diff --git a/.github/workflows/helm-kustomize-comparison.yml b/.github/workflows/helm-kustomize-comparison.yml index 5978794e5..d0cd7c3c0 100644 --- a/.github/workflows/helm-kustomize-comparison.yml +++ b/.github/workflows/helm-kustomize-comparison.yml @@ -43,4 +43,4 @@ jobs: env: VERBOSE: "true" run: | - ./tests/helm_kustomize_compare_all.sh model-registry + ./tests/helm_kustomize_compare_all.sh diff --git a/.github/workflows/katib-helm-kustomize-comparison.yaml b/.github/workflows/katib-helm-kustomize-comparison.yaml deleted file mode 100644 index 524b558a3..000000000 --- a/.github/workflows/katib-helm-kustomize-comparison.yaml +++ /dev/null @@ -1,52 +0,0 @@ -name: Katib Helm vs Kustomize Comparison - -on: - pull_request: - branches: [master] - paths: - - 'experimental/helm/charts/katib/**' - - 'applications/katib/**' - - 'tests/helm_kustomize_compare.py' - - 'tests/helm_kustomize_compare.sh' - - 'tests/helm_kustomize_compare_all.sh' - - '.github/workflows/katib-helm-kustomize-comparison.yaml' - workflow_dispatch: - -permissions: - contents: read - actions: read - -jobs: - compare-all-scenarios: - runs-on: ubuntu-latest - name: Compare All Scenarios - - steps: - - name: Checkout repository - uses: actions/checkout@v5 - - - name: Set up Python - uses: actions/setup-python@v4 - with: - python-version: '3.12' - - - name: Install Python dependencies - run: | - python -m pip install --upgrade pip - pip install pyyaml - - - name: Install Helm - run: | - curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 - chmod 700 get_helm.sh - ./get_helm.sh - rm get_helm.sh - - - name: Install kustomize - run: ./tests/kustomize_install.sh - - - name: Run all scenarios comparison - env: - VERBOSE: "true" - run: | - ./tests/helm_kustomize_compare_all.sh katib diff --git a/.github/workflows/kserve-models-web-app-comparison.yml b/.github/workflows/kserve-models-web-app-comparison.yml deleted file mode 100644 index 8fac3e081..000000000 --- a/.github/workflows/kserve-models-web-app-comparison.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: KServe Models Web App - Helm vs Kustomize Comparison - -on: - pull_request: - branches: [master] - paths: - - 'experimental/helm/charts/kserve-models-web-app/**' - - 'applications/kserve/models-web-app/**' - - 'tests/helm_kustomize_compare.py' - - 'tests/helm_kustomize_compare.sh' - - 'tests/helm_kustomize_compare_all.sh' - - '.github/workflows/kserve-models-web-app-comparison.yml' - workflow_dispatch: - -jobs: - validate-models-web-app-equivalence: - runs-on: ubuntu-latest - name: Compare KServe Models Web App Scenarios - steps: - - name: Checkout code - uses: actions/checkout@v5 - - - name: Set up Python - uses: actions/setup-python@v4 - with: - python-version: '3.12' - - - name: Install Python dependencies - run: | - python -m pip install --upgrade pip - pip install pyyaml - - - name: Install Helm - run: | - curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 - chmod 700 get_helm.sh - ./get_helm.sh - rm get_helm.sh - - - name: Install Kustomize - run: ./tests/kustomize_install.sh - - - name: Validate Helm chart - run: | - helm lint experimental/helm/charts/kserve-models-web-app/ - - - name: Run KServe Models Web App comparison - env: - VERBOSE: "true" - run: ./tests/helm_kustomize_compare_all.sh kserve-models-web-app diff --git a/experimental/helm/charts/notebook-controller/.helmignore b/experimental/helm/charts/notebook-controller/.helmignore new file mode 100644 index 000000000..01778d3d6 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/.helmignore @@ -0,0 +1,6 @@ +# Minimal .helmignore for debugging +.DS_Store +*.swp +*.bak +*.tmp +.git/ \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/Chart.yaml b/experimental/helm/charts/notebook-controller/Chart.yaml new file mode 100644 index 000000000..e434b02b8 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/Chart.yaml @@ -0,0 +1,19 @@ +apiVersion: v2 +name: notebook-controller +description: A Helm chart for Kubeflow Notebook Controller - Jupyter notebook management on Kubernetes +version: 1.10.0 +appVersion: v1.10.0 +keywords: +- kubeflow +- jupyter +- notebooks +- machine-learning +- controller +home: https://github.com/kubeflow/kubeflow +icon: https://www.kubeflow.org/images/logo.svg +sources: +- https://github.com/kubeflow/kubeflow +- https://github.com/kubeflow/manifests +annotations: + category: Machine Learning + licenses: Apache-2.0 \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/ci/base-values.yaml b/experimental/helm/charts/notebook-controller/ci/base-values.yaml new file mode 100644 index 000000000..3b8dcaa85 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/ci/base-values.yaml @@ -0,0 +1,99 @@ +# Values for base deployment mode +deploymentMode: standalone + +# Override names +nameOverride: "" +fullnameOverride: "" + +global: + namespace: notebook-controller-system + imageRegistry: ghcr.io/kubeflow/kubeflow + imageTag: v1.10.0 + +# Common labels +commonLabels: + app: notebook-controller + kustomize.component: notebook-controller + +controller: + config: + useIstio: true + istioGateway: "kubeflow/kubeflow-gateway" + istioHost: "*" + clusterDomain: "cluster.local" + enableCulling: false + cullIdleTime: "1440" + idlenessCheckPeriod: "1" + + manager: + enableLeaderElection: true + metricsAddr: "0.0.0.0:8080" + healthProbeAddr: ":8081" + + # Disable auth proxy in base mode + authProxy: + enabled: false + + # Webhook disabled by default + webhook: + enabled: false + + # Security context + podSecurityContext: + seccompProfile: + type: RuntimeDefault + + securityContext: + runAsNonRoot: true + allowPrivilegeEscalation: false + runAsUser: 1000 + capabilities: + drop: + - ALL + +# Enable main service +service: + enabled: true + type: ClusterIP + port: 443 + +# Disable metrics service in base (no auth proxy) +metricsService: + enabled: false + +# RBAC +rbac: + create: true + serviceAccount: + create: true + name: "" + authProxy: + enabled: false + leaderElection: + enabled: true + +# Enable direct metrics without auth proxy +monitoring: + enabled: true + prometheus: + enabled: true + podAnnotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8080" + prometheus.io/path: "/metrics" + +# CRD management with patches +crds: + install: true + validationPatches: + enabled: true + +kustomizeMode: + enabled: true + useOriginalLabels: true + useOriginalNames: true + +# Disable samples +samples: + enabled: false + namespace: "default" diff --git a/experimental/helm/charts/notebook-controller/ci/kubeflow-values.yaml b/experimental/helm/charts/notebook-controller/ci/kubeflow-values.yaml new file mode 100644 index 000000000..b3e0694f3 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/ci/kubeflow-values.yaml @@ -0,0 +1,93 @@ +# Values for Kubeflow deployment mode +deploymentMode: kubeflow + +nameOverride: "notebook-controller" + +global: + namespace: kubeflow + imageRegistry: ghcr.io/kubeflow/kubeflow + imageTag: v1.10.0 + +# Common labels +commonLabels: + app: notebook-controller + kustomize.component: notebook-controller + +controller: + config: + useIstio: true + istioGateway: "kubeflow/kubeflow-gateway" + istioHost: "*" + clusterDomain: "cluster.local" + enableCulling: false + cullIdleTime: "1440" + idlenessCheckPeriod: "1" + + manager: + enableLeaderElection: true + metricsAddr: "127.0.0.1:8080" + healthProbeAddr: ":8081" + + # Disable auth proxy + authProxy: + enabled: false + + # Webhook server disabled by default + webhook: + enabled: false + + # Security context + podSecurityContext: + seccompProfile: + type: RuntimeDefault + + securityContext: + runAsNonRoot: true + allowPrivilegeEscalation: false + runAsUser: 1000 + capabilities: + drop: + - ALL + +# Enable main service (matches manager/service.yaml) +service: + enabled: true + type: ClusterIP + port: 443 + +# Disable metrics service +metricsService: + enabled: false + +# RBAC +rbac: + create: true + serviceAccount: + create: true + name: "" + authProxy: + enabled: false + leaderElection: + enabled: true + +# Enable monitoring with proper annotations +monitoring: + enabled: true + prometheus: + enabled: true + +# CRD management with patches +crds: + install: true + validationPatches: + enabled: true + +# Kustomize compatibility for Kubeflow +kustomizeMode: + enabled: true + useOriginalLabels: true + useOriginalNames: true + +# Disable samples in production Kubeflow +samples: + enabled: false \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/ci/production-values.yaml b/experimental/helm/charts/notebook-controller/ci/production-values.yaml new file mode 100644 index 000000000..d5e588f23 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/ci/production-values.yaml @@ -0,0 +1,87 @@ +# Values for production deployment with high availability +deploymentMode: kubeflow + +nameOverride: "notebook-controller" + +global: + namespace: kubeflow + imageRegistry: ghcr.io/kubeflow/kubeflow + imageTag: v1.10.0 + +commonLabels: + app: notebook-controller + kustomize.component: notebook-controller + +controller: + # Multiple replicas for HA + replicas: 2 + + config: + useIstio: true + istioGateway: "kubeflow/kubeflow-gateway" + istioHost: "*" + clusterDomain: "cluster.local" + enableCulling: true + cullIdleTime: "720" # 12 hours for production + idlenessCheckPeriod: "5" # Check every 5 minutes + + # Resource limits for production + resources: + limits: + cpu: 200m + memory: 256Mi + requests: + cpu: 100m + memory: 128Mi + + authProxy: + enabled: true + resources: + limits: + cpu: 100m + memory: 64Mi + requests: + cpu: 50m + memory: 32Mi + +# Production services +service: + enabled: true +metricsService: + enabled: true + +# High availability features +podDisruptionBudget: + enabled: true + minAvailable: 1 + +autoscaling: + enabled: true + minReplicas: 2 + maxReplicas: 5 + targetCPUUtilizationPercentage: 70 + +# Production monitoring +monitoring: + enabled: true + prometheus: + enabled: true + serviceMonitor: + enabled: true + interval: 30s + +# Network security +networkPolicies: + enabled: true + policyTypes: + - Ingress + - Egress + +# Kustomize compatibility +kustomizeMode: + enabled: true + useOriginalLabels: true + useOriginalNames: true + +samples: + enabled: false \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/ci/standalone-values.yaml b/experimental/helm/charts/notebook-controller/ci/standalone-values.yaml new file mode 100644 index 000000000..0379136cf --- /dev/null +++ b/experimental/helm/charts/notebook-controller/ci/standalone-values.yaml @@ -0,0 +1,99 @@ +# Values for standalone deployment mode +deploymentMode: standalone + +# Override names +nameOverride: "" +fullnameOverride: "" + +global: + namespace: notebook-controller-system + imageRegistry: ghcr.io/kubeflow/kubeflow + imageTag: v1.10.0 + +# Common labels +commonLabels: + app: notebook-controller + kustomize.component: notebook-controller + +controller: + config: + useIstio: false + istioGateway: "kubeflow/kubeflow-gateway" + istioHost: "*" + clusterDomain: "cluster.local" + enableCulling: false + cullIdleTime: "1440" + idlenessCheckPeriod: "1" + + manager: + enableLeaderElection: true + metricsAddr: "0.0.0.0:8080" + healthProbeAddr: ":8081" + + # Disable auth proxy in standalone mode + authProxy: + enabled: false + + # Webhook disabled by default + webhook: + enabled: false + + # Security context + podSecurityContext: + seccompProfile: + type: RuntimeDefault + + securityContext: + runAsNonRoot: true + allowPrivilegeEscalation: false + runAsUser: 1000 + capabilities: + drop: + - ALL + +# Enable main service (matches manager/service.yaml) +service: + enabled: true + type: ClusterIP + port: 443 + +# Disable metrics service in standalone (no auth proxy) +metricsService: + enabled: false + +# RBAC +rbac: + create: true + serviceAccount: + create: true + name: "" # Will be auto-generated + authProxy: + enabled: false # No auth proxy in standalone + leaderElection: + enabled: true + +# Enable direct metrics without auth proxy +monitoring: + enabled: true + prometheus: + enabled: true + podAnnotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8080" + prometheus.io/path: "/metrics" + +# CRD management with patches +crds: + install: true + validationPatches: + enabled: true + +kustomizeMode: + enabled: true + useOriginalLabels: true + useOriginalNames: true + +# Disable samples +samples: + enabled: false + namespace: "default" \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/ci/webhook-values.yaml b/experimental/helm/charts/notebook-controller/ci/webhook-values.yaml new file mode 100644 index 000000000..5ef9b8bd0 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/ci/webhook-values.yaml @@ -0,0 +1,73 @@ +# Values for webhook-enabled deployment mode +deploymentMode: kubeflow + +nameOverride: "notebook-controller" + +global: + namespace: kubeflow + imageRegistry: ghcr.io/kubeflow/kubeflow + imageTag: v1.10.0 + +# Common labels +commonLabels: + app: notebook-controller + kustomize.component: notebook-controller + +controller: + config: + useIstio: true + istioGateway: "kubeflow/kubeflow-gateway" + istioHost: "*" + clusterDomain: "cluster.local" + enableCulling: false + cullIdleTime: "1440" + idlenessCheckPeriod: "1" + + manager: + enableLeaderElection: true + metricsAddr: "127.0.0.1:8080" + healthProbeAddr: ":8081" + + # Enable auth proxy for metrics protection + authProxy: + enabled: true + + # Enable webhook server + webhook: + enabled: true + port: 443 + certSecretName: webhook-server-cert + +# Enable all services +service: + enabled: true +metricsService: + enabled: true + +# Enable certificate management +certificates: + enabled: true + issuer: "kubeflow-selfsigned-issuer" + +# RBAC with webhook permissions +rbac: + create: true + authProxy: + enabled: true + leaderElection: + enabled: true + +# CRD management with webhook patches +crds: + install: true + webhook: + enabled: true + +# Kustomize compatibility +kustomizeMode: + enabled: true + useOriginalLabels: true + useOriginalNames: true + +samples: + enabled: false \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/crds/kubeflow.org_notebooks.yaml b/experimental/helm/charts/notebook-controller/crds/kubeflow.org_notebooks.yaml new file mode 100644 index 000000000..5ffc87cdb --- /dev/null +++ b/experimental/helm/charts/notebook-controller/crds/kubeflow.org_notebooks.yaml @@ -0,0 +1,9421 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + labels: + app: notebook-controller + kustomize.component: notebook-controller + name: notebooks.kubeflow.org +spec: + group: kubeflow.org + names: + kind: Notebook + listKind: NotebookList + plural: notebooks + singular: notebook + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + properties: + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + - image + type: object + type: array + minItems: 1 + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + required: + - conditionType + type: object + type: array + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + maxSkew: + format: int32 + type: integer + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + containerState: + properties: + running: + properties: + startedAt: + format: date-time + type: string + type: object + terminated: + properties: + containerID: + type: string + exitCode: + format: int32 + type: integer + finishedAt: + format: date-time + type: string + message: + type: string + reason: + type: string + signal: + format: int32 + type: integer + startedAt: + format: date-time + type: string + required: + - exitCode + type: object + waiting: + properties: + message: + type: string + reason: + type: string + type: object + type: object + readyReplicas: + format: int32 + type: integer + required: + - conditions + - containerState + - readyReplicas + type: object + type: object + served: true + storage: true + subresources: + status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + properties: + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + - image + type: object + type: array + minItems: 1 + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + required: + - conditionType + type: object + type: array + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + maxSkew: + format: int32 + type: integer + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + containerState: + properties: + running: + properties: + startedAt: + format: date-time + type: string + type: object + terminated: + properties: + containerID: + type: string + exitCode: + format: int32 + type: integer + finishedAt: + format: date-time + type: string + message: + type: string + reason: + type: string + signal: + format: int32 + type: integer + startedAt: + format: date-time + type: string + required: + - exitCode + type: object + waiting: + properties: + message: + type: string + reason: + type: string + type: object + type: object + readyReplicas: + format: int32 + type: integer + required: + - conditions + - containerState + - readyReplicas + type: object + type: object + served: true + storage: false + subresources: + status: {} + - name: v1beta1 + schema: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + template: + properties: + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + - image + type: object + type: array + minItems: 1 + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + default: TCP + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + x-kubernetes-map-type: atomic + os: + properties: + name: + type: string + required: + - name + type: object + overhead: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + required: + - conditionType + type: object + type: array + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + hostProcess: + type: boolean + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + serviceAccountName: + type: string + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + maxSkew: + format: int32 + type: integer + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + x-kubernetes-list-map-keys: + - topologyKey + - whenUnsatisfiable + x-kubernetes-list-type: map + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + properties: + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + dataSourceRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + containerState: + properties: + running: + properties: + startedAt: + format: date-time + type: string + type: object + terminated: + properties: + containerID: + type: string + exitCode: + format: int32 + type: integer + finishedAt: + format: date-time + type: string + message: + type: string + reason: + type: string + signal: + format: int32 + type: integer + startedAt: + format: date-time + type: string + required: + - exitCode + type: object + waiting: + properties: + message: + type: string + reason: + type: string + type: object + type: object + readyReplicas: + format: int32 + type: integer + required: + - conditions + - containerState + - readyReplicas + type: object + type: object + served: true + storage: false + subresources: + status: {} + preserveUnknownFields: false + conversion: + strategy: None +status: + acceptedNames: + kind: '' + plural: '' + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/_helpers.tpl b/experimental/helm/charts/notebook-controller/templates/_helpers.tpl new file mode 100644 index 000000000..df4d91214 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/_helpers.tpl @@ -0,0 +1,257 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "notebook-controller.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "notebook-controller.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "notebook-controller.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "notebook-controller.labels" -}} +helm.sh/chart: {{ include "notebook-controller.chart" . }} +{{ include "notebook-controller.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Values.commonLabels }} +{{ toYaml . }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "notebook-controller.selectorLabels" -}} +app.kubernetes.io/name: {{ include "notebook-controller.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "notebook-controller.serviceAccountName" -}} +{{- if .Values.rbac.serviceAccount.create }} +{{- default (printf "%s-service-account" (include "notebook-controller.fullname" .)) .Values.rbac.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.rbac.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Image name helper +*/}} +{{- define "notebook-controller.image" -}} +{{- $registry := .Values.global.imageRegistry -}} +{{- $repository := .Values.controller.image.repository -}} +{{- $tag := .Values.controller.image.tag | default .Values.global.imageTag -}} +{{- printf "%s/%s:%s" $registry $repository $tag -}} +{{- end }} + +{{/* +Deployment mode helpers +*/}} +{{- define "notebook-controller.isKubeflowMode" -}} +{{- eq .Values.deploymentMode "kubeflow" -}} +{{- end }} + +{{- define "notebook-controller.isStandaloneMode" -}} +{{- eq .Values.deploymentMode "standalone" -}} +{{- end }} + +{{/* +Namespace helper +*/}} +{{- define "notebook-controller.namespace" -}} +{{- if eq .Values.deploymentMode "kubeflow" -}} +{{- .Values.global.namespace -}} +{{- else -}} +{{- printf "%s-system" (include "notebook-controller.name" .) -}} +{{- end -}} +{{- end }} + +{{/* +Resource name prefix helper +*/}} +{{- define "notebook-controller.namePrefix" -}} +{{- printf "%s-" (include "notebook-controller.name" .) -}} +{{- end }} + +{{/* +Full resource name helper +*/}} +{{- define "notebook-controller.resourceName" -}} +{{- if eq .Values.deploymentMode "kubeflow" -}} +{{- include "notebook-controller.fullname" . -}} +{{- else -}} +{{- printf "notebook-controller" -}} +{{- end -}} +{{- end }} + +{{/* +Image pull policy helper +*/}} +{{- define "notebook-controller.imagePullPolicy" -}} +{{- .Values.controller.image.pullPolicy | default .Values.global.imagePullPolicy -}} +{{- end }} + +{{/* +Config map name helper +*/}} +{{- define "notebook-controller.configMapName" -}} +{{- if eq .Values.deploymentMode "kubeflow" -}} +{{- printf "%s-config" (include "notebook-controller.fullname" .) -}} +{{- else -}} +{{- printf "%s-config" (include "notebook-controller.resourceName" .) -}} +{{- end -}} +{{- end }} + +{{/* +Auth proxy image helper +*/}} +{{- define "notebook-controller.authProxyImage" -}} +{{- printf "%s/%s:%s" .Values.controller.authProxy.image.registry .Values.controller.authProxy.image.repository .Values.controller.authProxy.image.tag -}} +{{- end }} + +{{/* +Metrics service name helper +*/}} +{{- define "notebook-controller.metricsServiceName" -}} +{{- if .Values.metricsService.name -}} +{{- .Values.metricsService.name -}} +{{- else -}} +{{- printf "%s-metrics-service" (include "notebook-controller.resourceName" .) -}} +{{- end -}} +{{- end }} + +{{/* +Common annotations helper +*/}} +{{- define "notebook-controller.annotations" -}} +{{- with .Values.commonAnnotations }} +{{- toYaml . }} +{{- end }} +{{- end }} + +{{/* +Pod annotations helper (combines common and monitoring annotations) +*/}} +{{- define "notebook-controller.podAnnotations" -}} +{{- $annotations := dict -}} +{{- if .Values.commonAnnotations -}} +{{- $annotations = mergeOverwrite $annotations .Values.commonAnnotations -}} +{{- end -}} +{{- if .Values.controller.annotations -}} +{{- $annotations = mergeOverwrite $annotations .Values.controller.annotations -}} +{{- end -}} +{{- if and .Values.monitoring.enabled .Values.monitoring.prometheus.enabled (not .Values.controller.authProxy.enabled) -}} +{{- $annotations = mergeOverwrite $annotations .Values.monitoring.prometheus.podAnnotations -}} +{{- end -}} +{{- if $annotations -}} +{{- toYaml $annotations -}} +{{- end -}} +{{- end }} + +{{/* +Deployment selector labels (consistent across all resources) +*/}} +{{- define "notebook-controller.deploymentSelectorLabels" -}} +{{- if and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalLabels -}} +app: notebook-controller +kustomize.component: notebook-controller +{{- else -}} +{{- include "notebook-controller.selectorLabels" . -}} +{{- end -}} +{{- end }} + +{{/* +Manager container name helper +*/}} +{{- define "notebook-controller.managerContainerName" -}} +{{- if .Values.kustomizeMode.enabled -}} +manager +{{- else -}} +controller-manager +{{- end -}} +{{- end }} + +{{/* +Service port name helper +*/}} +{{- define "notebook-controller.servicePortName" -}} +{{- if .Values.controller.authProxy.enabled -}} +https +{{- else -}} +metrics +{{- end -}} +{{- end }} + +{{/* +Conditional environment variables helper +*/}} +{{- define "notebook-controller.envVars" -}} +- name: USE_ISTIO + valueFrom: + configMapKeyRef: + name: {{ include "notebook-controller.configMapName" . }} + key: USE_ISTIO +- name: ISTIO_GATEWAY + valueFrom: + configMapKeyRef: + name: {{ include "notebook-controller.configMapName" . }} + key: ISTIO_GATEWAY +- name: ISTIO_HOST + valueFrom: + configMapKeyRef: + name: {{ include "notebook-controller.configMapName" . }} + key: ISTIO_HOST +- name: CLUSTER_DOMAIN + valueFrom: + configMapKeyRef: + name: {{ include "notebook-controller.configMapName" . }} + key: CLUSTER_DOMAIN +- name: ENABLE_CULLING + valueFrom: + configMapKeyRef: + name: {{ include "notebook-controller.configMapName" . }} + key: ENABLE_CULLING +- name: CULL_IDLE_TIME + valueFrom: + configMapKeyRef: + name: {{ include "notebook-controller.configMapName" . }} + key: CULL_IDLE_TIME +- name: IDLENESS_CHECK_PERIOD + valueFrom: + configMapKeyRef: + name: {{ include "notebook-controller.configMapName" . }} + key: IDLENESS_CHECK_PERIOD +{{- with .Values.env.additional }} +{{- toYaml . }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/certificate.yaml b/experimental/helm/charts/notebook-controller/templates/certificate.yaml new file mode 100644 index 000000000..85af5ccff --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/certificate.yaml @@ -0,0 +1,51 @@ +{{- if and .Values.certificates.enabled .Values.controller.webhook.enabled }} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ include "notebook-controller.resourceName" . }}-serving-cert + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- $annotations := include "notebook-controller.annotations" . }} + {{- if $annotations }} + annotations: + {{- $annotations | nindent 4 }} + {{- end }} +spec: + secretName: {{ .Values.controller.webhook.certSecretName }} + duration: {{ .Values.certificates.duration }} + renewBefore: {{ .Values.certificates.renewBefore }} + subject: + {{- with .Values.certificates.subject.organizations }} + organizations: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.certificates.subject.countries }} + countries: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.certificates.subject.localities }} + localities: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.certificates.subject.provinces }} + provinces: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- if or .Values.certificates.dnsNames (not (empty .Values.certificates.dnsNames)) }} + dnsNames: + {{- if .Values.certificates.dnsNames }} + {{- toYaml .Values.certificates.dnsNames | nindent 4 }} + {{- else }} + - {{ include "notebook-controller.resourceName" . }}-webhook-service.