|
|
@@ -0,0 +1,5919 @@
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: Namespace
|
|
|
+metadata:
|
|
|
+ name: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+# Use this aggregated ClusterRole when you need readonly access to "Addressables"
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: ClusterRole
|
|
|
+metadata:
|
|
|
+
|
|
|
+
|
|
|
+ name: knative-serving-aggregated-addressable-resolver
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+aggregationRule:
|
|
|
+ clusterRoleSelectors:
|
|
|
+ - matchLabels:
|
|
|
+ duck.knative.dev/addressable: "true"
|
|
|
+---
|
|
|
+kind: ClusterRole
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+metadata:
|
|
|
+ name: knative-serving-addressable-resolver
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+
|
|
|
+ duck.knative.dev/addressable: "true"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+# Do not use this role directly. These rules will be added to the "addressable-resolver" role.
|
|
|
+rules:
|
|
|
+ - apiGroups:
|
|
|
+ - serving.knative.dev
|
|
|
+ resources:
|
|
|
+ - routes
|
|
|
+ - routes/status
|
|
|
+ - services
|
|
|
+ - services/status
|
|
|
+ verbs:
|
|
|
+ - get
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+kind: ClusterRole
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+metadata:
|
|
|
+ name: knative-serving-namespaced-admin
|
|
|
+ labels:
|
|
|
+ rbac.authorization.k8s.io/aggregate-to-admin: "true"
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+rules:
|
|
|
+ - apiGroups: ["serving.knative.dev"]
|
|
|
+ resources: ["*"]
|
|
|
+ verbs: ["*"]
|
|
|
+ - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"]
|
|
|
+ resources: ["*"]
|
|
|
+ verbs: ["get", "list", "watch"]
|
|
|
+---
|
|
|
+kind: ClusterRole
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+metadata:
|
|
|
+ name: knative-serving-namespaced-edit
|
|
|
+ labels:
|
|
|
+ rbac.authorization.k8s.io/aggregate-to-edit: "true"
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+rules:
|
|
|
+ - apiGroups: ["serving.knative.dev"]
|
|
|
+ resources: ["*"]
|
|
|
+ verbs: ["create", "update", "patch", "delete"]
|
|
|
+ - apiGroups: ["networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"]
|
|
|
+ resources: ["*"]
|
|
|
+ verbs: ["get", "list", "watch"]
|
|
|
+---
|
|
|
+kind: ClusterRole
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+metadata:
|
|
|
+ name: knative-serving-namespaced-view
|
|
|
+ labels:
|
|
|
+ rbac.authorization.k8s.io/aggregate-to-view: "true"
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+rules:
|
|
|
+ - apiGroups: ["serving.knative.dev", "networking.internal.knative.dev", "autoscaling.internal.knative.dev", "caching.internal.knative.dev"]
|
|
|
+ resources: ["*"]
|
|
|
+ verbs: ["get", "list", "watch"]
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+kind: ClusterRole
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+metadata:
|
|
|
+ name: knative-serving-core
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ serving.knative.dev/controller: "true"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+rules:
|
|
|
+ - apiGroups: [""]
|
|
|
+ resources: ["pods", "namespaces", "secrets", "configmaps", "endpoints", "services", "events", "serviceaccounts"]
|
|
|
+ verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
|
|
|
+ - apiGroups: [""]
|
|
|
+ resources: ["endpoints/restricted"]
|
|
|
+ verbs: ["create"]
|
|
|
+ - apiGroups: [""]
|
|
|
+ resources: ["namespaces/finalizers"]
|
|
|
+ verbs: ["update"]
|
|
|
+ - apiGroups: ["apps"]
|
|
|
+ resources: ["deployments", "deployments/finalizers"]
|
|
|
+ verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
|
|
|
+ - apiGroups: ["admissionregistration.k8s.io"]
|
|
|
+ resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"]
|
|
|
+ verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
|
|
|
+ - apiGroups: ["apiextensions.k8s.io"]
|
|
|
+ resources: ["customresourcedefinitions", "customresourcedefinitions/status"]
|
|
|
+ verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
|
|
|
+ - apiGroups: ["autoscaling"]
|
|
|
+ resources: ["horizontalpodautoscalers"]
|
|
|
+ verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
|
|
|
+ - apiGroups: ["coordination.k8s.io"]
|
|
|
+ resources: ["leases"]
|
|
|
+ verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
|
|
|
+ - apiGroups: ["serving.knative.dev", "autoscaling.internal.knative.dev", "networking.internal.knative.dev"]
|
|
|
+ resources: ["*", "*/status", "*/finalizers"]
|
|
|
+ verbs: ["get", "list", "create", "update", "delete", "deletecollection", "patch", "watch"]
|
|
|
+ - apiGroups: ["caching.internal.knative.dev"]
|
|
|
+ resources: ["images"]
|
|
|
+ verbs: ["get", "list", "create", "update", "delete", "patch", "watch"]
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+kind: ClusterRole
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+metadata:
|
|
|
+ name: knative-serving-podspecable-binding
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+
|
|
|
+ duck.knative.dev/podspecable: "true"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+# Do not use this role directly. These rules will be added to the "podspecable-binder" role.
|
|
|
+rules:
|
|
|
+ - apiGroups:
|
|
|
+ - serving.knative.dev
|
|
|
+ resources:
|
|
|
+ - configurations
|
|
|
+ - services
|
|
|
+ verbs:
|
|
|
+ - list
|
|
|
+ - watch
|
|
|
+ - patch
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ServiceAccount
|
|
|
+metadata:
|
|
|
+ name: controller
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: controller
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+---
|
|
|
+kind: ClusterRole
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+metadata:
|
|
|
+ name: knative-serving-admin
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+aggregationRule:
|
|
|
+ clusterRoleSelectors:
|
|
|
+ - matchLabels:
|
|
|
+ serving.knative.dev/controller: "true"
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: ClusterRoleBinding
|
|
|
+metadata:
|
|
|
+ name: knative-serving-controller-admin
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: controller
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+subjects:
|
|
|
+ - kind: ServiceAccount
|
|
|
+ name: controller
|
|
|
+ namespace: knative-serving
|
|
|
+roleRef:
|
|
|
+ kind: ClusterRole
|
|
|
+ name: knative-serving-admin
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+---
|
|
|
+apiVersion: rbac.authorization.k8s.io/v1
|
|
|
+kind: ClusterRoleBinding
|
|
|
+metadata:
|
|
|
+ name: knative-serving-controller-addressable-resolver
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: controller
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+subjects:
|
|
|
+ - kind: ServiceAccount
|
|
|
+ name: controller
|
|
|
+ namespace: knative-serving
|
|
|
+roleRef:
|
|
|
+ kind: ClusterRole
|
|
|
+ name: knative-serving-aggregated-addressable-resolver
|
|
|
+ apiGroup: rbac.authorization.k8s.io
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: images.caching.internal.knative.dev
|
|
|
+ labels:
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+spec:
|
|
|
+ group: caching.internal.knative.dev
|
|
|
+ names:
|
|
|
+ kind: Image
|
|
|
+ plural: images
|
|
|
+ singular: image
|
|
|
+ categories:
|
|
|
+ - knative-internal
|
|
|
+ - caching
|
|
|
+ shortNames:
|
|
|
+ - img
|
|
|
+ scope: Namespaced
|
|
|
+ versions:
|
|
|
+ - name: v1alpha1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ type: object
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: Image
|
|
|
+ type: string
|
|
|
+ jsonPath: .spec.image
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: certificates.networking.internal.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+spec:
|
|
|
+ group: networking.internal.knative.dev
|
|
|
+ versions:
|
|
|
+ - name: v1alpha1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ type: object
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type==\"Ready\")].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type==\"Ready\")].reason"
|
|
|
+ names:
|
|
|
+ kind: Certificate
|
|
|
+ plural: certificates
|
|
|
+ singular: certificate
|
|
|
+ categories:
|
|
|
+ - knative-internal
|
|
|
+ - networking
|
|
|
+ shortNames:
|
|
|
+ - kcert
|
|
|
+ scope: Namespaced
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: configurations.serving.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+ duck.knative.dev/podspecable: "true"
|
|
|
+spec:
|
|
|
+ group: serving.knative.dev
|
|
|
+ names:
|
|
|
+ kind: Configuration
|
|
|
+ plural: configurations
|
|
|
+ singular: configuration
|
|
|
+ categories:
|
|
|
+ - all
|
|
|
+ - knative
|
|
|
+ - serving
|
|
|
+ shortNames:
|
|
|
+ - config
|
|
|
+ - cfg
|
|
|
+ scope: Namespaced
|
|
|
+ versions:
|
|
|
+ - name: v1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: LatestCreated
|
|
|
+ type: string
|
|
|
+ jsonPath: .status.latestCreatedRevisionName
|
|
|
+ - name: LatestReady
|
|
|
+ type: string
|
|
|
+ jsonPath: .status.latestReadyRevisionName
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].reason"
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ description: 'Configuration represents the "floating HEAD" of a linear history of Revisions. Users create new Revisions by updating the Configuration''s spec. The "latest created" revision''s name is available under status, as is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ description: ConfigurationSpec holds the desired state of the Configuration (from the client).
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ template:
|
|
|
+ description: Template holds the latest specification for the Revision to be stamped out.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ finalizers:
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ labels:
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ spec:
|
|
|
+ description: RevisionSpec holds the desired state of the Revision (from the client).
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - containers
|
|
|
+ properties:
|
|
|
+ automountServiceAccountToken:
|
|
|
+ description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.
|
|
|
+ type: boolean
|
|
|
+ containerConcurrency:
|
|
|
+ description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ containers:
|
|
|
+ description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: A single application container that you want to run within a pod.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ args:
|
|
|
+ description: 'Arguments to the entrypoint. The docker image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ command:
|
|
|
+ description: 'Entrypoint array. Not executed within a shell. The docker image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ env:
|
|
|
+ description: List of environment variables to set in the container. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: EnvVar represents an environment variable present in a Container.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name of the environment variable. Must be a C_IDENTIFIER.
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
|
|
|
+ type: string
|
|
|
+ valueFrom:
|
|
|
+ description: Source for the environment variable's value. Cannot be used if value is not empty.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configMapKeyRef:
|
|
|
+ description: Selects a key of a ConfigMap.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to select.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap or its key must be defined
|
|
|
+ type: boolean
|
|
|
+ secretKeyRef:
|
|
|
+ description: Selects a key of a secret in the pod's namespace
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key of the secret to select from. Must be a valid secret key.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret or its key must be defined
|
|
|
+ type: boolean
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ envFrom:
|
|
|
+ description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: EnvFromSource represents the source of a set of ConfigMaps
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configMapRef:
|
|
|
+ description: The ConfigMap to select from
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap must be defined
|
|
|
+ type: boolean
|
|
|
+ prefix:
|
|
|
+ description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
|
|
|
+ type: string
|
|
|
+ secretRef:
|
|
|
+ description: The Secret to select from
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret must be defined
|
|
|
+ type: boolean
|
|
|
+ image:
|
|
|
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.'
|
|
|
+ type: string
|
|
|
+ imagePullPolicy:
|
|
|
+ description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
|
|
|
+ type: string
|
|
|
+ livenessProbe:
|
|
|
+ description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ exec:
|
|
|
+ description: One and only one of the following should be specified. Exec specifies the action to take.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ command:
|
|
|
+ description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ failureThreshold:
|
|
|
+ description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ httpGet:
|
|
|
+ description: HTTPGet specifies the http request to perform.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
|
|
|
+ type: string
|
|
|
+ httpHeaders:
|
|
|
+ description: Custom headers to set in the request. HTTP allows repeated headers.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: HTTPHeader describes a custom header to be used in HTTP probes
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: The header field name
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: The header field value
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path to access on the HTTP server.
|
|
|
+ type: string
|
|
|
+ scheme:
|
|
|
+ description: Scheme to use for connecting to the host. Defaults to HTTP.
