceConfigMaps, number
+ResourceConfigMaps: ResourceName & "configmaps"
+
+// ResourcePersistentVolumeClaims, number
+ResourcePersistentVolumeClaims: ResourceName & "persistentvolumeclaims"
+
+// ResourceServicesNodePorts, number
+ResourceServicesNodePorts: ResourceName & "services.nodeports"
+
+// ResourceServicesLoadBalancers, number
+ResourceServicesLoadBalancers: ResourceName & "services.loadbalancers"
+
+// CPU request, in cores. (500m = .5 cores)
+ResourceRequestsCPU: ResourceName & "requests.cpu"
+
+// Memory request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
+ResourceRequestsMemory: ResourceName & "requests.memory"
+
+// Storage request, in bytes
+ResourceRequestsStorage: ResourceName & "requests.storage"
+
+// Local ephemeral storage request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
+ResourceRequestsEphemeralStorage: ResourceName & "requests.ephemeral-storage"
+
+// CPU limit, in cores. (500m = .5 cores)
+ResourceLimitsCPU: ResourceName & "limits.cpu"
+
+// Memory limit, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
+ResourceLimitsMemory: ResourceName & "limits.memory"
+
+// Local ephemeral storage limit, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
+ResourceLimitsEphemeralStorage: ResourceName & "limits.ephemeral-storage"
+
+// HugePages request, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)
+// As burst is not supported for HugePages, we would only quota its request, and ignore the limit.
+ResourceRequestsHugePagesPrefix: "requests.hugepages-"
+
+// Default resource requests prefix
+DefaultResourceRequestsPrefix: "requests."
+
+// A ResourceQuotaScope defines a filter that must match each object tracked by a quota
+ResourceQuotaScope: string // enumResourceQuotaScope
+
+enumResourceQuotaScope:
+ ResourceQuotaScopeTerminating |
+ ResourceQuotaScopeNotTerminating |
+ ResourceQuotaScopeBestEffort |
+ ResourceQuotaScopeNotBestEffort |
+ ResourceQuotaScopePriorityClass
+
+// Match all pod objects where spec.activeDeadlineSeconds
+ResourceQuotaScopeTerminating: ResourceQuotaScope & "Terminating"
+
+// Match all pod objects where !spec.activeDeadlineSeconds
+ResourceQuotaScopeNotTerminating: ResourceQuotaScope & "NotTerminating"
+
+// Match all pod objects that have best effort quality of service
+ResourceQuotaScopeBestEffort: ResourceQuotaScope & "BestEffort"
+
+// Match all pod objects that do not have best effort quality of service
+ResourceQuotaScopeNotBestEffort: ResourceQuotaScope & "NotBestEffort"
+
+// Match all pod objects that have priority class mentioned
+ResourceQuotaScopePriorityClass: ResourceQuotaScope & "PriorityClass"
+
+// ResourceQuotaSpec defines the desired hard limits to enforce for Quota.
+ResourceQuotaSpec: {
+ // hard is the set of desired hard limits for each named resource.
+ // More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/
+ // +optional
+ hard?: ResourceList @go(Hard) @protobuf(1,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // A collection of filters that must match each object tracked by a quota.
+ // If not specified, the quota matches all objects.
+ // +optional
+ scopes?: [...ResourceQuotaScope] @go(Scopes,[]ResourceQuotaScope) @protobuf(2,bytes,rep,casttype=ResourceQuotaScope)
+
+ // scopeSelector is also a collection of filters like scopes that must match each object tracked by a quota
+ // but expressed using ScopeSelectorOperator in combination with possible values.
+ // For a resource to match, both scopes AND scopeSelector (if specified in spec), must be matched.
+ // +optional
+ scopeSelector?: null | ScopeSelector @go(ScopeSelector,*ScopeSelector) @protobuf(3,bytes,opt)
+}
+
+// A scope selector represents the AND of the selectors represented
+// by the scoped-resource selector requirements.
+ScopeSelector: {
+ // A list of scope selector requirements by scope of the resources.
+ // +optional
+ matchExpressions?: [...ScopedResourceSelectorRequirement] @go(MatchExpressions,[]ScopedResourceSelectorRequirement) @protobuf(1,bytes,rep)
+}
+
+// A scoped-resource selector requirement is a selector that contains values, a scope name, and an operator
+// that relates the scope name and values.
+ScopedResourceSelectorRequirement: {
+ // The name of the scope that the selector applies to.
+ scopeName: ResourceQuotaScope @go(ScopeName) @protobuf(1,bytes,opt)
+
+ // Represents a scope's relationship to a set of values.
+ // Valid operators are In, NotIn, Exists, DoesNotExist.
+ operator: ScopeSelectorOperator @go(Operator) @protobuf(2,bytes,opt,casttype=ScopedResourceSelectorOperator)
+
+ // An array of string values. If the operator is In or NotIn,
+ // the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ // the values array must be empty.
+ // This array is replaced during a strategic merge patch.
+ // +optional
+ values?: [...string] @go(Values,[]string) @protobuf(3,bytes,rep)
+}
+
+// A scope selector operator is the set of operators that can be used in
+// a scope selector requirement.
+ScopeSelectorOperator: string // enumScopeSelectorOperator
+
+enumScopeSelectorOperator:
+ ScopeSelectorOpIn |
+ ScopeSelectorOpNotIn |
+ ScopeSelectorOpExists |
+ ScopeSelectorOpDoesNotExist
+
+ScopeSelectorOpIn: ScopeSelectorOperator & "In"
+ScopeSelectorOpNotIn: ScopeSelectorOperator & "NotIn"
+ScopeSelectorOpExists: ScopeSelectorOperator & "Exists"
+ScopeSelectorOpDoesNotExist: ScopeSelectorOperator & "DoesNotExist"
+
+// ResourceQuotaStatus defines the enforced hard limits and observed use.
+ResourceQuotaStatus: {
+ // Hard is the set of enforced hard limits for each named resource.
+ // More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/
+ // +optional
+ hard?: ResourceList @go(Hard) @protobuf(1,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+
+ // Used is the current observed total usage of the resource in the namespace.
+ // +optional
+ used?: ResourceList @go(Used) @protobuf(2,bytes,rep,casttype=ResourceList,castkey=ResourceName)
+}
+
+// ResourceQuota sets aggregate quota restrictions enforced per namespace
+ResourceQuota: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec defines the desired quota.
+ // https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ spec?: ResourceQuotaSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Status defines the actual enforced quota and its current usage.
+ // https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ status?: ResourceQuotaStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// ResourceQuotaList is a list of ResourceQuota items.
+ResourceQuotaList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Items is a list of ResourceQuota objects.
+ // More info: https://kubernetes.io/docs/concepts/policy/resource-quotas/
+ items: [...ResourceQuota] @go(Items,[]ResourceQuota) @protobuf(2,bytes,rep)
+}
+
+// Secret holds secret data of a certain type. The total bytes of the values in
+// the Data field must be less than MaxSecretSize bytes.
+Secret: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Data contains the secret data. Each key must consist of alphanumeric
+ // characters, '-', '_' or '.'. The serialized form of the secret data is a
+ // base64 encoded string, representing the arbitrary (possibly non-string)
+ // data value here. Described in https://tools.ietf.org/html/rfc4648#section-4
+ // +optional
+ data?: {<_>: bytes} @go(Data,map[string][]byte) @protobuf(2,bytes,rep)
+
+ // stringData allows specifying non-binary secret data in string form.
+ // It is provided as a write-only convenience method.
+ // All keys and values are merged into the data field on write, overwriting any existing values.
+ // It is never output when reading from the API.
+ // +k8s:conversion-gen=false
+ // +optional
+ stringData?: {<_>: string} @go(StringData,map[string]string) @protobuf(4,bytes,rep)
+
+ // Used to facilitate programmatic handling of secret data.
+ // +optional
+ type?: SecretType @go(Type) @protobuf(3,bytes,opt,casttype=SecretType)
+}
+
+MaxSecretSize: 1048576
+
+SecretType: string // enumSecretType
+
+enumSecretType:
+ SecretTypeOpaque |
+ SecretTypeServiceAccountToken |
+ SecretTypeDockercfg |
+ SecretTypeDockerConfigJson |
+ SecretTypeBasicAuth |
+ SecretTypeSSHAuth |
+ SecretTypeTLS |
+ SecretTypeBootstrapToken
+
+// SecretTypeOpaque is the default. Arbitrary user-defined data
+SecretTypeOpaque: SecretType & "Opaque"
+
+// SecretTypeServiceAccountToken contains a token that identifies a service account to the API
+//
+// Required fields:
+// - Secret.Annotations["kubernetes.io/service-account.name"] - the name of the ServiceAccount the token identifies
+// - Secret.Annotations["kubernetes.io/service-account.uid"] - the UID of the ServiceAccount the token identifies
+// - Secret.Data["token"] - a token that identifies the service account to the API
+SecretTypeServiceAccountToken: SecretType & "kubernetes.io/service-account-token"
+
+// ServiceAccountNameKey is the key of the required annotation for SecretTypeServiceAccountToken secrets
+ServiceAccountNameKey: "kubernetes.io/service-account.name"
+
+// ServiceAccountUIDKey is the key of the required annotation for SecretTypeServiceAccountToken secrets
+ServiceAccountUIDKey: "kubernetes.io/service-account.uid"
+
+// ServiceAccountTokenKey is the key of the required data for SecretTypeServiceAccountToken secrets
+ServiceAccountTokenKey: "token"
+
+// ServiceAccountKubeconfigKey is the key of the optional kubeconfig data for SecretTypeServiceAccountToken secrets
+ServiceAccountKubeconfigKey: "kubernetes.kubeconfig"
+
+// ServiceAccountRootCAKey is the key of the optional root certificate authority for SecretTypeServiceAccountToken secrets
+ServiceAccountRootCAKey: "ca.crt"
+
+// ServiceAccountNamespaceKey is the key of the optional namespace to use as the default for namespaced API calls
+ServiceAccountNamespaceKey: "namespace"
+
+// SecretTypeDockercfg contains a dockercfg file that follows the same format rules as ~/.dockercfg
+//
+// Required fields:
+// - Secret.Data[".dockercfg"] - a serialized ~/.dockercfg file
+SecretTypeDockercfg: SecretType & "kubernetes.io/dockercfg"
+
+// DockerConfigKey is the key of the required data for SecretTypeDockercfg secrets
+DockerConfigKey: ".dockercfg"
+
+// SecretTypeDockerConfigJson contains a dockercfg file that follows the same format rules as ~/.docker/config.json
+//
+// Required fields:
+// - Secret.Data[".dockerconfigjson"] - a serialized ~/.docker/config.json file
+SecretTypeDockerConfigJson: SecretType & "kubernetes.io/dockerconfigjson"
+
+// DockerConfigJsonKey is the key of the required data for SecretTypeDockerConfigJson secrets
+DockerConfigJsonKey: ".dockerconfigjson"
+
+// SecretTypeBasicAuth contains data needed for basic authentication.
+//
+// Required at least one of fields:
+// - Secret.Data["username"] - username used for authentication
+// - Secret.Data["password"] - password or token needed for authentication
+SecretTypeBasicAuth: SecretType & "kubernetes.io/basic-auth"
+
+// BasicAuthUsernameKey is the key of the username for SecretTypeBasicAuth secrets
+BasicAuthUsernameKey: "username"
+
+// BasicAuthPasswordKey is the key of the password or token for SecretTypeBasicAuth secrets
+BasicAuthPasswordKey: "password"
+
+// SecretTypeSSHAuth contains data needed for SSH authetication.
+//
+// Required field:
+// - Secret.Data["ssh-privatekey"] - private SSH key needed for authentication
+SecretTypeSSHAuth: SecretType & "kubernetes.io/ssh-auth"
+
+// SSHAuthPrivateKey is the key of the required SSH private key for SecretTypeSSHAuth secrets
+SSHAuthPrivateKey: "ssh-privatekey"
+
+// SecretTypeTLS contains information about a TLS client or server secret. It
+// is primarily used with TLS termination of the Ingress resource, but may be
+// used in other types.
+//
+// Required fields:
+// - Secret.Data["tls.key"] - TLS private key.
+// Secret.Data["tls.crt"] - TLS certificate.
+// TODO: Consider supporting different formats, specifying CA/destinationCA.
+SecretTypeTLS: SecretType & "kubernetes.io/tls"
+
+// TLSCertKey is the key for tls certificates in a TLS secert.
+TLSCertKey: "tls.crt"
+
+// TLSPrivateKeyKey is the key for the private key field in a TLS secret.
+TLSPrivateKeyKey: "tls.key"
+
+// SecretTypeBootstrapToken is used during the automated bootstrap process (first
+// implemented by kubeadm). It stores tokens that are used to sign well known
+// ConfigMaps. They are used for authn.
+SecretTypeBootstrapToken: SecretType & "bootstrap.kubernetes.io/token"
+
+// SecretList is a list of Secret.
+SecretList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Items is a list of secret objects.
+ // More info: https://kubernetes.io/docs/concepts/configuration/secret
+ items: [...Secret] @go(Items,[]Secret) @protobuf(2,bytes,rep)
+}
+
+// ConfigMap holds configuration data for pods to consume.
+ConfigMap: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Data contains the configuration data.
+ // Each key must consist of alphanumeric characters, '-', '_' or '.'.
+ // Values with non-UTF-8 byte sequences must use the BinaryData field.
+ // The keys stored in Data must not overlap with the keys in
+ // the BinaryData field, this is enforced during validation process.
+ // +optional
+ data?: {<_>: string} @go(Data,map[string]string) @protobuf(2,bytes,rep)
+
+ // BinaryData contains the binary data.
+ // Each key must consist of alphanumeric characters, '-', '_' or '.'.
+ // BinaryData can contain byte sequences that are not in the UTF-8 range.
+ // The keys stored in BinaryData must not overlap with the ones in
+ // the Data field, this is enforced during validation process.
+ // Using this field will require 1.10+ apiserver and
+ // kubelet.
+ // +optional
+ binaryData?: {<_>: bytes} @go(BinaryData,map[string][]byte) @protobuf(3,bytes,rep)
+}
+
+// ConfigMapList is a resource containing a list of ConfigMap objects.
+ConfigMapList: metav1.TypeMeta & {
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Items is the list of ConfigMaps.
+ items: [...ConfigMap] @go(Items,[]ConfigMap) @protobuf(2,bytes,rep)
+}
+
+// Type and constants for component health validation.
+ComponentConditionType: string // enumComponentConditionType
+
+enumComponentConditionType:
+ ComponentHealthy
+
+ComponentHealthy: ComponentConditionType & "Healthy"
+
+// Information about the condition of a component.
+ComponentCondition: {
+ // Type of condition for a component.
+ // Valid value: "Healthy"
+ type: ComponentConditionType @go(Type) @protobuf(1,bytes,opt,casttype=ComponentConditionType)
+
+ // Status of the condition for a component.
+ // Valid values for "Healthy": "True", "False", or "Unknown".
+ status: ConditionStatus @go(Status) @protobuf(2,bytes,opt,casttype=ConditionStatus)
+
+ // Message about the condition for a component.
+ // For example, information about a health check.
+ // +optional
+ message?: string @go(Message) @protobuf(3,bytes,opt)
+
+ // Condition error code for a component.
+ // For example, a health check error code.
+ // +optional
+ error?: string @go(Error) @protobuf(4,bytes,opt)
+}
+
+// ComponentStatus (and ComponentStatusList) holds the cluster validation info.
+ComponentStatus: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // List of component conditions observed
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ conditions?: [...ComponentCondition] @go(Conditions,[]ComponentCondition) @protobuf(2,bytes,rep)
+}
+
+// Status of all the conditions for the component as a list of ComponentStatus objects.
+ComponentStatusList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of ComponentStatus objects.
+ items: [...ComponentStatus] @go(Items,[]ComponentStatus) @protobuf(2,bytes,rep)
+}
+
+// DownwardAPIVolumeSource represents a volume containing downward API info.
+// Downward API volumes support ownership management and SELinux relabeling.
+DownwardAPIVolumeSource: {
+ // Items is a list of downward API volume file
+ // +optional
+ items?: [...DownwardAPIVolumeFile] @go(Items,[]DownwardAPIVolumeFile) @protobuf(1,bytes,rep)
+
+ // Optional: mode bits to use on created files by default. Must be a
+ // value between 0 and 0777. Defaults to 0644.
+ // Directories within the path are not affected by this setting.
+ // This might be in conflict with other options that affect the file
+ // mode, like fsGroup, and the result can be other mode bits set.
+ // +optional
+ defaultMode?: null | int32 @go(DefaultMode,*int32) @protobuf(2,varint,opt)
+}
+
+DownwardAPIVolumeSourceDefaultMode: int32 & 0o644
+
+// DownwardAPIVolumeFile represents information to create the file containing the pod field
+DownwardAPIVolumeFile: {
+ // Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'
+ path: string @go(Path) @protobuf(1,bytes,opt)
+
+ // Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.
+ // +optional
+ fieldRef?: null | ObjectFieldSelector @go(FieldRef,*ObjectFieldSelector) @protobuf(2,bytes,opt)
+
+ // Selects a resource of the container: only resources limits and requests
+ // (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.
+ // +optional
+ resourceFieldRef?: null | ResourceFieldSelector @go(ResourceFieldRef,*ResourceFieldSelector) @protobuf(3,bytes,opt)
+
+ // Optional: mode bits to use on this file, must be a value between 0
+ // and 0777. If not specified, the volume defaultMode will be used.
+ // This might be in conflict with other options that affect the file
+ // mode, like fsGroup, and the result can be other mode bits set.
+ // +optional
+ mode?: null | int32 @go(Mode,*int32) @protobuf(4,varint,opt)
+}
+
+// Represents downward API info for projecting into a projected volume.
+// Note that this is identical to a downwardAPI volume source without the default
+// mode.
+DownwardAPIProjection: {
+ // Items is a list of DownwardAPIVolume file
+ // +optional
+ items?: [...DownwardAPIVolumeFile] @go(Items,[]DownwardAPIVolumeFile) @protobuf(1,bytes,rep)
+}
+
+// SecurityContext holds security configuration that will be applied to a container.
+// Some fields are present in both SecurityContext and PodSecurityContext. When both
+// are set, the values in SecurityContext take precedence.
+SecurityContext: {
+ // The capabilities to add/drop when running containers.
+ // Defaults to the default set of capabilities granted by the container runtime.
+ // +optional
+ capabilities?: null | Capabilities @go(Capabilities,*Capabilities) @protobuf(1,bytes,opt)
+
+ // Run container in privileged mode.
+ // Processes in privileged containers are essentially equivalent to root on the host.
+ // Defaults to false.
+ // +optional
+ privileged?: null | bool @go(Privileged,*bool) @protobuf(2,varint,opt)
+
+ // The SELinux context to be applied to the container.
+ // If unspecified, the container runtime will allocate a random SELinux context for each
+ // container. May also be set in PodSecurityContext. If set in both SecurityContext and
+ // PodSecurityContext, the value specified in SecurityContext takes precedence.
+ // +optional
+ seLinuxOptions?: null | SELinuxOptions @go(SELinuxOptions,*SELinuxOptions) @protobuf(3,bytes,opt)
+
+ // Windows security options.
+ // +optional
+ windowsOptions?: null | WindowsSecurityContextOptions @go(WindowsOptions,*WindowsSecurityContextOptions) @protobuf(10,bytes,opt)
+
+ // The UID to run the entrypoint of the container process.
+ // Defaults to user specified in image metadata if unspecified.
+ // May also be set in PodSecurityContext. If set in both SecurityContext and
+ // PodSecurityContext, the value specified in SecurityContext takes precedence.
+ // +optional
+ runAsUser?: null | int64 @go(RunAsUser,*int64) @protobuf(4,varint,opt)
+
+ // The GID to run the entrypoint of the container process.
+ // Uses runtime default if unset.
+ // May also be set in PodSecurityContext. If set in both SecurityContext and
+ // PodSecurityContext, the value specified in SecurityContext takes precedence.
+ // +optional
+ runAsGroup?: null | int64 @go(RunAsGroup,*int64) @protobuf(8,varint,opt)
+
+ // Indicates that the container must run as a non-root user.
+ // If true, the Kubelet will validate the image at runtime to ensure that it
+ // does not run as UID 0 (root) and fail to start the container if it does.
+ // If unset or false, no such validation will be performed.
+ // May also be set in PodSecurityContext. If set in both SecurityContext and
+ // PodSecurityContext, the value specified in SecurityContext takes precedence.
+ // +optional
+ runAsNonRoot?: null | bool @go(RunAsNonRoot,*bool) @protobuf(5,varint,opt)
+
+ // Whether this container has a read-only root filesystem.
+ // Default is false.
+ // +optional
+ readOnlyRootFilesystem?: null | bool @go(ReadOnlyRootFilesystem,*bool) @protobuf(6,varint,opt)
+
+ // AllowPrivilegeEscalation controls whether a process can gain more
+ // privileges than its parent process. This bool directly controls if
+ // the no_new_privs flag will be set on the container process.
+ // AllowPrivilegeEscalation is true always when the container is:
+ // 1) run as Privileged
+ // 2) has CAP_SYS_ADMIN
+ // +optional
+ allowPrivilegeEscalation?: null | bool @go(AllowPrivilegeEscalation,*bool) @protobuf(7,varint,opt)
+
+ // procMount denotes the type of proc mount to use for the containers.
+ // The default is DefaultProcMount which uses the container runtime defaults for
+ // readonly paths and masked paths.
+ // This requires the ProcMountType feature flag to be enabled.
+ // +optional
+ procMount?: null | ProcMountType @go(ProcMount,*ProcMountType) @protobuf(9,bytes,opt)
+}
+
+ProcMountType: string // enumProcMountType
+
+enumProcMountType:
+ DefaultProcMount |
+ UnmaskedProcMount
+
+// DefaultProcMount uses the container runtime defaults for readonly and masked
+// paths for /proc. Most container runtimes mask certain paths in /proc to avoid
+// accidental security exposure of special devices or information.
+DefaultProcMount: ProcMountType & "Default"
+
+// UnmaskedProcMount bypasses the default masking behavior of the container
+// runtime and ensures the newly created /proc the container stays in tact with
+// no modifications.
+UnmaskedProcMount: ProcMountType & "Unmasked"
+
+// SELinuxOptions are the labels to be applied to the container
+SELinuxOptions: {
+ // User is a SELinux user label that applies to the container.
+ // +optional
+ user?: string @go(User) @protobuf(1,bytes,opt)
+
+ // Role is a SELinux role label that applies to the container.
+ // +optional
+ role?: string @go(Role) @protobuf(2,bytes,opt)
+
+ // Type is a SELinux type label that applies to the container.
+ // +optional
+ type?: string @go(Type) @protobuf(3,bytes,opt)
+
+ // Level is SELinux level label that applies to the container.
