RootShard
RootShard CRD schema reference (group operator.kcp.io)
Version v1alpha1
Example CR
apiVersion: operator.kcp.io/v1alpha1
kind: RootShard
metadata:
labels:
app.kubernetes.io/name: kcp-operator
app.kubernetes.io/managed-by: kustomize
name: shard-sample
spec:
external:
hostname: example.operator.kcp.io
port: 6443
certificates:
issuerRef:
group: cert-manager.io
kind: Issuer
name: selfsigned
cache:
embedded:
enabled: true
etcd:
endpoints:
- http://etcd.default.svc.cluster.local:2379
deploymentTemplate:
spec:
template:
spec:
hostAliases:
# add a hardcoded DNS override to the same IP as in v1alpha1_frontproxy.yaml.
- ip: "10.96.100.100"
hostnames:
- "example.operator.kcp.io"
Properties
.apiVersion
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
.kind
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
.metadata
.spec
RootShardSpec defines the desired state of RootShard.
.spec.audit
.spec.audit.webhook
.spec.audit.webhook.batchBufferSize
The size of the buffer to store events before batching and writing. Only used in batch mode.
.spec.audit.webhook.batchMaxSize
The maximum size of a batch. Only used in batch mode.
.spec.audit.webhook.batchMaxWait
The amount of time to wait before force writing the batch that hadn’t reached the max size. Only used in batch mode.
.spec.audit.webhook.batchThrottleBurst
Maximum number of requests sent at the same moment if ThrottleQPS was not utilized before. Only used in batch mode.
.spec.audit.webhook.batchThrottleEnable
Whether batching throttling is enabled. Only used in batch mode.
.spec.audit.webhook.batchThrottleQPS
Maximum average number of batches per second. Only used in batch mode. This value is a floating point number, stored as a string (e.g. “3.1”).
.spec.audit.webhook.configSecretName
Name of a Kubernetes Secret that contains a kubeconfig formatted file that defines the audit webhook configuration.
.spec.audit.webhook.initialBackoff
The amount of time to wait before retrying the first failed request.
.spec.audit.webhook.mode
Strategy for sending audit events. Blocking indicates sending events should block server responses. Batch causes the backend to buffer and write events asynchronously.
.spec.audit.webhook.truncateEnabled
Whether event and batch truncating is enabled.
.spec.audit.webhook.truncateMaxBatchSize
Maximum size of the batch sent to the underlying backend. Actual serialized size can be several hundreds of bytes greater. If a batch exceeds this limit, it is split into several batches of smaller size.
.spec.audit.webhook.truncateMaxEventSize
Maximum size of the audit event sent to the underlying backend. If the size of an event is greater than this number, first request and response are removed, and if this doesn’t reduce the size enough, event is discarded.
.spec.audit.webhook.version
API group and version used for serializing audit events written to webhook.
.spec.authorization
.spec.authorization.webhook
.spec.authorization.webhook.allowPaths
A list of HTTP paths to skip during authorization, i.e. these are authorized without contacting the ‘core’ kubernetes server. If specified, completely overwrites the default of [/healthz,/readyz,/livez].
.spec.authorization.webhook.allowPaths[*]
.spec.authorization.webhook.cacheAuthorizedTTL
The duration to cache ‘authorized’ responses from the webhook authorizer.
.spec.authorization.webhook.cacheUnauthorizedTTL
The duration to cache ‘unauthorized’ responses from the webhook authorizer.
.spec.authorization.webhook.configSecretName
Name of a Kubernetes Secret that contains a kubeconfig formatted file that defines the authorization webhook configuration.
.spec.authorization.webhook.version
The API version of the authorization.k8s.io SubjectAccessReview to send to and expect from the webhook.
.spec.cache
Cache configures the cache server (with a Kubernetes-like API) used by a sharded kcp instance.
.spec.cache.embedded
Embedded configures settings for starting the cache server embedded in the root shard.
.spec.cache.embedded.enabled
Enabled enables or disables running the cache server as embedded.
.spec.certificateTemplates
CertificateTemplates allows to customize the properties on the generated certificates for this root shard.
.spec.certificates
Certificates configures how the operator should create the kcp root CA, from which it will then create all other sub CAs and leaf certificates.
.spec.certificates.caSecretRef
CASecretRef can be used as an alternative to the IssuerRef: This field allows to configure a pre-existing CA certificate that should be used as sign kcp certificates. This Secret must contain both the certificate and the private key so that new sub certificates can be signed and created from this CA. This field is mutually exclusive with issuerRef.
.spec.certificates.caSecretRef.name
Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
.spec.certificates.issuerRef
IssuerRef points to a pre-existing cert-manager Issuer or ClusterIssuer that shall be used to acquire new certificates. This field is mutually exclusive with caSecretRef.
.spec.certificates.issuerRef.group
Group of the object being referred to.
.spec.certificates.issuerRef.kind
Kind of the object being referred to.
.spec.certificates.issuerRef.name
Name of the object being referred to.