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ initialDelaySeconds:
|
|
|
+ description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ periodSeconds:
|
|
|
+ description: How often (in seconds) to perform the probe.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ successThreshold:
|
|
|
+ description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ tcpSocket:
|
|
|
+ description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: 'Optional: Host name to connect to, defaults to the pod IP.'
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ timeoutSeconds:
|
|
|
+ description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ name:
|
|
|
+ description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
|
|
|
+ type: string
|
|
|
+ ports:
|
|
|
+ description: List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: ContainerPort represents a network port in a single container.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - containerPort
|
|
|
+ properties:
|
|
|
+ containerPort:
|
|
|
+ description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ name:
|
|
|
+ description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
|
|
|
+ type: string
|
|
|
+ protocol:
|
|
|
+ description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
|
|
|
+ type: string
|
|
|
+ default: TCP
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ x-kubernetes-list-map-keys:
|
|
|
+ - containerPort
|
|
|
+ - protocol
|
|
|
+ x-kubernetes-list-type: map
|
|
|
+ readinessProbe:
|
|
|
+ description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ exec:
|
|
|
+ description: One and only one of the following should be specified. Exec specifies the action to take.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ command:
|
|
|
+ description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ failureThreshold:
|
|
|
+ description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ httpGet:
|
|
|
+ description: HTTPGet specifies the http request to perform.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
|
|
|
+ type: string
|
|
|
+ httpHeaders:
|
|
|
+ description: Custom headers to set in the request. HTTP allows repeated headers.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: HTTPHeader describes a custom header to be used in HTTP probes
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: The header field name
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: The header field value
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path to access on the HTTP server.
|
|
|
+ type: string
|
|
|
+ scheme:
|
|
|
+ description: Scheme to use for connecting to the host. Defaults to HTTP.
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ initialDelaySeconds:
|
|
|
+ description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ periodSeconds:
|
|
|
+ description: How often (in seconds) to perform the probe.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ successThreshold:
|
|
|
+ description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ tcpSocket:
|
|
|
+ description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: 'Optional: Host name to connect to, defaults to the pod IP.'
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ timeoutSeconds:
|
|
|
+ description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ resources:
|
|
|
+ description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ limits:
|
|
|
+ description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
|
+ anyOf:
|
|
|
+ - type: integer
|
|
|
+ - type: string
|
|
|
+ x-kubernetes-int-or-string: true
|
|
|
+ requests:
|
|
|
+ description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
|
+ anyOf:
|
|
|
+ - type: integer
|
|
|
+ - type: string
|
|
|
+ x-kubernetes-int-or-string: true
|
|
|
+ securityContext:
|
|
|
+ description: 'Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ capabilities:
|
|
|
+ description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ drop:
|
|
|
+ description: Removed capabilities
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Capability represent POSIX capabilities type
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ readOnlyRootFilesystem:
|
|
|
+ description: Whether this container has a read-only root filesystem. Default is false.
|
|
|
+ type: boolean
|
|
|
+ runAsUser:
|
|
|
+ description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ terminationMessagePath:
|
|
|
+ description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
|
|
|
+ type: string
|
|
|
+ terminationMessagePolicy:
|
|
|
+ description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
|
|
|
+ type: string
|
|
|
+ volumeMounts:
|
|
|
+ description: Pod volumes to mount into the container's filesystem. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: VolumeMount describes a mounting of a Volume within a container.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - mountPath
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ mountPath:
|
|
|
+ description: Path within the container at which the volume should be mounted. Must not contain ':'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: This must match the Name of a Volume.
|
|
|
+ type: string
|
|
|
+ readOnly:
|
|
|
+ description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
|
|
|
+ type: boolean
|
|
|
+ subPath:
|
|
|
+ description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
|
|
|
+ type: string
|
|
|
+ workingDir:
|
|
|
+ description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ enableServiceLinks:
|
|
|
+ description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Defaults to true.'
|
|
|
+ type: boolean
|
|
|
+ imagePullSecrets:
|
|
|
+ description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ serviceAccountName:
|
|
|
+ description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
|
|
|
+ type: string
|
|
|
+ timeoutSeconds:
|
|
|
+ description: TimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin replying (send network traffic). If unspecified, a system default will be provided.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ volumes:
|
|
|
+ description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Volume represents a named volume in a pod that may be accessed by any container in the pod.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ configMap:
|
|
|
+ description: ConfigMap represents a configMap that should populate this volume
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ defaultMode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap or its keys must be defined
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ description: 'Volume''s name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
|
|
|
+ type: string
|
|
|
+ projected:
|
|
|
+ description: Items for all in one resources secrets, configmaps, and downward API
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ defaultMode:
|
|
|
+ description: Mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ sources:
|
|
|
+ description: list of volume projections
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Projection that may be projected along with other supported volume types
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configMap:
|
|
|
+ description: information about the configMap data to project
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap or its keys must be defined
|
|
|
+ type: boolean
|
|
|
+ secret:
|
|
|
+ description: information about the secret data to project
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret or its key must be defined
|
|
|
+ type: boolean
|
|
|
+ serviceAccountToken:
|
|
|
+ description: information about the serviceAccountToken data to project
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ audience:
|
|
|
+ description: Audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
|
|
|
+ type: string
|
|
|
+ expirationSeconds:
|
|
|
+ description: ExpirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ path:
|
|
|
+ description: Path is the path relative to the mount point of the file to project the token into.
|
|
|
+ type: string
|
|
|
+ secret:
|
|
|
+ description: 'Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ defaultMode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret or its keys must be defined
|
|
|
+ type: boolean
|
|
|
+ secretName:
|
|
|
+ description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ status:
|
|
|
+ description: ConfigurationStatus communicates the observed state of the Configuration (from the controller).
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ conditions:
|
|
|
+ description: Conditions the latest available observations of a resource's current state.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - status
|
|
|
+ - type
|
|
|
+ properties:
|
|
|
+ lastTransitionTime:
|
|
|
+ description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).
|
|
|
+ type: string
|
|
|
+ format: date-time
|
|
|
+ message:
|
|
|
+ description: A human readable message indicating details about the transition.
|
|
|
+ type: string
|
|
|
+ reason:
|
|
|
+ description: The reason for the condition's last transition.
|
|
|
+ type: string
|
|
|
+ severity:
|
|
|
+ description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status of the condition, one of True, False, Unknown.
|
|
|
+ type: string
|
|
|
+ type:
|
|
|
+ description: Type of condition.
|
|
|
+ type: string
|
|
|
+ latestCreatedRevisionName:
|
|
|
+ description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
|
|
|
+ type: string
|
|
|
+ latestReadyRevisionName:
|
|
|
+ description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True".
|
|
|
+ type: string
|
|
|
+ observedGeneration:
|
|
|
+ description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: clusterdomainclaims.networking.internal.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+spec:
|
|
|
+ group: networking.internal.knative.dev
|
|
|
+ versions:
|
|
|
+ - name: v1alpha1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ type: object
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ names:
|
|
|
+ kind: ClusterDomainClaim
|
|
|
+ plural: clusterdomainclaims
|
|
|
+ singular: clusterdomainclaim
|
|
|
+ categories:
|
|
|
+ - knative-internal
|
|
|
+ - networking
|
|
|
+ shortNames:
|
|
|
+ - cdc
|
|
|
+ scope: Cluster
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: domainmappings.serving.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+spec:
|
|
|
+ group: serving.knative.dev
|
|
|
+ versions:
|
|
|
+ - name: v1beta1
|
|
|
+ served: true
|
|
|
+ storage: false
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: URL
|
|
|
+ type: string
|
|
|
+ jsonPath: .status.url
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].reason"
|
|
|
+ "schema":
|
|
|
+ "openAPIV3Schema":
|
|
|
+ description: DomainMapping is a mapping from a custom hostname to an Addressable.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - ref
|
|
|
+ properties:
|
|
|
+ ref:
|
|
|
+ description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services."
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: API version of the referent.
|
|
|
+ type: string
|
|
|
+ group:
|
|
|
+ description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.'
|
|
|
+ type: string
|
|
|
+ tls:
|
|
|
+ description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - secretName
|
|
|
+ properties:
|
|
|
+ secretName:
|
|
|
+ description: SecretName is the name of the existing secret used to terminate TLS traffic.
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ address:
|
|
|
+ description: Address holds the information needed for a DomainMapping to be the target of an event.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ url:
|
|
|
+ type: string
|
|
|
+ annotations:
|
|
|
+ description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ conditions:
|
|
|
+ description: Conditions the latest available observations of a resource's current state.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - status
|
|
|
+ - type
|
|
|
+ properties:
|
|
|
+ lastTransitionTime:
|
|
|
+ description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).
|
|
|
+ type: string
|
|
|
+ format: date-time
|
|
|
+ message:
|
|
|
+ description: A human readable message indicating details about the transition.
|
|
|
+ type: string
|
|
|
+ reason:
|
|
|
+ description: The reason for the condition's last transition.
|
|
|
+ type: string
|
|
|
+ severity:
|
|
|
+ description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status of the condition, one of True, False, Unknown.
|
|
|
+ type: string
|
|
|
+ type:
|
|
|
+ description: Type of condition.
|
|
|
+ type: string
|
|
|
+ observedGeneration:
|
|
|
+ description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ url:
|
|
|
+ description: URL is the URL of this DomainMapping.
|
|
|
+ type: string
|
|
|
+ - name: v1alpha1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ description: DomainMapping is a mapping from a custom hostname to an Addressable.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ description: 'Spec is the desired state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - ref
|
|
|
+ properties:
|
|
|
+ ref:
|
|
|
+ description: "Ref specifies the target of the Domain Mapping. \n The object identified by the Ref must be an Addressable with a URL of the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster domain, and `{name}` and `{namespace}` are the name and namespace of a Kubernetes Service. \n This contract is satisfied by Knative types such as Knative Services and Knative Routes, and by Kubernetes Services."
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - kind
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: API version of the referent.
|
|
|
+ type: string
|
|
|
+ group:
|
|
|
+ description: 'Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.'
|
|
|
+ type: string
|
|
|
+ tls:
|
|
|
+ description: TLS allows the DomainMapping to terminate TLS traffic with an existing secret.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - secretName
|
|
|
+ properties:
|
|
|
+ secretName:
|
|
|
+ description: SecretName is the name of the existing secret used to terminate TLS traffic.
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: 'Status is the current state of the DomainMapping. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ address:
|
|
|
+ description: Address holds the information needed for a DomainMapping to be the target of an event.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ url:
|
|
|
+ type: string
|
|
|
+ annotations:
|
|
|
+ description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ conditions:
|
|
|
+ description: Conditions the latest available observations of a resource's current state.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - status
|
|
|
+ - type
|
|
|
+ properties:
|
|
|
+ lastTransitionTime:
|
|
|
+ description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).
|
|
|
+ type: string
|
|
|
+ format: date-time
|
|
|
+ message:
|
|
|
+ description: A human readable message indicating details about the transition.
|
|
|
+ type: string
|
|
|
+ reason:
|
|
|
+ description: The reason for the condition's last transition.
|
|
|
+ type: string
|
|
|
+ severity:
|
|
|
+ description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status of the condition, one of True, False, Unknown.
|
|
|
+ type: string
|
|
|
+ type:
|
|
|
+ description: Type of condition.
|
|
|
+ type: string
|
|
|
+ observedGeneration:
|
|
|
+ description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ url:
|
|
|
+ description: URL is the URL of this DomainMapping.
|
|
|
+ type: string
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: URL
|
|
|
+ type: string
|
|
|
+ jsonPath: .status.url
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].reason"
|
|
|
+ names:
|
|
|
+ kind: DomainMapping
|
|
|
+ plural: domainmappings
|
|
|
+ singular: domainmapping
|
|
|
+ categories:
|
|
|
+ - all
|
|
|
+ - knative
|
|
|
+ - serving
|
|
|
+ shortNames:
|
|
|
+ - dm
|
|
|
+ scope: Namespaced
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: ingresses.networking.internal.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+spec:
|
|
|
+ group: networking.internal.knative.dev
|
|
|
+ versions:
|
|
|
+ - name: v1alpha1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ type: object
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].reason"
|
|
|
+ names:
|
|
|
+ kind: Ingress
|
|
|
+ plural: ingresses
|
|
|
+ singular: ingress
|
|
|
+ categories:
|
|
|
+ - knative-internal
|
|
|
+ - networking
|
|
|
+ shortNames:
|
|
|
+ - kingress
|
|
|
+ - king
|
|
|
+ scope: Namespaced
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: metrics.autoscaling.internal.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+spec:
|
|
|
+ group: autoscaling.internal.knative.dev
|
|
|
+ names:
|
|
|
+ kind: Metric
|
|
|
+ plural: metrics
|
|
|
+ singular: metric
|
|
|
+ categories:
|
|
|
+ - knative-internal
|
|
|
+ - autoscaling
|
|
|
+ scope: Namespaced
|
|
|
+ versions:
|
|
|
+ - name: v1alpha1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].reason"
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ description: Metric represents a resource to configure the metric collector with.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ description: Spec holds the desired state of the Metric (from the client).