+ // +optional
+ level?: string @go(Level) @protobuf(4,bytes,opt)
+}
+
+// WindowsSecurityContextOptions contain Windows-specific options and credentials.
+WindowsSecurityContextOptions: {
+ // GMSACredentialSpecName is the name of the GMSA credential spec to use.
+ // This field is alpha-level and is only honored by servers that enable the WindowsGMSA feature flag.
+ // +optional
+ gmsaCredentialSpecName?: null | string @go(GMSACredentialSpecName,*string) @protobuf(1,bytes,opt)
+
+ // GMSACredentialSpec is where the GMSA admission webhook
+ // (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the
+ // GMSA credential spec named by the GMSACredentialSpecName field.
+ // This field is alpha-level and is only honored by servers that enable the WindowsGMSA feature flag.
+ // +optional
+ gmsaCredentialSpec?: null | string @go(GMSACredentialSpec,*string) @protobuf(2,bytes,opt)
+}
+
+// RangeAllocation is not a public type.
+RangeAllocation: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Range is string that identifies the range represented by 'data'.
+ range: string @go(Range) @protobuf(2,bytes,opt)
+
+ // Data is a bit array containing all allocated addresses in the previous segment.
+ data: bytes @go(Data,[]byte) @protobuf(3,bytes,opt)
+}
+
+// "default-scheduler" is the name of default scheduler.
+DefaultSchedulerName: "default-scheduler"
+
+// RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule
+// corresponding to every RequiredDuringScheduling affinity rule.
+// When the --hard-pod-affinity-weight scheduler flag is not specified,
+// DefaultHardPodAffinityWeight defines the weight of the implicit PreferredDuringScheduling affinity rule.
+DefaultHardPodAffinitySymmetricWeight: int32 & 1
+
+// Sysctl defines a kernel parameter to be set
+Sysctl: {
+ // Name of a property to set
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // Value of a property to set
+ value: string @go(Value) @protobuf(2,bytes,opt)
+}
+
+// NodeResources is an object for conveying resource information about a node.
+// see http://releases.k8s.io/HEAD/docs/design/resources.md for more details.
+NodeResources: {
+ // Capacity represents the available resources of a node
+ Capacity: ResourceList @protobuf(1,bytes,rep,name=capacity,casttype=ResourceList,castkey=ResourceName)
+}
+
+// Enable stdin for remote command execution
+ExecStdinParam: "input"
+
+// Enable stdout for remote command execution
+ExecStdoutParam: "output"
+
+// Enable stderr for remote command execution
+ExecStderrParam: "error"
+
+// Enable TTY for remote command execution
+ExecTTYParam: "tty"
+
+// Command to run for remote command execution
+ExecCommandParam: "command"
+
+// Name of header that specifies stream type
+StreamType: "streamType"
+
+// Value for streamType header for stdin stream
+StreamTypeStdin: "stdin"
+
+// Value for streamType header for stdout stream
+StreamTypeStdout: "stdout"
+
+// Value for streamType header for stderr stream
+StreamTypeStderr: "stderr"
+
+// Value for streamType header for data stream
+StreamTypeData: "data"
+
+// Value for streamType header for error stream
+StreamTypeError: "error"
+
+// Value for streamType header for terminal resize stream
+StreamTypeResize: "resize"
+
+// Name of header that specifies the port being forwarded
+PortHeader: "port"
+
+// Name of header that specifies a request ID used to associate the error
+// and data streams for a single forwarded connection
+PortForwardRequestIDHeader: "requestID"
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/well_known_labels_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/well_known_labels_go_gen.cue
new file mode 100644
index 0000000..2a35f5b
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/core/v1/well_known_labels_go_gen.cue
@@ -0,0 +1,21 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/core/v1
+
+package v1
+
+LabelHostname: "kubernetes.io/hostname"
+LabelZoneFailureDomain: "failure-domain.beta.kubernetes.io/zone"
+LabelZoneRegion: "failure-domain.beta.kubernetes.io/region"
+LabelInstanceType: "beta.kubernetes.io/instance-type"
+LabelOSStable: "kubernetes.io/os"
+LabelArchStable: "kubernetes.io/arch"
+
+// LabelNamespaceSuffixKubelet is an allowed label namespace suffix kubelets can self-set ([*.]kubelet.kubernetes.io/*)
+LabelNamespaceSuffixKubelet: "kubelet.kubernetes.io"
+
+// LabelNamespaceSuffixNode is an allowed label namespace suffix kubelets can self-set ([*.]node.kubernetes.io/*)
+LabelNamespaceSuffixNode: "node.kubernetes.io"
+
+// LabelNamespaceNodeRestriction is a forbidden label namespace that kubelets may not self-set when the NodeRestriction admission plugin is enabled
+LabelNamespaceNodeRestriction: "node-restriction.kubernetes.io"
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/extensions/v1beta1/generated.pb_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/extensions/v1beta1/generated.pb_go_gen.cue
new file mode 100644
index 0000000..24b6fcb
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/extensions/v1beta1/generated.pb_go_gen.cue
@@ -0,0 +1,70 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/extensions/v1beta1
+
+/*
+ Package v1beta1 is a generated protocol buffer package.
+
+ It is generated from these files:
+ k8s.io/kubernetes/vendor/k8s.io/api/extensions/v1beta1/generated.proto
+
+ It has these top-level messages:
+ AllowedCSIDriver
+ AllowedFlexVolume
+ AllowedHostPath
+ DaemonSet
+ DaemonSetCondition
+ DaemonSetList
+ DaemonSetSpec
+ DaemonSetStatus
+ DaemonSetUpdateStrategy
+ Deployment
+ DeploymentCondition
+ DeploymentList
+ DeploymentRollback
+ DeploymentSpec
+ DeploymentStatus
+ DeploymentStrategy
+ FSGroupStrategyOptions
+ HTTPIngressPath
+ HTTPIngressRuleValue
+ HostPortRange
+ IDRange
+ IPBlock
+ Ingress
+ IngressBackend
+ IngressList
+ IngressRule
+ IngressRuleValue
+ IngressSpec
+ IngressStatus
+ IngressTLS
+ NetworkPolicy
+ NetworkPolicyEgressRule
+ NetworkPolicyIngressRule
+ NetworkPolicyList
+ NetworkPolicyPeer
+ NetworkPolicyPort
+ NetworkPolicySpec
+ PodSecurityPolicy
+ PodSecurityPolicyList
+ PodSecurityPolicySpec
+ ReplicaSet
+ ReplicaSetCondition
+ ReplicaSetList
+ ReplicaSetSpec
+ ReplicaSetStatus
+ ReplicationControllerDummy
+ RollbackConfig
+ RollingUpdateDaemonSet
+ RollingUpdateDeployment
+ RunAsGroupStrategyOptions
+ RunAsUserStrategyOptions
+ RuntimeClassStrategyOptions
+ SELinuxStrategyOptions
+ Scale
+ ScaleSpec
+ ScaleStatus
+ SupplementalGroupsStrategyOptions
+*/
+package v1beta1
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/extensions/v1beta1/register_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/extensions/v1beta1/register_go_gen.cue
new file mode 100644
index 0000000..8ee73e9
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/extensions/v1beta1/register_go_gen.cue
@@ -0,0 +1,7 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/extensions/v1beta1
+
+package v1beta1
+
+GroupName: "extensions"
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/extensions/v1beta1/types_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/extensions/v1beta1/types_go_gen.cue
new file mode 100644
index 0000000..cb39af7
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/api/extensions/v1beta1/types_go_gen.cue
@@ -0,0 +1,1354 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/api/extensions/v1beta1
+
+package v1beta1
+
+import (
+ "k8s.io/api/core/v1"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/util/intstr"
+)
+
+// describes the attributes of a scale subresource
+ScaleSpec: {
+ // desired number of instances for the scaled object.
+ // +optional
+ replicas?: int32 @go(Replicas) @protobuf(1,varint,opt)
+}
+
+// represents the current status of a scale subresource.
+ScaleStatus: {
+ // actual number of observed instances of the scaled object.
+ replicas: int32 @go(Replicas) @protobuf(1,varint,opt)
+
+ // label query over pods that should match the replicas count. More info: http://kubernetes.io/docs/user-guide/labels#label-selectors
+ // +optional
+ selector?: {<_>: string} @go(Selector,map[string]string) @protobuf(2,bytes,rep)
+
+ // label selector for pods that should match the replicas count. This is a serializated
+ // version of both map-based and more expressive set-based selectors. This is done to
+ // avoid introspection in the clients. The string will be in the same format as the
+ // query-param syntax. If the target type only supports map-based selectors, both this
+ // field and map-based selector field are populated.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ targetSelector?: string @go(TargetSelector) @protobuf(3,bytes,opt)
+}
+
+// represents a scaling request for a resource.
+Scale: metav1.TypeMeta & {
+ // Standard object metadata; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata.
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // defines the behavior of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status.
+ // +optional
+ spec?: ScaleSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // current status of the scale. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status. Read-only.
+ // +optional
+ status?: ScaleStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// Dummy definition
+ReplicationControllerDummy: metav1.TypeMeta & {
+}
+
+// DEPRECATED - This group version of Deployment is deprecated by apps/v1beta2/Deployment. See the release notes for
+// more information.
+// Deployment enables declarative updates for Pods and ReplicaSets.
+Deployment: metav1.TypeMeta & {
+ // Standard object metadata.
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Specification of the desired behavior of the Deployment.
+ // +optional
+ spec?: DeploymentSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Most recently observed status of the Deployment.
+ // +optional
+ status?: DeploymentStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// DeploymentSpec is the specification of the desired behavior of the Deployment.
+DeploymentSpec: {
+ // Number of desired pods. This is a pointer to distinguish between explicit
+ // zero and not specified. Defaults to 1.
+ // +optional
+ replicas?: null | int32 @go(Replicas,*int32) @protobuf(1,varint,opt)
+
+ // Label selector for pods. Existing ReplicaSets whose pods are
+ // selected by this will be the ones affected by this deployment.
+ // +optional
+ selector?: null | metav1.LabelSelector @go(Selector,*metav1.LabelSelector) @protobuf(2,bytes,opt)
+
+ // Template describes the pods that will be created.
+ template: v1.PodTemplateSpec @go(Template) @protobuf(3,bytes,opt)
+
+ // The deployment strategy to use to replace existing pods with new ones.
+ // +optional
+ // +patchStrategy=retainKeys
+ strategy?: DeploymentStrategy @go(Strategy) @protobuf(4,bytes,opt)
+
+ // Minimum number of seconds for which a newly created pod should be ready
+ // without any of its container crashing, for it to be considered available.
+ // Defaults to 0 (pod will be considered available as soon as it is ready)
+ // +optional
+ minReadySeconds?: int32 @go(MinReadySeconds) @protobuf(5,varint,opt)
+
+ // The number of old ReplicaSets to retain to allow rollback.
+ // This is a pointer to distinguish between explicit zero and not specified.
+ // This is set to the max value of int32 (i.e. 2147483647) by default, which
+ // means "retaining all old RelicaSets".
+ // +optional
+ revisionHistoryLimit?: null | int32 @go(RevisionHistoryLimit,*int32) @protobuf(6,varint,opt)
+
+ // Indicates that the deployment is paused and will not be processed by the
+ // deployment controller.
+ // +optional
+ paused?: bool @go(Paused) @protobuf(7,varint,opt)
+
+ // DEPRECATED.
+ // The config this deployment is rolling back to. Will be cleared after rollback is done.
+ // +optional
+ rollbackTo?: null | RollbackConfig @go(RollbackTo,*RollbackConfig) @protobuf(8,bytes,opt)
+
+ // The maximum time in seconds for a deployment to make progress before it
+ // is considered to be failed. The deployment controller will continue to
+ // process failed deployments and a condition with a ProgressDeadlineExceeded
+ // reason will be surfaced in the deployment status. Note that progress will
+ // not be estimated during the time a deployment is paused. This is set to
+ // the max value of int32 (i.e. 2147483647) by default, which means "no deadline".
+ // +optional
+ progressDeadlineSeconds?: null | int32 @go(ProgressDeadlineSeconds,*int32) @protobuf(9,varint,opt)
+}
+
+// DEPRECATED.
+// DeploymentRollback stores the information required to rollback a deployment.
+DeploymentRollback: metav1.TypeMeta & {
+ // Required: This must match the Name of a deployment.
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // The annotations to be updated to a deployment
+ // +optional
+ updatedAnnotations?: {<_>: string} @go(UpdatedAnnotations,map[string]string) @protobuf(2,bytes,rep)
+
+ // The config of this deployment rollback.
+ rollbackTo: RollbackConfig @go(RollbackTo) @protobuf(3,bytes,opt)
+}
+
+// DEPRECATED.
+RollbackConfig: {
+ // The revision to rollback to. If set to 0, rollback to the last revision.
+ // +optional
+ revision?: int64 @go(Revision) @protobuf(1,varint,opt)
+}
+
+// DefaultDeploymentUniqueLabelKey is the default key of the selector that is added
+// to existing RCs (and label key that is added to its pods) to prevent the existing RCs
+// to select new pods (and old pods being select by new RC).
+DefaultDeploymentUniqueLabelKey: "pod-template-hash"
+
+// DeploymentStrategy describes how to replace existing pods with new ones.
+DeploymentStrategy: {
+ // Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate.
+ // +optional
+ type?: DeploymentStrategyType @go(Type) @protobuf(1,bytes,opt,casttype=DeploymentStrategyType)
+
+ // Rolling update config params. Present only if DeploymentStrategyType =
+ // RollingUpdate.
+ //---
+ // TODO: Update this to follow our convention for oneOf, whatever we decide it
+ // to be.
+ // +optional
+ rollingUpdate?: null | RollingUpdateDeployment @go(RollingUpdate,*RollingUpdateDeployment) @protobuf(2,bytes,opt)
+}
+
+DeploymentStrategyType: string // enumDeploymentStrategyType
+
+enumDeploymentStrategyType:
+ RecreateDeploymentStrategyType |
+ RollingUpdateDeploymentStrategyType
+
+// Kill all existing pods before creating new ones.
+RecreateDeploymentStrategyType: DeploymentStrategyType & "Recreate"
+
+// Replace the old RCs by new one using rolling update i.e gradually scale down the old RCs and scale up the new one.
+RollingUpdateDeploymentStrategyType: DeploymentStrategyType & "RollingUpdate"
+
+// Spec to control the desired behavior of rolling update.
+RollingUpdateDeployment: {
+ // The maximum number of pods that can be unavailable during the update.
+ // Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ // Absolute number is calculated from percentage by rounding down.
+ // This can not be 0 if MaxSurge is 0.
+ // By default, a fixed value of 1 is used.
+ // Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods
+ // immediately when the rolling update starts. Once new pods are ready, old RC
+ // can be scaled down further, followed by scaling up the new RC, ensuring
+ // that the total number of pods available at all times during the update is at
+ // least 70% of desired pods.
+ // +optional
+ maxUnavailable?: null | intstr.IntOrString @go(MaxUnavailable,*intstr.IntOrString) @protobuf(1,bytes,opt)
+
+ // The maximum number of pods that can be scheduled above the desired number of
+ // pods.
+ // Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
+ // This can not be 0 if MaxUnavailable is 0.
+ // Absolute number is calculated from percentage by rounding up.
+ // By default, a value of 1 is used.
+ // Example: when this is set to 30%, the new RC can be scaled up immediately when
+ // the rolling update starts, such that the total number of old and new pods do not exceed
+ // 130% of desired pods. Once old pods have been killed,
+ // new RC can be scaled up further, ensuring that total number of pods running
+ // at any time during the update is at most 130% of desired pods.
+ // +optional
+ maxSurge?: null | intstr.IntOrString @go(MaxSurge,*intstr.IntOrString) @protobuf(2,bytes,opt)
+}
+
+// DeploymentStatus is the most recently observed status of the Deployment.
+DeploymentStatus: {
+ // The generation observed by the deployment controller.
+ // +optional
+ observedGeneration?: int64 @go(ObservedGeneration) @protobuf(1,varint,opt)
+
+ // Total number of non-terminated pods targeted by this deployment (their labels match the selector).
+ // +optional
+ replicas?: int32 @go(Replicas) @protobuf(2,varint,opt)
+
+ // Total number of non-terminated pods targeted by this deployment that have the desired template spec.
+ // +optional
+ updatedReplicas?: int32 @go(UpdatedReplicas) @protobuf(3,varint,opt)
+
+ // Total number of ready pods targeted by this deployment.
+ // +optional
+ readyReplicas?: int32 @go(ReadyReplicas) @protobuf(7,varint,opt)
+
+ // Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.
+ // +optional
+ availableReplicas?: int32 @go(AvailableReplicas) @protobuf(4,varint,opt)
+
+ // Total number of unavailable pods targeted by this deployment. This is the total number of
+ // pods that are still required for the deployment to have 100% available capacity. They may
+ // either be pods that are running but not yet available or pods that still have not been created.
+ // +optional
+ unavailableReplicas?: int32 @go(UnavailableReplicas) @protobuf(5,varint,opt)
+
+ // Represents the latest available observations of a deployment's current state.
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ conditions?: [...DeploymentCondition] @go(Conditions,[]DeploymentCondition) @protobuf(6,bytes,rep)
+
+ // Count of hash collisions for the Deployment. The Deployment controller uses this
+ // field as a collision avoidance mechanism when it needs to create the name for the
+ // newest ReplicaSet.
+ // +optional
+ collisionCount?: null | int32 @go(CollisionCount,*int32) @protobuf(8,varint,opt)
+}
+
+DeploymentConditionType: string // enumDeploymentConditionType
+
+enumDeploymentConditionType:
+ DeploymentAvailable |
+ DeploymentProgressing |
+ DeploymentReplicaFailure
+
+// Available means the deployment is available, ie. at least the minimum available
+// replicas required are up and running for at least minReadySeconds.
+DeploymentAvailable: DeploymentConditionType & "Available"
+
+// Progressing means the deployment is progressing. Progress for a deployment is
+// considered when a new replica set is created or adopted, and when new pods scale
+// up or old pods scale down. Progress is not estimated for paused deployments or
+// when progressDeadlineSeconds is not specified.
+DeploymentProgressing: DeploymentConditionType & "Progressing"
+
+// ReplicaFailure is added in a deployment when one of its pods fails to be created
+// or deleted.
+DeploymentReplicaFailure: DeploymentConditionType & "ReplicaFailure"
+
+// DeploymentCondition describes the state of a deployment at a certain point.
+DeploymentCondition: {
+ // Type of deployment condition.
+ type: DeploymentConditionType @go(Type) @protobuf(1,bytes,opt,casttype=DeploymentConditionType)
+
+ // Status of the condition, one of True, False, Unknown.
+ status: v1.ConditionStatus @go(Status) @protobuf(2,bytes,opt,casttype=k8s.io/api/core/v1.ConditionStatus)
+
+ // The last time this condition was updated.
+ lastUpdateTime?: metav1.Time @go(LastUpdateTime) @protobuf(6,bytes,opt)
+
+ // Last time the condition transitioned from one status to another.
+ lastTransitionTime?: metav1.Time @go(LastTransitionTime) @protobuf(7,bytes,opt)
+
+ // The reason for the condition's last transition.
+ reason?: string @go(Reason) @protobuf(4,bytes,opt)
+
+ // A human readable message indicating details about the transition.
+ message?: string @go(Message) @protobuf(5,bytes,opt)
+}
+
+// DeploymentList is a list of Deployments.
+DeploymentList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Items is the list of Deployments.
+ items: [...Deployment] @go(Items,[]Deployment) @protobuf(2,bytes,rep)
+}
+
+DaemonSetUpdateStrategy: {
+ // Type of daemon set update. Can be "RollingUpdate" or "OnDelete".
+ // Default is OnDelete.
+ // +optional
+ type?: DaemonSetUpdateStrategyType @go(Type) @protobuf(1,bytes,opt)
+
+ // Rolling update config params. Present only if type = "RollingUpdate".
+ //---
+ // TODO: Update this to follow our convention for oneOf, whatever we decide it
+ // to be. Same as Deployment `strategy.rollingUpdate`.
+ // See https://github.com/kubernetes/kubernetes/issues/35345
+ // +optional
+ rollingUpdate?: null | RollingUpdateDaemonSet @go(RollingUpdate,*RollingUpdateDaemonSet) @protobuf(2,bytes,opt)
+}
+
+DaemonSetUpdateStrategyType: string // enumDaemonSetUpdateStrategyType
+
+enumDaemonSetUpdateStrategyType:
+ RollingUpdateDaemonSetStrategyType |
+ OnDeleteDaemonSetStrategyType
+
+// Replace the old daemons by new ones using rolling update i.e replace them on each node one after the other.
+RollingUpdateDaemonSetStrategyType: DaemonSetUpdateStrategyType & "RollingUpdate"
+
+// Replace the old daemons only when it's killed
+OnDeleteDaemonSetStrategyType: DaemonSetUpdateStrategyType & "OnDelete"
+
+// Spec to control the desired behavior of daemon set rolling update.
+RollingUpdateDaemonSet: {
+ // The maximum number of DaemonSet pods that can be unavailable during the
+ // update. Value can be an absolute number (ex: 5) or a percentage of total
+ // number of DaemonSet pods at the start of the update (ex: 10%). Absolute
+ // number is calculated from percentage by rounding up.
+ // This cannot be 0.
+ // Default value is 1.
+ // Example: when this is set to 30%, at most 30% of the total number of nodes
+ // that should be running the daemon pod (i.e. status.desiredNumberScheduled)
+ // can have their pods stopped for an update at any given
+ // time. The update starts by stopping at most 30% of those DaemonSet pods
+ // and then brings up new DaemonSet pods in their place. Once the new pods
+ // are available, it then proceeds onto other DaemonSet pods, thus ensuring
+ // that at least 70% of original number of DaemonSet pods are available at
+ // all times during the update.
+ // +optional
+ maxUnavailable?: null | intstr.IntOrString @go(MaxUnavailable,*intstr.IntOrString) @protobuf(1,bytes,opt)
+}
+
+// DaemonSetSpec is the specification of a daemon set.
+DaemonSetSpec: {
+ // A label query over pods that are managed by the daemon set.
+ // Must match in order to be controlled.
+ // If empty, defaulted to labels on Pod template.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ selector?: null | metav1.LabelSelector @go(Selector,*metav1.LabelSelector) @protobuf(1,bytes,opt)
+
+ // An object that describes the pod that will be created.
+ // The DaemonSet will create exactly one copy of this pod on every node
+ // that matches the template's node selector (or on every node if no node
+ // selector is specified).
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+ template: v1.PodTemplateSpec @go(Template) @protobuf(2,bytes,opt)
+
+ // An update strategy to replace existing DaemonSet pods with new pods.