.spec.clusterDomain
.spec.deploymentTemplate
Optional: DeploymentTemplate configures the Kubernetes Deployment created for this shard.
.spec.deploymentTemplate.metadata
.spec.deploymentTemplate.metadata.annotations
Annotations is a key value map to be copied to the target Deployment.
.spec.deploymentTemplate.metadata.labels
Labels is a key value map to be copied to the target Deployment.
.spec.deploymentTemplate.spec
.spec.deploymentTemplate.spec.template
Template describes the pods that will be created.
.spec.deploymentTemplate.spec.template.metadata
.spec.deploymentTemplate.spec.template.metadata.annotations
Annotations is a key value map to be copied to the Pod.
.spec.deploymentTemplate.spec.template.metadata.labels
Labels is a key value map to be copied to the Pod.
.spec.deploymentTemplate.spec.template.spec
.spec.deploymentTemplate.spec.template.spec.affinity
If specified, the pod’s scheduling constraints
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity
Describes node affinity scheduling rules for the pod.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution
The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding “weight” to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*]
An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it’s a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference
A node selector term, associated with the corresponding weight.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchExpressions
A list of node selector requirements by node’s labels.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchExpressions[*]
A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchExpressions[*].key
The label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchExpressions[*].operator
Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchExpressions[*].values
An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchExpressions[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchFields
A list of node selector requirements by node’s fields.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchFields[*]
A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchFields[*].key
The label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchFields[*].operator
Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchFields[*].values
An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].preference.matchFields[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].weight
Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution
If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms
Required. A list of node selector terms. The terms are ORed.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*]
A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchExpressions
A list of node selector requirements by node’s labels.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchExpressions[*]
A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchExpressions[*].key
The label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchExpressions[*].operator
Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchExpressions[*].values
An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchExpressions[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchFields
A list of node selector requirements by node’s fields.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchFields[*]
A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchFields[*].key
The label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchFields[*].operator
Represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchFields[*].values
An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[*].matchFields[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity
Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution
The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding “weight” to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*]
The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm
Required. A pod affinity term, associated with the corresponding weight.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector
A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.matchLabelKeys
MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with labelSelector as key in (value)
to select the group of existing pods which pods will be taken into consideration
for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn’t set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.matchLabelKeys[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.mismatchLabelKeys
MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with labelSelector as key notin (value)
to select the group of existing pods which pods will be taken into consideration
for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn’t set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.mismatchLabelKeys[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector
A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means “this pod’s namespace”. An empty selector ({}) matches all namespaces.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaces
namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means “this pod’s namespace”.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaces[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.topologyKey
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].weight
weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution
If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*]
Defines a set of pods (namely those matching the labelSelector
relative to the given namespace(s)) that this pod should be
co-located (affinity) or not co-located (anti-affinity) with,
where co-located is defined as running on a node whose value of
the label with key
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector
A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].matchLabelKeys
MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with labelSelector as key in (value)
to select the group of existing pods which pods will be taken into consideration
for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn’t set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].matchLabelKeys[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].mismatchLabelKeys
MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with labelSelector as key notin (value)
to select the group of existing pods which pods will be taken into consideration
for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn’t set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].mismatchLabelKeys[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector
A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means “this pod’s namespace”. An empty selector ({}) matches all namespaces.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaces
namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means “this pod’s namespace”.
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaces[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].topologyKey
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity
Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution
The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding “weight” to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*]
The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm
Required. A pod affinity term, associated with the corresponding weight.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector
A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchExpressions[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.labelSelector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.matchLabelKeys
MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with labelSelector as key in (value)
to select the group of existing pods which pods will be taken into consideration
for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn’t set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.matchLabelKeys[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.mismatchLabelKeys
MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with labelSelector as key notin (value)
to select the group of existing pods which pods will be taken into consideration
for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn’t set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.mismatchLabelKeys[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector
A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means “this pod’s namespace”. An empty selector ({}) matches all namespaces.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchExpressions[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaceSelector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaces
namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means “this pod’s namespace”.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.namespaces[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].podAffinityTerm.topologyKey
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[*].weight
weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution
If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*]
Defines a set of pods (namely those matching the labelSelector
relative to the given namespace(s)) that this pod should be
co-located (affinity) or not co-located (anti-affinity) with,
where co-located is defined as running on a node whose value of
the label with key
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector
A label query over a set of resources, in this case pods. If it’s null, this PodAffinityTerm matches with no Pods.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchExpressions[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].labelSelector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].matchLabelKeys
MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with labelSelector as key in (value)
to select the group of existing pods which pods will be taken into consideration
for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn’t set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].matchLabelKeys[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].mismatchLabelKeys
MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with labelSelector as key notin (value)
to select the group of existing pods which pods will be taken into consideration
for the incoming pod’s pod (anti) affinity. Keys that don’t exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn’t set.