{{ include "notebook-controller.namespace" . }}.svc + - {{ include "notebook-controller.resourceName" . }}-webhook-service.{{ include "notebook-controller.namespace" . }}.svc.cluster.local + {{- end }} + {{- end }} + {{- with .Values.certificates.ipAddresses }} + ipAddresses: + {{- toYaml . | nindent 4 }} + {{- end }} + issuerRef: + name: {{ .Values.certificates.issuer }} + kind: Issuer +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/configmap.yaml b/experimental/helm/charts/notebook-controller/templates/configmap.yaml new file mode 100644 index 000000000..9d1c85531 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/configmap.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "notebook-controller.configMapName" . }} + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- if and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalLabels }} + app: notebook-controller + kustomize.component: notebook-controller + {{- else }} + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- end }} + {{- $annotations := include "notebook-controller.annotations" . }} + {{- if $annotations }} + annotations: + {{- $annotations | nindent 4 }} + {{- end }} +data: + USE_ISTIO: {{ .Values.controller.config.useIstio | quote }} + ISTIO_GATEWAY: {{ .Values.controller.config.istioGateway | quote }} + ISTIO_HOST: {{ .Values.controller.config.istioHost | quote }} + CLUSTER_DOMAIN: {{ .Values.controller.config.clusterDomain | quote }} + ENABLE_CULLING: {{ .Values.controller.config.enableCulling | quote }} + CULL_IDLE_TIME: {{ .Values.controller.config.cullIdleTime | quote }} + IDLENESS_CHECK_PERIOD: {{ .Values.controller.config.idlenessCheckPeriod | quote }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/deployment.yaml b/experimental/helm/charts/notebook-controller/templates/deployment.yaml new file mode 100644 index 000000000..663401475 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/deployment.yaml @@ -0,0 +1,181 @@ +{{- if .Values.controller.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "notebook-controller.resourceName" . }}-deployment + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- if and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalLabels }} + app: notebook-controller + kustomize.component: notebook-controller + {{- else }} + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- end }} + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- $annotations := include "notebook-controller.annotations" . }} + {{- if $annotations }} + annotations: + {{- $annotations | nindent 4 }} + {{- end }} +spec: + {{- if not (and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalNames) }} + replicas: {{ .Values.controller.replicas }} + {{- end }} + selector: + matchLabels: + {{- include "notebook-controller.deploymentSelectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "notebook-controller.deploymentSelectorLabels" . | nindent 8 }} + {{- with .Values.commonLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if not (and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalNames) }} + {{- $podAnnotations := include "notebook-controller.podAnnotations" . }} + {{- if $podAnnotations }} + annotations: + {{- $podAnnotations | nindent 8 }} + {{- end }} + {{- end }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "notebook-controller.serviceAccountName" . }} + {{- with .Values.controller.podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.initContainers.additional }} + initContainers: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + {{- if .Values.controller.authProxy.enabled }} + - name: kube-rbac-proxy + image: {{ include "notebook-controller.authProxyImage" . }} + imagePullPolicy: {{ .Values.controller.authProxy.image.pullPolicy }} + args: + {{- toYaml .Values.controller.authProxy.args | nindent 10 }} + ports: + - containerPort: {{ .Values.controller.authProxy.port }} + name: https + protocol: TCP + {{- with .Values.controller.authProxy.resources }} + resources: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.controller.authProxy.securityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} + - name: {{ include "notebook-controller.managerContainerName" . }} + image: {{ include "notebook-controller.image" . }} + {{- if .Values.controller.manager.command }} + command: + {{- toYaml .Values.controller.manager.command | nindent 10 }} + {{- else }} + command: + - /manager + {{- end }} + {{- if not (and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalNames) }} + {{- if or .Values.controller.manager.args .Values.controller.manager.enableLeaderElection .Values.controller.authProxy.enabled .Values.controller.manager.healthProbeAddr }} + args: + {{- if .Values.controller.manager.enableLeaderElection }} + - "--enable-leader-election" + {{- end }} + {{- if .Values.controller.authProxy.enabled }} + - "--metrics-addr={{ .Values.controller.manager.metricsAddr }}" + {{- else }} + - "--metrics-addr=0.0.0.0:{{ .Values.controller.ports.metrics }}" + {{- end }} + {{- if .Values.controller.manager.healthProbeAddr }} + - "--health-probe-bind-address={{ .Values.controller.manager.healthProbeAddr }}" + {{- end }} + {{- with .Values.controller.manager.args }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- end }} + env: + {{- include "notebook-controller.envVars" . | nindent 8 }} + imagePullPolicy: {{ include "notebook-controller.imagePullPolicy" . }} + {{- if not (and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalNames) }} + ports: + {{- if not .Values.controller.authProxy.enabled }} + - containerPort: {{ .Values.controller.ports.metrics }} + name: metrics + protocol: TCP + {{- end }} + - containerPort: {{ .Values.controller.ports.health }} + name: health + protocol: TCP + {{- if .Values.controller.webhook.enabled }} + - containerPort: {{ .Values.controller.webhook.port }} + name: webhook-server + protocol: TCP + {{- end }} + {{- end }} + {{- with .Values.controller.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.controller.readinessProbe }} + readinessProbe: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.controller.securityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.controller.resources }} + resources: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- if or .Values.controller.webhook.enabled .Values.volumeMounts.additional }} + volumeMounts: + {{- if .Values.controller.webhook.enabled }} + - mountPath: {{ .Values.controller.webhook.certMountPath }} + name: cert + readOnly: true + {{- end }} + {{- with .Values.volumeMounts.additional }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- with .Values.sidecars.additional }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- if or .Values.controller.webhook.enabled .Values.volumes.additional }} + volumes: + {{- if .Values.controller.webhook.enabled }} + - name: cert + secret: + defaultMode: {{ .Values.controller.webhook.certVolumeMode }} + secretName: {{ .Values.controller.webhook.certSecretName }} + {{- end }} + {{- with .Values.volumes.additional }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- end }} + {{- with .Values.controller.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.controller.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/hpa.yaml b/experimental/helm/charts/notebook-controller/templates/hpa.yaml new file mode 100644 index 000000000..597168630 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/hpa.yaml @@ -0,0 +1,40 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "notebook-controller.resourceName" . }}-hpa + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "notebook-controller.resourceName" . }}-deployment + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} + {{- with .Values.autoscaling.metrics }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.autoscaling.behavior }} + behavior: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/metrics-service.yaml b/experimental/helm/charts/notebook-controller/templates/metrics-service.yaml new file mode 100644 index 000000000..fba0799a0 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/metrics-service.yaml @@ -0,0 +1,33 @@ +{{- if .Values.metricsService.