+ // +optional
+ updateStrategy?: DaemonSetUpdateStrategy @go(UpdateStrategy) @protobuf(3,bytes,opt)
+
+ // The minimum number of seconds for which a newly created DaemonSet pod should
+ // be ready without any of its container crashing, for it to be considered
+ // available. Defaults to 0 (pod will be considered available as soon as it
+ // is ready).
+ // +optional
+ minReadySeconds?: int32 @go(MinReadySeconds) @protobuf(4,varint,opt)
+
+ // DEPRECATED.
+ // A sequence number representing a specific generation of the template.
+ // Populated by the system. It can be set only during the creation.
+ // +optional
+ templateGeneration?: int64 @go(TemplateGeneration) @protobuf(5,varint,opt)
+
+ // The number of old history to retain to allow rollback.
+ // This is a pointer to distinguish between explicit zero and not specified.
+ // Defaults to 10.
+ // +optional
+ revisionHistoryLimit?: null | int32 @go(RevisionHistoryLimit,*int32) @protobuf(6,varint,opt)
+}
+
+// DaemonSetStatus represents the current status of a daemon set.
+DaemonSetStatus: {
+ // The number of nodes that are running at least 1
+ // daemon pod and are supposed to run the daemon pod.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
+ currentNumberScheduled: int32 @go(CurrentNumberScheduled) @protobuf(1,varint,opt)
+
+ // The number of nodes that are running the daemon pod, but are
+ // not supposed to run the daemon pod.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
+ numberMisscheduled: int32 @go(NumberMisscheduled) @protobuf(2,varint,opt)
+
+ // The total number of nodes that should be running the daemon
+ // pod (including nodes correctly running the daemon pod).
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
+ desiredNumberScheduled: int32 @go(DesiredNumberScheduled) @protobuf(3,varint,opt)
+
+ // The number of nodes that should be running the daemon pod and have one
+ // or more of the daemon pod running and ready.
+ numberReady: int32 @go(NumberReady) @protobuf(4,varint,opt)
+
+ // The most recent generation observed by the daemon set controller.
+ // +optional
+ observedGeneration?: int64 @go(ObservedGeneration) @protobuf(5,varint,opt)
+
+ // The total number of nodes that are running updated daemon pod
+ // +optional
+ updatedNumberScheduled?: int32 @go(UpdatedNumberScheduled) @protobuf(6,varint,opt)
+
+ // The number of nodes that should be running the
+ // daemon pod and have one or more of the daemon pod running and
+ // available (ready for at least spec.minReadySeconds)
+ // +optional
+ numberAvailable?: int32 @go(NumberAvailable) @protobuf(7,varint,opt)
+
+ // The number of nodes that should be running the
+ // daemon pod and have none of the daemon pod running and available
+ // (ready for at least spec.minReadySeconds)
+ // +optional
+ numberUnavailable?: int32 @go(NumberUnavailable) @protobuf(8,varint,opt)
+
+ // Count of hash collisions for the DaemonSet. The DaemonSet controller
+ // uses this field as a collision avoidance mechanism when it needs to
+ // create the name for the newest ControllerRevision.
+ // +optional
+ collisionCount?: null | int32 @go(CollisionCount,*int32) @protobuf(9,varint,opt)
+
+ // Represents the latest available observations of a DaemonSet's current state.
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ conditions?: [...DaemonSetCondition] @go(Conditions,[]DaemonSetCondition) @protobuf(10,bytes,rep)
+}
+
+DaemonSetConditionType: string
+
+// DaemonSetCondition describes the state of a DaemonSet at a certain point.
+DaemonSetCondition: {
+ // Type of DaemonSet condition.
+ type: DaemonSetConditionType @go(Type) @protobuf(1,bytes,opt,casttype=DaemonSetConditionType)
+
+ // Status of the condition, one of True, False, Unknown.
+ status: v1.ConditionStatus @go(Status) @protobuf(2,bytes,opt,casttype=k8s.io/api/core/v1.ConditionStatus)
+
+ // Last time the condition transitioned from one status to another.
+ // +optional
+ lastTransitionTime?: metav1.Time @go(LastTransitionTime) @protobuf(3,bytes,opt)
+
+ // The reason for the condition's last transition.
+ // +optional
+ reason?: string @go(Reason) @protobuf(4,bytes,opt)
+
+ // A human readable message indicating details about the transition.
+ // +optional
+ message?: string @go(Message) @protobuf(5,bytes,opt)
+}
+
+// DEPRECATED - This group version of DaemonSet is deprecated by apps/v1beta2/DaemonSet. See the release notes for
+// more information.
+// DaemonSet represents the configuration of a daemon set.
+DaemonSet: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // The desired behavior of this daemon set.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ // +optional
+ spec?: DaemonSetSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // The current status of this daemon set. This data may be
+ // out of date by some window of time.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ // +optional
+ status?: DaemonSetStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// DEPRECATED: DefaultDaemonSetUniqueLabelKey is used instead.
+// DaemonSetTemplateGenerationKey is the key of the labels that is added
+// to daemon set pods to distinguish between old and new pod templates
+// during DaemonSet template update.
+DaemonSetTemplateGenerationKey: "pod-template-generation"
+
+// DefaultDaemonSetUniqueLabelKey is the default label key that is added
+// to existing DaemonSet pods to distinguish between old and new
+// DaemonSet pods during DaemonSet template updates.
+DefaultDaemonSetUniqueLabelKey: "controller-revision-hash"
+
+// DaemonSetList is a collection of daemon sets.
+DaemonSetList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // A list of daemon sets.
+ items: [...DaemonSet] @go(Items,[]DaemonSet) @protobuf(2,bytes,rep)
+}
+
+// Ingress is a collection of rules that allow inbound connections to reach the
+// endpoints defined by a backend. An Ingress can be configured to give services
+// externally-reachable urls, load balance traffic, terminate SSL, offer name
+// based virtual hosting etc.
+// DEPRECATED - This group version of Ingress is deprecated by networking.k8s.io/v1beta1 Ingress. See the release notes for more information.
+Ingress: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec is the desired state of the Ingress.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ // +optional
+ spec?: IngressSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Status is the current state of the Ingress.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ // +optional
+ status?: IngressStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// IngressList is a collection of Ingress.
+IngressList: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Items is the list of Ingress.
+ items: [...Ingress] @go(Items,[]Ingress) @protobuf(2,bytes,rep)
+}
+
+// IngressSpec describes the Ingress the user wishes to exist.
+IngressSpec: {
+ // A default backend capable of servicing requests that don't match any
+ // rule. At least one of 'backend' or 'rules' must be specified. This field
+ // is optional to allow the loadbalancer controller or defaulting logic to
+ // specify a global default.
+ // +optional
+ backend?: null | IngressBackend @go(Backend,*IngressBackend) @protobuf(1,bytes,opt)
+
+ // TLS configuration. Currently the Ingress only supports a single TLS
+ // port, 443. If multiple members of this list specify different hosts, they
+ // will be multiplexed on the same port according to the hostname specified
+ // through the SNI TLS extension, if the ingress controller fulfilling the
+ // ingress supports SNI.
+ // +optional
+ tls?: [...IngressTLS] @go(TLS,[]IngressTLS) @protobuf(2,bytes,rep)
+
+ // A list of host rules used to configure the Ingress. If unspecified, or
+ // no rule matches, all traffic is sent to the default backend.
+ // +optional
+ rules?: [...IngressRule] @go(Rules,[]IngressRule) @protobuf(3,bytes,rep)
+}
+
+// IngressTLS describes the transport layer security associated with an Ingress.
+IngressTLS: {
+ // Hosts are a list of hosts included in the TLS certificate. The values in
+ // this list must match the name/s used in the tlsSecret. Defaults to the
+ // wildcard host setting for the loadbalancer controller fulfilling this
+ // Ingress, if left unspecified.
+ // +optional
+ hosts?: [...string] @go(Hosts,[]string) @protobuf(1,bytes,rep)
+
+ // SecretName is the name of the secret used to terminate SSL traffic on 443.
+ // Field is left optional to allow SSL routing based on SNI hostname alone.
+ // If the SNI host in a listener conflicts with the "Host" header field used
+ // by an IngressRule, the SNI host is used for termination and value of the
+ // Host header is used for routing.
+ // +optional
+ secretName?: string @go(SecretName) @protobuf(2,bytes,opt)
+}
+
+// IngressStatus describe the current state of the Ingress.
+IngressStatus: {
+ // LoadBalancer contains the current status of the load-balancer.
+ // +optional
+ loadBalancer?: v1.LoadBalancerStatus @go(LoadBalancer) @protobuf(1,bytes,opt)
+}
+
+// IngressRule represents the rules mapping the paths under a specified host to
+// the related backend services. Incoming requests are first evaluated for a host
+// match, then routed to the backend associated with the matching IngressRuleValue.
+IngressRule: IngressRuleValue & {
+ // Host is the fully qualified domain name of a network host, as defined
+ // by RFC 3986. Note the following deviations from the "host" part of the
+ // URI as defined in the RFC:
+ // 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the
+ // IP in the Spec of the parent Ingress.
+ // 2. The `:` delimiter is not respected because ports are not allowed.
+ // Currently the port of an Ingress is implicitly :80 for http and
+ // :443 for https.
+ // Both these may change in the future.
+ // Incoming requests are matched against the host before the IngressRuleValue.
+ // If the host is unspecified, the Ingress routes all traffic based on the
+ // specified IngressRuleValue.
+ // +optional
+ host?: string @go(Host) @protobuf(1,bytes,opt)
+}
+
+// IngressRuleValue represents a rule to apply against incoming requests. If the
+// rule is satisfied, the request is routed to the specified backend. Currently
+// mixing different types of rules in a single Ingress is disallowed, so exactly
+// one of the following must be set.
+IngressRuleValue: {
+ // +optional
+ http?: null | HTTPIngressRuleValue @go(HTTP,*HTTPIngressRuleValue) @protobuf(1,bytes,opt)
+}
+
+// HTTPIngressRuleValue is a list of http selectors pointing to backends.
+// In the example: http://<host>/<path>?<searchpart> -> backend where
+// where parts of the url correspond to RFC 3986, this resource will be used
+// to match against everything after the last '/' and before the first '?'
+// or '#'.
+HTTPIngressRuleValue: {
+ // A collection of paths that map requests to backends.
+ paths: [...HTTPIngressPath] @go(Paths,[]HTTPIngressPath) @protobuf(1,bytes,rep)
+}
+
+// HTTPIngressPath associates a path regex with a backend. Incoming urls matching
+// the path are forwarded to the backend.
+HTTPIngressPath: {
+ // Path is an extended POSIX regex as defined by IEEE Std 1003.1,
+ // (i.e this follows the egrep/unix syntax, not the perl syntax)
+ // matched against the path of an incoming request. Currently it can
+ // contain characters disallowed from the conventional "path"
+ // part of a URL as defined by RFC 3986. Paths must begin with
+ // a '/'. If unspecified, the path defaults to a catch all sending
+ // traffic to the backend.
+ // +optional
+ path?: string @go(Path) @protobuf(1,bytes,opt)
+
+ // Backend defines the referenced service endpoint to which the traffic
+ // will be forwarded to.
+ backend: IngressBackend @go(Backend) @protobuf(2,bytes,opt)
+}
+
+// IngressBackend describes all endpoints for a given service and port.
+IngressBackend: {
+ // Specifies the name of the referenced service.
+ serviceName: string @go(ServiceName) @protobuf(1,bytes,opt)
+
+ // Specifies the port of the referenced service.
+ servicePort: intstr.IntOrString @go(ServicePort) @protobuf(2,bytes,opt)
+}
+
+// DEPRECATED - This group version of ReplicaSet is deprecated by apps/v1beta2/ReplicaSet. See the release notes for
+// more information.
+// ReplicaSet ensures that a specified number of pod replicas are running at any given time.
+ReplicaSet: metav1.TypeMeta & {
+ // If the Labels of a ReplicaSet are empty, they are defaulted to
+ // be the same as the Pod(s) that the ReplicaSet manages.
+ // Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Spec defines the specification of the desired behavior of the ReplicaSet.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ // +optional
+ spec?: ReplicaSetSpec @go(Spec) @protobuf(2,bytes,opt)
+
+ // Status is the most recently observed status of the ReplicaSet.
+ // This data may be out of date by some window of time.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ // +optional
+ status?: ReplicaSetStatus @go(Status) @protobuf(3,bytes,opt)
+}
+
+// ReplicaSetList is a collection of ReplicaSets.
+ReplicaSetList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of ReplicaSets.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller
+ items: [...ReplicaSet] @go(Items,[]ReplicaSet) @protobuf(2,bytes,rep)
+}
+
+// ReplicaSetSpec is the specification of a ReplicaSet.
+ReplicaSetSpec: {
+ // Replicas is the number of desired replicas.
+ // This is a pointer to distinguish between explicit zero and unspecified.
+ // Defaults to 1.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+ // +optional
+ replicas?: null | int32 @go(Replicas,*int32) @protobuf(1,varint,opt)
+
+ // Minimum number of seconds for which a newly created pod should be ready
+ // without any of its container crashing, for it to be considered available.
+ // Defaults to 0 (pod will be considered available as soon as it is ready)
+ // +optional
+ minReadySeconds?: int32 @go(MinReadySeconds) @protobuf(4,varint,opt)
+
+ // Selector is a label query over pods that should match the replica count.
+ // If the selector is empty, it is defaulted to the labels present on the pod template.
+ // Label keys and values that must match in order to be controlled by this replica set.
+ // More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+ // +optional
+ selector?: null | metav1.LabelSelector @go(Selector,*metav1.LabelSelector) @protobuf(2,bytes,opt)
+
+ // Template is the object that describes the pod that will be created if
+ // insufficient replicas are detected.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
+ // +optional
+ template?: v1.PodTemplateSpec @go(Template) @protobuf(3,bytes,opt)
+}
+
+// ReplicaSetStatus represents the current status of a ReplicaSet.
+ReplicaSetStatus: {
+ // Replicas is the most recently oberved number of replicas.
+ // More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/#what-is-a-replicationcontroller
+ replicas: int32 @go(Replicas) @protobuf(1,varint,opt)
+
+ // The number of pods that have labels matching the labels of the pod template of the replicaset.
+ // +optional
+ fullyLabeledReplicas?: int32 @go(FullyLabeledReplicas) @protobuf(2,varint,opt)
+
+ // The number of ready replicas for this replica set.
+ // +optional
+ readyReplicas?: int32 @go(ReadyReplicas) @protobuf(4,varint,opt)
+
+ // The number of available replicas (ready for at least minReadySeconds) for this replica set.
+ // +optional
+ availableReplicas?: int32 @go(AvailableReplicas) @protobuf(5,varint,opt)
+
+ // ObservedGeneration reflects the generation of the most recently observed ReplicaSet.
+ // +optional
+ observedGeneration?: int64 @go(ObservedGeneration) @protobuf(3,varint,opt)
+
+ // Represents the latest available observations of a replica set's current state.
+ // +optional
+ // +patchMergeKey=type
+ // +patchStrategy=merge
+ conditions?: [...ReplicaSetCondition] @go(Conditions,[]ReplicaSetCondition) @protobuf(6,bytes,rep)
+}
+
+ReplicaSetConditionType: string // enumReplicaSetConditionType
+
+enumReplicaSetConditionType:
+ ReplicaSetReplicaFailure
+
+// ReplicaSetReplicaFailure is added in a replica set when one of its pods fails to be created
+// due to insufficient quota, limit ranges, pod security policy, node selectors, etc. or deleted
+// due to kubelet being down or finalizers are failing.
+ReplicaSetReplicaFailure: ReplicaSetConditionType & "ReplicaFailure"
+
+// ReplicaSetCondition describes the state of a replica set at a certain point.
+ReplicaSetCondition: {
+ // Type of replica set condition.
+ type: ReplicaSetConditionType @go(Type) @protobuf(1,bytes,opt,casttype=ReplicaSetConditionType)
+
+ // Status of the condition, one of True, False, Unknown.
+ status: v1.ConditionStatus @go(Status) @protobuf(2,bytes,opt,casttype=k8s.io/api/core/v1.ConditionStatus)
+
+ // The last time the condition transitioned from one status to another.
+ // +optional
+ lastTransitionTime?: metav1.Time @go(LastTransitionTime) @protobuf(3,bytes,opt)
+
+ // The reason for the condition's last transition.
+ // +optional
+ reason?: string @go(Reason) @protobuf(4,bytes,opt)
+
+ // A human readable message indicating details about the transition.
+ // +optional
+ message?: string @go(Message) @protobuf(5,bytes,opt)
+}
+
+// PodSecurityPolicy governs the ability to make requests that affect the Security Context
+// that will be applied to a pod and container.
+// Deprecated: use PodSecurityPolicy from policy API Group instead.
+PodSecurityPolicy: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // spec defines the policy enforced.
+ // +optional
+ spec?: PodSecurityPolicySpec @go(Spec) @protobuf(2,bytes,opt)
+}
+
+// PodSecurityPolicySpec defines the policy enforced.
+// Deprecated: use PodSecurityPolicySpec from policy API Group instead.
+PodSecurityPolicySpec: {
+ // privileged determines if a pod can request to be run as privileged.
+ // +optional
+ privileged?: bool @go(Privileged) @protobuf(1,varint,opt)
+
+ // defaultAddCapabilities is the default set of capabilities that will be added to the container
+ // unless the pod spec specifically drops the capability. You may not list a capability in both
+ // defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
+ // allowed, and need not be included in the allowedCapabilities list.
+ // +optional
+ defaultAddCapabilities?: [...v1.Capability] @go(DefaultAddCapabilities,[]v1.Capability) @protobuf(2,bytes,rep,casttype=k8s.io/api/core/v1.Capability)
+
+ // requiredDropCapabilities are the capabilities that will be dropped from the container. These
+ // are required to be dropped and cannot be added.
+ // +optional
+ requiredDropCapabilities?: [...v1.Capability] @go(RequiredDropCapabilities,[]v1.Capability) @protobuf(3,bytes,rep,casttype=k8s.io/api/core/v1.Capability)
+
+ // allowedCapabilities is a list of capabilities that can be requested to add to the container.
+ // Capabilities in this field may be added at the pod author's discretion.
+ // You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
+ // +optional
+ allowedCapabilities?: [...v1.Capability] @go(AllowedCapabilities,[]v1.Capability) @protobuf(4,bytes,rep,casttype=k8s.io/api/core/v1.Capability)
+
+ // volumes is a white list of allowed volume plugins. Empty indicates that
+ // no volumes may be used. To allow all volumes you may use '*'.
+ // +optional
+ volumes?: [...FSType] @go(Volumes,[]FSType) @protobuf(5,bytes,rep,casttype=FSType)
+
+ // hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
+ // +optional
+ hostNetwork?: bool @go(HostNetwork) @protobuf(6,varint,opt)
+
+ // hostPorts determines which host port ranges are allowed to be exposed.
+ // +optional
+ hostPorts?: [...HostPortRange] @go(HostPorts,[]HostPortRange) @protobuf(7,bytes,rep)
+
+ // hostPID determines if the policy allows the use of HostPID in the pod spec.
+ // +optional
+ hostPID?: bool @go(HostPID) @protobuf(8,varint,opt)
+
+ // hostIPC determines if the policy allows the use of HostIPC in the pod spec.
+ // +optional
+ hostIPC?: bool @go(HostIPC) @protobuf(9,varint,opt)
+
+ // seLinux is the strategy that will dictate the allowable labels that may be set.
+ seLinux: SELinuxStrategyOptions @go(SELinux) @protobuf(10,bytes,opt)
+
+ // runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
+ runAsUser: RunAsUserStrategyOptions @go(RunAsUser) @protobuf(11,bytes,opt)
+
+ // RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
+ // If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
+ // RunAsGroup feature gate to be enabled.
+ // +optional
+ runAsGroup?: null | RunAsGroupStrategyOptions @go(RunAsGroup,*RunAsGroupStrategyOptions) @protobuf(22,bytes,opt)
+
+ // supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
+ supplementalGroups: SupplementalGroupsStrategyOptions @go(SupplementalGroups) @protobuf(12,bytes,opt)
+
+ // fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
+ fsGroup: FSGroupStrategyOptions @go(FSGroup) @protobuf(13,bytes,opt)
+
+ // readOnlyRootFilesystem when set to true will force containers to run with a read only root file
+ // system. If the container specifically requests to run with a non-read only root file system
+ // the PSP should deny the pod.
+ // If set to false the container may run with a read only root file system if it wishes but it
+ // will not be forced to.
+ // +optional
+ readOnlyRootFilesystem?: bool @go(ReadOnlyRootFilesystem) @protobuf(14,varint,opt)
+
+ // defaultAllowPrivilegeEscalation controls the default setting for whether a
+ // process can gain more privileges than its parent process.
+ // +optional
+ defaultAllowPrivilegeEscalation?: null | bool @go(DefaultAllowPrivilegeEscalation,*bool) @protobuf(15,varint,opt)
+
+ // allowPrivilegeEscalation determines if a pod can request to allow
+ // privilege escalation. If unspecified, defaults to true.
+ // +optional
+ allowPrivilegeEscalation?: null | bool @go(AllowPrivilegeEscalation,*bool) @protobuf(16,varint,opt)
+
+ // allowedHostPaths is a white list of allowed host paths. Empty indicates
+ // that all host paths may be used.
+ // +optional
+ allowedHostPaths?: [...AllowedHostPath] @go(AllowedHostPaths,[]AllowedHostPath) @protobuf(17,bytes,rep)
+
+ // allowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all
+ // Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes
+ // is allowed in the "volumes" field.
+ // +optional
+ allowedFlexVolumes?: [...AllowedFlexVolume] @go(AllowedFlexVolumes,[]AllowedFlexVolume) @protobuf(18,bytes,rep)
+
+ // AllowedCSIDrivers is a whitelist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
+ // An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
+ // This is an alpha field, and is only honored if the API server enables the CSIInlineVolume feature gate.
+ // +optional
+ allowedCSIDrivers?: [...AllowedCSIDriver] @go(AllowedCSIDrivers,[]AllowedCSIDriver) @protobuf(23,bytes,rep)
+
+ // allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
+ // Each entry is either a plain sysctl name or ends in "*" in which case it is considered
+ // as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
+ // Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
+ //
+ // Examples:
+ // e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
+ // e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
+ // +optional
+ allowedUnsafeSysctls?: [...string] @go(AllowedUnsafeSysctls,[]string) @protobuf(19,bytes,rep)
+
+ // forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
+ // Each entry is either a plain sysctl name or ends in "*" in which case it is considered
+ // as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
+ //
+ // Examples:
+ // e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
+ // e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
+ // +optional
+ forbiddenSysctls?: [...string] @go(ForbiddenSysctls,[]string) @protobuf(20,bytes,rep)
+
+ // AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
+ // Empty or nil indicates that only the DefaultProcMountType may be used.