This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].mismatchLabelKeys[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector
A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means “this pod’s namespace”. An empty selector ({}) matches all namespaces.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions[*]
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions[*].key
key is the label key that the selector applies to.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions[*].operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions[*].values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchExpressions[*].values[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaceSelector.matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaces
namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means “this pod’s namespace”.
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].namespaces[*]
.spec.deploymentTemplate.spec.template.spec.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[*].topologyKey
This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
.spec.deploymentTemplate.spec.template.spec.hostAliases
HostAliases is an optional list of hosts and IPs that will be injected into the pod’s hosts file if specified.
.spec.deploymentTemplate.spec.template.spec.hostAliases[*]
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod’s hosts file.
.spec.deploymentTemplate.spec.template.spec.hostAliases[*].hostnames
Hostnames for the above IP address.
.spec.deploymentTemplate.spec.template.spec.hostAliases[*].hostnames[*]
.spec.deploymentTemplate.spec.template.spec.hostAliases[*].ip
IP address of the host file entry.
.spec.deploymentTemplate.spec.template.spec.imagePullSecrets
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod
.spec.deploymentTemplate.spec.template.spec.imagePullSecrets[*]
LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
.spec.deploymentTemplate.spec.template.spec.imagePullSecrets[*].name
Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
.spec.deploymentTemplate.spec.template.spec.nodeSelector
NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
.spec.deploymentTemplate.spec.template.spec.tolerations
If specified, the pod’s tolerations.
.spec.deploymentTemplate.spec.template.spec.tolerations[*]
The pod this Toleration is attached to tolerates any taint that matches
the triple
.spec.deploymentTemplate.spec.template.spec.tolerations[*].effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
.spec.deploymentTemplate.spec.template.spec.tolerations[*].key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
.spec.deploymentTemplate.spec.template.spec.tolerations[*].operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
.spec.deploymentTemplate.spec.template.spec.tolerations[*].tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
.spec.deploymentTemplate.spec.template.spec.tolerations[*].value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
.spec.etcd
Etcd configures the etcd cluster that this shard should be using.
.spec.etcd.endpoints
Endpoints is a list of http urls at which etcd nodes are available. The expected format is “https://etcd-hostname:2379”.
.spec.etcd.endpoints[*]
.spec.etcd.tlsConfig
ClientCert configures the client certificate used to access etcd.
.spec.etcd.tlsConfig.secretRef
SecretRef is the reference to a v1.Secret object that contains the TLS certificate.
.spec.etcd.tlsConfig.secretRef.name
Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
.spec.external
.spec.external.hostname
Hostname is the external name of the kcp instance. This should be matched by a DNS record pointing to the kcp-front-proxy Service’s external IP address.
.spec.external.port
.spec.image
ImageSpec defines settings for using a specific image and overwriting the default images used.
.spec.image.imagePullSecrets
Optional: ImagePullSecrets is a list of secret references that should be used as image pull secrets (e.g. when a private registry is used).
.spec.image.imagePullSecrets[*]
LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
.spec.image.imagePullSecrets[*].name
Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
.spec.image.repository
Repository is the container image repository to use for KCP containers. Defaults to ghcr.io/kcp-dev/kcp.
.spec.image.tag
Tag is the container image tag to use for KCP containers. Defaults to the latest kcp release that the operator supports.
.spec.replicas
Replicas configures how many instances of this shard run in parallel. Defaults to 2 if not set.
.spec.resources
Resources overrides the default resource requests and limits.
.spec.resources.claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.
This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.
.spec.resources.claims[*]
ResourceClaim references one entry in PodSpec.ResourceClaims.
.spec.resources.claims[*].name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
.spec.resources.claims[*].request
Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
.spec.resources.limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
.spec.resources.requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
.spec.serviceTemplate
Optional: ServiceTemplate configures the Kubernetes Service created for this shard.
.spec.serviceTemplate.metadata
ServiceMetadataTemplate defines the default labels and annotations to be copied to the Kubernetes Service resource.
.spec.serviceTemplate.metadata.annotations
Annotations is a key value map to be copied to the target Kubernetes Service.
.spec.serviceTemplate.metadata.labels
Labels is a key value map to be copied to the target Kubernetes Service.
.spec.serviceTemplate.spec
.spec.serviceTemplate.spec.clusterIP
.spec.serviceTemplate.spec.type
Service Type string describes ingress methods for a service
.status
RootShardStatus defines the observed state of RootShard
.status.conditions
.status.conditions[*]
Condition contains details for one aspect of the current state of this API Resource.
.status.conditions[*].lastTransitionTime
lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
.status.conditions[*].message
message is a human readable message indicating details about the transition. This may be an empty string.
.status.conditions[*].observedGeneration
observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
.status.conditions[*].reason
reason contains a programmatic identifier indicating the reason for the condition’s last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
.status.conditions[*].status
status of the condition, one of True, False, Unknown.
.status.conditions[*].type
type of condition in CamelCase or in foo.example.com/CamelCase.