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "notebook-controller.metricsServiceName" . }} + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- with .Values.metricsService.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- $metricsAnnotations := dict }} + {{- if .Values.metricsService.annotations }} + {{- $metricsAnnotations = mergeOverwrite $metricsAnnotations .Values.metricsService.annotations }} + {{- end }} + {{- $commonAnnotations := include "notebook-controller.annotations" . | fromYaml }} + {{- if $commonAnnotations }} + {{- $metricsAnnotations = mergeOverwrite $metricsAnnotations $commonAnnotations }} + {{- end }} + {{- if $metricsAnnotations }} + annotations: + {{- toYaml $metricsAnnotations | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.metricsService.type }} + ports: + - port: {{ .Values.metricsService.port }} + targetPort: {{ .Values.metricsService.targetPort }} + protocol: TCP + name: https + selector: + {{- include "notebook-controller.deploymentSelectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/namespace.yaml b/experimental/helm/charts/notebook-controller/templates/namespace.yaml new file mode 100644 index 000000000..86acbf32e --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/namespace.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.namespace.create (eq .Values.deploymentMode "standalone") }} +apiVersion: v1 +kind: Namespace +metadata: + name: {{ include "notebook-controller.namespace" . }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + control-plane: controller-manager + {{- $annotations := include "notebook-controller.annotations" . }} + {{- if $annotations }} + annotations: + {{- $annotations | nindent 4 }} + {{- end }} +{{- end }} diff --git a/experimental/helm/charts/notebook-controller/templates/networkpolicy.yaml b/experimental/helm/charts/notebook-controller/templates/networkpolicy.yaml new file mode 100644 index 000000000..ada37252b --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/networkpolicy.yaml @@ -0,0 +1,28 @@ +{{- if .Values.networkPolicies.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "notebook-controller.resourceName" . }}-netpol + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- $annotations := include "notebook-controller.annotations" . }} + {{- if $annotations }} + annotations: + {{- $annotations | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + {{- include "notebook-controller.deploymentSelectorLabels" . | nindent 6 }} + policyTypes: + {{- toYaml .Values.networkPolicies.policyTypes | nindent 4 }} + {{- if .Values.networkPolicies.ingress }} + ingress: + {{- toYaml .Values.networkPolicies.ingress | nindent 4 }} + {{- end }} + {{- if .Values.networkPolicies.egress }} + egress: + {{- toYaml .Values.networkPolicies.egress | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/poddisruptionbudget.yaml b/experimental/helm/charts/notebook-controller/templates/poddisruptionbudget.yaml new file mode 100644 index 000000000..bbcbe8683 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/poddisruptionbudget.yaml @@ -0,0 +1,26 @@ +{{- if .Values.podDisruptionBudget.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "notebook-controller.resourceName" . }}-pdb + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- with .Values.podDisruptionBudget.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.podDisruptionBudget.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + {{- include "notebook-controller.selectorLabels" . | nindent 6 }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/podmonitor.yaml b/experimental/helm/charts/notebook-controller/templates/podmonitor.yaml new file mode 100644 index 000000000..2e4534e6f --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/podmonitor.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.monitoring.enabled .Values.monitoring.podMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: {{ include "notebook-controller.resourceName" . }}-podmonitor + namespace: {{ .Values.monitoring.podMonitor.namespace | default .Release.Namespace }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- with .Values.monitoring.podMonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.monitoring.podMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.monitoring.podMonitor.selector }} + selector: + {{- toYaml . | nindent 4 }} + {{- else }} + selector: + matchLabels: + {{- include "notebook-controller.selectorLabels" . | nindent 6 }} + {{- end }} + podMetricsEndpoints: + {{- toYaml .Values.monitoring.podMonitor.endpoints | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/rbac/auth-proxy-role.yaml b/experimental/helm/charts/notebook-controller/templates/rbac/auth-proxy-role.yaml new file mode 100644 index 000000000..3149c329a --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/rbac/auth-proxy-role.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.rbac.create .Values.rbac.authProxy.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "notebook-controller.resourceName" . }}-proxy-role + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} +rules: +- apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: ["create"] +- apiGroups: ["authorization.k8s.io"] + resources: + - subjectaccessreviews + verbs: ["create"] +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/rbac/auth-proxy-rolebinding.yaml b/experimental/helm/charts/notebook-controller/templates/rbac/auth-proxy-rolebinding.yaml new file mode 100644 index 000000000..fb6be0903 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/rbac/auth-proxy-rolebinding.yaml @@ -0,0 +1,16 @@ +{{- if and .Values.rbac.create .Values.rbac.authProxy.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "notebook-controller.resourceName" . }}-proxy-rolebinding + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "notebook-controller.resourceName" . }}-proxy-role +subjects: +- kind: ServiceAccount + name: {{ include "notebook-controller.serviceAccountName" . }} + namespace: {{ include "notebook-controller.namespace" . }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/rbac/clusterrole.yaml b/experimental/helm/charts/notebook-controller/templates/rbac/clusterrole.yaml new file mode 100644 index 000000000..72dbe1f17 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/rbac/clusterrole.yaml @@ -0,0 +1,80 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "notebook-controller.resourceName" . }}-role + labels: + {{- if and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalLabels }} + app: notebook-controller + kustomize.component: notebook-controller + {{- else }} + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- end }} + {{- $annotations := include "notebook-controller.annotations" . }} + {{- if $annotations }} + annotations: + {{- $annotations | nindent 4 }} + {{- end }} +rules: +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - '*' + +- apiGroups: + - kubeflow.org + resources: + - notebooks + - notebooks/finalizers + - notebooks/status + verbs: + - '*' +- apiGroups: + - networking.istio.io + resources: + - virtualservices + verbs: + - '*' +{{- if .Values.controller.webhook.enabled }} +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - get + - list + - patch + - update + - watch +{{- end }} +{{- with .Values.rbac.clusterRole.rules }} +{{- toYaml . | nindent 0 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/rbac/clusterrolebinding.yaml b/experimental/helm/charts/notebook-controller/templates/rbac/clusterrolebinding.yaml new file mode 100644 index 000000000..4dcf04bc6 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/rbac/clusterrolebinding.yaml @@ -0,0 +1,16 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "notebook-controller.resourceName" . }}-role-binding + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "notebook-controller.resourceName" . }}-role +subjects: +- kind: ServiceAccount + name: {{ include "notebook-controller.serviceAccountName" . }} + namespace: {{ include "notebook-controller.namespace" . }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/rbac/leader-election-role.yaml b/experimental/helm/charts/notebook-controller/templates/rbac/leader-election-role.yaml new file mode 100644 index 000000000..490751ec9 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/rbac/leader-election-role.yaml @@ -0,0 +1,39 @@ +{{- if and .Values.rbac.create .Values.rbac.leaderElection.