+ // This requires the ProcMountType feature flag to be enabled.
+ // +optional
+ allowedProcMountTypes?: [...v1.ProcMountType] @go(AllowedProcMountTypes,[]v1.ProcMountType) @protobuf(21,bytes,opt)
+
+ // runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
+ // If this field is omitted, the pod's runtimeClassName field is unrestricted.
+ // Enforcement of this field depends on the RuntimeClass feature gate being enabled.
+ // +optional
+ runtimeClass?: null | RuntimeClassStrategyOptions @go(RuntimeClass,*RuntimeClassStrategyOptions) @protobuf(24,bytes,opt)
+}
+
+// AllowedHostPath defines the host volume conditions that will be enabled by a policy
+// for pods to use. It requires the path prefix to be defined.
+// Deprecated: use AllowedHostPath from policy API Group instead.
+AllowedHostPath: {
+ // pathPrefix is the path prefix that the host volume must match.
+ // It does not support `*`.
+ // Trailing slashes are trimmed when validating the path prefix with a host path.
+ //
+ // Examples:
+ // `/foo` would allow `/foo`, `/foo/` and `/foo/bar`
+ // `/foo` would not allow `/food` or `/etc/foo`
+ pathPrefix?: string @go(PathPrefix) @protobuf(1,bytes,rep)
+
+ // when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.
+ // +optional
+ readOnly?: bool @go(ReadOnly) @protobuf(2,varint,opt)
+}
+
+// FSType gives strong typing to different file systems that are used by volumes.
+// Deprecated: use FSType from policy API Group instead.
+FSType: string
+
+// AllowedFlexVolume represents a single Flexvolume that is allowed to be used.
+// Deprecated: use AllowedFlexVolume from policy API Group instead.
+AllowedFlexVolume: {
+ // driver is the name of the Flexvolume driver.
+ driver: string @go(Driver) @protobuf(1,bytes,opt)
+}
+
+// AllowedCSIDriver represents a single inline CSI Driver that is allowed to be used.
+AllowedCSIDriver: {
+ // Name is the registered name of the CSI driver
+ name: string @go(Name) @protobuf(1,bytes,opt)
+}
+
+// HostPortRange defines a range of host ports that will be enabled by a policy
+// for pods to use. It requires both the start and end to be defined.
+// Deprecated: use HostPortRange from policy API Group instead.
+HostPortRange: {
+ // min is the start of the range, inclusive.
+ min: int32 @go(Min) @protobuf(1,varint,opt)
+
+ // max is the end of the range, inclusive.
+ max: int32 @go(Max) @protobuf(2,varint,opt)
+}
+
+// SELinuxStrategyOptions defines the strategy type and any options used to create the strategy.
+// Deprecated: use SELinuxStrategyOptions from policy API Group instead.
+SELinuxStrategyOptions: {
+ // rule is the strategy that will dictate the allowable labels that may be set.
+ rule: SELinuxStrategy @go(Rule) @protobuf(1,bytes,opt,casttype=SELinuxStrategy)
+
+ // seLinuxOptions required to run as; required for MustRunAs
+ // More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+ // +optional
+ seLinuxOptions?: null | v1.SELinuxOptions @go(SELinuxOptions,*v1.SELinuxOptions) @protobuf(2,bytes,opt)
+}
+
+// SELinuxStrategy denotes strategy types for generating SELinux options for a
+// Security Context.
+// Deprecated: use SELinuxStrategy from policy API Group instead.
+SELinuxStrategy: string // enumSELinuxStrategy
+
+enumSELinuxStrategy:
+ SELinuxStrategyMustRunAs |
+ SELinuxStrategyRunAsAny
+
+// SELinuxStrategyMustRunAs means that container must have SELinux labels of X applied.
+// Deprecated: use SELinuxStrategyMustRunAs from policy API Group instead.
+SELinuxStrategyMustRunAs: SELinuxStrategy & "MustRunAs"
+
+// SELinuxStrategyRunAsAny means that container may make requests for any SELinux context labels.
+// Deprecated: use SELinuxStrategyRunAsAny from policy API Group instead.
+SELinuxStrategyRunAsAny: SELinuxStrategy & "RunAsAny"
+
+// RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy.
+// Deprecated: use RunAsUserStrategyOptions from policy API Group instead.
+RunAsUserStrategyOptions: {
+ // rule is the strategy that will dictate the allowable RunAsUser values that may be set.
+ rule: RunAsUserStrategy @go(Rule) @protobuf(1,bytes,opt,casttype=RunAsUserStrategy)
+
+ // ranges are the allowed ranges of uids that may be used. If you would like to force a single uid
+ // then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ ranges?: [...IDRange] @go(Ranges,[]IDRange) @protobuf(2,bytes,rep)
+}
+
+// RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy.
+// Deprecated: use RunAsGroupStrategyOptions from policy API Group instead.
+RunAsGroupStrategyOptions: {
+ // rule is the strategy that will dictate the allowable RunAsGroup values that may be set.
+ rule: RunAsGroupStrategy @go(Rule) @protobuf(1,bytes,opt,casttype=RunAsGroupStrategy)
+
+ // ranges are the allowed ranges of gids that may be used. If you would like to force a single gid
+ // then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ ranges?: [...IDRange] @go(Ranges,[]IDRange) @protobuf(2,bytes,rep)
+}
+
+// IDRange provides a min/max of an allowed range of IDs.
+// Deprecated: use IDRange from policy API Group instead.
+IDRange: {
+ // min is the start of the range, inclusive.
+ min: int64 @go(Min) @protobuf(1,varint,opt)
+
+ // max is the end of the range, inclusive.
+ max: int64 @go(Max) @protobuf(2,varint,opt)
+}
+
+// RunAsUserStrategy denotes strategy types for generating RunAsUser values for a
+// Security Context.
+// Deprecated: use RunAsUserStrategy from policy API Group instead.
+RunAsUserStrategy: string // enumRunAsUserStrategy
+
+enumRunAsUserStrategy:
+ RunAsUserStrategyMustRunAs |
+ RunAsUserStrategyMustRunAsNonRoot |
+ RunAsUserStrategyRunAsAny
+
+// RunAsUserStrategyMustRunAs means that container must run as a particular uid.
+// Deprecated: use RunAsUserStrategyMustRunAs from policy API Group instead.
+RunAsUserStrategyMustRunAs: RunAsUserStrategy & "MustRunAs"
+
+// RunAsUserStrategyMustRunAsNonRoot means that container must run as a non-root uid.
+// Deprecated: use RunAsUserStrategyMustRunAsNonRoot from policy API Group instead.
+RunAsUserStrategyMustRunAsNonRoot: RunAsUserStrategy & "MustRunAsNonRoot"
+
+// RunAsUserStrategyRunAsAny means that container may make requests for any uid.
+// Deprecated: use RunAsUserStrategyRunAsAny from policy API Group instead.
+RunAsUserStrategyRunAsAny: RunAsUserStrategy & "RunAsAny"
+
+// RunAsGroupStrategy denotes strategy types for generating RunAsGroup values for a
+// Security Context.
+// Deprecated: use RunAsGroupStrategy from policy API Group instead.
+RunAsGroupStrategy: string // enumRunAsGroupStrategy
+
+enumRunAsGroupStrategy:
+ RunAsGroupStrategyMayRunAs |
+ RunAsGroupStrategyMustRunAs |
+ RunAsGroupStrategyRunAsAny
+
+// RunAsGroupStrategyMayRunAs means that container does not need to run with a particular gid.
+// However, when RunAsGroup are specified, they have to fall in the defined range.
+RunAsGroupStrategyMayRunAs: RunAsGroupStrategy & "MayRunAs"
+
+// RunAsGroupStrategyMustRunAs means that container must run as a particular gid.
+// Deprecated: use RunAsGroupStrategyMustRunAs from policy API Group instead.
+RunAsGroupStrategyMustRunAs: RunAsGroupStrategy & "MustRunAs"
+
+// RunAsGroupStrategyRunAsAny means that container may make requests for any gid.
+// Deprecated: use RunAsGroupStrategyRunAsAny from policy API Group instead.
+RunAsGroupStrategyRunAsAny: RunAsGroupStrategy & "RunAsAny"
+
+// FSGroupStrategyOptions defines the strategy type and options used to create the strategy.
+// Deprecated: use FSGroupStrategyOptions from policy API Group instead.
+FSGroupStrategyOptions: {
+ // rule is the strategy that will dictate what FSGroup is used in the SecurityContext.
+ // +optional
+ rule?: FSGroupStrategyType @go(Rule) @protobuf(1,bytes,opt,casttype=FSGroupStrategyType)
+
+ // ranges are the allowed ranges of fs groups. If you would like to force a single
+ // fs group then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ ranges?: [...IDRange] @go(Ranges,[]IDRange) @protobuf(2,bytes,rep)
+}
+
+// FSGroupStrategyType denotes strategy types for generating FSGroup values for a
+// SecurityContext
+// Deprecated: use FSGroupStrategyType from policy API Group instead.
+FSGroupStrategyType: string // enumFSGroupStrategyType
+
+enumFSGroupStrategyType:
+ FSGroupStrategyMustRunAs |
+ FSGroupStrategyRunAsAny
+
+// FSGroupStrategyMustRunAs meant that container must have FSGroup of X applied.
+// Deprecated: use FSGroupStrategyMustRunAs from policy API Group instead.
+FSGroupStrategyMustRunAs: FSGroupStrategyType & "MustRunAs"
+
+// FSGroupStrategyRunAsAny means that container may make requests for any FSGroup labels.
+// Deprecated: use FSGroupStrategyRunAsAny from policy API Group instead.
+FSGroupStrategyRunAsAny: FSGroupStrategyType & "RunAsAny"
+
+// SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.
+// Deprecated: use SupplementalGroupsStrategyOptions from policy API Group instead.
+SupplementalGroupsStrategyOptions: {
+ // rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.
+ // +optional
+ rule?: SupplementalGroupsStrategyType @go(Rule) @protobuf(1,bytes,opt,casttype=SupplementalGroupsStrategyType)
+
+ // ranges are the allowed ranges of supplemental groups. If you would like to force a single
+ // supplemental group then supply a single range with the same start and end. Required for MustRunAs.
+ // +optional
+ ranges?: [...IDRange] @go(Ranges,[]IDRange) @protobuf(2,bytes,rep)
+}
+
+// SupplementalGroupsStrategyType denotes strategy types for determining valid supplemental
+// groups for a SecurityContext.
+// Deprecated: use SupplementalGroupsStrategyType from policy API Group instead.
+SupplementalGroupsStrategyType: string // enumSupplementalGroupsStrategyType
+
+enumSupplementalGroupsStrategyType:
+ SupplementalGroupsStrategyMustRunAs |
+ SupplementalGroupsStrategyRunAsAny
+
+// SupplementalGroupsStrategyMustRunAs means that container must run as a particular gid.
+// Deprecated: use SupplementalGroupsStrategyMustRunAs from policy API Group instead.
+SupplementalGroupsStrategyMustRunAs: SupplementalGroupsStrategyType & "MustRunAs"
+
+// SupplementalGroupsStrategyRunAsAny means that container may make requests for any gid.
+// Deprecated: use SupplementalGroupsStrategyRunAsAny from policy API Group instead.
+SupplementalGroupsStrategyRunAsAny: SupplementalGroupsStrategyType & "RunAsAny"
+
+// RuntimeClassStrategyOptions define the strategy that will dictate the allowable RuntimeClasses
+// for a pod.
+RuntimeClassStrategyOptions: {
+ // allowedRuntimeClassNames is a whitelist of RuntimeClass names that may be specified on a pod.
+ // A value of "*" means that any RuntimeClass name is allowed, and must be the only item in the
+ // list. An empty list requires the RuntimeClassName field to be unset.
+ allowedRuntimeClassNames: [...string] @go(AllowedRuntimeClassNames,[]string) @protobuf(1,bytes,rep)
+
+ // defaultRuntimeClassName is the default RuntimeClassName to set on the pod.
+ // The default MUST be allowed by the allowedRuntimeClassNames list.
+ // A value of nil does not mutate the Pod.
+ // +optional
+ defaultRuntimeClassName?: null | string @go(DefaultRuntimeClassName,*string) @protobuf(2,bytes,opt)
+}
+
+AllowAllRuntimeClassNames: "*"
+
+// PodSecurityPolicyList is a list of PodSecurityPolicy objects.
+// Deprecated: use PodSecurityPolicyList from policy API Group instead.
+PodSecurityPolicyList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // items is a list of schema objects.
+ items: [...PodSecurityPolicy] @go(Items,[]PodSecurityPolicy) @protobuf(2,bytes,rep)
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicy is deprecated by networking/v1/NetworkPolicy.
+// NetworkPolicy describes what network traffic is allowed for a set of Pods
+NetworkPolicy: metav1.TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+
+ // Specification of the desired behavior for this NetworkPolicy.
+ // +optional
+ spec?: NetworkPolicySpec @go(Spec) @protobuf(2,bytes,opt)
+}
+
+// DEPRECATED 1.9 - This group version of PolicyType is deprecated by networking/v1/PolicyType.
+// Policy Type string describes the NetworkPolicy type
+// This type is beta-level in 1.8
+PolicyType: string // enumPolicyType
+
+enumPolicyType:
+ PolicyTypeIngress |
+ PolicyTypeEgress
+
+// PolicyTypeIngress is a NetworkPolicy that affects ingress traffic on selected pods
+PolicyTypeIngress: PolicyType & "Ingress"
+
+// PolicyTypeEgress is a NetworkPolicy that affects egress traffic on selected pods
+PolicyTypeEgress: PolicyType & "Egress"
+
+// DEPRECATED 1.9 - This group version of NetworkPolicySpec is deprecated by networking/v1/NetworkPolicySpec.
+NetworkPolicySpec: {
+ // Selects the pods to which this NetworkPolicy object applies. The array of ingress rules
+ // is applied to any pods selected by this field. Multiple network policies can select the
+ // same set of pods. In this case, the ingress rules for each are combined additively.
+ // This field is NOT optional and follows standard label selector semantics.
+ // An empty podSelector matches all pods in this namespace.
+ podSelector: metav1.LabelSelector @go(PodSelector) @protobuf(1,bytes,opt)
+
+ // List of ingress rules to be applied to the selected pods.
+ // Traffic is allowed to a pod if there are no NetworkPolicies selecting the pod
+ // OR if the traffic source is the pod's local node,
+ // OR if the traffic matches at least one ingress rule across all of the NetworkPolicy
+ // objects whose podSelector matches the pod.
+ // If this field is empty then this NetworkPolicy does not allow any traffic
+ // (and serves solely to ensure that the pods it selects are isolated by default).
+ // +optional
+ ingress?: [...NetworkPolicyIngressRule] @go(Ingress,[]NetworkPolicyIngressRule) @protobuf(2,bytes,rep)
+
+ // List of egress rules to be applied to the selected pods. Outgoing traffic is
+ // allowed if there are no NetworkPolicies selecting the pod (and cluster policy
+ // otherwise allows the traffic), OR if the traffic matches at least one egress rule
+ // across all of the NetworkPolicy objects whose podSelector matches the pod. If
+ // this field is empty then this NetworkPolicy limits all outgoing traffic (and serves
+ // solely to ensure that the pods it selects are isolated by default).
+ // This field is beta-level in 1.8
+ // +optional
+ egress?: [...NetworkPolicyEgressRule] @go(Egress,[]NetworkPolicyEgressRule) @protobuf(3,bytes,rep)
+
+ // List of rule types that the NetworkPolicy relates to.
+ // Valid options are "Ingress", "Egress", or "Ingress,Egress".
+ // If this field is not specified, it will default based on the existence of Ingress or Egress rules;
+ // policies that contain an Egress section are assumed to affect Egress, and all policies
+ // (whether or not they contain an Ingress section) are assumed to affect Ingress.
+ // If you want to write an egress-only policy, you must explicitly specify policyTypes [ "Egress" ].
+ // Likewise, if you want to write a policy that specifies that no egress is allowed,
+ // you must specify a policyTypes value that include "Egress" (since such a policy would not include
+ // an Egress section and would otherwise default to just [ "Ingress" ]).
+ // This field is beta-level in 1.8
+ // +optional
+ policyTypes?: [...PolicyType] @go(PolicyTypes,[]PolicyType) @protobuf(4,bytes,rep,casttype=PolicyType)
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyIngressRule is deprecated by networking/v1/NetworkPolicyIngressRule.
+// This NetworkPolicyIngressRule matches traffic if and only if the traffic matches both ports AND from.
+NetworkPolicyIngressRule: {
+ // List of ports which should be made accessible on the pods selected for this rule.
+ // Each item in this list is combined using a logical OR.
+ // If this field is empty or missing, this rule matches all ports (traffic not restricted by port).
+ // If this field is present and contains at least one item, then this rule allows traffic
+ // only if the traffic matches at least one port in the list.
+ // +optional
+ ports?: [...NetworkPolicyPort] @go(Ports,[]NetworkPolicyPort) @protobuf(1,bytes,rep)
+
+ // List of sources which should be able to access the pods selected for this rule.
+ // Items in this list are combined using a logical OR operation.
+ // If this field is empty or missing, this rule matches all sources (traffic not restricted by source).
+ // If this field is present and contains at least on item, this rule allows traffic only if the
+ // traffic matches at least one item in the from list.
+ // +optional
+ from?: [...NetworkPolicyPeer] @go(From,[]NetworkPolicyPeer) @protobuf(2,bytes,rep)
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyEgressRule is deprecated by networking/v1/NetworkPolicyEgressRule.
+// NetworkPolicyEgressRule describes a particular set of traffic that is allowed out of pods
+// matched by a NetworkPolicySpec's podSelector. The traffic must match both ports and to.
+// This type is beta-level in 1.8
+NetworkPolicyEgressRule: {
+ // List of destination ports for outgoing traffic.
+ // Each item in this list is combined using a logical OR. If this field is
+ // empty or missing, this rule matches all ports (traffic not restricted by port).
+ // If this field is present and contains at least one item, then this rule allows
+ // traffic only if the traffic matches at least one port in the list.
+ // +optional
+ ports?: [...NetworkPolicyPort] @go(Ports,[]NetworkPolicyPort) @protobuf(1,bytes,rep)
+
+ // List of destinations for outgoing traffic of pods selected for this rule.
+ // Items in this list are combined using a logical OR operation. If this field is
+ // empty or missing, this rule matches all destinations (traffic not restricted by
+ // destination). If this field is present and contains at least one item, this rule
+ // allows traffic only if the traffic matches at least one item in the to list.
+ // +optional
+ to?: [...NetworkPolicyPeer] @go(To,[]NetworkPolicyPeer) @protobuf(2,bytes,rep)
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyPort is deprecated by networking/v1/NetworkPolicyPort.
+NetworkPolicyPort: {
+ // Optional. The protocol (TCP, UDP, or SCTP) which traffic must match.
+ // If not specified, this field defaults to TCP.
+ // +optional
+ protocol?: null | v1.Protocol @go(Protocol,*v1.Protocol) @protobuf(1,bytes,opt,casttype=k8s.io/api/core/v1.Protocol)
+
+ // If specified, the port on the given protocol. This can
+ // either be a numerical or named port on a pod. If this field is not provided,
+ // this matches all port names and numbers.
+ // If present, only traffic on the specified protocol AND port
+ // will be matched.
+ // +optional
+ port?: null | intstr.IntOrString @go(Port,*intstr.IntOrString) @protobuf(2,bytes,opt)
+}
+
+// DEPRECATED 1.9 - This group version of IPBlock is deprecated by networking/v1/IPBlock.
+// IPBlock describes a particular CIDR (Ex. "192.168.1.1/24") that is allowed to the pods
+// matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should
+// not be included within this rule.
+IPBlock: {
+ // CIDR is a string representing the IP Block
+ // Valid examples are "192.168.1.1/24"
+ cidr: string @go(CIDR) @protobuf(1,bytes)
+
+ // Except is a slice of CIDRs that should not be included within an IP Block
+ // Valid examples are "192.168.1.1/24"
+ // Except values will be rejected if they are outside the CIDR range
+ // +optional
+ except?: [...string] @go(Except,[]string) @protobuf(2,bytes,rep)
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyPeer is deprecated by networking/v1/NetworkPolicyPeer.
+NetworkPolicyPeer: {
+ // This is a label selector which selects Pods. This field follows standard label
+ // selector semantics; if present but empty, it selects all pods.
+ //
+ // If NamespaceSelector is also set, then the NetworkPolicyPeer as a whole selects
+ // the Pods matching PodSelector in the Namespaces selected by NamespaceSelector.
+ // Otherwise it selects the Pods matching PodSelector in the policy's own Namespace.
+ // +optional
+ podSelector?: null | metav1.LabelSelector @go(PodSelector,*metav1.LabelSelector) @protobuf(1,bytes,opt)
+
+ // Selects Namespaces using cluster-scoped labels. This field follows standard label
+ // selector semantics; if present but empty, it selects all namespaces.
+ //
+ // If PodSelector is also set, then the NetworkPolicyPeer as a whole selects
+ // the Pods matching PodSelector in the Namespaces selected by NamespaceSelector.
+ // Otherwise it selects all Pods in the Namespaces selected by NamespaceSelector.
+ // +optional
+ namespaceSelector?: null | metav1.LabelSelector @go(NamespaceSelector,*metav1.LabelSelector) @protobuf(2,bytes,opt)
+
+ // IPBlock defines policy on a particular IPBlock. If this field is set then
+ // neither of the other fields can be.
+ // +optional
+ ipBlock?: null | IPBlock @go(IPBlock,*IPBlock) @protobuf(3,bytes,rep)
+}
+
+// DEPRECATED 1.9 - This group version of NetworkPolicyList is deprecated by networking/v1/NetworkPolicyList.
+// Network Policy List is a list of NetworkPolicy objects.
+NetworkPolicyList: metav1.TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ // +optional
+ metadata?: metav1.ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Items is a list of schema objects.
+ items: [...NetworkPolicy] @go(Items,[]NetworkPolicy) @protobuf(2,bytes,rep)
+}
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/api/resource/amount_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/api/resource/amount_go_gen.cue
new file mode 100644
index 0000000..e7d7544
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/api/resource/amount_go_gen.cue
@@ -0,0 +1,31 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/api/resource
+
+package resource
+
+// Scale is used for getting and setting the base-10 scaled value.
+// Base-2 scales are omitted for mathematical simplicity.
+// See Quantity.ScaledValue for more details.