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - panicWindow
|
|
|
+ - scrapeTarget
|
|
|
+ - stableWindow
|
|
|
+ properties:
|
|
|
+ panicWindow:
|
|
|
+ description: PanicWindow is the aggregation window for metrics where quick reactions are needed.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ scrapeTarget:
|
|
|
+ description: ScrapeTarget is the K8s service that publishes the metric endpoint.
|
|
|
+ type: string
|
|
|
+ stableWindow:
|
|
|
+ description: StableWindow is the aggregation window for metrics in a stable state.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ status:
|
|
|
+ description: Status communicates the observed state of the Metric (from the controller).
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ conditions:
|
|
|
+ description: Conditions the latest available observations of a resource's current state.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - status
|
|
|
+ - type
|
|
|
+ properties:
|
|
|
+ lastTransitionTime:
|
|
|
+ description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).
|
|
|
+ type: string
|
|
|
+ format: date-time
|
|
|
+ message:
|
|
|
+ description: A human readable message indicating details about the transition.
|
|
|
+ type: string
|
|
|
+ reason:
|
|
|
+ description: The reason for the condition's last transition.
|
|
|
+ type: string
|
|
|
+ severity:
|
|
|
+ description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status of the condition, one of True, False, Unknown.
|
|
|
+ type: string
|
|
|
+ type:
|
|
|
+ description: Type of condition.
|
|
|
+ type: string
|
|
|
+ observedGeneration:
|
|
|
+ description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: podautoscalers.autoscaling.internal.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+spec:
|
|
|
+ group: autoscaling.internal.knative.dev
|
|
|
+ names:
|
|
|
+ kind: PodAutoscaler
|
|
|
+ plural: podautoscalers
|
|
|
+ singular: podautoscaler
|
|
|
+ categories:
|
|
|
+ - knative-internal
|
|
|
+ - autoscaling
|
|
|
+ shortNames:
|
|
|
+ - kpa
|
|
|
+ - pa
|
|
|
+ scope: Namespaced
|
|
|
+ versions:
|
|
|
+ - name: v1alpha1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: DesiredScale
|
|
|
+ type: integer
|
|
|
+ jsonPath: ".status.desiredScale"
|
|
|
+ - name: ActualScale
|
|
|
+ type: integer
|
|
|
+ jsonPath: ".status.actualScale"
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].reason"
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ description: 'PodAutoscaler is a Knative abstraction that encapsulates the interface by which Knative components instantiate autoscalers. This definition is an abstraction that may be backed by multiple definitions. For more information, see the Knative Pluggability presentation: https://docs.google.com/presentation/d/10KWynvAJYuOEWy69VBa6bHJVCqIsz1TNdEKosNvcpPY/edit'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ description: Spec holds the desired state of the PodAutoscaler (from the client).
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - protocolType
|
|
|
+ - scaleTargetRef
|
|
|
+ properties:
|
|
|
+ containerConcurrency:
|
|
|
+ description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means unlimited concurrency.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ protocolType:
|
|
|
+ description: The application-layer protocol. Matches `ProtocolType` inferred from the revision spec.
|
|
|
+ type: string
|
|
|
+ reachability:
|
|
|
+ description: Reachability specifies whether or not the `ScaleTargetRef` can be reached (ie. has a route). Defaults to `ReachabilityUnknown`
|
|
|
+ type: string
|
|
|
+ scaleTargetRef:
|
|
|
+ description: ScaleTargetRef defines the /scale-able resource that this PodAutoscaler is responsible for quickly right-sizing.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: API version of the referent.
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status communicates the observed state of the PodAutoscaler (from the controller).
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - metricsServiceName
|
|
|
+ - serviceName
|
|
|
+ properties:
|
|
|
+ actualScale:
|
|
|
+ description: ActualScale shows the actual number of replicas for the revision.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ annotations:
|
|
|
+ description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ conditions:
|
|
|
+ description: Conditions the latest available observations of a resource's current state.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - status
|
|
|
+ - type
|
|
|
+ properties:
|
|
|
+ lastTransitionTime:
|
|
|
+ description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).
|
|
|
+ type: string
|
|
|
+ format: date-time
|
|
|
+ message:
|
|
|
+ description: A human readable message indicating details about the transition.
|
|
|
+ type: string
|
|
|
+ reason:
|
|
|
+ description: The reason for the condition's last transition.
|
|
|
+ type: string
|
|
|
+ severity:
|
|
|
+ description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status of the condition, one of True, False, Unknown.
|
|
|
+ type: string
|
|
|
+ type:
|
|
|
+ description: Type of condition.
|
|
|
+ type: string
|
|
|
+ desiredScale:
|
|
|
+ description: DesiredScale shows the current desired number of replicas for the revision.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ metricsServiceName:
|
|
|
+ description: MetricsServiceName is the K8s Service name that provides revision metrics. The service is managed by the PA object.
|
|
|
+ type: string
|
|
|
+ observedGeneration:
|
|
|
+ description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ serviceName:
|
|
|
+ description: ServiceName is the K8s Service name that serves the revision, scaled by this PA. The service is created and owned by the ServerlessService object owned by this PA.
|
|
|
+ type: string
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: revisions.serving.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+spec:
|
|
|
+ group: serving.knative.dev
|
|
|
+ names:
|
|
|
+ kind: Revision
|
|
|
+ plural: revisions
|
|
|
+ singular: revision
|
|
|
+ categories:
|
|
|
+ - all
|
|
|
+ - knative
|
|
|
+ - serving
|
|
|
+ shortNames:
|
|
|
+ - rev
|
|
|
+ scope: Namespaced
|
|
|
+ versions:
|
|
|
+ - name: v1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: Config Name
|
|
|
+ type: string
|
|
|
+ jsonPath: ".metadata.labels['serving\\.knative\\.dev/configuration']"
|
|
|
+ - name: K8s Service Name
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.serviceName"
|
|
|
+ - name: Generation
|
|
|
+ type: string
|
|
|
+ jsonPath: ".metadata.labels['serving\\.knative\\.dev/configurationGeneration']"
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].reason"
|
|
|
+ - name: Actual Replicas
|
|
|
+ type: integer
|
|
|
+ jsonPath: ".status.actualReplicas"
|
|
|
+ - name: Desired Replicas
|
|
|
+ type: integer
|
|
|
+ jsonPath: ".status.desiredReplicas"
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ description: "Revision is an immutable snapshot of code and configuration. A revision references a container image. Revisions are created by updates to a Configuration. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#revision"
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ description: RevisionSpec holds the desired state of the Revision (from the client).
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - containers
|
|
|
+ properties:
|
|
|
+ automountServiceAccountToken:
|
|
|
+ description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.
|
|
|
+ type: boolean
|
|
|
+ containerConcurrency:
|
|
|
+ description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ containers:
|
|
|
+ description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: A single application container that you want to run within a pod.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ args:
|
|
|
+ description: 'Arguments to the entrypoint. The docker image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ command:
|
|
|
+ description: 'Entrypoint array. Not executed within a shell. The docker image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ env:
|
|
|
+ description: List of environment variables to set in the container. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: EnvVar represents an environment variable present in a Container.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name of the environment variable. Must be a C_IDENTIFIER.
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
|
|
|
+ type: string
|
|
|
+ valueFrom:
|
|
|
+ description: Source for the environment variable's value. Cannot be used if value is not empty.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configMapKeyRef:
|
|
|
+ description: Selects a key of a ConfigMap.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to select.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap or its key must be defined
|
|
|
+ type: boolean
|
|
|
+ secretKeyRef:
|
|
|
+ description: Selects a key of a secret in the pod's namespace
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key of the secret to select from. Must be a valid secret key.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret or its key must be defined
|
|
|
+ type: boolean
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ envFrom:
|
|
|
+ description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: EnvFromSource represents the source of a set of ConfigMaps
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configMapRef:
|
|
|
+ description: The ConfigMap to select from
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap must be defined
|
|
|
+ type: boolean
|
|
|
+ prefix:
|
|
|
+ description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
|
|
|
+ type: string
|
|
|
+ secretRef:
|
|
|
+ description: The Secret to select from
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret must be defined
|
|
|
+ type: boolean
|
|
|
+ image:
|
|
|
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.'
|
|
|
+ type: string
|
|
|
+ imagePullPolicy:
|
|
|
+ description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
|
|
|
+ type: string
|
|
|
+ livenessProbe:
|
|
|
+ description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ exec:
|
|
|
+ description: One and only one of the following should be specified. Exec specifies the action to take.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ command:
|
|
|
+ description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ failureThreshold:
|
|
|
+ description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ httpGet:
|
|
|
+ description: HTTPGet specifies the http request to perform.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
|
|
|
+ type: string
|
|
|
+ httpHeaders:
|
|
|
+ description: Custom headers to set in the request. HTTP allows repeated headers.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: HTTPHeader describes a custom header to be used in HTTP probes
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: The header field name
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: The header field value
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path to access on the HTTP server.
|
|
|
+ type: string
|
|
|
+ scheme:
|
|
|
+ description: Scheme to use for connecting to the host. Defaults to HTTP.
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ initialDelaySeconds:
|
|
|
+ description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ periodSeconds:
|
|
|
+ description: How often (in seconds) to perform the probe.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ successThreshold:
|
|
|
+ description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ tcpSocket:
|
|
|
+ description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: 'Optional: Host name to connect to, defaults to the pod IP.'
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ timeoutSeconds:
|
|
|
+ description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ name:
|
|
|
+ description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
|
|
|
+ type: string
|
|
|
+ ports:
|
|
|
+ description: List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: ContainerPort represents a network port in a single container.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - containerPort
|
|
|
+ properties:
|
|
|
+ containerPort:
|
|
|
+ description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ name:
|
|
|
+ description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
|
|
|
+ type: string
|
|
|
+ protocol:
|
|
|
+ description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
|
|
|
+ type: string
|
|
|
+ default: TCP
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ x-kubernetes-list-map-keys:
|
|
|
+ - containerPort
|
|
|
+ - protocol
|
|
|
+ x-kubernetes-list-type: map
|
|
|
+ readinessProbe:
|
|
|
+ description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ exec:
|
|
|
+ description: One and only one of the following should be specified. Exec specifies the action to take.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ command:
|
|
|
+ description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ failureThreshold:
|
|
|
+ description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ httpGet:
|
|
|
+ description: HTTPGet specifies the http request to perform.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
|
|
|
+ type: string
|
|
|
+ httpHeaders:
|
|
|
+ description: Custom headers to set in the request. HTTP allows repeated headers.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: HTTPHeader describes a custom header to be used in HTTP probes
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: The header field name
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: The header field value
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path to access on the HTTP server.
|
|
|
+ type: string
|
|
|
+ scheme:
|
|
|
+ description: Scheme to use for connecting to the host. Defaults to HTTP.