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "notebook-controller.resourceName" . }}-leader-election-role + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create +{{- with .Values.rbac.role.rules }} +{{- toYaml . | nindent 0 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/rbac/leader-election-rolebinding.yaml b/experimental/helm/charts/notebook-controller/templates/rbac/leader-election-rolebinding.yaml new file mode 100644 index 000000000..0cbe18910 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/rbac/leader-election-rolebinding.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.rbac.create .Values.rbac.leaderElection.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "notebook-controller.resourceName" . }}-leader-election-rolebinding + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "notebook-controller.resourceName" . }}-leader-election-role +subjects: +- kind: ServiceAccount + name: {{ include "notebook-controller.serviceAccountName" . }} + namespace: {{ include "notebook-controller.namespace" . }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/rbac/user-cluster-roles.yaml b/experimental/helm/charts/notebook-controller/templates/rbac/user-cluster-roles.yaml new file mode 100644 index 000000000..29828eabd --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/rbac/user-cluster-roles.yaml @@ -0,0 +1,60 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "notebook-controller.namePrefix" . }}kubeflow-notebooks-admin + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true" +aggregationRule: + clusterRoleSelectors: + - matchLabels: + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-notebooks-admin: "true" +rules: [] + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "notebook-controller.namePrefix" . }}kubeflow-notebooks-edit + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true" + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-notebooks-admin: "true" +rules: +- apiGroups: + - kubeflow.org + resources: + - notebooks + - notebooks/status + verbs: + - get + - list + - watch + - create + - delete + - deletecollection + - patch + - update + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "notebook-controller.namePrefix" . }}kubeflow-notebooks-view + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true" +rules: +- apiGroups: + - kubeflow.org + resources: + - notebooks + - notebooks/status + verbs: + - get + - list + - watch +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/samples/notebook-v1-sample.yaml b/experimental/helm/charts/notebook-controller/templates/samples/notebook-v1-sample.yaml new file mode 100644 index 000000000..db7f3f317 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/samples/notebook-v1-sample.yaml @@ -0,0 +1,26 @@ +{{- if .Values.samples.enabled }} +--- +apiVersion: kubeflow.org/v1 +kind: Notebook +metadata: + name: {{ include "notebook-controller.fullname" . }}-sample-v1 + namespace: {{ .Values.samples.namespace | default "default" }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + annotations: + "helm.sh/resource-policy": keep + {{- $annotations := include "notebook-controller.annotations" . }} + {{- if $annotations }} + {{- $annotations | nindent 4 }} + {{- end }} +spec: + template: + spec: + containers: + - name: {{ include "notebook-controller.fullname" . }}-sample-v1 + image: {{ .Values.samples.image | default "ghcr.io/kubeflow/kubeflow/notebook-servers/jupyter:latest" }} + {{- with .Values.samples.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/samples/notebook-v1alpha1-sample.yaml b/experimental/helm/charts/notebook-controller/templates/samples/notebook-v1alpha1-sample.yaml new file mode 100644 index 000000000..6e32a28f2 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/samples/notebook-v1alpha1-sample.yaml @@ -0,0 +1,26 @@ +{{- if .Values.samples.enabled }} +--- +apiVersion: kubeflow.org/v1alpha1 +kind: Notebook +metadata: + name: {{ include "notebook-controller.fullname" . }}-sample-v1alpha1 + namespace: {{ .Values.samples.namespace | default "default" }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + annotations: + "helm.sh/resource-policy": keep + {{- $annotations := include "notebook-controller.annotations" . }} + {{- if $annotations }} + {{- $annotations | nindent 4 }} + {{- end }} +spec: + template: + spec: + containers: + - name: {{ include "notebook-controller.fullname" . }}-sample-v1alpha1 + image: {{ .Values.samples.image | default "ghcr.io/kubeflow/kubeflow/notebook-servers/jupyter:latest" }} + {{- with .Values.samples.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/samples/notebook-v1beta1-sample.yaml b/experimental/helm/charts/notebook-controller/templates/samples/notebook-v1beta1-sample.yaml new file mode 100644 index 000000000..b08868eaf --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/samples/notebook-v1beta1-sample.yaml @@ -0,0 +1,26 @@ +{{- if .Values.samples.enabled }} +--- +apiVersion: kubeflow.org/v1beta1 +kind: Notebook +metadata: + name: {{ include "notebook-controller.fullname" . }}-sample-v1beta1 + namespace: {{ .Values.samples.namespace | default "default" }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + annotations: + "helm.sh/resource-policy": keep + {{- $annotations := include "notebook-controller.annotations" . }} + {{- if $annotations }} + {{- $annotations | nindent 4 }} + {{- end }} +spec: + template: + spec: + containers: + - name: {{ include "notebook-controller.fullname" . }}-sample-v1beta1 + image: {{ .Values.samples.image | default "ghcr.io/kubeflow/kubeflow/notebook-servers/jupyter:latest" }} + {{- with .Values.samples.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/service.yaml b/experimental/helm/charts/notebook-controller/templates/service.yaml new file mode 100644 index 000000000..7fef534f3 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/service.yaml @@ -0,0 +1,50 @@ +{{- if .Values.service.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "notebook-controller.resourceName" . }}-service + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- if and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalLabels }} + app: notebook-controller + kustomize.component: notebook-controller + {{- else }} + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- end }} + {{- with .Values.service.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- $serviceAnnotations := dict }} + {{- if .Values.service.annotations }} + {{- $serviceAnnotations = mergeOverwrite $serviceAnnotations .Values.service.annotations }} + {{- end }} + {{- $commonAnnotations := include "notebook-controller.annotations" . | fromYaml }} + {{- if $commonAnnotations }} + {{- $serviceAnnotations = mergeOverwrite $serviceAnnotations $commonAnnotations }} + {{- end }} + {{- if $serviceAnnotations }} + annotations: + {{- toYaml $serviceAnnotations | nindent 4 }} + {{- end }} +spec: + {{- if not (and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalNames) }} + type: {{ .Values.service.type }} + {{- end }} + ports: + - port: {{ .Values.service.port }} + {{- if not (and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalNames) }} + {{- if not .Values.controller.authProxy.enabled }} + targetPort: {{ .Values.controller.ports.metrics }} + {{- else }} + targetPort: {{ .Values.service.targetPort }} + {{- end }} + protocol: TCP + {{- end }} + selector: + {{- if and .Values.kustomizeMode.enabled .Values.kustomizeMode.useOriginalLabels }} + app: notebook-controller + kustomize.component: notebook-controller + {{- else }} + {{- include "notebook-controller.deploymentSelectorLabels" . | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/serviceaccount.yaml b/experimental/helm/charts/notebook-controller/templates/serviceaccount.yaml new file mode 100644 index 000000000..75750ed4a --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/serviceaccount.yaml @@ -0,0 +1,21 @@ +{{- if .Values.rbac.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "notebook-controller.serviceAccountName" . }} + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- $saAnnotations := dict }} + {{- if .Values.rbac.serviceAccount.annotations }} + {{- $saAnnotations = mergeOverwrite $saAnnotations .Values.rbac.serviceAccount.annotations }} + {{- end }} + {{- $commonAnnotations := include "notebook-controller.annotations" . | fromYaml }} + {{- if $commonAnnotations }} + {{- $saAnnotations = mergeOverwrite $saAnnotations $commonAnnotations }} + {{- end }} + {{- if $saAnnotations }} + annotations: + {{- toYaml $saAnnotations | nindent 4 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/servicemonitor.yaml b/experimental/helm/charts/notebook-controller/templates/servicemonitor.yaml new file mode 100644 index 000000000..499e641d3 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/servicemonitor.