+Scale: int32 // enumScale
+
+enumScale:
+ Nano |
+ Micro |
+ Milli |
+ Kilo |
+ Mega |
+ Giga |
+ Tera |
+ Peta |
+ Exa
+
+Nano: Scale & -9
+Micro: Scale & -6
+Milli: Scale & -3
+Kilo: Scale & 3
+Mega: Scale & 6
+Giga: Scale & 9
+Tera: Scale & 12
+Peta: Scale & 15
+Exa: Scale & 18
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/api/resource/generated.pb_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/api/resource/generated.pb_go_gen.cue
new file mode 100644
index 0000000..a45b201
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/api/resource/generated.pb_go_gen.cue
@@ -0,0 +1,14 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/api/resource
+
+/*
+Package resource is a generated protocol buffer package.
+
+It is generated from these files:
+ k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/api/resource/generated.proto
+
+It has these top-level messages:
+ Quantity
+*/
+package resource
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/api/resource/quantity_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/api/resource/quantity_go_gen.cue
new file mode 100644
index 0000000..c488bb8
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/api/resource/quantity_go_gen.cue
@@ -0,0 +1,80 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/api/resource
+
+package resource
+
+// Quantity is a fixed-point representation of a number.
+// It provides convenient marshaling/unmarshaling in JSON and YAML,
+// in addition to String() and Int64() accessors.
+//
+// The serialization format is:
+//
+// <quantity> ::= <signedNumber><suffix>
+// (Note that <suffix> may be empty, from the "" case in <decimalSI>.)
+// <digit> ::= 0 | 1 | ... | 9
+// <digits> ::= <digit> | <digit><digits>
+// <number> ::= <digits> | <digits>.<digits> | <digits>. | .<digits>
+// <sign> ::= "+" | "-"
+// <signedNumber> ::= <number> | <sign><number>
+// <suffix> ::= <binarySI> | <decimalExponent> | <decimalSI>
+// <binarySI> ::= Ki | Mi | Gi | Ti | Pi | Ei
+// (International System of units; See: http://physics.nist.gov/cuu/Units/binary.html)
+// <decimalSI> ::= m | "" | k | M | G | T | P | E
+// (Note that 1024 = 1Ki but 1000 = 1k; I didn't choose the capitalization.)
+// <decimalExponent> ::= "e" <signedNumber> | "E" <signedNumber>
+//
+// No matter which of the three exponent forms is used, no quantity may represent
+// a number greater than 2^63-1 in magnitude, nor may it have more than 3 decimal
+// places. Numbers larger or more precise will be capped or rounded up.
+// (E.g.: 0.1m will rounded up to 1m.)
+// This may be extended in the future if we require larger or smaller quantities.
+//
+// When a Quantity is parsed from a string, it will remember the type of suffix
+// it had, and will use the same type again when it is serialized.
+//
+// Before serializing, Quantity will be put in "canonical form".
+// This means that Exponent/suffix will be adjusted up or down (with a
+// corresponding increase or decrease in Mantissa) such that:
+// a. No precision is lost
+// b. No fractional digits will be emitted
+// c. The exponent (or suffix) is as large as possible.
+// The sign will be omitted unless the number is negative.
+//
+// Examples:
+// 1.5 will be serialized as "1500m"
+// 1.5Gi will be serialized as "1536Mi"
+//
+// Note that the quantity will NEVER be internally represented by a
+// floating point number. That is the whole point of this exercise.
+//
+// Non-canonical values will still parse as long as they are well formed,
+// but will be re-emitted in their canonical form. (So always use canonical
+// form, or don't diff.)
+//
+// This format is intended to make it difficult to use these numbers without
+// writing some sort of special handling code in the hopes that that will
+// cause implementors to also use a fixed point implementation.
+//
+// +protobuf=true
+// +protobuf.embed=string
+// +protobuf.options.marshal=false
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+// +k8s:deepcopy-gen=true
+// +k8s:openapi-gen=true
+Quantity: _
+
+// CanonicalValue allows a quantity amount to be converted to a string.
+CanonicalValue: _
+
+// Format lists the three possible formattings of a quantity.
+Format: string // enumFormat
+
+enumFormat:
+ DecimalExponent |
+ BinarySI |
+ DecimalSI
+
+DecimalExponent: Format & "DecimalExponent"
+BinarySI: Format & "BinarySI"
+DecimalSI: Format & "DecimalSI"
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/duration_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/duration_go_gen.cue
new file mode 100644
index 0000000..8f91746
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/duration_go_gen.cue
@@ -0,0 +1,10 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/apis/meta/v1
+
+package v1
+
+// Duration is a wrapper around time.Duration which supports correct
+// marshaling to YAML and JSON. In particular, it marshals into strings, which
+// can be used as map keys in json.
+Duration: _
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/generated.pb_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/generated.pb_go_gen.cue
new file mode 100644
index 0000000..7c54b85
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/generated.pb_go_gen.cue
@@ -0,0 +1,58 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/apis/meta/v1
+
+/*
+ Package v1 is a generated protocol buffer package.
+
+ It is generated from these files:
+ k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto
+
+ It has these top-level messages:
+ APIGroup
+ APIGroupList
+ APIResource
+ APIResourceList
+ APIVersions
+ CreateOptions
+ DeleteOptions
+ Duration
+ ExportOptions
+ Fields
+ GetOptions
+ GroupKind
+ GroupResource
+ GroupVersion
+ GroupVersionForDiscovery
+ GroupVersionKind
+ GroupVersionResource
+ Initializer
+ Initializers
+ LabelSelector
+ LabelSelectorRequirement
+ List
+ ListMeta
+ ListOptions
+ ManagedFieldsEntry
+ MicroTime
+ ObjectMeta
+ OwnerReference
+ PartialObjectMetadata
+ PartialObjectMetadataList
+ Patch
+ PatchOptions
+ Preconditions
+ RootPaths
+ ServerAddressByClientCIDR
+ Status
+ StatusCause
+ StatusDetails
+ TableOptions
+ Time
+ Timestamp
+ TypeMeta
+ UpdateOptions
+ Verbs
+ WatchEvent
+*/
+package v1
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/group_version_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/group_version_go_gen.cue
new file mode 100644
index 0000000..3ccfb01
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/group_version_go_gen.cue
@@ -0,0 +1,48 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/apis/meta/v1
+
+package v1
+
+// GroupResource specifies a Group and a Resource, but does not force a version. This is useful for identifying
+// concepts during lookup stages without having partially valid types
+//
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+GroupResource: {
+ group: string @go(Group) @protobuf(1,bytes,opt)
+ resource: string @go(Resource) @protobuf(2,bytes,opt)
+}
+
+// GroupVersionResource unambiguously identifies a resource. It doesn't anonymously include GroupVersion
+// to avoid automatic coersion. It doesn't use a GroupVersion to avoid custom marshalling
+//
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+GroupVersionResource: {
+ group: string @go(Group) @protobuf(1,bytes,opt)
+ version: string @go(Version) @protobuf(2,bytes,opt)
+ resource: string @go(Resource) @protobuf(3,bytes,opt)
+}
+
+// GroupKind specifies a Group and a Kind, but does not force a version. This is useful for identifying
+// concepts during lookup stages without having partially valid types
+//
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+GroupKind: {
+ group: string @go(Group) @protobuf(1,bytes,opt)
+ kind: string @go(Kind) @protobuf(2,bytes,opt)
+}
+
+// GroupVersionKind unambiguously identifies a kind. It doesn't anonymously include GroupVersion
+// to avoid automatic coersion. It doesn't use a GroupVersion to avoid custom marshalling
+//
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+GroupVersionKind: {
+ group: string @go(Group) @protobuf(1,bytes,opt)
+ version: string @go(Version) @protobuf(2,bytes,opt)
+ kind: string @go(Kind) @protobuf(3,bytes,opt)
+}
+
+// GroupVersion contains the "group" and the "version", which uniquely identifies the API.
+//
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+GroupVersion: _
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/meta_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/meta_go_gen.cue
new file mode 100644
index 0000000..14faa1c
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/meta_go_gen.cue
@@ -0,0 +1,33 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/apis/meta/v1
+
+package v1
+
+// TODO: move this, Object, List, and Type to a different package
+ObjectMetaAccessor: _
+
+// Object lets you work with object metadata from any of the versioned or
+// internal API objects. Attempting to set or retrieve a field on an object that does
+// not support that field (Name, UID, Namespace on lists) will be a no-op and return
+// a default value.
+Object: _
+
+// ListMetaAccessor retrieves the list interface from an object
+ListMetaAccessor: _
+
+// Common lets you work with core metadata from any of the versioned or
+// internal API objects. Attempting to set or retrieve a field on an object that does
+// not support that field will be a no-op and return a default value.
+// TODO: move this, and TypeMeta and ListMeta, to a different package
+Common: _
+
+// ListInterface lets you work with list metadata from any of the versioned or
+// internal API objects. Attempting to set or retrieve a field on an object that does
+// not support that field will be a no-op and return a default value.
+// TODO: move this, and TypeMeta and ListMeta, to a different package
+ListInterface: _
+
+// Type exposes the type and APIVersion of versioned or internal API objects.
+// TODO: move this, and TypeMeta and ListMeta, to a different package
+Type: _
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time_go_gen.cue
new file mode 100644
index 0000000..b5d5d89
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/micro_time_go_gen.cue
@@ -0,0 +1,14 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/apis/meta/v1
+
+package v1
+
+RFC3339Micro: "2006-01-02T15:04:05.000000Z07:00"
+
+// MicroTime is version of Time with microsecond level precision.
+//
+// +protobuf.options.marshal=false
+// +protobuf.as=Timestamp
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+MicroTime: _
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/register_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/register_go_gen.cue
new file mode 100644
index 0000000..f987f04
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/register_go_gen.cue
@@ -0,0 +1,9 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/apis/meta/v1
+
+package v1
+
+GroupName: "meta.k8s.io"
+
+WatchEventKind: "WatchEvent"
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/time_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/time_go_gen.cue
new file mode 100644
index 0000000..d83638f
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/time_go_gen.cue
@@ -0,0 +1,14 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/apis/meta/v1
+
+package v1
+
+// Time is a wrapper around time.Time which supports correct
+// marshaling to YAML and JSON. Wrappers are provided for many
+// of the factory methods that the time package offers.
+//
+// +protobuf.options.marshal=false
+// +protobuf.as=Timestamp
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+Time: _
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/time_proto_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/time_proto_go_gen.cue
new file mode 100644
index 0000000..d6c8f76
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/time_proto_go_gen.cue
@@ -0,0 +1,21 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/apis/meta/v1
+
+package v1
+
+// Timestamp is a struct that is equivalent to Time, but intended for
+// protobuf marshalling/unmarshalling. It is generated into a serialization
+// that matches Time. Do not use in Go structs.
+Timestamp: {
+ // Represents seconds of UTC time since Unix epoch
+ // 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
+ // 9999-12-31T23:59:59Z inclusive.
+ seconds: int64 @go(Seconds) @protobuf(1,varint,opt)
+
+ // Non-negative fractions of a second at nanosecond resolution. Negative
+ // second values with fractions must still have non-negative nanos values
+ // that count forward in time. Must be from 0 to 999,999,999
+ // inclusive. This field may be limited in precision depending on context.
+ nanos: int32 @go(Nanos) @protobuf(2,varint,opt)
+}
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/types_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/types_go_gen.cue
new file mode 100644
index 0000000..d5c2efd
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/types_go_gen.cue
@@ -0,0 +1,1293 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/apis/meta/v1
+
+// Package v1 contains API types that are common to all versions.
+//
+// The package contains two categories of types:
+// - external (serialized) types that lack their own version (e.g TypeMeta)
+// - internal (never-serialized) types that are needed by several different
+// api groups, and so live here, to avoid duplication and/or import loops
+// (e.g. LabelSelector).
+// In the future, we will probably move these categories of objects into
+// separate packages.
+package v1
+
+import (
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/types"
+)
+
+// TypeMeta describes an individual object in an API response or request
+// with strings representing the type of the object and its API schema version.
+// Structures that are versioned or persisted should inline TypeMeta.
+//
+// +k8s:deepcopy-gen=false
+TypeMeta: {
+ // Kind is a string value representing the REST resource this object represents.
+ // Servers may infer this from the endpoint the client submits requests to.
+ // Cannot be updated.
+ // In CamelCase.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ kind?: string @go(Kind) @protobuf(1,bytes,opt)
+
+ // APIVersion defines the versioned schema of this representation of an object.
+ // Servers should convert recognized schemas to the latest internal value, and
+ // may reject unrecognized values.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources
+ // +optional
+ apiVersion?: string @go(APIVersion) @protobuf(2,bytes,opt)
+}
+
+// ListMeta describes metadata that synthetic resources must have, including lists and
+// various status objects. A resource may have only one of {ObjectMeta, ListMeta}.
+ListMeta: {
+ // selfLink is a URL representing this object.
+ // Populated by the system.
+ // Read-only.
+ // +optional
+ selfLink?: string @go(SelfLink) @protobuf(1,bytes,opt)
+
+ // String that identifies the server's internal version of this object that
+ // can be used by clients to determine when objects have changed.
+ // Value must be treated as opaque by clients and passed unmodified back to the server.
+ // Populated by the system.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+ // +optional
+ resourceVersion?: string @go(ResourceVersion) @protobuf(2,bytes,opt)
+
+ // continue may be set if the user set a limit on the number of items returned, and indicates that
+ // the server has more data available. The value is opaque and may be used to issue another request
+ // to the endpoint that served this list to retrieve the next set of available objects. Continuing a
+ // consistent list may not be possible if the server configuration has changed or more than a few
+ // minutes have passed. The resourceVersion field returned when using this continue value will be
+ // identical to the value in the first response, unless you have received this token from an error
+ // message.
+ continue?: string @go(Continue) @protobuf(3,bytes,opt)
+
+ // RemainingItemCount is the number of subsequent items in the list which are not included in this
+ // list response. If the list request contained label or field selectors, then the number of
+ // remaining items is unknown and this field will be unset. If the list is complete (either
+ // because it is unpaginated or because this is the last page), then there are no more remaining
+ // items and this field will also be unset. Servers older than v1.15 do not set this field.
+ // +optional
+ remainingItemCount?: null | int64 @go(RemainingItemCount,*int64) @protobuf(4,bytes,opt)
+}
+
+FinalizerOrphanDependents: "orphan"
+FinalizerDeleteDependents: "foregroundDeletion"
+
+// ObjectMeta is metadata that all persisted resources must have, which includes all objects
+// users must create.
+ObjectMeta: {
+ // Name must be unique within a namespace. Is required when creating resources, although
+ // some resources may allow a client to request the generation of an appropriate name
+ // automatically. Name is primarily intended for creation idempotence and configuration
+ // definition.
+ // Cannot be updated.
+ // More info: http://kubernetes.io/docs/user-guide/identifiers#names
+ // +optional
+ name?: string @go(Name) @protobuf(1,bytes,opt)
+
+ // GenerateName is an optional prefix, used by the server, to generate a unique
+ // name ONLY IF the Name field has not been provided.
+ // If this field is used, the name returned to the client will be different
+ // than the name passed. This value will also be combined with a unique suffix.
+ // The provided value has the same validation rules as the Name field,
+ // and may be truncated by the length of the suffix required to make the value
+ // unique on the server.
+ //
+ // If this field is specified and the generated name exists, the server will
+ // NOT return a 409 - instead, it will either return 201 Created or 500 with Reason
+ // ServerTimeout indicating a unique name could not be found in the time allotted, and the client
+ // should retry (optionally after the time indicated in the Retry-After header).
+ //
+ // Applied only if Name is not specified.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
+ // +optional
+ generateName?: string @go(GenerateName) @protobuf(2,bytes,opt)
+
+ // Namespace defines the space within each name must be unique. An empty namespace is
+ // equivalent to the "default" namespace, but "default" is the canonical representation.
+ // Not all objects are required to be scoped to a namespace - the value of this field for
+ // those objects will be empty.
+ //
+ // Must be a DNS_LABEL.
+ // Cannot be updated.
+ // More info: http://kubernetes.io/docs/user-guide/namespaces
+ // +optional
+ namespace?: string @go(Namespace) @protobuf(3,bytes,opt)
+
+ // SelfLink is a URL representing this object.
+ // Populated by the system.
+ // Read-only.
+ // +optional
+ selfLink?: string @go(SelfLink) @protobuf(4,bytes,opt)
+
+ // UID is the unique in time and space value for this object. It is typically generated by
+ // the server on successful creation of a resource and is not allowed to change on PUT
+ // operations.
+ //
+ // Populated by the system.
+ // Read-only.
+ // More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+ // +optional
+ uid?: types.UID @go(UID) @protobuf(5,bytes,opt,casttype=k8s.io/kubernetes/pkg/types.UID)
+
+ // An opaque value that represents the internal version of this object that can
+ // be used by clients to determine when objects have changed. May be used for optimistic
+ // concurrency, change detection, and the watch operation on a resource or set of resources.
+ // Clients must treat these values as opaque and passed unmodified back to the server.
+ // They may only be valid for a particular resource or set of resources.
+ //
+ // Populated by the system.
+ // Read-only.
+ // Value must be treated as opaque by clients and .
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
+ // +optional
+ resourceVersion?: string @go(ResourceVersion) @protobuf(6,bytes,opt)
+
+ // A sequence number representing a specific generation of the desired state.
+ // Populated by the system. Read-only.
+ // +optional
+ generation?: int64 @go(Generation) @protobuf(7,varint,opt)
+
+ // CreationTimestamp is a timestamp representing the server time when this object was
+ // created. It is not guaranteed to be set in happens-before order across separate operations.
+ // Clients may not set this value. It is represented in RFC3339 form and is in UTC.
+ //
+ // Populated by the system.
+ // Read-only.
+ // Null for lists.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ creationTimestamp?: Time @go(CreationTimestamp) @protobuf(8,bytes,opt)
+
+ // DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This
+ // field is set by the server when a graceful deletion is requested by the user, and is not
+ // directly settable by a client. The resource is expected to be deleted (no longer visible
+ // from resource lists, and not reachable by name) after the time in this field, once the
+ // finalizers list is empty. As long as the finalizers list contains items, deletion is blocked.
+ // Once the deletionTimestamp is set, this value may not be unset or be set further into the
+ // future, although it may be shortened or the resource may be deleted prior to this time.
+ // For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react
+ // by sending a graceful termination signal to the containers in the pod. After that 30 seconds,
+ // the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup,
+ // remove the pod from the API. In the presence of network partitions, this object may still
+ // exist after this timestamp, until an administrator or automated process can determine the
+ // resource is fully terminated.
+ // If not set, graceful deletion of the object has not been requested.
+ //
+ // Populated by the system when a graceful deletion is requested.
+ // Read-only.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ deletionTimestamp?: null | Time @go(DeletionTimestamp,*Time) @protobuf(9,bytes,opt)
+
+ // Number of seconds allowed for this object to gracefully terminate before
+ // it will be removed from the system. Only set when deletionTimestamp is also set.
+ // May only be shortened.
+ // Read-only.
+ // +optional
+ deletionGracePeriodSeconds?: null | int64 @go(DeletionGracePeriodSeconds,*int64) @protobuf(10,varint,opt)
+
+ // Map of string keys and values that can be used to organize and categorize
+ // (scope and select) objects. May match selectors of replication controllers
+ // and services.
+ // More info: http://kubernetes.io/docs/user-guide/labels
+ // +optional
+ labels?: {<_>: string} @go(Labels,map[string]string) @protobuf(11,bytes,rep)
+
+ // Annotations is an unstructured key value map stored with a resource that may be
+ // set by external tools to store and retrieve arbitrary metadata. They are not
+ // queryable and should be preserved when modifying objects.
+ // More info: http://kubernetes.io/docs/user-guide/annotations
+ // +optional
+ annotations?: {<_>: string} @go(Annotations,map[string]string) @protobuf(12,bytes,rep)
+
+ // List of objects depended by this object. If ALL objects in the list have
+ // been deleted, this object will be garbage collected. If this object is managed by a controller,
+ // then an entry in this list will point to this controller, with the controller field set to true.
+ // There cannot be more than one managing controller.
+ // +optional
+ // +patchMergeKey=uid
+ // +patchStrategy=merge
+ ownerReferences?: [...OwnerReference] @go(OwnerReferences,[]OwnerReference) @protobuf(13,bytes,rep)
+
+ // An initializer is a controller which enforces some system invariant at object creation time.
+ // This field is a list of initializers that have not yet acted on this object. If nil or empty,
+ // this object has been completely initialized. Otherwise, the object is considered uninitialized
+ // and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to
+ // observe uninitialized objects.
+ //
+ // When an object is created, the system will populate this list with the current set of initializers.
+ // Only privileged users may set or modify this list. Once it is empty, it may not be modified further
+ // by any user.
+ //
+ // DEPRECATED - initializers are an alpha field and will be removed in v1.15.
+ initializers?: null | Initializers @go(Initializers,*Initializers) @protobuf(16,bytes,opt)
+
+ // Must be empty before the object is deleted from the registry. Each entry
+ // is an identifier for the responsible component that will remove the entry
+ // from the list. If the deletionTimestamp of the object is non-nil, entries
+ // in this list can only be removed.
+ // +optional
+ // +patchStrategy=merge
+ finalizers?: [...string] @go(Finalizers,[]string) @protobuf(14,bytes,rep)
+
+ // The name of the cluster which the object belongs to.
+ // This is used to distinguish resources with same name and namespace in different clusters.
+ // This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.
+ // +optional
+ clusterName?: string @go(ClusterName) @protobuf(15,bytes,opt)
+
+ // ManagedFields maps workflow-id and version to the set of fields
+ // that are managed by that workflow. This is mostly for internal
+ // housekeeping, and users typically shouldn't need to set or
+ // understand this field. A workflow can be the user's name, a
+ // controller's name, or the name of a specific apply path like
+ // "ci-cd". The set of fields is always in the version that the
+ // workflow used when modifying the object.
+ //
+ // This field is alpha and can be changed or removed without notice.
+ //
+ // +optional
+ managedFields?: [...ManagedFieldsEntry] @go(ManagedFields,[]ManagedFieldsEntry) @protobuf(17,bytes,rep)
+}
+
+// Initializers tracks the progress of initialization.
+Initializers: {
+ // Pending is a list of initializers that must execute in order before this object is visible.
+ // When the last pending initializer is removed, and no failing result is set, the initializers
+ // struct will be set to nil and the object is considered as initialized and visible to all
+ // clients.
+ // +patchMergeKey=name
+ // +patchStrategy=merge
+ pending: [...Initializer] @go(Pending,[]Initializer) @protobuf(1,bytes,rep)
+
+ // If result is set with the Failure field, the object will be persisted to storage and then deleted,
+ // ensuring that other clients can observe the deletion.
+ result?: null | Status @go(Result,*Status) @protobuf(2,bytes,opt)
+}
+
+// Initializer is information about an initializer that has not yet completed.
+Initializer: {
+ // name of the process that is responsible for initializing this object.