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ initialDelaySeconds:
|
|
|
+ description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ periodSeconds:
|
|
|
+ description: How often (in seconds) to perform the probe.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ successThreshold:
|
|
|
+ description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ tcpSocket:
|
|
|
+ description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: 'Optional: Host name to connect to, defaults to the pod IP.'
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ timeoutSeconds:
|
|
|
+ description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ resources:
|
|
|
+ description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ limits:
|
|
|
+ description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
|
+ anyOf:
|
|
|
+ - type: integer
|
|
|
+ - type: string
|
|
|
+ x-kubernetes-int-or-string: true
|
|
|
+ requests:
|
|
|
+ description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
|
+ anyOf:
|
|
|
+ - type: integer
|
|
|
+ - type: string
|
|
|
+ x-kubernetes-int-or-string: true
|
|
|
+ securityContext:
|
|
|
+ description: 'Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ capabilities:
|
|
|
+ description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ drop:
|
|
|
+ description: Removed capabilities
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Capability represent POSIX capabilities type
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ readOnlyRootFilesystem:
|
|
|
+ description: Whether this container has a read-only root filesystem. Default is false.
|
|
|
+ type: boolean
|
|
|
+ runAsUser:
|
|
|
+ description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ terminationMessagePath:
|
|
|
+ description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
|
|
|
+ type: string
|
|
|
+ terminationMessagePolicy:
|
|
|
+ description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
|
|
|
+ type: string
|
|
|
+ volumeMounts:
|
|
|
+ description: Pod volumes to mount into the container's filesystem. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: VolumeMount describes a mounting of a Volume within a container.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - mountPath
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ mountPath:
|
|
|
+ description: Path within the container at which the volume should be mounted. Must not contain ':'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: This must match the Name of a Volume.
|
|
|
+ type: string
|
|
|
+ readOnly:
|
|
|
+ description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
|
|
|
+ type: boolean
|
|
|
+ subPath:
|
|
|
+ description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
|
|
|
+ type: string
|
|
|
+ workingDir:
|
|
|
+ description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ enableServiceLinks:
|
|
|
+ description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Defaults to true.'
|
|
|
+ type: boolean
|
|
|
+ imagePullSecrets:
|
|
|
+ description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ serviceAccountName:
|
|
|
+ description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
|
|
|
+ type: string
|
|
|
+ timeoutSeconds:
|
|
|
+ description: TimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin replying (send network traffic). If unspecified, a system default will be provided.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ volumes:
|
|
|
+ description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Volume represents a named volume in a pod that may be accessed by any container in the pod.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ configMap:
|
|
|
+ description: ConfigMap represents a configMap that should populate this volume
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ defaultMode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap or its keys must be defined
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ description: 'Volume''s name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
|
|
|
+ type: string
|
|
|
+ projected:
|
|
|
+ description: Items for all in one resources secrets, configmaps, and downward API
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ defaultMode:
|
|
|
+ description: Mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ sources:
|
|
|
+ description: list of volume projections
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Projection that may be projected along with other supported volume types
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configMap:
|
|
|
+ description: information about the configMap data to project
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap or its keys must be defined
|
|
|
+ type: boolean
|
|
|
+ secret:
|
|
|
+ description: information about the secret data to project
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret or its key must be defined
|
|
|
+ type: boolean
|
|
|
+ serviceAccountToken:
|
|
|
+ description: information about the serviceAccountToken data to project
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ audience:
|
|
|
+ description: Audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
|
|
|
+ type: string
|
|
|
+ expirationSeconds:
|
|
|
+ description: ExpirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ path:
|
|
|
+ description: Path is the path relative to the mount point of the file to project the token into.
|
|
|
+ type: string
|
|
|
+ secret:
|
|
|
+ description: 'Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ defaultMode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret or its keys must be defined
|
|
|
+ type: boolean
|
|
|
+ secretName:
|
|
|
+ description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ status:
|
|
|
+ description: RevisionStatus communicates the observed state of the Revision (from the controller).
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ actualReplicas:
|
|
|
+ description: ActualReplicas reflects the amount of ready pods running this revision.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ annotations:
|
|
|
+ description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ conditions:
|
|
|
+ description: Conditions the latest available observations of a resource's current state.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - status
|
|
|
+ - type
|
|
|
+ properties:
|
|
|
+ lastTransitionTime:
|
|
|
+ description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).
|
|
|
+ type: string
|
|
|
+ format: date-time
|
|
|
+ message:
|
|
|
+ description: A human readable message indicating details about the transition.
|
|
|
+ type: string
|
|
|
+ reason:
|
|
|
+ description: The reason for the condition's last transition.
|
|
|
+ type: string
|
|
|
+ severity:
|
|
|
+ description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status of the condition, one of True, False, Unknown.
|
|
|
+ type: string
|
|
|
+ type:
|
|
|
+ description: Type of condition.
|
|
|
+ type: string
|
|
|
+ containerStatuses:
|
|
|
+ description: 'ContainerStatuses is a slice of images present in .Spec.Container[*].Image to their respective digests and their container name. The digests are resolved during the creation of Revision. ContainerStatuses holds the container name and image digests for both serving and non serving containers. ref: http://bit.ly/image-digests'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: ContainerStatus holds the information of container name and image digest value
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ imageDigest:
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ desiredReplicas:
|
|
|
+ description: DesiredReplicas reflects the desired amount of pods running this revision.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ logUrl:
|
|
|
+ description: LogURL specifies the generated logging url for this particular revision based on the revision url template specified in the controller's config.
|
|
|
+ type: string
|
|
|
+ observedGeneration:
|
|
|
+ description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: routes.serving.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+ duck.knative.dev/addressable: "true"
|
|
|
+spec:
|
|
|
+ group: serving.knative.dev
|
|
|
+ names:
|
|
|
+ kind: Route
|
|
|
+ plural: routes
|
|
|
+ singular: route
|
|
|
+ categories:
|
|
|
+ - all
|
|
|
+ - knative
|
|
|
+ - serving
|
|
|
+ shortNames:
|
|
|
+ - rt
|
|
|
+ scope: Namespaced
|
|
|
+ versions:
|
|
|
+ - name: v1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: URL
|
|
|
+ type: string
|
|
|
+ jsonPath: .status.url
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].reason"
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ description: 'Route is responsible for configuring ingress over a collection of Revisions. Some of the Revisions a Route distributes traffic over may be specified by referencing the Configuration responsible for creating them; in these cases the Route is additionally responsible for monitoring the Configuration for "latest ready revision" changes, and smoothly rolling out latest revisions. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#route'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ description: Spec holds the desired state of the Route (from the client).
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ traffic:
|
|
|
+ description: Traffic specifies how to distribute traffic over a collection of revisions and configurations.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: TrafficTarget holds a single entry of the routing table for a Route.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configurationName:
|
|
|
+ description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName.
|
|
|
+ type: string
|
|
|
+ latestRevision:
|
|
|
+ description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
|
|
|
+ type: boolean
|
|
|
+ percent:
|
|
|
+ description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration'
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ revisionName:
|
|
|
+ description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
|
|
|
+ type: string
|
|
|
+ tag:
|
|
|
+ description: Tag is optionally used to expose a dedicated url for referencing this target exclusively.
|
|
|
+ type: string
|
|
|
+ url:
|
|
|
+ description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status communicates the observed state of the Route (from the controller).
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ address:
|
|
|
+ description: Address holds the information needed for a Route to be the target of an event.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ url:
|
|
|
+ type: string
|
|
|
+ annotations:
|
|
|
+ description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ conditions:
|
|
|
+ description: Conditions the latest available observations of a resource's current state.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - status
|
|
|
+ - type
|
|
|
+ properties:
|
|
|
+ lastTransitionTime:
|
|
|
+ description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).
|
|
|
+ type: string
|
|
|
+ format: date-time
|
|
|
+ message:
|
|
|
+ description: A human readable message indicating details about the transition.
|
|
|
+ type: string
|
|
|
+ reason:
|
|
|
+ description: The reason for the condition's last transition.
|
|
|
+ type: string
|
|
|
+ severity:
|
|
|
+ description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status of the condition, one of True, False, Unknown.
|
|
|
+ type: string
|
|
|
+ type:
|
|
|
+ description: Type of condition.
|
|
|
+ type: string
|
|
|
+ observedGeneration:
|
|
|
+ description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ traffic:
|
|
|
+ description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: TrafficTarget holds a single entry of the routing table for a Route.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configurationName:
|
|
|
+ description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName.
|
|
|
+ type: string
|
|
|
+ latestRevision:
|
|
|
+ description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
|
|
|
+ type: boolean
|
|
|
+ percent:
|
|
|
+ description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration'
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ revisionName:
|
|
|
+ description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
|
|
|
+ type: string
|
|
|
+ tag:
|
|
|
+ description: Tag is optionally used to expose a dedicated url for referencing this target exclusively.
|
|
|
+ type: string
|
|
|
+ url:
|
|
|
+ description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
|
|
|
+ type: string
|
|
|
+ url:
|
|
|
+ description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix}
|
|
|
+ type: string
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: serverlessservices.networking.internal.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+spec:
|
|
|
+ group: networking.internal.knative.dev
|
|
|
+ versions:
|
|
|
+ - name: v1alpha1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ type: object
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: Mode
|
|
|
+ type: string
|
|
|
+ jsonPath: ".spec.mode"
|
|
|
+ - name: Activators
|
|
|
+ type: integer
|
|
|
+ jsonPath: ".spec.numActivators"
|
|
|
+ - name: ServiceName
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.serviceName"
|
|
|
+ - name: PrivateServiceName
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.privateServiceName"
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].reason"
|
|
|
+ names:
|
|
|
+ kind: ServerlessService
|
|
|
+ plural: serverlessservices
|
|
|
+ singular: serverlessservice
|
|
|
+ categories:
|
|
|
+ - knative-internal
|
|
|
+ - networking
|
|
|
+ shortNames:
|
|
|
+ - sks
|
|
|
+ scope: Namespaced
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+# Note: The schema part of the spec is auto-generated by hack/update-schemas.sh.
|
|
|
+
|
|
|
+apiVersion: apiextensions.k8s.io/v1
|
|
|
+kind: CustomResourceDefinition
|
|
|
+metadata:
|
|
|
+ name: services.serving.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ knative.dev/crd-install: "true"
|
|
|
+ duck.knative.dev/addressable: "true"
|
|
|
+ duck.knative.dev/podspecable: "true"
|
|
|
+spec:
|
|
|
+ group: serving.knative.dev
|
|
|
+ names:
|
|
|
+ kind: Service
|
|
|
+ plural: services
|
|
|
+ singular: service
|
|
|
+ categories:
|
|
|
+ - all
|
|
|
+ - knative
|
|
|
+ - serving
|
|
|
+ shortNames:
|
|
|
+ - kservice
|
|
|
+ - ksvc
|
|
|
+ scope: Namespaced
|
|
|
+ versions:
|
|
|
+ - name: v1
|
|
|
+ served: true
|
|
|
+ storage: true
|
|
|
+ subresources:
|
|
|
+ status: {}
|
|
|
+ additionalPrinterColumns:
|
|
|
+ - name: URL
|
|
|
+ type: string
|
|
|
+ jsonPath: .status.url
|
|
|
+ - name: LatestCreated
|
|
|
+ type: string
|
|
|
+ jsonPath: .status.latestCreatedRevisionName
|
|
|
+ - name: LatestReady
|
|
|
+ type: string
|
|
|
+ jsonPath: .status.latestReadyRevisionName
|
|
|
+ - name: Ready
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].status"
|
|
|
+ - name: Reason
|
|
|
+ type: string
|
|
|
+ jsonPath: ".status.conditions[?(@.type=='Ready')].reason"
|
|
|
+ schema:
|
|
|
+ openAPIV3Schema:
|
|
|
+ description: "Service acts as a top-level container that manages a Route and Configuration which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets), and its usage is optional but recommended. \n The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. \n See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#service"
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ apiVersion:
|
|
|
+ description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
|
+ type: string
|
|
|
+ kind:
|
|
|
+ description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
|
+ type: string
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ spec:
|
|
|
+ description: ServiceSpec represents the configuration for the Service object. A Service's specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate "run latest" spec.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ template:
|
|
|
+ description: Template holds the latest specification for the Revision to be stamped out.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ metadata:
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ annotations:
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ finalizers:
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ labels:
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ type: string
|
|
|
+ namespace:
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ spec:
|
|
|
+ description: RevisionSpec holds the desired state of the Revision (from the client).