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.monitoring.enabled .Values.monitoring.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "notebook-controller.resourceName" . }}-servicemonitor + namespace: {{ .Values.monitoring.serviceMonitor.namespace | default .Release.Namespace }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- with .Values.monitoring.serviceMonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.monitoring.serviceMonitor.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.monitoring.serviceMonitor.selector }} + selector: + {{- toYaml . | nindent 4 }} + {{- else }} + selector: + matchLabels: + {{- include "notebook-controller.selectorLabels" . | nindent 6 }} + {{- end }} + endpoints: + {{- toYaml .Values.monitoring.serviceMonitor.endpoints | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/templates/webhook-service.yaml b/experimental/helm/charts/notebook-controller/templates/webhook-service.yaml new file mode 100644 index 000000000..ac51e6fe1 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/templates/webhook-service.yaml @@ -0,0 +1,23 @@ +{{- if .Values.controller.webhook.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "notebook-controller.resourceName" . }}-webhook-service + namespace: {{ include "notebook-controller.namespace" . }} + labels: + {{- include "notebook-controller.labels" . | nindent 4 }} + {{- $annotations := include "notebook-controller.annotations" . }} + {{- if $annotations }} + annotations: + {{- $annotations | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + ports: + - port: {{ .Values.controller.webhook.port }} + targetPort: webhook-server + protocol: TCP + name: webhook-server + selector: + {{- include "notebook-controller.deploymentSelectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/experimental/helm/charts/notebook-controller/values.yaml b/experimental/helm/charts/notebook-controller/values.yaml new file mode 100644 index 000000000..381463532 --- /dev/null +++ b/experimental/helm/charts/notebook-controller/values.yaml @@ -0,0 +1,447 @@ +# -- String to partially override release name. +nameOverride: "" + +# -- String to fully override release name. +fullnameOverride: "" + +# -- Common labels to add to the resources. +commonLabels: + app: notebook-controller + kustomize.component: notebook-controller + +# -- Common annotations to add to the resources. +commonAnnotations: {} + +# Global settings +global: + # -- Namespace to install Notebook Controller + namespace: kubeflow + # -- Image registry for Notebook Controller images + imageRegistry: ghcr.io/kubeflow/kubeflow + # -- Global image tag for the notebook controller + imageTag: v1.10.0 + # -- Global image pull policy + imagePullPolicy: IfNotPresent + # -- Global image pull secrets + imagePullSecrets: [] + +# -- Deployment mode configuration (kubeflow or standalone) +deploymentMode: kubeflow + +# Namespace configuration +namespace: + # -- Create namespace + create: true + +# Controller configuration +controller: + # -- Enable the Notebook Controller + enabled: true + # -- Number of controller replicas + replicas: 1 + + image: + # -- Controller image repository + repository: notebook-controller + # -- Controller image tag (overrides global.imageTag if set) + tag: "" + # -- Controller image pull policy (overrides global.imagePullPolicy if set) + pullPolicy: "" + + # Manager arguments and configuration + manager: + # -- Enable leader election + enableLeaderElection: true + # -- Metrics bind address + metricsAddr: "127.0.0.1:8080" + # -- Health probe bind address + healthProbeAddr: ":8081" + # -- Additional manager arguments + args: [] + # -- Manager command (overrides default) + command: [] + + # Environment configuration + config: + # -- Enable Istio integration + useIstio: true + # -- Istio gateway for Kubeflow mode + istioGateway: "kubeflow/kubeflow-gateway" + # -- Istio host configuration + istioHost: "*" + # -- Cluster domain + clusterDomain: "cluster.local" + # -- Enable notebook culling + enableCulling: false + # -- Cull idle time (in minutes - note: original uses minutes without suffix) + cullIdleTime: "1440" + # -- Idleness check period (in minutes) + idlenessCheckPeriod: "1" + + # Auth proxy (kube-rbac-proxy) configuration + authProxy: + # -- Enable auth proxy sidecar + enabled: false + image: + # -- Auth proxy image registry + registry: quay.io + # -- Auth proxy image repository + repository: brancz/kube-rbac-proxy + # -- Auth proxy image tag + tag: v0.4.0 + # -- Auth proxy image pull policy + pullPolicy: IfNotPresent + # -- Auth proxy arguments + args: + - "--secure-listen-address=0.0.0.0:8443" + - "--upstream=http://127.0.0.1:8080/" + - "--logtostderr=true" + - "--v=10" + # -- Auth proxy port + port: 8443 + # -- Auth proxy resource requests and limits + resources: {} + # -- Auth proxy security context + securityContext: {} + + # Webhook server configuration + webhook: + # -- Enable webhook server + enabled: false + # -- Webhook server port + port: 443 + # -- Webhook certificate secret name + certSecretName: webhook-server-cert + # -- Webhook certificate mount path + certMountPath: /tmp/k8s-webhook-server/serving-certs + # -- Webhook certificate volume mode + certVolumeMode: 420 + + # Ports configuration + ports: + # -- Manager metrics port (when auth proxy disabled) + metrics: 8080 + # -- Manager health check port + health: 8081 + # -- HTTPS port (when auth proxy enabled) + https: 8443 + # -- Webhook server port + webhook: 443 + + # -- Controller resource requests and limits + resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + + # Security context + podSecurityContext: + seccompProfile: + type: RuntimeDefault + + securityContext: + runAsNonRoot: true + allowPrivilegeEscalation: false + runAsUser: 1000 + capabilities: + drop: + - ALL + + # Probes configuration + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + + # -- Node selector for controller pods + nodeSelector: {} + + # -- Tolerations for controller pods + tolerations: [] + + # -- Affinity rules for controller pods + affinity: {} + + # -- Extra labels for controller pods + labels: {} + + # -- Extra annotations for controller pods + annotations: {} + +# RBAC configuration +rbac: + # -- Create RBAC resources + create: true + + # Service account configuration + serviceAccount: + # -- Create service account + create: true + # -- Service account name (auto-generated if empty) + name: "" + # -- Service account annotations + annotations: {} + + # Cluster-wide permissions + clusterRole: + # -- Create cluster role + create: true + # -- Additional cluster role rules + rules: [] + + # Namespace-specific permissions + role: + # -- Create namespace role + create: true + # -- Additional role rules + rules: [] + + # Auth proxy configuration + authProxy: + # -- Enable auth proxy RBAC + enabled: true + + # Leader election configuration + leaderElection: + # -- Enable leader election RBAC + enabled: true + +# Service configuration +service: + # -- Enable service creation + enabled: true + # -- Service type + type: ClusterIP + # -- Service port + port: 443 + # -- Service target port + targetPort: 8443 + # -- Service annotations + annotations: {} + # -- Service labels + labels: {} + +# Metrics service configuration (for auth proxy) +metricsService: + # -- Enable metrics service (typically used with auth proxy) + enabled: false + # -- Service name override + name: "" + # -- Service type + type: ClusterIP + # -- Service port + port: 8443 + # -- Service target port + targetPort: https + # -- Service annotations + annotations: + prometheus.io/port: "8443" + prometheus.io/scheme: https + prometheus.io/scrape: "true" + # -- Service labels + labels: + control-plane: controller-manager + +# CRD configuration +crds: + # -- Install CRDs + install: true + # CRD validation patches + validationPatches: + # -- Enable CRD validation patches + enabled: true + # Webhook configuration + webhook: + # -- Enable webhook configuration (disabled by default) + enabled: false + +# Monitoring configuration +monitoring: + # -- Enable monitoring + enabled: false + + # Prometheus metrics configuration + prometheus: + # -- Enable Prometheus metrics + enabled: false + # -- Prometheus scrape annotations on pods + podAnnotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8080" + prometheus.io/path: "/metrics" + + # -- ServiceMonitor configuration (for Prometheus Operator) + serviceMonitor: + # -- Create ServiceMonitor + enabled: false + # -- ServiceMonitor