+ name: string @go(Name) @protobuf(1,bytes,opt)
+}
+
+// NamespaceDefault means the object is in the default namespace which is applied when not specified by clients
+NamespaceDefault: "default"
+
+// NamespaceAll is the default argument to specify on a context when you want to list or filter resources across all namespaces
+NamespaceAll: ""
+
+// NamespaceNone is the argument for a context when there is no namespace.
+NamespaceNone: ""
+
+// NamespaceSystem is the system namespace where we place system components.
+NamespaceSystem: "kube-system"
+
+// NamespacePublic is the namespace where we place public info (ConfigMaps)
+NamespacePublic: "kube-public"
+
+// OwnerReference contains enough information to let you identify an owning
+// object. An owning object must be in the same namespace as the dependent, or
+// be cluster-scoped, so there is no namespace field.
+OwnerReference: {
+ // API version of the referent.
+ apiVersion: string @go(APIVersion) @protobuf(5,bytes,opt)
+
+ // Kind of the referent.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ kind: string @go(Kind) @protobuf(1,bytes,opt)
+
+ // Name of the referent.
+ // More info: http://kubernetes.io/docs/user-guide/identifiers#names
+ name: string @go(Name) @protobuf(3,bytes,opt)
+
+ // UID of the referent.
+ // More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+ uid: types.UID @go(UID) @protobuf(4,bytes,opt,casttype=k8s.io/apimachinery/pkg/types.UID)
+
+ // If true, this reference points to the managing controller.
+ // +optional
+ controller?: null | bool @go(Controller,*bool) @protobuf(6,varint,opt)
+
+ // If true, AND if the owner has the "foregroundDeletion" finalizer, then
+ // the owner cannot be deleted from the key-value store until this
+ // reference is removed.
+ // Defaults to false.
+ // To set this field, a user needs "delete" permission of the owner,
+ // otherwise 422 (Unprocessable Entity) will be returned.
+ // +optional
+ blockOwnerDeletion?: null | bool @go(BlockOwnerDeletion,*bool) @protobuf(7,varint,opt)
+}
+
+// ListOptions is the query options to a standard REST list call.
+ListOptions: TypeMeta & {
+ // A selector to restrict the list of returned objects by their labels.
+ // Defaults to everything.
+ // +optional
+ labelSelector?: string @go(LabelSelector) @protobuf(1,bytes,opt)
+
+ // A selector to restrict the list of returned objects by their fields.
+ // Defaults to everything.
+ // +optional
+ fieldSelector?: string @go(FieldSelector) @protobuf(2,bytes,opt)
+
+ // Watch for changes to the described resources and return them as a stream of
+ // add, update, and remove notifications. Specify resourceVersion.
+ // +optional
+ watch?: bool @go(Watch) @protobuf(3,varint,opt)
+
+ // allowWatchBookmarks requests watch events with type "BOOKMARK".
+ // Servers that do not implement bookmarks may ignore this flag and
+ // bookmarks are sent at the server's discretion. Clients should not
+ // assume bookmarks are returned at any specific interval, nor may they
+ // assume the server will send any BOOKMARK event during a session.
+ // If this is not a watch, this field is ignored.
+ // If the feature gate WatchBookmarks is not enabled in apiserver,
+ // this field is ignored.
+ //
+ // This field is alpha and can be changed or removed without notice.
+ //
+ // +optional
+ allowWatchBookmarks?: bool @go(AllowWatchBookmarks) @protobuf(9,varint,opt)
+
+ // When specified with a watch call, shows changes that occur after that particular version of a resource.
+ // Defaults to changes from the beginning of history.
+ // When specified for list:
+ // - if unset, then the result is returned from remote storage based on quorum-read flag;
+ // - if it's 0, then we simply return what we currently have in cache, no guarantee;
+ // - if set to non zero, then the result is at least as fresh as given rv.
+ // +optional
+ resourceVersion?: string @go(ResourceVersion) @protobuf(4,bytes,opt)
+
+ // Timeout for the list/watch call.
+ // This limits the duration of the call, regardless of any activity or inactivity.
+ // +optional
+ timeoutSeconds?: null | int64 @go(TimeoutSeconds,*int64) @protobuf(5,varint,opt)
+
+ // limit is a maximum number of responses to return for a list call. If more items exist, the
+ // server will set the `continue` field on the list metadata to a value that can be used with the
+ // same initial query to retrieve the next set of results. Setting a limit may return fewer than
+ // the requested amount of items (up to zero items) in the event all requested objects are
+ // filtered out and clients should only use the presence of the continue field to determine whether
+ // more results are available. Servers may choose not to support the limit argument and will return
+ // all of the available results. If limit is specified and the continue field is empty, clients may
+ // assume that no more results are available. This field is not supported if watch is true.
+ //
+ // The server guarantees that the objects returned when using continue will be identical to issuing
+ // a single list call without a limit - that is, no objects created, modified, or deleted after the
+ // first request is issued will be included in any subsequent continued requests. This is sometimes
+ // referred to as a consistent snapshot, and ensures that a client that is using limit to receive
+ // smaller chunks of a very large result can ensure they see all possible objects. If objects are
+ // updated during a chunked list the version of the object that was present at the time the first list
+ // result was calculated is returned.
+ limit?: int64 @go(Limit) @protobuf(7,varint,opt)
+
+ // The continue option should be set when retrieving more results from the server. Since this value is
+ // server defined, clients may only use the continue value from a previous query result with identical
+ // query parameters (except for the value of continue) and the server may reject a continue value it
+ // does not recognize. If the specified continue value is no longer valid whether due to expiration
+ // (generally five to fifteen minutes) or a configuration change on the server, the server will
+ // respond with a 410 ResourceExpired error together with a continue token. If the client needs a
+ // consistent list, it must restart their list without the continue field. Otherwise, the client may
+ // send another list request with the token received with the 410 error, the server will respond with
+ // a list starting from the next key, but from the latest snapshot, which is inconsistent from the
+ // previous list results - objects that are created, modified, or deleted after the first list request
+ // will be included in the response, as long as their keys are after the "next key".
+ //
+ // This field is not supported when watch is true. Clients may start a watch from the last
+ // resourceVersion value returned by the server and not miss any modifications.
+ continue?: string @go(Continue) @protobuf(8,bytes,opt)
+}
+
+// ExportOptions is the query options to the standard REST get call.
+// Deprecated. Planned for removal in 1.18.
+ExportOptions: TypeMeta & {
+ // Should this value be exported. Export strips fields that a user can not specify.
+ // Deprecated. Planned for removal in 1.18.
+ export: bool @go(Export) @protobuf(1,varint,opt)
+
+ // Should the export be exact. Exact export maintains cluster-specific fields like 'Namespace'.
+ // Deprecated. Planned for removal in 1.18.
+ exact: bool @go(Exact) @protobuf(2,varint,opt)
+}
+
+// GetOptions is the standard query options to the standard REST get call.
+GetOptions: TypeMeta & {
+ // When specified:
+ // - if unset, then the result is returned from remote storage based on quorum-read flag;
+ // - if it's 0, then we simply return what we currently have in cache, no guarantee;
+ // - if set to non zero, then the result is at least as fresh as given rv.
+ resourceVersion?: string @go(ResourceVersion) @protobuf(1,bytes,opt)
+}
+
+// DeletionPropagation decides if a deletion will propagate to the dependents of
+// the object, and how the garbage collector will handle the propagation.
+DeletionPropagation: string // enumDeletionPropagation
+
+enumDeletionPropagation:
+ DeletePropagationOrphan |
+ DeletePropagationBackground |
+ DeletePropagationForeground
+
+// Orphans the dependents.
+DeletePropagationOrphan: DeletionPropagation & "Orphan"
+
+// Deletes the object from the key-value store, the garbage collector will
+// delete the dependents in the background.
+DeletePropagationBackground: DeletionPropagation & "Background"
+
+// The object exists in the key-value store until the garbage collector
+// deletes all the dependents whose ownerReference.blockOwnerDeletion=true
+// from the key-value store. API sever will put the "foregroundDeletion"
+// finalizer on the object, and sets its deletionTimestamp. This policy is
+// cascading, i.e., the dependents will be deleted with Foreground.
+DeletePropagationForeground: DeletionPropagation & "Foreground"
+
+// DryRunAll means to complete all processing stages, but don't
+// persist changes to storage.
+DryRunAll: "All"
+
+// DeleteOptions may be provided when deleting an API object.
+DeleteOptions: TypeMeta & {
+ // The duration in seconds before the object should be deleted. Value must be non-negative integer.
+ // The value zero indicates delete immediately. If this value is nil, the default grace period for the
+ // specified type will be used.
+ // Defaults to a per object value if not specified. zero means delete immediately.
+ // +optional
+ gracePeriodSeconds?: null | int64 @go(GracePeriodSeconds,*int64) @protobuf(1,varint,opt)
+
+ // Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be
+ // returned.
+ // +optional
+ preconditions?: null | Preconditions @go(Preconditions,*Preconditions) @protobuf(2,bytes,opt)
+
+ // Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7.
+ // Should the dependent objects be orphaned. If true/false, the "orphan"
+ // finalizer will be added to/removed from the object's finalizers list.
+ // Either this field or PropagationPolicy may be set, but not both.
+ // +optional
+ orphanDependents?: null | bool @go(OrphanDependents,*bool) @protobuf(3,varint,opt)
+
+ // Whether and how garbage collection will be performed.
+ // Either this field or OrphanDependents may be set, but not both.
+ // The default policy is decided by the existing finalizer set in the
+ // metadata.finalizers and the resource-specific default policy.
+ // Acceptable values are: 'Orphan' - orphan the dependents; 'Background' -
+ // allow the garbage collector to delete the dependents in the background;
+ // 'Foreground' - a cascading policy that deletes all dependents in the
+ // foreground.
+ // +optional
+ propagationPolicy?: null | DeletionPropagation @go(PropagationPolicy,*DeletionPropagation) @protobuf(4,varint,opt)
+
+ // When present, indicates that modifications should not be
+ // persisted. An invalid or unrecognized dryRun directive will
+ // result in an error response and no further processing of the
+ // request. Valid values are:
+ // - All: all dry run stages will be processed
+ // +optional
+ dryRun?: [...string] @go(DryRun,[]string) @protobuf(5,bytes,rep)
+}
+
+// CreateOptions may be provided when creating an API object.
+CreateOptions: TypeMeta & {
+ // When present, indicates that modifications should not be
+ // persisted. An invalid or unrecognized dryRun directive will
+ // result in an error response and no further processing of the
+ // request. Valid values are:
+ // - All: all dry run stages will be processed
+ // +optional
+ dryRun?: [...string] @go(DryRun,[]string) @protobuf(1,bytes,rep)
+
+ // fieldManager is a name associated with the actor or entity
+ // that is making these changes. The value must be less than or
+ // 128 characters long, and only contain printable characters,
+ // as defined by https://golang.org/pkg/unicode/#IsPrint.
+ // +optional
+ fieldManager?: string @go(FieldManager) @protobuf(3,bytes)
+}
+
+// PatchOptions may be provided when patching an API object.
+// PatchOptions is meant to be a superset of UpdateOptions.
+PatchOptions: TypeMeta & {
+ // When present, indicates that modifications should not be
+ // persisted. An invalid or unrecognized dryRun directive will
+ // result in an error response and no further processing of the
+ // request. Valid values are:
+ // - All: all dry run stages will be processed
+ // +optional
+ dryRun?: [...string] @go(DryRun,[]string) @protobuf(1,bytes,rep)
+
+ // Force is going to "force" Apply requests. It means user will
+ // re-acquire conflicting fields owned by other people. Force
+ // flag must be unset for non-apply patch requests.
+ // +optional
+ force?: null | bool @go(Force,*bool) @protobuf(2,varint,opt)
+
+ // fieldManager is a name associated with the actor or entity
+ // that is making these changes. The value must be less than or
+ // 128 characters long, and only contain printable characters,
+ // as defined by https://golang.org/pkg/unicode/#IsPrint. This
+ // field is required for apply requests
+ // (application/apply-patch) but optional for non-apply patch
+ // types (JsonPatch, MergePatch, StrategicMergePatch).
+ // +optional
+ fieldManager?: string @go(FieldManager) @protobuf(3,bytes)
+}
+
+// UpdateOptions may be provided when updating an API object.
+// All fields in UpdateOptions should also be present in PatchOptions.
+UpdateOptions: TypeMeta & {
+ // When present, indicates that modifications should not be
+ // persisted. An invalid or unrecognized dryRun directive will
+ // result in an error response and no further processing of the
+ // request. Valid values are:
+ // - All: all dry run stages will be processed
+ // +optional
+ dryRun?: [...string] @go(DryRun,[]string) @protobuf(1,bytes,rep)
+
+ // fieldManager is a name associated with the actor or entity
+ // that is making these changes. The value must be less than or
+ // 128 characters long, and only contain printable characters,
+ // as defined by https://golang.org/pkg/unicode/#IsPrint.
+ // +optional
+ fieldManager?: string @go(FieldManager) @protobuf(2,bytes)
+}
+
+// Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.
+Preconditions: {
+ // Specifies the target UID.
+ // +optional
+ uid?: null | types.UID @go(UID,*types.UID) @protobuf(1,bytes,opt,casttype=k8s.io/apimachinery/pkg/types.UID)
+
+ // Specifies the target ResourceVersion
+ // +optional
+ resourceVersion?: null | string @go(ResourceVersion,*string) @protobuf(2,bytes,opt)
+}
+
+// Status is a return value for calls that don't return other objects.
+Status: TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // Status of the operation.
+ // One of: "Success" or "Failure".
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#spec-and-status
+ // +optional
+ status?: string @go(Status) @protobuf(2,bytes,opt)
+
+ // A human-readable description of the status of this operation.
+ // +optional
+ message?: string @go(Message) @protobuf(3,bytes,opt)
+
+ // A machine-readable description of why this operation is in the
+ // "Failure" status. If this value is empty there
+ // is no information available. A Reason clarifies an HTTP status
+ // code but does not override it.
+ // +optional
+ reason?: StatusReason @go(Reason) @protobuf(4,bytes,opt,casttype=StatusReason)
+
+ // Extended data associated with the reason. Each reason may define its
+ // own extended details. This field is optional and the data returned
+ // is not guaranteed to conform to any schema except that defined by
+ // the reason type.
+ // +optional
+ details?: null | StatusDetails @go(Details,*StatusDetails) @protobuf(5,bytes,opt)
+
+ // Suggested HTTP return code for this status, 0 if not set.
+ // +optional
+ code?: int32 @go(Code) @protobuf(6,varint,opt)
+}
+
+// StatusDetails is a set of additional properties that MAY be set by the
+// server to provide additional information about a response. The Reason
+// field of a Status object defines what attributes will be set. Clients
+// must ignore fields that do not match the defined type of each attribute,
+// and should assume that any attribute may be empty, invalid, or under
+// defined.
+StatusDetails: {
+ // The name attribute of the resource associated with the status StatusReason
+ // (when there is a single name which can be described).
+ // +optional
+ name?: string @go(Name) @protobuf(1,bytes,opt)
+
+ // The group attribute of the resource associated with the status StatusReason.
+ // +optional
+ group?: string @go(Group) @protobuf(2,bytes,opt)
+
+ // The kind attribute of the resource associated with the status StatusReason.
+ // On some operations may differ from the requested resource Kind.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ kind?: string @go(Kind) @protobuf(3,bytes,opt)
+
+ // UID of the resource.
+ // (when there is a single resource which can be described).
+ // More info: http://kubernetes.io/docs/user-guide/identifiers#uids
+ // +optional
+ uid?: types.UID @go(UID) @protobuf(6,bytes,opt,casttype=k8s.io/apimachinery/pkg/types.UID)
+
+ // The Causes array includes more details associated with the StatusReason
+ // failure. Not all StatusReasons may provide detailed causes.
+ // +optional
+ causes?: [...StatusCause] @go(Causes,[]StatusCause) @protobuf(4,bytes,rep)
+
+ // If specified, the time in seconds before the operation should be retried. Some errors may indicate
+ // the client must take an alternate action - for those errors this field may indicate how long to wait
+ // before taking the alternate action.
+ // +optional
+ retryAfterSeconds?: int32 @go(RetryAfterSeconds) @protobuf(5,varint,opt)
+}
+
+StatusSuccess: "Success"
+StatusFailure: "Failure"
+
+// StatusReason is an enumeration of possible failure causes. Each StatusReason
+// must map to a single HTTP status code, but multiple reasons may map
+// to the same HTTP status code.
+// TODO: move to apiserver
+StatusReason: string // enumStatusReason
+
+enumStatusReason:
+ StatusReasonUnknown |
+ StatusReasonUnauthorized |
+ StatusReasonForbidden |
+ StatusReasonNotFound |
+ StatusReasonAlreadyExists |
+ StatusReasonConflict |
+ StatusReasonGone |
+ StatusReasonInvalid |
+ StatusReasonServerTimeout |
+ StatusReasonTimeout |
+ StatusReasonTooManyRequests |
+ StatusReasonBadRequest |
+ StatusReasonMethodNotAllowed |
+ StatusReasonNotAcceptable |
+ StatusReasonRequestEntityTooLarge |
+ StatusReasonUnsupportedMediaType |
+ StatusReasonInternalError |
+ StatusReasonExpired |
+ StatusReasonServiceUnavailable
+
+// StatusReasonUnknown means the server has declined to indicate a specific reason.
+// The details field may contain other information about this error.
+// Status code 500.
+StatusReasonUnknown: StatusReason & ""
+
+// StatusReasonUnauthorized means the server can be reached and understood the request, but requires
+// the user to present appropriate authorization credentials (identified by the WWW-Authenticate header)
+// in order for the action to be completed. If the user has specified credentials on the request, the
+// server considers them insufficient.
+// Status code 401
+StatusReasonUnauthorized: StatusReason & "Unauthorized"
+
+// StatusReasonForbidden means the server can be reached and understood the request, but refuses
+// to take any further action. It is the result of the server being configured to deny access for some reason
+// to the requested resource by the client.
+// Details (optional):
+// "kind" string - the kind attribute of the forbidden resource
+// on some operations may differ from the requested
+// resource.
+// "id" string - the identifier of the forbidden resource
+// Status code 403
+StatusReasonForbidden: StatusReason & "Forbidden"
+
+// StatusReasonNotFound means one or more resources required for this operation
+// could not be found.
+// Details (optional):
+// "kind" string - the kind attribute of the missing resource
+// on some operations may differ from the requested
+// resource.
+// "id" string - the identifier of the missing resource
+// Status code 404
+StatusReasonNotFound: StatusReason & "NotFound"
+
+// StatusReasonAlreadyExists means the resource you are creating already exists.
+// Details (optional):
+// "kind" string - the kind attribute of the conflicting resource
+// "id" string - the identifier of the conflicting resource
+// Status code 409
+StatusReasonAlreadyExists: StatusReason & "AlreadyExists"
+
+// StatusReasonConflict means the requested operation cannot be completed
+// due to a conflict in the operation. The client may need to alter the
+// request. Each resource may define custom details that indicate the
+// nature of the conflict.
+// Status code 409
+StatusReasonConflict: StatusReason & "Conflict"
+
+// StatusReasonGone means the item is no longer available at the server and no
+// forwarding address is known.
+// Status code 410
+StatusReasonGone: StatusReason & "Gone"
+
+// StatusReasonInvalid means the requested create or update operation cannot be
+// completed due to invalid data provided as part of the request. The client may
+// need to alter the request. When set, the client may use the StatusDetails
+// message field as a summary of the issues encountered.
+// Details (optional):
+// "kind" string - the kind attribute of the invalid resource
+// "id" string - the identifier of the invalid resource
+// "causes" - one or more StatusCause entries indicating the data in the
+// provided resource that was invalid. The code, message, and
+// field attributes will be set.
+// Status code 422
+StatusReasonInvalid: StatusReason & "Invalid"
+
+// StatusReasonServerTimeout means the server can be reached and understood the request,
+// but cannot complete the action in a reasonable time. The client should retry the request.
+// This is may be due to temporary server load or a transient communication issue with
+// another server. Status code 500 is used because the HTTP spec provides no suitable
+// server-requested client retry and the 5xx class represents actionable errors.
+// Details (optional):
+// "kind" string - the kind attribute of the resource being acted on.
+// "id" string - the operation that is being attempted.
+// "retryAfterSeconds" int32 - the number of seconds before the operation should be retried
+// Status code 500
+StatusReasonServerTimeout: StatusReason & "ServerTimeout"
+
+// StatusReasonTimeout means that the request could not be completed within the given time.
+// Clients can get this response only when they specified a timeout param in the request,
+// or if the server cannot complete the operation within a reasonable amount of time.
+// The request might succeed with an increased value of timeout param. The client *should*
+// wait at least the number of seconds specified by the retryAfterSeconds field.
+// Details (optional):
+// "retryAfterSeconds" int32 - the number of seconds before the operation should be retried
+// Status code 504
+StatusReasonTimeout: StatusReason & "Timeout"
+
+// StatusReasonTooManyRequests means the server experienced too many requests within a
+// given window and that the client must wait to perform the action again. A client may
+// always retry the request that led to this error, although the client should wait at least
+// the number of seconds specified by the retryAfterSeconds field.
+// Details (optional):
+// "retryAfterSeconds" int32 - the number of seconds before the operation should be retried
+// Status code 429
+StatusReasonTooManyRequests: StatusReason & "TooManyRequests"
+
+// StatusReasonBadRequest means that the request itself was invalid, because the request
+// doesn't make any sense, for example deleting a read-only object. This is different than
+// StatusReasonInvalid above which indicates that the API call could possibly succeed, but the
+// data was invalid. API calls that return BadRequest can never succeed.
+StatusReasonBadRequest: StatusReason & "BadRequest"
+
+// StatusReasonMethodNotAllowed means that the action the client attempted to perform on the
+// resource was not supported by the code - for instance, attempting to delete a resource that
+// can only be created. API calls that return MethodNotAllowed can never succeed.
+StatusReasonMethodNotAllowed: StatusReason & "MethodNotAllowed"
+
+// StatusReasonNotAcceptable means that the accept types indicated by the client were not acceptable
+// to the server - for instance, attempting to receive protobuf for a resource that supports only json and yaml.
+// API calls that return NotAcceptable can never succeed.
+// Status code 406
+StatusReasonNotAcceptable: StatusReason & "NotAcceptable"
+
+// StatusReasonRequestEntityTooLarge means that the request entity is too large.
+// Status code 413
+StatusReasonRequestEntityTooLarge: StatusReason & "RequestEntityTooLarge"
+
+// StatusReasonUnsupportedMediaType means that the content type sent by the client is not acceptable
+// to the server - for instance, attempting to send protobuf for a resource that supports only json and yaml.
+// API calls that return UnsupportedMediaType can never succeed.