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - containers
|
|
|
+ properties:
|
|
|
+ automountServiceAccountToken:
|
|
|
+ description: AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.
|
|
|
+ type: boolean
|
|
|
+ containerConcurrency:
|
|
|
+ description: ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to `0` which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ containers:
|
|
|
+ description: List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: A single application container that you want to run within a pod.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ args:
|
|
|
+ description: 'Arguments to the entrypoint. The docker image''s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ command:
|
|
|
+ description: 'Entrypoint array. Not executed within a shell. The docker image''s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container''s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ env:
|
|
|
+ description: List of environment variables to set in the container. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: EnvVar represents an environment variable present in a Container.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: Name of the environment variable. Must be a C_IDENTIFIER.
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".'
|
|
|
+ type: string
|
|
|
+ valueFrom:
|
|
|
+ description: Source for the environment variable's value. Cannot be used if value is not empty.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configMapKeyRef:
|
|
|
+ description: Selects a key of a ConfigMap.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to select.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap or its key must be defined
|
|
|
+ type: boolean
|
|
|
+ secretKeyRef:
|
|
|
+ description: Selects a key of a secret in the pod's namespace
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key of the secret to select from. Must be a valid secret key.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret or its key must be defined
|
|
|
+ type: boolean
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ envFrom:
|
|
|
+ description: List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: EnvFromSource represents the source of a set of ConfigMaps
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configMapRef:
|
|
|
+ description: The ConfigMap to select from
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap must be defined
|
|
|
+ type: boolean
|
|
|
+ prefix:
|
|
|
+ description: An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.
|
|
|
+ type: string
|
|
|
+ secretRef:
|
|
|
+ description: The Secret to select from
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret must be defined
|
|
|
+ type: boolean
|
|
|
+ image:
|
|
|
+ description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.'
|
|
|
+ type: string
|
|
|
+ imagePullPolicy:
|
|
|
+ description: 'Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
|
|
|
+ type: string
|
|
|
+ livenessProbe:
|
|
|
+ description: 'Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ exec:
|
|
|
+ description: One and only one of the following should be specified. Exec specifies the action to take.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ command:
|
|
|
+ description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ failureThreshold:
|
|
|
+ description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ httpGet:
|
|
|
+ description: HTTPGet specifies the http request to perform.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
|
|
|
+ type: string
|
|
|
+ httpHeaders:
|
|
|
+ description: Custom headers to set in the request. HTTP allows repeated headers.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: HTTPHeader describes a custom header to be used in HTTP probes
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: The header field name
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: The header field value
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path to access on the HTTP server.
|
|
|
+ type: string
|
|
|
+ scheme:
|
|
|
+ description: Scheme to use for connecting to the host. Defaults to HTTP.
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ initialDelaySeconds:
|
|
|
+ description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ periodSeconds:
|
|
|
+ description: How often (in seconds) to perform the probe.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ successThreshold:
|
|
|
+ description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ tcpSocket:
|
|
|
+ description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: 'Optional: Host name to connect to, defaults to the pod IP.'
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ timeoutSeconds:
|
|
|
+ description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ name:
|
|
|
+ description: Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.
|
|
|
+ type: string
|
|
|
+ ports:
|
|
|
+ description: List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: ContainerPort represents a network port in a single container.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - containerPort
|
|
|
+ properties:
|
|
|
+ containerPort:
|
|
|
+ description: Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ name:
|
|
|
+ description: If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.
|
|
|
+ type: string
|
|
|
+ protocol:
|
|
|
+ description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP".
|
|
|
+ type: string
|
|
|
+ default: TCP
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ x-kubernetes-list-map-keys:
|
|
|
+ - containerPort
|
|
|
+ - protocol
|
|
|
+ x-kubernetes-list-type: map
|
|
|
+ readinessProbe:
|
|
|
+ description: 'Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ exec:
|
|
|
+ description: One and only one of the following should be specified. Exec specifies the action to take.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ command:
|
|
|
+ description: Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ type: string
|
|
|
+ failureThreshold:
|
|
|
+ description: Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ httpGet:
|
|
|
+ description: HTTPGet specifies the http request to perform.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.
|
|
|
+ type: string
|
|
|
+ httpHeaders:
|
|
|
+ description: Custom headers to set in the request. HTTP allows repeated headers.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: HTTPHeader describes a custom header to be used in HTTP probes
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ - value
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: The header field name
|
|
|
+ type: string
|
|
|
+ value:
|
|
|
+ description: The header field value
|
|
|
+ type: string
|
|
|
+ path:
|
|
|
+ description: Path to access on the HTTP server.
|
|
|
+ type: string
|
|
|
+ scheme:
|
|
|
+ description: Scheme to use for connecting to the host. Defaults to HTTP.
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ initialDelaySeconds:
|
|
|
+ description: 'Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ periodSeconds:
|
|
|
+ description: How often (in seconds) to perform the probe.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ successThreshold:
|
|
|
+ description: Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ tcpSocket:
|
|
|
+ description: 'TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ host:
|
|
|
+ description: 'Optional: Host name to connect to, defaults to the pod IP.'
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ timeoutSeconds:
|
|
|
+ description: 'Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ resources:
|
|
|
+ description: 'Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ limits:
|
|
|
+ description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
|
+ anyOf:
|
|
|
+ - type: integer
|
|
|
+ - type: string
|
|
|
+ x-kubernetes-int-or-string: true
|
|
|
+ requests:
|
|
|
+ description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
|
+ anyOf:
|
|
|
+ - type: integer
|
|
|
+ - type: string
|
|
|
+ x-kubernetes-int-or-string: true
|
|
|
+ securityContext:
|
|
|
+ description: 'Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ capabilities:
|
|
|
+ description: The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ drop:
|
|
|
+ description: Removed capabilities
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Capability represent POSIX capabilities type
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ readOnlyRootFilesystem:
|
|
|
+ description: Whether this container has a read-only root filesystem. Default is false.
|
|
|
+ type: boolean
|
|
|
+ runAsUser:
|
|
|
+ description: The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ terminationMessagePath:
|
|
|
+ description: 'Optional: Path at which the file to which the container''s termination message will be written is mounted into the container''s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.'
|
|
|
+ type: string
|
|
|
+ terminationMessagePolicy:
|
|
|
+ description: Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
|
|
|
+ type: string
|
|
|
+ volumeMounts:
|
|
|
+ description: Pod volumes to mount into the container's filesystem. Cannot be updated.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: VolumeMount describes a mounting of a Volume within a container.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - mountPath
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ mountPath:
|
|
|
+ description: Path within the container at which the volume should be mounted. Must not contain ':'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: This must match the Name of a Volume.
|
|
|
+ type: string
|
|
|
+ readOnly:
|
|
|
+ description: Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
|
|
|
+ type: boolean
|
|
|
+ subPath:
|
|
|
+ description: Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).
|
|
|
+ type: string
|
|
|
+ workingDir:
|
|
|
+ description: Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated.
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ enableServiceLinks:
|
|
|
+ description: 'EnableServiceLinks indicates whether information about services should be injected into pod''s environment variables, matching the syntax of Docker links. Optional: Defaults to true.'
|
|
|
+ type: boolean
|
|
|
+ imagePullSecrets:
|
|
|
+ description: 'ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. For example, in the case of docker, only DockerConfig type secrets are honored. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ serviceAccountName:
|
|
|
+ description: 'ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
|
|
|
+ type: string
|
|
|
+ timeoutSeconds:
|
|
|
+ description: TimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin replying (send network traffic). If unspecified, a system default will be provided.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ volumes:
|
|
|
+ description: 'List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes'
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Volume represents a named volume in a pod that may be accessed by any container in the pod.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - name
|
|
|
+ properties:
|
|
|
+ configMap:
|
|
|
+ description: ConfigMap represents a configMap that should populate this volume
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ defaultMode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap or its keys must be defined
|
|
|
+ type: boolean
|
|
|
+ name:
|
|
|
+ description: 'Volume''s name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
|
|
|
+ type: string
|
|
|
+ projected:
|
|
|
+ description: Items for all in one resources secrets, configmaps, and downward API
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ defaultMode:
|
|
|
+ description: Mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ sources:
|
|
|
+ description: list of volume projections
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Projection that may be projected along with other supported volume types
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configMap:
|
|
|
+ description: information about the configMap data to project
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the ConfigMap or its keys must be defined
|
|
|
+ type: boolean
|
|
|
+ secret:
|
|
|
+ description: information about the secret data to project
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ name:
|
|
|
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret or its key must be defined
|
|
|
+ type: boolean
|
|
|
+ serviceAccountToken:
|
|
|
+ description: information about the serviceAccountToken data to project
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ audience:
|
|
|
+ description: Audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.
|
|
|
+ type: string
|
|
|
+ expirationSeconds:
|
|
|
+ description: ExpirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ path:
|
|
|
+ description: Path is the path relative to the mount point of the file to project the token into.
|
|
|
+ type: string
|
|
|
+ secret:
|
|
|
+ description: 'Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ defaultMode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ items:
|
|
|
+ description: If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: Maps a string key to a path within a volume.
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - key
|
|
|
+ - path
|
|
|
+ properties:
|
|
|
+ key:
|
|
|
+ description: The key to project.
|
|
|
+ type: string
|
|
|
+ mode:
|
|
|
+ description: 'Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.'
|
|
|
+ type: integer
|
|
|
+ format: int32
|
|
|
+ path:
|
|
|
+ description: The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.
|
|
|
+ type: string
|
|
|
+ optional:
|
|
|
+ description: Specify whether the Secret or its keys must be defined
|
|
|
+ type: boolean
|
|
|
+ secretName:
|
|
|
+ description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
|
|
|
+ type: string
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ x-kubernetes-preserve-unknown-fields: true
|
|
|
+ traffic:
|
|
|
+ description: Traffic specifies how to distribute traffic over a collection of revisions and configurations.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: TrafficTarget holds a single entry of the routing table for a Route.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configurationName:
|
|
|
+ description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName.
|
|
|
+ type: string
|
|
|
+ latestRevision:
|
|
|
+ description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
|
|
|
+ type: boolean
|
|
|
+ percent:
|
|
|
+ description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration'
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ revisionName:
|
|
|
+ description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
|
|
|
+ type: string
|
|
|
+ tag:
|
|
|
+ description: Tag is optionally used to expose a dedicated url for referencing this target exclusively.
|
|
|
+ type: string
|
|
|
+ url:
|
|
|
+ description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: ServiceStatus represents the Status stanza of the Service resource.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ address:
|
|
|
+ description: Address holds the information needed for a Route to be the target of an event.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ url:
|
|
|
+ type: string
|
|
|
+ annotations:
|
|
|
+ description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.
|
|
|
+ type: object
|
|
|
+ additionalProperties:
|
|
|
+ type: string
|
|
|
+ conditions:
|
|
|
+ description: Conditions the latest available observations of a resource's current state.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: 'Condition defines a readiness condition for a Knative resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
|
|
|
+ type: object
|
|
|
+ required:
|
|
|
+ - status
|
|
|
+ - type
|
|
|
+ properties:
|
|
|
+ lastTransitionTime:
|
|
|
+ description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).
|
|
|
+ type: string
|
|
|
+ format: date-time
|
|
|
+ message:
|
|
|
+ description: A human readable message indicating details about the transition.
|
|
|
+ type: string
|
|
|
+ reason:
|
|
|
+ description: The reason for the condition's last transition.
|
|
|
+ type: string
|
|
|
+ severity:
|
|
|
+ description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.
|
|
|
+ type: string
|
|
|
+ status:
|
|
|
+ description: Status of the condition, one of True, False, Unknown.
|
|
|
+ type: string
|
|
|
+ type:
|
|
|
+ description: Type of condition.
|
|
|
+ type: string
|
|
|
+ latestCreatedRevisionName:
|
|
|
+ description: LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName.
|
|
|
+ type: string
|
|
|
+ latestReadyRevisionName:
|
|
|
+ description: LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its "Ready" condition become "True".
|
|
|
+ type: string
|
|
|
+ observedGeneration:
|
|
|
+ description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller.