namespace (defaults to release namespace) + namespace: "" + # -- ServiceMonitor labels + labels: {} + # -- ServiceMonitor annotations + annotations: {} + # -- ServiceMonitor selector + selector: {} + # -- ServiceMonitor endpoints + endpoints: + - port: https + scheme: https + interval: 30s + path: /metrics + + # -- PodMonitor configuration (alternative to ServiceMonitor) + podMonitor: + # -- Create PodMonitor + enabled: false + # -- PodMonitor namespace (defaults to release namespace) + namespace: "" + # -- PodMonitor labels + labels: {} + # -- PodMonitor annotations + annotations: {} + # -- PodMonitor selector + selector: {} + # -- PodMonitor endpoints + endpoints: + - port: metrics + interval: 30s + path: /metrics + +# Volume configuration +volumes: + # -- Additional volumes for the controller pod + additional: [] + # Example: + # - name: custom-config + # configMap: + # name: custom-config + +# Volume mounts configuration +volumeMounts: + # -- Additional volume mounts for the controller container + additional: [] + # Example: + # - name: custom-config + # mountPath: /etc/custom-config + # readOnly: true + +# Environment variables +env: + # -- Additional environment variables for the controller container + additional: [] + # Example: + # - name: CUSTOM_VAR + # value: "custom-value" + # - name: SECRET_VAR + # valueFrom: + # secretKeyRef: + # name: my-secret + # key: secret-key + +# Init containers configuration +initContainers: + # -- Additional init containers + additional: [] + +# Sidecar containers configuration +sidecars: + # -- Additional sidecar containers + additional: [] + +# Pod disruption budget +podDisruptionBudget: + # -- Enable pod disruption budget + enabled: false + # -- Minimum available pods + minAvailable: 1 + # -- Maximum unavailable pods (alternative to minAvailable) + maxUnavailable: "" + # -- Additional labels for PDB + labels: {} + # -- Additional annotations for PDB + annotations: {} + +# Horizontal Pod Autoscaler +autoscaling: + # -- Enable horizontal pod autoscaler + enabled: false + # -- Minimum number of replicas + minReplicas: 1 + # -- Maximum number of replicas + maxReplicas: 10 + # -- Target CPU utilization percentage + targetCPUUtilizationPercentage: 80 + # -- Target memory utilization percentage + targetMemoryUtilizationPercentage: "" + # -- Additional metrics for HPA + metrics: [] + # -- HPA behavior configuration + behavior: {} + +# Network policies +networkPolicies: + # -- Enable network policies + enabled: false + # -- Ingress rules + ingress: [] + # -- Egress rules + egress: [] + # -- Policy types + policyTypes: + - Ingress + - Egress + +# Certificate management (for webhooks) +certificates: + # -- Enable certificate management + enabled: false + # -- Certificate issuer (cert-manager) + issuer: "" + # -- Certificate duration + duration: "8760h" # 1 year + # -- Certificate renewal before expiry + renewBefore: "720h" # 30 days + # -- Certificate subject + subject: + organizations: [] + countries: [] + localities: [] + provinces: [] + # -- Certificate DNS names + dnsNames: [] + # -- Certificate IP addresses + ipAddresses: [] + +# Sample notebook resources +samples: + # -- Create sample notebook resources + enabled: false + # -- Namespace for sample notebooks + namespace: "default" + # -- Default image for sample notebooks + image: "ghcr.io/kubeflow/kubeflow/notebook-servers/jupyter:latest" + # -- Resource requests and limits for sample notebooks + resources: {} + +# Kustomize compatibility mode +kustomizeMode: + # -- Enable Kustomize compatibility features + enabled: false + # -- Use original naming conventions + useOriginalNames: false + # -- Include namespace in resource names + includeNamespace: false + # -- Use original label selectors + useOriginalLabels: false \ No newline at end of file diff --git a/tests/helm_kustomize_compare.py b/tests/helm_kustomize_compare.py index ba7231f16..11fbabbbe 100755 --- a/tests/helm_kustomize_compare.py +++ b/tests/helm_kustomize_compare.py @@ -290,9 +290,9 @@ def compare_manifests(kustomize_file: str, helm_file: str, component: str, scena scenario = sys.argv[4] namespace = sys.argv[5] if len(sys.argv) > 5 and not sys.argv[5].startswith('--') else "" - if component not in ["katib", "model-registry", "kserve-models-web-app"]: + if component not in ["katib", "model-registry", "kserve-models-web-app", "notebook-controller"]: print(f"ERROR: Unknown component: {component}") - print("Supported components: katib, model-registry, kserve-models-web-app") + print("Supported components: katib, model-registry, kserve-models-web-app, notebook-controller") sys.exit(1) success = compare_manifests(kustomize_file, helm_file, component, scenario, namespace) diff --git a/tests/helm_kustomize_compare.sh b/tests/helm_kustomize_compare.sh index 271451588..7cca489db 100755 --- a/tests/helm_kustomize_compare.sh +++ b/tests/helm_kustomize_compare.sh @@ -11,7 +11,7 @@ ROOT_DIR="$(dirname "$SCRIPT_DIR")" if [[ -z "$COMPONENT" ]]; then echo "ERROR: Component is required" echo "Usage: $0 " - echo "Components: katib, model-registry, kserve-models-web-app" + echo "Components: katib, model-registry, kserve-models-web-app, notebook-controller" exit 1 fi @@ -132,9 +132,36 @@ case "$COMPONENT" in ) ;; + "notebook-controller") + CHART_DIR="$ROOT_DIR/experimental/helm/charts/notebook-controller" + MANIFESTS_DIR="$ROOT_DIR/applications/jupyter/notebook-controller/upstream" + + declare -A KUSTOMIZE_PATHS=( + ["base"]="$MANIFESTS_DIR/base" + ["kubeflow"]="$MANIFESTS_DIR/overlays/kubeflow" + ["standalone"]="$MANIFESTS_DIR/overlays/standalone" + ) + + declare -A HELM_VALUES=( + ["base"]="$CHART_DIR/ci/base-values.yaml" + ["kubeflow"]="$CHART_DIR/ci/kubeflow-values.yaml" + ["standalone"]="$CHART_DIR/ci/standalone-values.yaml" + ["webhook"]="$CHART_DIR/ci/webhook-values.yaml" + ["production"]="$CHART_DIR/ci/production-values.yaml" + ) + + declare -A NAMESPACES=( + ["base"]="notebook-controller-system" + ["kubeflow"]="kubeflow" + ["standalone"]="notebook-controller-system" + ["webhook"]="kubeflow" + ["production"]="kubeflow" + ) + ;; + *) echo "ERROR: Unknown component: $COMPONENT" - echo "Supported components: katib, model-registry, kserve-models-web-app" + echo "Supported components: katib, model-registry, kserve-models-web-app, notebook-controller" exit 1 ;; esac @@ -191,6 +218,11 @@ else --namespace "$NAMESPACE" \ --include-crds \ --values "$HELM_VALUES_ARG" > "$HELM_OUTPUT" + elif [[ "$COMPONENT" == "notebook-controller" ]]; then + helm template notebook-controller . \ + --namespace "$NAMESPACE" \ + --include-crds \ + --values "$HELM_VALUES_ARG" > "$HELM_OUTPUT" else helm template model-registry . \ --namespace "$NAMESPACE" \ diff --git a/tests/helm_kustomize_compare_all.sh b/tests/helm_kustomize_compare_all.sh index f25db5b13..43e3da0b3 100755 --- a/tests/helm_kustomize_compare_all.sh +++ b/tests/helm_kustomize_compare_all.sh @@ -12,6 +12,7 @@ declare -A COMPONENT_SCENARIOS=( ["katib"]="standalone cert-manager external-db leader-election openshift standalone-postgres with-kubeflow" ["model-registry"]="base overlay-postgres overlay-db controller-manager controller-rbac controller-default controller-prometheus controller-network-policy ui-base ui-standalone ui-integrated ui-istio istio csi" ["kserve-models-web-app"]="base kubeflow" + ["notebook-controller"]="base kubeflow standalone" ) test_component() { @@ -49,7 +50,7 @@ if [[ "$COMPONENT" == "all" ]]; then declare -a passed_components=() declare -a failed_components=() - for comp in katib model-registry kserve-models-web-app; do + for comp in katib model-registry kserve-models-web-app notebook-controller; do if test_component "$comp"; then passed_components+=("$comp") else @@ -77,11 +78,13 @@ elif [[ "$COMPONENT" == "help" ]] || [[ "$COMPONENT" == "--help" ]] || [[ "$COMP echo " katib Test Katib scenarios" echo " model-registry Test Model Registry scenarios" echo " kserve-models-web-app Test KServe Models Web App scenarios" + echo " notebook-controller Test Notebook Controller scenarios" echo "" echo "Examples:" echo " $0 # Test all components" echo " $0 katib # Test only Katib" echo " $0 model-registry # Test only Model Registry" + echo " $0 notebook-controller # Test only Notebook Controller" exit 0 elif [[ "${COMPONENT_SCENARIOS[$COMPONENT]:-}" ]]; then @@ -96,7 +99,7 @@ elif [[ "${COMPONENT_SCENARIOS[$COMPONENT]:-}" ]]; then else echo "ERROR: Unknown component: $COMPONENT" - echo "Supported components: katib, model-registry, kserve-models-web-app, all" + echo "Supported components: katib, model-registry, kserve-models-web-app, notebook-controller, all" echo "Use '$0 help' for more information." exit 1 fi \ No newline at end of file