+// Status code 415
+StatusReasonUnsupportedMediaType: StatusReason & "UnsupportedMediaType"
+
+// StatusReasonInternalError indicates that an internal error occurred, it is unexpected
+// and the outcome of the call is unknown.
+// Details (optional):
+// "causes" - The original error
+// Status code 500
+StatusReasonInternalError: StatusReason & "InternalError"
+
+// StatusReasonExpired indicates that the request is invalid because the content you are requesting
+// has expired and is no longer available. It is typically associated with watches that can't be
+// serviced.
+// Status code 410 (gone)
+StatusReasonExpired: StatusReason & "Expired"
+
+// StatusReasonServiceUnavailable means that the request itself was valid,
+// but the requested service is unavailable at this time.
+// Retrying the request after some time might succeed.
+// Status code 503
+StatusReasonServiceUnavailable: StatusReason & "ServiceUnavailable"
+
+// StatusCause provides more information about an api.Status failure, including
+// cases when multiple errors are encountered.
+StatusCause: {
+ // A machine-readable description of the cause of the error. If this value is
+ // empty there is no information available.
+ // +optional
+ reason?: CauseType @go(Type) @protobuf(1,bytes,opt,casttype=CauseType)
+
+ // A human-readable description of the cause of the error. This field may be
+ // presented as-is to a reader.
+ // +optional
+ message?: string @go(Message) @protobuf(2,bytes,opt)
+
+ // The field of the resource that has caused this error, as named by its JSON
+ // serialization. May include dot and postfix notation for nested attributes.
+ // Arrays are zero-indexed. Fields may appear more than once in an array of
+ // causes due to fields having multiple errors.
+ // Optional.
+ //
+ // Examples:
+ // "name" - the field "name" on the current resource
+ // "items[0].name" - the field "name" on the first array entry in "items"
+ // +optional
+ field?: string @go(Field) @protobuf(3,bytes,opt)
+}
+
+// CauseType is a machine readable value providing more detail about what
+// occurred in a status response. An operation may have multiple causes for a
+// status (whether Failure or Success).
+CauseType: string // enumCauseType
+
+enumCauseType:
+ CauseTypeFieldValueNotFound |
+ CauseTypeFieldValueRequired |
+ CauseTypeFieldValueDuplicate |
+ CauseTypeFieldValueInvalid |
+ CauseTypeFieldValueNotSupported |
+ CauseTypeUnexpectedServerResponse |
+ CauseTypeFieldManagerConflict
+
+// CauseTypeFieldValueNotFound is used to report failure to find a requested value
+// (e.g. looking up an ID).
+CauseTypeFieldValueNotFound: CauseType & "FieldValueNotFound"
+
+// CauseTypeFieldValueRequired is used to report required values that are not
+// provided (e.g. empty strings, null values, or empty arrays).
+CauseTypeFieldValueRequired: CauseType & "FieldValueRequired"
+
+// CauseTypeFieldValueDuplicate is used to report collisions of values that must be
+// unique (e.g. unique IDs).
+CauseTypeFieldValueDuplicate: CauseType & "FieldValueDuplicate"
+
+// CauseTypeFieldValueInvalid is used to report malformed values (e.g. failed regex
+// match).
+CauseTypeFieldValueInvalid: CauseType & "FieldValueInvalid"
+
+// CauseTypeFieldValueNotSupported is used to report valid (as per formatting rules)
+// values that can not be handled (e.g. an enumerated string).
+CauseTypeFieldValueNotSupported: CauseType & "FieldValueNotSupported"
+
+// CauseTypeUnexpectedServerResponse is used to report when the server responded to the client
+// without the expected return type. The presence of this cause indicates the error may be
+// due to an intervening proxy or the server software malfunctioning.
+CauseTypeUnexpectedServerResponse: CauseType & "UnexpectedServerResponse"
+
+// FieldManagerConflict is used to report when another client claims to manage this field,
+// It should only be returned for a request using server-side apply.
+CauseTypeFieldManagerConflict: CauseType & "FieldManagerConflict"
+
+// List holds a list of objects, which may not be known by the server.
+List: TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // List of objects
+ items: [...runtime.RawExtension] @go(Items,[]runtime.RawExtension) @protobuf(2,bytes,rep)
+}
+
+// APIVersions lists the versions that are available, to allow clients to
+// discover the API at /api, which is the root path of the legacy v1 API.
+//
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+APIVersions: TypeMeta & {
+ // versions are the api versions that are available.
+ versions: [...string] @go(Versions,[]string) @protobuf(1,bytes,rep)
+
+ // a map of client CIDR to server address that is serving this group.
+ // This is to help clients reach servers in the most network-efficient way possible.
+ // Clients can use the appropriate server address as per the CIDR that they match.
+ // In case of multiple matches, clients should use the longest matching CIDR.
+ // The server returns only those CIDRs that it thinks that the client can match.
+ // For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP.
+ // Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.
+ serverAddressByClientCIDRs: [...ServerAddressByClientCIDR] @go(ServerAddressByClientCIDRs,[]ServerAddressByClientCIDR) @protobuf(2,bytes,rep)
+}
+
+// APIGroupList is a list of APIGroup, to allow clients to discover the API at
+// /apis.
+APIGroupList: TypeMeta & {
+ // groups is a list of APIGroup.
+ groups: [...APIGroup] @go(Groups,[]APIGroup) @protobuf(1,bytes,rep)
+}
+
+// APIGroup contains the name, the supported versions, and the preferred version
+// of a group.
+APIGroup: TypeMeta & {
+ // name is the name of the group.
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // versions are the versions supported in this group.
+ versions: [...GroupVersionForDiscovery] @go(Versions,[]GroupVersionForDiscovery) @protobuf(2,bytes,rep)
+
+ // preferredVersion is the version preferred by the API server, which
+ // probably is the storage version.
+ // +optional
+ preferredVersion?: GroupVersionForDiscovery @go(PreferredVersion) @protobuf(3,bytes,opt)
+
+ // a map of client CIDR to server address that is serving this group.
+ // This is to help clients reach servers in the most network-efficient way possible.
+ // Clients can use the appropriate server address as per the CIDR that they match.
+ // In case of multiple matches, clients should use the longest matching CIDR.
+ // The server returns only those CIDRs that it thinks that the client can match.
+ // For example: the master will return an internal IP CIDR only, if the client reaches the server using an internal IP.
+ // Server looks at X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.
+ // +optional
+ serverAddressByClientCIDRs?: [...ServerAddressByClientCIDR] @go(ServerAddressByClientCIDRs,[]ServerAddressByClientCIDR) @protobuf(4,bytes,rep)
+}
+
+// ServerAddressByClientCIDR helps the client to determine the server address that they should use, depending on the clientCIDR that they match.
+ServerAddressByClientCIDR: {
+ // The CIDR with which clients can match their IP to figure out the server address that they should use.
+ clientCIDR: string @go(ClientCIDR) @protobuf(1,bytes,opt)
+
+ // Address of this server, suitable for a client that matches the above CIDR.
+ // This can be a hostname, hostname:port, IP or IP:port.
+ serverAddress: string @go(ServerAddress) @protobuf(2,bytes,opt)
+}
+
+// GroupVersion contains the "group/version" and "version" string of a version.
+// It is made a struct to keep extensibility.
+GroupVersionForDiscovery: {
+ // groupVersion specifies the API group and version in the form "group/version"
+ groupVersion: string @go(GroupVersion) @protobuf(1,bytes,opt)
+
+ // version specifies the version in the form of "version". This is to save
+ // the clients the trouble of splitting the GroupVersion.
+ version: string @go(Version) @protobuf(2,bytes,opt)
+}
+
+// APIResource specifies the name of a resource and whether it is namespaced.
+APIResource: {
+ // name is the plural name of the resource.
+ name: string @go(Name) @protobuf(1,bytes,opt)
+
+ // singularName is the singular name of the resource. This allows clients to handle plural and singular opaquely.
+ // The singularName is more correct for reporting status on a single item and both singular and plural are allowed
+ // from the kubectl CLI interface.
+ singularName: string @go(SingularName) @protobuf(6,bytes,opt)
+
+ // namespaced indicates if a resource is namespaced or not.
+ namespaced: bool @go(Namespaced) @protobuf(2,varint,opt)
+
+ // group is the preferred group of the resource. Empty implies the group of the containing resource list.
+ // For subresources, this may have a different value, for example: Scale".
+ group?: string @go(Group) @protobuf(8,bytes,opt)
+
+ // version is the preferred version of the resource. Empty implies the version of the containing resource list
+ // For subresources, this may have a different value, for example: v1 (while inside a v1beta1 version of the core resource's group)".
+ version?: string @go(Version) @protobuf(9,bytes,opt)
+
+ // kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')
+ kind: string @go(Kind) @protobuf(3,bytes,opt)
+
+ // verbs is a list of supported kube verbs (this includes get, list, watch, create,
+ // update, patch, delete, deletecollection, and proxy)
+ verbs: Verbs @go(Verbs) @protobuf(4,bytes,opt)
+
+ // shortNames is a list of suggested short names of the resource.
+ shortNames?: [...string] @go(ShortNames,[]string) @protobuf(5,bytes,rep)
+
+ // categories is a list of the grouped resources this resource belongs to (e.g. 'all')
+ categories?: [...string] @go(Categories,[]string) @protobuf(7,bytes,rep)
+
+ // The hash value of the storage version, the version this resource is
+ // converted to when written to the data store. Value must be treated
+ // as opaque by clients. Only equality comparison on the value is valid.
+ // This is an alpha feature and may change or be removed in the future.
+ // The field is populated by the apiserver only if the
+ // StorageVersionHash feature gate is enabled.
+ // This field will remain optional even if it graduates.
+ // +optional
+ storageVersionHash?: string @go(StorageVersionHash) @protobuf(10,bytes,opt)
+}
+
+// Verbs masks the value so protobuf can generate
+//
+// +protobuf.nullable=true
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+Verbs: [...string]
+
+// APIResourceList is a list of APIResource, it is used to expose the name of the
+// resources supported in a specific group and version, and if the resource
+// is namespaced.
+APIResourceList: TypeMeta & {
+ // groupVersion is the group and version this APIResourceList is for.
+ groupVersion: string @go(GroupVersion) @protobuf(1,bytes,opt)
+
+ // resources contains the name of the resources and if they are namespaced.
+ resources: [...APIResource] @go(APIResources,[]APIResource) @protobuf(2,bytes,rep)
+}
+
+// RootPaths lists the paths available at root.
+// For example: "/healthz", "/apis".
+RootPaths: {
+ // paths are the paths available at root.
+ paths: [...string] @go(Paths,[]string) @protobuf(1,bytes,rep)
+}
+
+// Patch is provided to give a concrete name and type to the Kubernetes PATCH request body.
+Patch: {
+}
+
+// A label selector is a label query over a set of resources. The result of matchLabels and
+// matchExpressions are ANDed. An empty label selector matches all objects. A null
+// label selector matches no objects.
+LabelSelector: {
+ // matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ // map is equivalent to an element of matchExpressions, whose key field is "key", the
+ // operator is "In", and the values array contains only "value". The requirements are ANDed.
+ // +optional
+ matchLabels?: {<_>: string} @go(MatchLabels,map[string]string) @protobuf(1,bytes,rep)
+
+ // matchExpressions is a list of label selector requirements. The requirements are ANDed.
+ // +optional
+ matchExpressions?: [...LabelSelectorRequirement] @go(MatchExpressions,[]LabelSelectorRequirement) @protobuf(2,bytes,rep)
+}
+
+// A label selector requirement is a selector that contains values, a key, and an operator that
+// relates the key and values.
+LabelSelectorRequirement: {
+ // key is the label key that the selector applies to.
+ // +patchMergeKey=key
+ // +patchStrategy=merge
+ key: string @go(Key) @protobuf(1,bytes,opt)
+
+ // operator represents a key's relationship to a set of values.
+ // Valid operators are In, NotIn, Exists and DoesNotExist.
+ operator: LabelSelectorOperator @go(Operator) @protobuf(2,bytes,opt,casttype=LabelSelectorOperator)
+
+ // values is an array of string values. If the operator is In or NotIn,
+ // the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ // the values array must be empty. This array is replaced during a strategic
+ // merge patch.
+ // +optional
+ values?: [...string] @go(Values,[]string) @protobuf(3,bytes,rep)
+}
+
+// A label selector operator is the set of operators that can be used in a selector requirement.
+LabelSelectorOperator: string // enumLabelSelectorOperator
+
+enumLabelSelectorOperator:
+ LabelSelectorOpIn |
+ LabelSelectorOpNotIn |
+ LabelSelectorOpExists |
+ LabelSelectorOpDoesNotExist
+
+LabelSelectorOpIn: LabelSelectorOperator & "In"
+LabelSelectorOpNotIn: LabelSelectorOperator & "NotIn"
+LabelSelectorOpExists: LabelSelectorOperator & "Exists"
+LabelSelectorOpDoesNotExist: LabelSelectorOperator & "DoesNotExist"
+
+// ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource
+// that the fieldset applies to.
+ManagedFieldsEntry: {
+ // Manager is an identifier of the workflow managing these fields.
+ manager?: string @go(Manager) @protobuf(1,bytes,opt)
+
+ // Operation is the type of operation which lead to this ManagedFieldsEntry being created.
+ // The only valid values for this field are 'Apply' and 'Update'.
+ operation?: ManagedFieldsOperationType @go(Operation) @protobuf(2,bytes,opt,casttype=ManagedFieldsOperationType)
+
+ // APIVersion defines the version of this resource that this field set
+ // applies to. The format is "group/version" just like the top-level
+ // APIVersion field. It is necessary to track the version of a field
+ // set because it cannot be automatically converted.
+ apiVersion?: string @go(APIVersion) @protobuf(3,bytes,opt)
+
+ // Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply'
+ // +optional
+ time?: null | Time @go(Time,*Time) @protobuf(4,bytes,opt)
+
+ // Fields identifies a set of fields.
+ // +optional
+ fields?: null | Fields @go(Fields,*Fields) @protobuf(5,bytes,opt,casttype=Fields)
+}
+
+// ManagedFieldsOperationType is the type of operation which lead to a ManagedFieldsEntry being created.
+ManagedFieldsOperationType: string // enumManagedFieldsOperationType
+
+enumManagedFieldsOperationType:
+ ManagedFieldsOperationApply |
+ ManagedFieldsOperationUpdate
+
+ManagedFieldsOperationApply: ManagedFieldsOperationType & "Apply"
+ManagedFieldsOperationUpdate: ManagedFieldsOperationType & "Update"
+
+// Fields stores a set of fields in a data structure like a Trie.
+// To understand how this is used, see: https://github.com/kubernetes-sigs/structured-merge-diff
+Fields: _
+
+// Table is a tabular representation of a set of API resources. The server transforms the
+// object into a set of preferred columns for quickly reviewing the objects.
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +protobuf=false
+Table: TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: ListMeta @go(ListMeta)
+
+ // columnDefinitions describes each column in the returned items array. The number of cells per row
+ // will always match the number of column definitions.
+ columnDefinitions: [...TableColumnDefinition] @go(ColumnDefinitions,[]TableColumnDefinition)
+
+ // rows is the list of items in the table.
+ rows: [...TableRow] @go(Rows,[]TableRow)
+}
+
+// TableColumnDefinition contains information about a column returned in the Table.
+// +protobuf=false
+TableColumnDefinition: {
+ // name is a human readable name for the column.
+ name: string @go(Name)
+
+ // type is an OpenAPI type definition for this column, such as number, integer, string, or
+ // array.
+ // See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.
+ type: string @go(Type)
+
+ // format is an optional OpenAPI type modifier for this column. A format modifies the type and
+ // imposes additional rules, like date or time formatting for a string. The 'name' format is applied
+ // to the primary identifier column which has type 'string' to assist in clients identifying column
+ // is the resource name.
+ // See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for more.
+ format: string @go(Format)
+
+ // description is a human readable description of this column.
+ description: string @go(Description)
+
+ // priority is an integer defining the relative importance of this column compared to others. Lower
+ // numbers are considered higher priority. Columns that may be omitted in limited space scenarios
+ // should be given a higher priority.
+ priority: int32 @go(Priority)
+}
+
+// TableRow is an individual row in a table.
+// +protobuf=false
+TableRow: {
+ // cells will be as wide as the column definitions array and may contain strings, numbers (float64 or
+ // int64), booleans, simple maps, lists, or null. See the type field of the column definition for a
+ // more detailed description.
+ cells: [...] @go(Cells,[]interface{})
+
+ // conditions describe additional status of a row that are relevant for a human user. These conditions
+ // apply to the row, not to the object, and will be specific to table output. The only defined
+ // condition type is 'Completed', for a row that indicates a resource that has run to completion and
+ // can be given less visual priority.
+ // +optional
+ conditions?: [...TableRowCondition] @go(Conditions,[]TableRowCondition)
+
+ // This field contains the requested additional information about each object based on the includeObject
+ // policy when requesting the Table. If "None", this field is empty, if "Object" this will be the
+ // default serialization of the object for the current API version, and if "Metadata" (the default) will
+ // contain the object metadata. Check the returned kind and apiVersion of the object before parsing.
+ // The media type of the object will always match the enclosing list - if this as a JSON table, these
+ // will be JSON encoded objects.
+ // +optional
+ object?: runtime.RawExtension @go(Object)
+}
+
+// TableRowCondition allows a row to be marked with additional information.
+// +protobuf=false
+TableRowCondition: {
+ // Type of row condition. The only defined value is 'Completed' indicating that the
+ // object this row represents has reached a completed state and may be given less visual
+ // priority than other rows. Clients are not required to honor any conditions but should
+ // be consistent where possible about handling the conditions.
+ type: RowConditionType @go(Type)
+
+ // Status of the condition, one of True, False, Unknown.
+ status: ConditionStatus @go(Status)
+
+ // (brief) machine readable reason for the condition's last transition.
+ // +optional
+ reason?: string @go(Reason)
+
+ // Human readable message indicating details about last transition.
+ // +optional
+ message?: string @go(Message)
+}
+
+RowConditionType: string // enumRowConditionType
+
+enumRowConditionType:
+ RowCompleted
+
+// RowCompleted means the underlying resource has reached completion and may be given less
+// visual priority than other resources.
+RowCompleted: RowConditionType & "Completed"
+
+ConditionStatus: string // enumConditionStatus
+
+enumConditionStatus:
+ ConditionTrue |
+ ConditionFalse |
+ ConditionUnknown
+
+ConditionTrue: ConditionStatus & "True"
+ConditionFalse: ConditionStatus & "False"
+ConditionUnknown: ConditionStatus & "Unknown"
+
+// IncludeObjectPolicy controls which portion of the object is returned with a Table.
+IncludeObjectPolicy: string // enumIncludeObjectPolicy
+
+enumIncludeObjectPolicy:
+ IncludeNone |
+ IncludeMetadata |
+ IncludeObject
+
+// IncludeNone returns no object.
+IncludeNone: IncludeObjectPolicy & "None"
+
+// IncludeMetadata serializes the object containing only its metadata field.
+IncludeMetadata: IncludeObjectPolicy & "Metadata"
+
+// IncludeObject contains the full object.
+IncludeObject: IncludeObjectPolicy & "Object"
+
+// TableOptions are used when a Table is requested by the caller.
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+TableOptions: TypeMeta & {
+ // includeObject decides whether to include each object along with its columnar information.
+ // Specifying "None" will return no object, specifying "Object" will return the full object contents, and
+ // specifying "Metadata" (the default) will return the object's metadata in the PartialObjectMetadata kind
+ // in version v1beta1 of the meta.k8s.io API group.
+ includeObject?: IncludeObjectPolicy @go(IncludeObject) @protobuf(1,bytes,opt,casttype=IncludeObjectPolicy)
+}
+
+// PartialObjectMetadata is a generic representation of any object with ObjectMeta. It allows clients
+// to get access to a particular ObjectMeta schema without knowing the details of the version.
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+PartialObjectMetadata: TypeMeta & {
+ // Standard object's metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
+ // +optional
+ metadata?: ObjectMeta @go(ObjectMeta) @protobuf(1,bytes,opt)
+}
+
+// PartialObjectMetadataList contains a list of objects containing only their metadata
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+PartialObjectMetadataList: TypeMeta & {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
+ // +optional
+ metadata?: ListMeta @go(ListMeta) @protobuf(1,bytes,opt)
+
+ // items contains each of the included items.
+ items: [...PartialObjectMetadata] @go(Items,[]PartialObjectMetadata) @protobuf(2,bytes,rep)
+}
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/watch_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/watch_go_gen.cue
new file mode 100644
index 0000000..16fd5c0
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/apis/meta/v1/watch_go_gen.cue
@@ -0,0 +1,30 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/apis/meta/v1
+
+package v1
+
+import (
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/watch"
+)
+
+// Event represents a single event to a watched resource.
+//
+// +protobuf=true
+// +k8s:deepcopy-gen=true
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+WatchEvent: {
+ type: string @go(Type) @protobuf(1,bytes,opt)
+
+ // Object is:
+ // * If Type is Added or Modified: the new state of the object.
+ // * If Type is Deleted: the state of the object immediately before deletion.
+ // * If Type is Error: *Status is recommended; other types may make sense
+ // depending on context.
+ object: runtime.RawExtension @go(Object) @protobuf(2,bytes,opt)
+}
+
+// InternalEvent makes watch.Event versioned
+// +protobuf=false
+InternalEvent: watch.Event
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/codec_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/codec_go_gen.cue
new file mode 100644
index 0000000..85e4a84
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/codec_go_gen.cue
@@ -0,0 +1,18 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/runtime
+
+package runtime
+
+// NoopEncoder converts an Decoder to a Serializer or Codec for code that expects them but only uses decoding.
+NoopEncoder: {
+ Decoder: Decoder
+}
+
+// NoopDecoder converts an Encoder to a Serializer or Codec for code that expects them but only uses encoding.
+NoopDecoder: {
+ Encoder: Encoder
+}
+
+// GroupVersioners implements GroupVersioner and resolves to the first exact match for any kind.
+GroupVersioners: [...GroupVersioner]
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/conversion_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/conversion_go_gen.cue
new file mode 100644
index 0000000..ce6d644
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/conversion_go_gen.cue
@@ -0,0 +1,7 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/runtime
+
+// Package runtime defines conversions between generic types and structs to map query strings
+// to struct objects.
+package runtime
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/converter_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/converter_go_gen.cue
new file mode 100644
index 0000000..440e800
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/converter_go_gen.cue
@@ -0,0 +1,9 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/runtime
+
+package runtime
+
+// UnstructuredConverter is an interface for converting between interface{}
+// and map[string]interface representation.