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ traffic:
|
|
|
+ description: Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.
|
|
|
+ type: array
|
|
|
+ items:
|
|
|
+ description: TrafficTarget holds a single entry of the routing table for a Route.
|
|
|
+ type: object
|
|
|
+ properties:
|
|
|
+ configurationName:
|
|
|
+ description: ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName.
|
|
|
+ type: string
|
|
|
+ latestRevision:
|
|
|
+ description: LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.
|
|
|
+ type: boolean
|
|
|
+ percent:
|
|
|
+ description: 'Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. `0` (zero) mean no traffic, `100` means all traffic. When percentage based routing is being used the follow rules apply: - the sum of all percent values must equal 100 - when not specified, the implied value for `percent` is zero for that particular Revision or Configuration'
|
|
|
+ type: integer
|
|
|
+ format: int64
|
|
|
+ revisionName:
|
|
|
+ description: RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.
|
|
|
+ type: string
|
|
|
+ tag:
|
|
|
+ description: Tag is optionally used to expose a dedicated url for referencing this target exclusively.
|
|
|
+ type: string
|
|
|
+ url:
|
|
|
+ description: URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)
|
|
|
+ type: string
|
|
|
+ url:
|
|
|
+ description: URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix}
|
|
|
+ type: string
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: caching.internal.knative.dev/v1alpha1
|
|
|
+kind: Image
|
|
|
+metadata:
|
|
|
+ name: queue-proxy
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: queue-proxy
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+
|
|
|
+
|
|
|
+ image: registry.cn-beijing.aliyuncs.com/dotbalo/queue:v0.26
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-autoscaler
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: autoscaler
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "604cb513"
|
|
|
+data:
|
|
|
+ _example: |
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ container-concurrency-target-percentage: "70"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ container-concurrency-target-default: "100"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ requests-per-second-target-default: "200"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ target-burst-capacity: "200"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ stable-window: "60s"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ panic-window-percentage: "10.0"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ panic-threshold-percentage: "200.0"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ max-scale-up-rate: "1000.0"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ max-scale-down-rate: "2.0"
|
|
|
+
|
|
|
+
|
|
|
+ enable-scale-to-zero: "true"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ scale-to-zero-grace-period: "30s"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ scale-to-zero-pod-retention-period: "0s"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ pod-autoscaler-class: "kpa.autoscaling.knative.dev"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ activator-capacity: "100.0"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ initial-scale: "1"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ allow-zero-initial-scale: "false"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ max-scale: "0"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ scale-down-delay: "0s"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ max-scale-limit: "0"
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-defaults
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "cdabec96"
|
|
|
+data:
|
|
|
+ _example: |
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ revision-timeout-seconds: "300"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ max-revision-timeout-seconds: "600"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ revision-cpu-request: "400m"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ revision-memory-request: "100M"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ revision-ephemeral-storage-request: "500M"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ revision-cpu-limit: "1000m"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ revision-memory-limit: "200M"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ revision-ephemeral-storage-limit: "750M"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ container-name-template: "user-container"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ container-concurrency: "0"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ container-concurrency-max-limit: "1000"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ allow-container-concurrency-zero: "true"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ enable-service-links: "false"
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-deployment
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "9448bd0c"
|
|
|
+data:
|
|
|
+
|
|
|
+
|
|
|
+ queueSidecarImage: registry.cn-beijing.aliyuncs.com/dotbalo/queue:v0.26
|
|
|
+ _example: |-
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ registriesSkippingTagResolving: "kind.local,ko.local,dev.local"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ digestResolutionTimeout: "10s"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ progressDeadline: "600s"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ queueSidecarCPURequest: "25m"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ queueSidecarCPULimit: "1000m"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ queueSidecarMemoryRequest: "400Mi"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ queueSidecarMemoryLimit: "800Mi"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ queueSidecarEphemeralStorageRequest: "512Mi"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ queueSidecarEphemeralStorageLimit: "1024Mi"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ concurrencyStateEndpoint: ""
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-domain
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "81552d0b"
|
|
|
+data:
|
|
|
+ _example: |
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ example.com: |
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ example.org: |
|
|
|
+ selector:
|
|
|
+ app: nonprofit
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ svc.cluster.local: |
|
|
|
+ selector:
|
|
|
+ app: secret
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-features
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "5b8c26fe"
|
|
|
+data:
|
|
|
+ _example: |-
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ multi-container: "enabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.podspec-affinity: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.podspec-hostaliases: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.podspec-nodeselector: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.podspec-tolerations: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.podspec-fieldref: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.podspec-runtimeclassname: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.podspec-securitycontext: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.podspec-priorityclassname: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.containerspec-addcapabilities: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.podspec-dryrun: "allowed"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ tag-header-based-routing: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ autodetect-http2: "disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ kubernetes.podspec-volumes-emptydir: "disabled"
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-gc
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "51b4d68a"
|
|
|
+data:
|
|
|
+ _example: |
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ retain-since-create-time: "48h"
|
|
|
+
|
|
|
+
|
|
|
+ retain-since-last-active-time: "15h"
|
|
|
+
|
|
|
+
|
|
|
+ min-non-active-revisions: "20"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ max-non-active-revisions: "1000"
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-leader-election
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "96896b00"
|
|
|
+data:
|
|
|
+ _example: |
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ leaseDuration: "15s"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ renewDeadline: "10s"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ retryPeriod: "2s"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ buckets: "1"
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-logging
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "c68feb1b"
|
|
|
+data:
|
|
|
+ _example: |
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ zap-logger-config: |
|
|
|
+ {
|
|
|
+ "level": "info",
|
|
|
+ "development": false,
|
|
|
+ "outputPaths": ["stdout"],
|
|
|
+ "errorOutputPaths": ["stderr"],
|
|
|
+ "encoding": "json",
|
|
|
+ "encoderConfig": {
|
|
|
+ "timeKey": "timestamp",
|
|
|
+ "levelKey": "severity",
|
|
|
+ "nameKey": "logger",
|
|
|
+ "callerKey": "caller",
|
|
|
+ "messageKey": "message",
|
|
|
+ "stacktraceKey": "stacktrace",
|
|
|
+ "lineEnding": "",
|
|
|
+ "levelEncoder": "",
|
|
|
+ "timeEncoder": "iso8601",
|
|
|
+ "durationEncoder": "",
|
|
|
+ "callerEncoder": ""
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ loglevel.controller: "info"
|
|
|
+ loglevel.autoscaler: "info"
|
|
|
+ loglevel.queueproxy: "info"
|
|
|
+ loglevel.webhook: "info"
|
|
|
+ loglevel.activator: "info"
|
|
|
+ loglevel.hpaautoscaler: "info"
|
|
|
+ loglevel.net-certmanager-controller: "info"
|
|
|
+ loglevel.net-istio-controller: "info"
|
|
|
+ loglevel.net-nscert-controller: "info"
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-network
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "325e5f98"
|
|
|
+data:
|
|
|
+ _example: |
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ ingress.class: "istio.ingress.networking.knative.dev"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ certificate.class: "cert-manager.certificate.networking.knative.dev"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ domainTemplate: "{{.Name}}.{{.Namespace}}.{{.Domain}}"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ tagTemplate: "{{.Tag}}-{{.Name}}"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ autoTLS: "Disabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ httpProtocol: "Enabled"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ rolloutDuration: "0"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ autocreateClusterDomainClaims: "false"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ enable-mesh-pod-addressability: "false"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ mesh-compatibility-mode: "auto"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ defaultExternalScheme: "http"
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-observability
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "fed4756e"
|
|
|
+data:
|
|
|
+ _example: |
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ logging.enable-var-log-collection: "false"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ logging.revision-url-template: "http://logging.example.com/?revisionUID=${REVISION_UID}"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}'
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ logging.enable-request-log: "false"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ logging.enable-probe-request-log: "false"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ metrics.backend-destination: prometheus
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ metrics.request-metrics-backend-destination: prometheus
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ profiling.enable: "false"
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2019 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: ConfigMap
|
|
|
+metadata:
|
|
|
+ name: config-tracing
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ annotations:
|
|
|
+ knative.dev/example-checksum: "26614636"
|
|
|
+data:
|
|
|
+ _example: |
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ backend: "none"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans"
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ debug: "false"
|
|
|
+
|
|
|
+
|
|
|
+ sample-rate: "0.1"
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: autoscaling/v2beta2
|
|
|
+kind: HorizontalPodAutoscaler
|
|
|
+metadata:
|
|
|
+ name: activator
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: activator
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+ minReplicas: 1
|
|
|
+ maxReplicas: 20
|
|
|
+ scaleTargetRef:
|
|
|
+ apiVersion: apps/v1
|
|
|
+ kind: Deployment
|
|
|
+ name: activator
|
|
|
+ metrics:
|
|
|
+ - type: Resource
|
|
|
+ resource:
|
|
|
+ name: cpu
|
|
|
+ target:
|
|
|
+ type: Utilization
|
|
|
+
|
|
|
+ averageUtilization: 100
|
|
|
+---
|
|
|
+# Activator PDB. Currently we permit unavailability of 20% of tasks at the same time.
|
|
|
+# Given the subsetting and that the activators are partially stateful systems, we want
|
|
|
+# a slow rollout of the new versions and slow migration during node upgrades.
|
|
|
+apiVersion: policy/v1beta1
|
|
|
+kind: PodDisruptionBudget
|
|
|
+metadata:
|
|
|
+ name: activator-pdb
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: activator
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+ minAvailable: 80%
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app: activator
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ name: activator
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: activator
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app: activator
|
|
|
+ role: activator
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ annotations:
|
|
|
+ cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
|
|
|
+ labels:
|
|
|
+ app: activator
|
|
|
+ role: activator
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: activator
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ spec:
|
|
|
+ serviceAccountName: controller
|
|
|
+ containers:
|
|
|
+ - name: activator
|
|
|
+
|
|
|
+
|
|
|
+ image: registry.cn-beijing.aliyuncs.com/dotbalo/activator:v0.26
|
|
|
+
|
|
|
+
|
|
|
+ resources:
|
|
|
+ requests:
|
|
|
+ cpu: 300m
|
|
|
+ memory: 60Mi
|
|
|
+ limits:
|
|
|
+ cpu: 1000m
|
|
|
+ memory: 600Mi
|
|
|
+ env:
|
|
|
+
|
|
|
+ - name: GOGC
|
|
|
+ value: "500"
|
|
|
+ - name: POD_NAME
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.name
|
|
|
+ - name: POD_IP
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: status.podIP
|
|
|
+ - name: SYSTEM_NAMESPACE
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.namespace
|
|
|
+ - name: CONFIG_LOGGING_NAME
|
|
|
+ value: config-logging
|
|
|
+ - name: CONFIG_OBSERVABILITY_NAME
|
|
|
+ value: config-observability
|
|
|
+
|
|
|
+ - name: METRICS_DOMAIN
|
|
|
+ value: knative.dev/internal/serving
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - all
|
|
|
+ ports:
|
|
|
+ - name: metrics
|
|
|
+ containerPort: 9090
|
|
|
+ - name: profiling
|
|
|
+ containerPort: 8008
|
|
|
+ - name: http1
|
|
|
+ containerPort: 8012
|
|
|
+ - name: h2c
|
|
|
+ containerPort: 8013
|
|
|
+ readinessProbe:
|
|
|
+ httpGet:
|
|
|
+ port: 8012
|
|
|
+ httpHeaders:
|
|
|
+ - name: k-kubelet-probe
|
|
|
+ value: "activator"
|
|
|
+ failureThreshold: 12
|
|
|
+ livenessProbe:
|
|
|
+ httpGet:
|
|
|
+ port: 8012
|
|
|
+ httpHeaders:
|
|
|
+ - name: k-kubelet-probe
|
|
|
+ value: "activator"
|
|
|
+ failureThreshold: 12
|
|
|
+ initialDelaySeconds: 15
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ terminationGracePeriodSeconds: 600
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ name: activator-service
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ app: activator
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: activator
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ app: activator
|
|
|
+ ports:
|
|
|
+
|
|
|
+ - name: http-metrics
|
|
|
+ port: 9090
|
|
|
+ targetPort: 9090
|
|
|
+ - name: http-profiling
|
|
|
+ port: 8008
|
|
|
+ targetPort: 8008
|
|
|
+ - name: http
|
|
|
+ port: 80
|
|
|
+ targetPort: 8012
|
|
|
+ - name: http2
|
|
|
+ port: 81
|
|
|
+ targetPort: 8013
|
|
|
+ type: ClusterIP
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ name: autoscaler
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: autoscaler
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+spec:
|
|
|
+ replicas: 1
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app: autoscaler
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ annotations:
|
|
|
+ cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
|
|
|
+ labels:
|
|
|
+ app: autoscaler
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: autoscaler
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ spec:
|
|
|
+
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - podAffinityTerm:
|
|
|
+ labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app: autoscaler
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ weight: 100
|
|
|
+ serviceAccountName: controller
|
|
|
+ containers:
|
|
|
+ - name: autoscaler
|
|
|
+
|
|
|
+
|
|
|
+ image: registry.cn-beijing.aliyuncs.com/dotbalo/autoscaler:v0.26
|
|
|
+ resources:
|
|
|
+ requests:
|
|
|
+ cpu: 100m
|
|
|
+ memory: 100Mi
|
|
|
+ limits:
|
|
|
+ cpu: 1000m
|
|
|
+ memory: 1000Mi
|
|
|
+ env:
|
|
|
+ - name: POD_NAME
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.name
|
|
|
+ - name: POD_IP
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: status.podIP
|
|
|
+ - name: SYSTEM_NAMESPACE
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.namespace
|
|
|
+ - name: CONFIG_LOGGING_NAME
|
|
|
+ value: config-logging
|
|
|
+ - name: CONFIG_OBSERVABILITY_NAME
|
|
|
+ value: config-observability
|
|
|
+
|
|
|
+ - name: METRICS_DOMAIN
|
|
|
+ value: knative.dev/serving
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - all
|
|
|
+ ports:
|
|
|
+ - name: metrics
|
|
|
+ containerPort: 9090
|
|
|
+ - name: profiling
|
|
|
+ containerPort: 8008
|
|
|
+ - name: websocket
|
|
|
+ containerPort: 8080
|
|
|
+ readinessProbe:
|
|
|
+ httpGet:
|
|
|
+ port: 8080
|
|
|
+ httpHeaders:
|
|
|
+ - name: k-kubelet-probe
|
|
|
+ value: "autoscaler"
|
|
|
+ livenessProbe:
|
|
|
+ httpGet:
|
|
|
+ port: 8080
|
|
|
+ httpHeaders:
|
|
|
+ - name: k-kubelet-probe
|
|
|
+ value: "autoscaler"
|
|
|
+ failureThreshold: 6
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app: autoscaler
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: autoscaler
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ name: autoscaler
|
|
|
+ namespace: knative-serving
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+
|
|
|
+ - name: http-metrics
|
|
|
+ port: 9090
|
|
|
+ targetPort: 9090
|
|
|
+ - name: http-profiling
|
|
|
+ port: 8008
|
|
|
+ targetPort: 8008
|
|
|
+ - name: http
|
|
|
+ port: 8080
|
|
|
+ targetPort: 8080
|
|
|
+ selector:
|
|
|
+ app: autoscaler
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ name: controller
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: controller
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app: controller
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ annotations:
|
|
|
+ cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
|
|
|
+ labels:
|
|
|
+ app: controller
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: controller
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ spec:
|
|
|
+
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - podAffinityTerm:
|
|
|
+ labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app: controller
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ weight: 100
|
|
|
+ serviceAccountName: controller
|
|
|
+ containers:
|
|
|
+ - name: controller
|
|
|
+
|
|
|
+
|
|
|
+ image: registry.cn-beijing.aliyuncs.com/dotbalo/controller:v0.26
|
|
|
+ resources:
|
|
|
+ requests:
|
|
|
+ cpu: 100m
|
|
|
+ memory: 100Mi
|
|
|
+ limits:
|
|
|
+ cpu: 1000m
|
|
|
+ memory: 1000Mi
|
|
|
+ env:
|
|
|
+ - name: POD_NAME
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.name
|
|
|
+ - name: SYSTEM_NAMESPACE
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.namespace
|
|
|
+ - name: CONFIG_LOGGING_NAME
|
|
|
+ value: config-logging
|
|
|
+ - name: CONFIG_OBSERVABILITY_NAME
|
|
|
+ value: config-observability
|
|
|
+
|
|
|
+ - name: METRICS_DOMAIN
|
|
|
+ value: knative.dev/internal/serving
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - all
|
|
|
+ ports:
|
|
|
+ - name: metrics
|
|
|
+ containerPort: 9090
|
|
|
+ - name: profiling
|
|
|
+ containerPort: 8008
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ app: controller
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: controller
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ name: controller
|
|
|
+ namespace: knative-serving
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+
|
|
|
+ - name: http-metrics
|
|
|
+ port: 9090
|
|
|
+ targetPort: 9090
|
|
|
+ - name: http-profiling
|
|
|
+ port: 8008
|
|
|
+ targetPort: 8008
|
|
|
+ selector:
|
|
|
+ app: controller
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ name: domain-mapping
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: domain-mapping
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app: domain-mapping
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ annotations:
|
|
|
+ cluster-autoscaler.kubernetes.io/safe-to-evict: "true"
|
|
|
+ labels:
|
|
|
+ app: domain-mapping
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: domain-mapping
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ spec:
|
|
|
+
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - podAffinityTerm:
|
|
|
+ labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app: domain-mapping
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ weight: 100
|
|
|
+ serviceAccountName: controller
|
|
|
+ containers:
|
|
|
+ - name: domain-mapping
|
|
|
+
|
|
|
+
|
|
|
+ image: registry.cn-beijing.aliyuncs.com/dotbalo/domain-mapping:v0.26
|
|
|
+ resources:
|
|
|
+ requests:
|
|
|
+ cpu: 30m
|
|
|
+ memory: 40Mi
|
|
|
+ limits:
|
|
|
+ cpu: 300m
|
|
|
+ memory: 400Mi
|
|
|
+ env:
|
|
|
+ - name: SYSTEM_NAMESPACE
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.namespace
|
|
|
+ - name: CONFIG_LOGGING_NAME
|
|
|
+ value: config-logging
|
|
|
+ - name: CONFIG_OBSERVABILITY_NAME
|
|
|
+ value: config-observability
|
|
|
+
|
|
|
+ - name: METRICS_DOMAIN
|
|
|
+ value: knative.dev/serving
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - all
|
|
|
+ ports:
|
|
|
+ - name: metrics
|
|
|
+ containerPort: 9090
|
|
|
+ - name: profiling
|
|
|
+ containerPort: 8008
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ name: domainmapping-webhook
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: domainmapping-webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app: domainmapping-webhook
|
|
|
+ role: domainmapping-webhook
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ annotations:
|
|
|
+ cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
|
|
|
+ labels:
|
|
|
+ app: domainmapping-webhook
|
|
|
+ app.kubernetes.io/name: domainmapping-webhook
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ role: domainmapping-webhook
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ spec:
|
|
|
+
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - podAffinityTerm:
|
|
|
+ labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app: domainmapping-webhook
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ weight: 100
|
|
|
+ serviceAccountName: controller
|
|
|
+ containers:
|
|
|
+ - name: domainmapping-webhook
|
|
|
+
|
|
|
+
|
|
|
+ image: registry.cn-beijing.aliyuncs.com/dotbalo/domain-mapping-webhook:v0.26
|
|
|
+ resources:
|
|
|
+ requests:
|
|
|
+ cpu: 100m
|
|
|
+ memory: 100Mi
|
|
|
+ limits:
|
|
|
+ cpu: 500m
|
|
|
+ memory: 500Mi
|
|
|
+ env:
|
|
|
+ - name: POD_NAME
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.name
|
|
|
+ - name: SYSTEM_NAMESPACE
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.namespace
|
|
|
+ - name: CONFIG_LOGGING_NAME
|
|
|
+ value: config-logging
|
|
|
+ - name: CONFIG_OBSERVABILITY_NAME
|
|
|
+ value: config-observability
|
|
|
+ - name: WEBHOOK_PORT
|
|
|
+ value: "8443"
|
|
|
+
|
|
|
+ - name: METRICS_DOMAIN
|
|
|
+ value: knative.dev/serving
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - all
|
|
|
+ ports:
|
|
|
+ - name: metrics
|
|
|
+ containerPort: 9090
|
|
|
+ - name: profiling
|
|
|
+ containerPort: 8008
|
|
|
+ - name: https-webhook
|
|
|
+ containerPort: 8443
|
|
|
+ readinessProbe:
|
|
|
+ periodSeconds: 1
|
|
|
+ httpGet:
|
|
|
+ scheme: HTTPS
|
|
|
+ port: 8443
|
|
|
+ httpHeaders:
|
|
|
+ - name: k-kubelet-probe
|
|
|
+ value: "webhook"
|
|
|
+ livenessProbe:
|
|
|
+ periodSeconds: 1
|
|
|
+ httpGet:
|
|
|
+ scheme: HTTPS
|
|
|
+ port: 8443
|
|
|
+ httpHeaders:
|
|
|
+ - name: k-kubelet-probe
|
|
|
+ value: "webhook"
|
|
|
+ failureThreshold: 6
|
|
|
+ initialDelaySeconds: 20
|
|
|
+
|
|
|
+
|
|
|
+ terminationGracePeriodSeconds: 300
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ role: domainmapping-webhook
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: domainmapping-webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ name: domainmapping-webhook
|
|
|
+ namespace: knative-serving
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+
|
|
|
+ - name: http-metrics
|
|
|
+ port: 9090
|
|
|
+ targetPort: 9090
|
|
|
+ - name: http-profiling
|
|
|
+ port: 8008
|
|
|
+ targetPort: 8008
|
|
|
+ - name: https-webhook
|
|
|
+ port: 443
|
|
|
+ targetPort: 8443
|
|
|
+ selector:
|
|
|
+ role: domainmapping-webhook
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: autoscaling/v2beta2
|
|
|
+kind: HorizontalPodAutoscaler
|
|
|
+metadata:
|
|
|
+ name: webhook
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+ minReplicas: 1
|
|
|
+ maxReplicas: 5
|
|
|
+ scaleTargetRef:
|
|
|
+ apiVersion: apps/v1
|
|
|
+ kind: Deployment
|
|
|
+ name: webhook
|
|
|
+ metrics:
|
|
|
+ - type: Resource
|
|
|
+ resource:
|
|
|
+ name: cpu
|
|
|
+ target:
|
|
|
+ type: Utilization
|
|
|
+
|
|
|
+ averageUtilization: 100
|
|
|
+---
|
|
|
+# Webhook PDB.