+UnstructuredConverter: _
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/doc_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/doc_go_gen.cue
new file mode 100644
index 0000000..89c5c51
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/doc_go_gen.cue
@@ -0,0 +1,39 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/runtime
+
+// Package runtime includes helper functions for working with API objects
+// that follow the kubernetes API object conventions, which are:
+//
+// 0. Your API objects have a common metadata struct member, TypeMeta.
+//
+// 1. Your code refers to an internal set of API objects.
+//
+// 2. In a separate package, you have an external set of API objects.
+//
+// 3. The external set is considered to be versioned, and no breaking
+// changes are ever made to it (fields may be added but not changed
+// or removed).
+//
+// 4. As your api evolves, you'll make an additional versioned package
+// with every major change.
+//
+// 5. Versioned packages have conversion functions which convert to
+// and from the internal version.
+//
+// 6. You'll continue to support older versions according to your
+// deprecation policy, and you can easily provide a program/library
+// to update old versions into new versions because of 5.
+//
+// 7. All of your serializations and deserializations are handled in a
+// centralized place.
+//
+// Package runtime provides a conversion helper to make 5 easy, and the
+// Encode/Decode/DecodeInto trio to accomplish 7. You can also register
+// additional "codecs" which use a version of your choice. It's
+// recommended that you register your types with runtime in your
+// package's init function.
+//
+// As a bonus, a few common types useful from all api objects and versions
+// are provided in types.go.
+package runtime
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/generated.pb_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/generated.pb_go_gen.cue
new file mode 100644
index 0000000..53b5f49
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/generated.pb_go_gen.cue
@@ -0,0 +1,16 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/runtime
+
+/*
+ Package runtime is a generated protocol buffer package.
+
+ It is generated from these files:
+ k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/runtime/generated.proto
+
+ It has these top-level messages:
+ RawExtension
+ TypeMeta
+ Unknown
+*/
+package runtime
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/helper_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/helper_go_gen.cue
new file mode 100644
index 0000000..5c81374
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/helper_go_gen.cue
@@ -0,0 +1,20 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/runtime
+
+package runtime
+
+// MultiObjectTyper returns the types of objects across multiple schemes in order.
+MultiObjectTyper: [...ObjectTyper]
+
+// WithVersionEncoder serializes an object and ensures the GVK is set.
+WithVersionEncoder: {
+ Version: GroupVersioner
+ Encoder: Encoder
+ ObjectTyper: ObjectTyper
+}
+
+// WithoutVersionDecoder clears the group version kind of a deserialized object.
+WithoutVersionDecoder: {
+ Decoder: Decoder
+}
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/interfaces_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/interfaces_go_gen.cue
new file mode 100644
index 0000000..013d0ba
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/interfaces_go_gen.cue
@@ -0,0 +1,130 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/runtime
+
+package runtime
+
+// APIVersionInternal may be used if you are registering a type that should not
+// be considered stable or serialized - it is a convention only and has no
+// special behavior in this package.
+APIVersionInternal: "__internal"
+
+// GroupVersioner refines a set of possible conversion targets into a single option.
+GroupVersioner: _
+
+// Encoder writes objects to a serialized form
+Encoder: _
+
+// Decoder attempts to load an object from data.
+Decoder: _
+
+// Serializer is the core interface for transforming objects into a serialized format and back.
+// Implementations may choose to perform conversion of the object, but no assumptions should be made.
+Serializer: _
+
+// Codec is a Serializer that deals with the details of versioning objects. It offers the same
+// interface as Serializer, so this is a marker to consumers that care about the version of the objects
+// they receive.
+Codec: Serializer
+
+// ParameterCodec defines methods for serializing and deserializing API objects to url.Values and
+// performing any necessary conversion. Unlike the normal Codec, query parameters are not self describing
+// and the desired version must be specified.
+ParameterCodec: _
+
+// Framer is a factory for creating readers and writers that obey a particular framing pattern.
+Framer: _
+
+// SerializerInfo contains information about a specific serialization format
+SerializerInfo: {
+ // MediaType is the value that represents this serializer over the wire.
+ MediaType: string
+
+ // MediaTypeType is the first part of the MediaType ("application" in "application/json").
+ MediaTypeType: string
+
+ // MediaTypeSubType is the second part of the MediaType ("json" in "application/json").
+ MediaTypeSubType: string
+
+ // EncodesAsText indicates this serializer can be encoded to UTF-8 safely.
+ EncodesAsText: bool
+
+ // Serializer is the individual object serializer for this media type.
+ Serializer: Serializer
+
+ // PrettySerializer, if set, can serialize this object in a form biased towards
+ // readability.
+ PrettySerializer: Serializer
+
+ // StreamSerializer, if set, describes the streaming serialization format
+ // for this media type.
+ StreamSerializer: null | StreamSerializerInfo @go(,*StreamSerializerInfo)
+}
+
+// StreamSerializerInfo contains information about a specific stream serialization format
+StreamSerializerInfo: {
+ // EncodesAsText indicates this serializer can be encoded to UTF-8 safely.
+ EncodesAsText: bool
+
+ // Serializer is the top level object serializer for this type when streaming
+ Serializer: Serializer
+
+ // Framer is the factory for retrieving streams that separate objects on the wire
+ Framer: Framer
+}
+
+// NegotiatedSerializer is an interface used for obtaining encoders, decoders, and serializers
+// for multiple supported media types. This would commonly be accepted by a server component
+// that performs HTTP content negotiation to accept multiple formats.
+NegotiatedSerializer: _
+
+// StorageSerializer is an interface used for obtaining encoders, decoders, and serializers
+// that can read and write data at rest. This would commonly be used by client tools that must
+// read files, or server side storage interfaces that persist restful objects.
+StorageSerializer: _
+
+// NestedObjectEncoder is an optional interface that objects may implement to be given
+// an opportunity to encode any nested Objects / RawExtensions during serialization.
+NestedObjectEncoder: _
+
+// NestedObjectDecoder is an optional interface that objects may implement to be given
+// an opportunity to decode any nested Objects / RawExtensions during serialization.
+NestedObjectDecoder: _
+
+ObjectDefaulter: _
+
+ObjectVersioner: _
+
+// ObjectConvertor converts an object to a different version.
+ObjectConvertor: _
+
+// ObjectTyper contains methods for extracting the APIVersion and Kind
+// of objects.
+ObjectTyper: _
+
+// ObjectCreater contains methods for instantiating an object by kind and version.
+ObjectCreater: _
+
+// EquivalentResourceMapper provides information about resources that address the same underlying data as a specified resource
+EquivalentResourceMapper: _
+
+// EquivalentResourceRegistry provides an EquivalentResourceMapper interface,
+// and allows registering known resource[/subresource] -> kind
+EquivalentResourceRegistry: _
+
+// ResourceVersioner provides methods for setting and retrieving
+// the resource version from an API object.
+ResourceVersioner: _
+
+// SelfLinker provides methods for setting and retrieving the SelfLink field of an API object.
+SelfLinker: _
+
+// Object interface must be supported by all API types registered with Scheme. Since objects in a scheme are
+// expected to be serialized to the wire, the interface an Object must provide to the Scheme allows
+// serializers to set the kind, version, and group the object is represented as. An Object may choose
+// to return a no-op ObjectKindAccessor in cases where it is not expected to be serialized.
+Object: _
+
+// Unstructured objects store values as map[string]interface{}, with only values that can be serialized
+// to JSON allowed.
+Unstructured: _
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/swagger_doc_generator_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/swagger_doc_generator_go_gen.cue
new file mode 100644
index 0000000..468dbf3
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/swagger_doc_generator_go_gen.cue
@@ -0,0 +1,14 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/runtime
+
+package runtime
+
+// Pair of strings. We keed the name of fields and the doc
+Pair: {
+ Name: string
+ Doc: string
+}
+
+// KubeTypes is an array to represent all available types in a parsed file. [0] is for the type itself
+KubeTypes: [...Pair]
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/types_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/types_go_gen.cue
new file mode 100644
index 0000000..c258f4e
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/types_go_gen.cue
@@ -0,0 +1,103 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/runtime
+
+package runtime
+
+// TypeMeta is shared by all top level objects. The proper way to use it is to inline it in your type,
+// like this:
+// type MyAwesomeAPIObject struct {
+// runtime.TypeMeta `json:",inline"`
+// ... // other fields
+// }
+// func (obj *MyAwesomeAPIObject) SetGroupVersionKind(gvk *metav1.GroupVersionKind) { metav1.UpdateTypeMeta(obj,gvk) }; GroupVersionKind() *GroupVersionKind
+//
+// TypeMeta is provided here for convenience. You may use it directly from this package or define
+// your own with the same fields.
+//
+// +k8s:deepcopy-gen=false
+// +protobuf=true
+// +k8s:openapi-gen=true
+TypeMeta: {
+ // +optional
+ apiVersion?: string @go(APIVersion) @protobuf(1,bytes,opt)
+
+ // +optional
+ kind?: string @go(Kind) @protobuf(2,bytes,opt)
+}
+
+ContentTypeJSON: "application/json"
+ContentTypeYAML: "application/yaml"
+ContentTypeProtobuf: "application/vnd.kubernetes.protobuf"
+
+// RawExtension is used to hold extensions in external versions.
+//
+// To use this, make a field which has RawExtension as its type in your external, versioned
+// struct, and Object in your internal struct. You also need to register your
+// various plugin types.
+//
+// // Internal package:
+// type MyAPIObject struct {
+// runtime.TypeMeta `json:",inline"`
+// MyPlugin runtime.Object `json:"myPlugin"`
+// }
+// type PluginA struct {
+// AOption string `json:"aOption"`
+// }
+//
+// // External package:
+// type MyAPIObject struct {
+// runtime.TypeMeta `json:",inline"`
+// MyPlugin runtime.RawExtension `json:"myPlugin"`
+// }
+// type PluginA struct {
+// AOption string `json:"aOption"`
+// }
+//
+// // On the wire, the JSON will look something like this:
+// {
+// "kind":"MyAPIObject",
+// "apiVersion":"v1",
+// "myPlugin": {
+// "kind":"PluginA",
+// "aOption":"foo",
+// },
+// }
+//
+// So what happens? Decode first uses json or yaml to unmarshal the serialized data into
+// your external MyAPIObject. That causes the raw JSON to be stored, but not unpacked.
+// The next step is to copy (using pkg/conversion) into the internal struct. The runtime
+// package's DefaultScheme has conversion functions installed which will unpack the
+// JSON stored in RawExtension, turning it into the correct object type, and storing it
+// in the Object. (TODO: In the case where the object is of an unknown type, a
+// runtime.Unknown object will be created and stored.)
+//
+// +k8s:deepcopy-gen=true
+// +protobuf=true
+// +k8s:openapi-gen=true
+RawExtension: _
+
+// Unknown allows api objects with unknown types to be passed-through. This can be used
+// to deal with the API objects from a plug-in. Unknown objects still have functioning
+// TypeMeta features-- kind, version, etc.
+// TODO: Make this object have easy access to field based accessors and settors for
+// metadata and field mutatation.
+//
+// +k8s:deepcopy-gen=true
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +protobuf=true
+// +k8s:openapi-gen=true
+Unknown: _
+
+// VersionedObjects is used by Decoders to give callers a way to access all versions
+// of an object during the decoding process.
+//
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +k8s:deepcopy-gen=true
+VersionedObjects: {
+ // Objects is the set of objects retrieved during decoding, in order of conversion.
+ // The 0 index is the object as serialized on the wire. If conversion has occurred,
+ // other objects may be present. The right most object is the same as would be returned
+ // by a normal Decode call.
+ Objects: [...Object] @go(,[]Object)
+}
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/types_proto_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/types_proto_go_gen.cue
new file mode 100644
index 0000000..21f96f2
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/runtime/types_proto_go_gen.cue
@@ -0,0 +1,7 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/runtime
+
+package runtime
+
+ProtobufMarshaller: _
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/doc_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/doc_go_gen.cue
new file mode 100644
index 0000000..bfb4bcd
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/doc_go_gen.cue
@@ -0,0 +1,6 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/types
+
+// Package types implements various generic types used throughout kubernetes.
+package types
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/namespacedname_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/namespacedname_go_gen.cue
new file mode 100644
index 0000000..1164c06
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/namespacedname_go_gen.cue
@@ -0,0 +1,12 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/types
+
+package types
+
+NamespacedName: {
+ Namespace: string
+ Name: string
+}
+
+Separator: 47 // '/'
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/nodename_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/nodename_go_gen.cue
new file mode 100644
index 0000000..042edea
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/nodename_go_gen.cue
@@ -0,0 +1,31 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/types
+
+package types
+
+// NodeName is a type that holds a api.Node's Name identifier.
+// Being a type captures intent and helps make sure that the node name
+// is not confused with similar concepts (the hostname, the cloud provider id,
+// the cloud provider name etc)
+//
+// To clarify the various types:
+//
+// * Node.Name is the Name field of the Node in the API. This should be stored in a NodeName.
+// Unfortunately, because Name is part of ObjectMeta, we can't store it as a NodeName at the API level.
+//
+// * Hostname is the hostname of the local machine (from uname -n).
+// However, some components allow the user to pass in a --hostname-override flag,
+// which will override this in most places. In the absence of anything more meaningful,
+// kubelet will use Hostname as the Node.Name when it creates the Node.
+//
+// * The cloudproviders have the own names: GCE has InstanceName, AWS has InstanceId.
+//
+// For GCE, InstanceName is the Name of an Instance object in the GCE API. On GCE, Instance.Name becomes the
+// Hostname, and thus it makes sense also to use it as the Node.Name. But that is GCE specific, and it is up
+// to the cloudprovider how to do this mapping.
+//
+// For AWS, the InstanceID is not yet suitable for use as a Node.Name, so we actually use the
+// PrivateDnsName for the Node.Name. And this is _not_ always the same as the hostname: if
+// we are using a custom DHCP domain it won't be.
+NodeName: string
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/patch_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/patch_go_gen.cue
new file mode 100644
index 0000000..25ac855
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/patch_go_gen.cue
@@ -0,0 +1,21 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/types
+
+package types
+
+// Similarly to above, these are constants to support HTTP PATCH utilized by
+// both the client and server that didn't make sense for a whole package to be
+// dedicated to.
+PatchType: string // enumPatchType
+
+enumPatchType:
+ JSONPatchType |
+ MergePatchType |
+ StrategicMergePatchType |
+ ApplyPatchType
+
+JSONPatchType: PatchType & "application/json-patch+json"
+MergePatchType: PatchType & "application/merge-patch+json"
+StrategicMergePatchType: PatchType & "application/strategic-merge-patch+json"
+ApplyPatchType: PatchType & "application/apply-patch+yaml"
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/uid_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/uid_go_gen.cue
new file mode 100644
index 0000000..b207a70
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/types/uid_go_gen.cue
@@ -0,0 +1,10 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/types
+
+package types
+
+// UID is a type that holds unique ID values, including UUIDs. Because we
+// don't ONLY use UUIDs, this is an alias to string. Being a type captures
+// intent and helps make sure that UIDs and names do not get conflated.
+UID: string
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/util/intstr/generated.pb_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/util/intstr/generated.pb_go_gen.cue
new file mode 100644
index 0000000..c97c11b
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/util/intstr/generated.pb_go_gen.cue
@@ -0,0 +1,14 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/util/intstr
+
+/*
+ Package intstr is a generated protocol buffer package.
+
+ It is generated from these files:
+ k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/intstr/generated.proto
+
+ It has these top-level messages:
+ IntOrString
+*/
+package intstr
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/util/intstr/intstr_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/util/intstr/intstr_go_gen.cue
new file mode 100644
index 0000000..a8d644a
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/util/intstr/intstr_go_gen.cue
@@ -0,0 +1,26 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/util/intstr
+
+package intstr
+
+// IntOrString is a type that can hold an int32 or a string. When used in
+// JSON or YAML marshalling and unmarshalling, it produces or consumes the
+// inner type. This allows you to have, for example, a JSON field that can
+// accept a name or number.
+// TODO: Rename to Int32OrString
+//
+// +protobuf=true
+// +protobuf.options.(gogoproto.goproto_stringer)=false
+// +k8s:openapi-gen=true
+IntOrString: _
+
+// Type represents the stored type of IntOrString.
+Type: int // enumType
+
+enumType:
+ Int |
+ String
+
+Int: Type & 0
+String: Type & 1
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/doc_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/doc_go_gen.cue
new file mode 100644
index 0000000..bc1b918
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/doc_go_gen.cue
@@ -0,0 +1,7 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/watch
+
+// Package watch contains a generic watchable interface, and a fake for
+// testing code that uses the watch interface.
+package watch
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/filter_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/filter_go_gen.cue
new file mode 100644
index 0000000..e066bbe
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/filter_go_gen.cue
@@ -0,0 +1,10 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/watch
+
+package watch
+
+// Recorder records all events that are sent from the watch until it is closed.
+Recorder: {
+ Interface: Interface
+}
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/mux_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/mux_go_gen.cue
new file mode 100644
index 0000000..d6eb54d
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/mux_go_gen.cue
@@ -0,0 +1,16 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/watch
+
+package watch
+
+// FullChannelBehavior controls how the Broadcaster reacts if a watcher's watch
+// channel is full.
+FullChannelBehavior: int // enumFullChannelBehavior
+
+enumFullChannelBehavior:
+ WaitIfChannelFull |
+ DropIfChannelFull
+
+WaitIfChannelFull: FullChannelBehavior & 0
+DropIfChannelFull: FullChannelBehavior & 1
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/streamwatcher_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/streamwatcher_go_gen.cue
new file mode 100644
index 0000000..8ef5e72
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/streamwatcher_go_gen.cue
@@ -0,0 +1,12 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/watch
+
+package watch
+
+// Decoder allows StreamWatcher to watch any stream for which a Decoder can be written.
+Decoder: _
+
+// Reporter hides the details of how an error is turned into a runtime.Object for
+// reporting on a watch stream since this package may not import a higher level report.
+Reporter: _
diff --git a/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/watch_go_gen.cue b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/watch_go_gen.cue
new file mode 100644
index 0000000..2cfced5
--- /dev/null
+++ b/doc/tutorial/kubernetes/quick/pkg/k8s.io/apimachinery/pkg/watch/watch_go_gen.cue
@@ -0,0 +1,56 @@
+// Code generated by cue get go. DO NOT EDIT.
+
+//cue:generate cue get go k8s.io/apimachinery/pkg/watch
+
+package watch
+
+import (
+ "k8s.io/apimachinery/pkg/runtime"
+)
+
+// Interface can be implemented by anything that knows how to watch and report changes.
+Interface: _
+
+// EventType defines the possible types of events.
+EventType: string // enumEventType
+
+enumEventType:
+ Added |
+ Modified |
+ Deleted |
+ Bookmark |
+ Error
+
+Added: EventType & "ADDED"
+Modified: EventType & "MODIFIED"
+Deleted: EventType & "DELETED"
+Bookmark: EventType & "BOOKMARK"
+Error: EventType & "ERROR"
+DefaultChanSize: int32 & 100
+
+// Event represents a single event to a watched resource.
+// +k8s:deepcopy-gen=true
+Event: {
+ Type: EventType
+
+ // Object is:
+ // * If Type is Added or Modified: the new state of the object.
+ // * If Type is Deleted: the state of the object immediately before deletion.
+ // * If Type is Bookmark: the object (instance of a type being watched) where
+ // only ResourceVersion field is set. On successful restart of watch from a
+ // bookmark resourceVersion, client is guaranteed to not get repeat event
+ // nor miss any events.
+ // * If Type is Error: *api.Status is recommended; other types may make sense
+ // depending on context.
+ Object: runtime.Object
+}
+
+// FakeWatcher lets you test anything that consumes a watch.Interface; threadsafe.
+FakeWatcher: {
+ Stopped: bool
+}
+
+// RaceFreeFakeWatcher lets you test anything that consumes a watch.Interface; threadsafe.
+RaceFreeFakeWatcher: {
+ Stopped: bool
+}
diff --git a/doc/tutorial/kubernetes/tut_test.go b/doc/tutorial/kubernetes/tut_test.go
index 5505d69..5cfcd5b 100644
--- a/doc/tutorial/kubernetes/tut_test.go
+++ b/doc/tutorial/kubernetes/tut_test.go
@@ -60,18 +60,40 @@
if *cleanup {
defer os.RemoveAll(dir)
} else {
- logf(t, "Temporary dir: %v", dir)
+ defer logf(t, "Temporary dir: %v", dir)
}
wd := filepath.Join(dir, "services")
if err := copy.Dir(filepath.Join("original", "services"), wd); err != nil {
t.Fatal(err)
}
+
+ if *update {
+ // The test environment won't work in all environments. We create
+ // a fake go.mod so that Go will find the module root. By default
+ // we won't set it.
+ if err := os.Chdir(dir); err != nil {
+ t.Fatal(err)
+ }
+ cmd := exec.Command("go", "mod", "init", "cuelang.org/dummy")
+ b, err := cmd.CombinedOutput()
+ logf(t, string(b))
+ if err != nil {
+ t.Fatal(err)
+ }
+ } else {
+ // We only fetch new kubernetes files with when updating.
+ err := copy.Dir(filepath.Join("quick", "pkg"), filepath.Join(dir, "pkg"))
+ if err != nil {
+ t.Fatal(err)
+ }
+ }
+
if err := os.Chdir(wd); err != nil {
t.Fatal(err)
}
defer os.Chdir(cwd)
- logf(t, "Tmp dir: %s", wd)
+ logf(t, "Changed to directory: %s", wd)
// Execute the tutorial.
for c := cuetest.NewChunker(t, b); c.Next("```", "```"); {
@@ -128,6 +150,10 @@
// Don't execute the kubernetes dry run.
break
}
+ if !*update && strings.HasPrefix(cmd, "cue get") {
+ // Don't fetch stuff in normal mode.
+ break
+ }
cuetest.Run(t, wd, cmd, &cuetest.Config{
Stdin: strings.NewReader(input),
@@ -165,17 +191,25 @@
return nil
})
- filepath.Walk(wd, func(path string, info os.FileInfo, err error) error {
+ err := filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
if isCUE(path) {
- return copy.File(path, "services"+path[len(wd):])
+ dst := path[len(dir)+1:]
+ err := os.MkdirAll(filepath.Dir(dst), 0755)
+ if err != nil {
+ return err
+ }
+ return copy.File(path, dst)
}
return nil
})
+ if err != nil {
+ t.Fatal(err)
+ }
return
}
// Compare the output in the temp directory with the quick output.
- err = filepath.Walk(wd, func(path string, info os.FileInfo, err error) error {
+ err = filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
if filepath.Ext(path) != ".cue" {
return nil
}
@@ -183,7 +217,7 @@
if err != nil {
t.Fatal(err)
}
- b2, err := ioutil.ReadFile("services" + path[len(wd):])
+ b2, err := ioutil.ReadFile(path[len(dir)+1:])
if err != nil {
t.Fatal(err)
}