|
|
|
+apiVersion: policy/v1beta1
|
|
|
+kind: PodDisruptionBudget
|
|
|
+metadata:
|
|
|
+ name: webhook-pdb
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+ minAvailable: 80%
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app: webhook
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2018 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: apps/v1
|
|
|
+kind: Deployment
|
|
|
+metadata:
|
|
|
+ name: webhook
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+spec:
|
|
|
+ selector:
|
|
|
+ matchLabels:
|
|
|
+ app: webhook
|
|
|
+ role: webhook
|
|
|
+ template:
|
|
|
+ metadata:
|
|
|
+ annotations:
|
|
|
+ cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
|
|
|
+ labels:
|
|
|
+ app: webhook
|
|
|
+ role: webhook
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ spec:
|
|
|
+
|
|
|
+ affinity:
|
|
|
+ podAntiAffinity:
|
|
|
+ preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
+ - podAffinityTerm:
|
|
|
+ labelSelector:
|
|
|
+ matchLabels:
|
|
|
+ app: webhook
|
|
|
+ topologyKey: kubernetes.io/hostname
|
|
|
+ weight: 100
|
|
|
+ serviceAccountName: controller
|
|
|
+ containers:
|
|
|
+ - name: webhook
|
|
|
+
|
|
|
+
|
|
|
+ image: registry.cn-beijing.aliyuncs.com/dotbalo/webhook:v0.26
|
|
|
+ resources:
|
|
|
+ requests:
|
|
|
+ cpu: 100m
|
|
|
+ memory: 100Mi
|
|
|
+ limits:
|
|
|
+ cpu: 500m
|
|
|
+ memory: 500Mi
|
|
|
+ env:
|
|
|
+ - name: POD_NAME
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.name
|
|
|
+ - name: SYSTEM_NAMESPACE
|
|
|
+ valueFrom:
|
|
|
+ fieldRef:
|
|
|
+ fieldPath: metadata.namespace
|
|
|
+ - name: CONFIG_LOGGING_NAME
|
|
|
+ value: config-logging
|
|
|
+ - name: CONFIG_OBSERVABILITY_NAME
|
|
|
+ value: config-observability
|
|
|
+ - name: WEBHOOK_NAME
|
|
|
+ value: webhook
|
|
|
+ - name: WEBHOOK_PORT
|
|
|
+ value: "8443"
|
|
|
+
|
|
|
+ - name: METRICS_DOMAIN
|
|
|
+ value: knative.dev/internal/serving
|
|
|
+ securityContext:
|
|
|
+ allowPrivilegeEscalation: false
|
|
|
+ readOnlyRootFilesystem: true
|
|
|
+ runAsNonRoot: true
|
|
|
+ capabilities:
|
|
|
+ drop:
|
|
|
+ - all
|
|
|
+ ports:
|
|
|
+ - name: metrics
|
|
|
+ containerPort: 9090
|
|
|
+ - name: profiling
|
|
|
+ containerPort: 8008
|
|
|
+ - name: https-webhook
|
|
|
+ containerPort: 8443
|
|
|
+ readinessProbe:
|
|
|
+ periodSeconds: 1
|
|
|
+ httpGet:
|
|
|
+ scheme: HTTPS
|
|
|
+ port: 8443
|
|
|
+ httpHeaders:
|
|
|
+ - name: k-kubelet-probe
|
|
|
+ value: "webhook"
|
|
|
+ livenessProbe:
|
|
|
+ periodSeconds: 1
|
|
|
+ httpGet:
|
|
|
+ scheme: HTTPS
|
|
|
+ port: 8443
|
|
|
+ httpHeaders:
|
|
|
+ - name: k-kubelet-probe
|
|
|
+ value: "webhook"
|
|
|
+ failureThreshold: 6
|
|
|
+ initialDelaySeconds: 20
|
|
|
+
|
|
|
+
|
|
|
+ terminationGracePeriodSeconds: 300
|
|
|
+---
|
|
|
+apiVersion: v1
|
|
|
+kind: Service
|
|
|
+metadata:
|
|
|
+ labels:
|
|
|
+ role: webhook
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+ name: webhook
|
|
|
+ namespace: knative-serving
|
|
|
+spec:
|
|
|
+ ports:
|
|
|
+
|
|
|
+ - name: http-metrics
|
|
|
+ port: 9090
|
|
|
+ targetPort: 9090
|
|
|
+ - name: http-profiling
|
|
|
+ port: 8008
|
|
|
+ targetPort: 8008
|
|
|
+ - name: https-webhook
|
|
|
+ port: 443
|
|
|
+ targetPort: 8443
|
|
|
+ selector:
|
|
|
+ role: webhook
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: admissionregistration.k8s.io/v1
|
|
|
+kind: ValidatingWebhookConfiguration
|
|
|
+metadata:
|
|
|
+ name: config.webhook.serving.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: configmap-validation-webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+webhooks:
|
|
|
+ - admissionReviewVersions: ["v1", "v1beta1"]
|
|
|
+ clientConfig:
|
|
|
+ service:
|
|
|
+ name: webhook
|
|
|
+ namespace: knative-serving
|
|
|
+ failurePolicy: Fail
|
|
|
+ sideEffects: None
|
|
|
+ name: config.webhook.serving.knative.dev
|
|
|
+ namespaceSelector:
|
|
|
+ matchExpressions:
|
|
|
+ - key: serving.knative.dev/release
|
|
|
+ operator: Exists
|
|
|
+ timeoutSeconds: 10
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: admissionregistration.k8s.io/v1
|
|
|
+kind: MutatingWebhookConfiguration
|
|
|
+metadata:
|
|
|
+ name: webhook.serving.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: defaulting-webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+webhooks:
|
|
|
+ - admissionReviewVersions: ["v1", "v1beta1"]
|
|
|
+ clientConfig:
|
|
|
+ service:
|
|
|
+ name: webhook
|
|
|
+ namespace: knative-serving
|
|
|
+ failurePolicy: Fail
|
|
|
+ sideEffects: None
|
|
|
+ name: webhook.serving.knative.dev
|
|
|
+ timeoutSeconds: 10
|
|
|
+ rules:
|
|
|
+ - apiGroups:
|
|
|
+ - autoscaling.internal.knative.dev
|
|
|
+ - networking.internal.knative.dev
|
|
|
+ - serving.knative.dev
|
|
|
+ apiVersions:
|
|
|
+ - "*"
|
|
|
+ operations:
|
|
|
+ - CREATE
|
|
|
+ - UPDATE
|
|
|
+ scope: "*"
|
|
|
+ resources:
|
|
|
+ - metrics
|
|
|
+ - podautoscalers
|
|
|
+ - certificates
|
|
|
+ - ingresses
|
|
|
+ - serverlessservices
|
|
|
+ - configurations
|
|
|
+ - revisions
|
|
|
+ - routes
|
|
|
+ - services
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: admissionregistration.k8s.io/v1
|
|
|
+kind: MutatingWebhookConfiguration
|
|
|
+metadata:
|
|
|
+ name: webhook.domainmapping.serving.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+webhooks:
|
|
|
+ - admissionReviewVersions: ["v1", "v1beta1"]
|
|
|
+ clientConfig:
|
|
|
+ service:
|
|
|
+ name: domainmapping-webhook
|
|
|
+ namespace: knative-serving
|
|
|
+ failurePolicy: Fail
|
|
|
+ sideEffects: None
|
|
|
+ name: webhook.domainmapping.serving.knative.dev
|
|
|
+ timeoutSeconds: 10
|
|
|
+ rules:
|
|
|
+ - apiGroups:
|
|
|
+ - serving.knative.dev
|
|
|
+ apiVersions:
|
|
|
+ - v1alpha1
|
|
|
+ - v1beta1
|
|
|
+ operations:
|
|
|
+ - CREATE
|
|
|
+ - UPDATE
|
|
|
+ scope: "*"
|
|
|
+ resources:
|
|
|
+ - domainmappings
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: Secret
|
|
|
+metadata:
|
|
|
+ name: domainmapping-webhook-certs
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+# The data is populated at install time.
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: admissionregistration.k8s.io/v1
|
|
|
+kind: ValidatingWebhookConfiguration
|
|
|
+metadata:
|
|
|
+ name: validation.webhook.domainmapping.serving.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: domainmapping-webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+webhooks:
|
|
|
+ - admissionReviewVersions: ["v1", "v1beta1"]
|
|
|
+ clientConfig:
|
|
|
+ service:
|
|
|
+ name: domainmapping-webhook
|
|
|
+ namespace: knative-serving
|
|
|
+ failurePolicy: Fail
|
|
|
+ sideEffects: None
|
|
|
+ name: validation.webhook.domainmapping.serving.knative.dev
|
|
|
+ timeoutSeconds: 10
|
|
|
+ rules:
|
|
|
+ - apiGroups:
|
|
|
+ - serving.knative.dev
|
|
|
+ apiVersions:
|
|
|
+ - v1alpha1
|
|
|
+ - v1beta1
|
|
|
+ operations:
|
|
|
+ - CREATE
|
|
|
+ - UPDATE
|
|
|
+ - DELETE
|
|
|
+ scope: "*"
|
|
|
+ resources:
|
|
|
+ - domainmappings
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: admissionregistration.k8s.io/v1
|
|
|
+kind: ValidatingWebhookConfiguration
|
|
|
+metadata:
|
|
|
+ name: validation.webhook.serving.knative.dev
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: validating-webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+webhooks:
|
|
|
+ - admissionReviewVersions: ["v1", "v1beta1"]
|
|
|
+ clientConfig:
|
|
|
+ service:
|
|
|
+ name: webhook
|
|
|
+ namespace: knative-serving
|
|
|
+ failurePolicy: Fail
|
|
|
+ sideEffects: None
|
|
|
+ name: validation.webhook.serving.knative.dev
|
|
|
+ timeoutSeconds: 10
|
|
|
+ rules:
|
|
|
+ - apiGroups:
|
|
|
+ - autoscaling.internal.knative.dev
|
|
|
+ - networking.internal.knative.dev
|
|
|
+ - serving.knative.dev
|
|
|
+ apiVersions:
|
|
|
+ - "*"
|
|
|
+ operations:
|
|
|
+ - CREATE
|
|
|
+ - UPDATE
|
|
|
+ - DELETE
|
|
|
+ scope: "*"
|
|
|
+ resources:
|
|
|
+ - metrics
|
|
|
+ - podautoscalers
|
|
|
+ - certificates
|
|
|
+ - ingresses
|
|
|
+ - serverlessservices
|
|
|
+ - configurations
|
|
|
+ - revisions
|
|
|
+ - routes
|
|
|
+ - services
|
|
|
+
|
|
|
+---
|
|
|
+# Copyright 2020 The Knative Authors
|
|
|
+#
|
|
|
+# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
+# you may not use this file except in compliance with the License.
|
|
|
+# You may obtain a copy of the License at
|
|
|
+#
|
|
|
+# https://www.apache.org/licenses/LICENSE-2.0
|
|
|
+#
|
|
|
+# Unless required by applicable law or agreed to in writing, software
|
|
|
+# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
+# See the License for the specific language governing permissions and
|
|
|
+# limitations under the License.
|
|
|
+
|
|
|
+apiVersion: v1
|
|
|
+kind: Secret
|
|
|
+metadata:
|
|
|
+ name: webhook-certs
|
|
|
+ namespace: knative-serving
|
|
|
+ labels:
|
|
|
+ serving.knative.dev/release: "v0.26.0"
|
|
|
+ app.kubernetes.io/name: webhook
|
|
|
+ app.kubernetes.io/version: "0.26.0"
|
|
|
+ app.kubernetes.io/part-of: knative-serving
|
|
|
+# The data is populated at install time.
|
|
|
+
|
|
|
+---
|
Your Name