The following table provides an overview of the current implementation of the PodSpec
v1 core and Container
v1 core API.
- Some properties have implementation specific characteristics, marked with an asterisk (*)
- Properties without CRI implications are marked with a dash (-).
- Properties who are CRI related but not yet taken into account are marked with a question mark (?)
PodSpec property |
In LXE implemented | Notes | Related LXC config |
---|---|---|---|
activeDeadlineSeconds |
- | not CRI related | |
affinity |
- | not CRI related | |
automountServiceAccountToken |
yes | implicitly provided with CRI Mounts |
|
containers |
yes* | only one container per pod currently, see FAQ | the lxc containers |
dnsConfig |
yes | see dnsPolicy |
|
dnsPolicy |
yes | kubelet does all the work and provides the target settings | |
hostAliases |
yes | kubelet does all the work and provides the hosts file as CRI Mount | |
hostIPC |
? | ||
hostNetwork |
yes* | if false LXE calls CNI | if true then config.raw.lxc.include to a file containing lxc.net.0.type=none |
hostPID |
? | ||
hostname |
yes* | providing hostname using cloud-init vendor-data, see FAQ | unfortunately in LXD the container name is the hostname, so providing via config.user.vendor-data |
imagePullSecrets |
? | authentication to LXD servers are different than to docker, see container.image |
|
initContainers |
? | ||
nodeName |
- | not CRI related | |
nodeSelector |
- | not CRI related | |
priority |
- | not CRI related | |
priorityClassName |
- | not CRI related | |
readinessGates |
- | not CRI related | |
restartPolicy |
- | not CRI related | |
runtimeClassName |
- | not CRI related | |
schedulerName |
- | not CRI related | |
securityContext |
incomplete* | ||
serviceAccount |
- | not CRI related | |
serviceAccountName |
- | not CRI related | |
shareProcessNamespace |
? | ||
subdomain |
- | Not CRI related | |
terminationGracePeriodSeconds |
- | Not CRI related | |
tolerations |
- | Not CRI related | |
volumes |
yes | only container.volumeMounts are relevant for CRI |
Container property |
In LXE implemented | Notes | Related LXC config |
---|---|---|---|
args |
no* | see below command |
|
command |
no* | lxc containers with lxd have no entrypoint-like option, can be differently provided with cloud-init user-data, see FAQ | config.user.user-data |
env |
yes* | there are some additional reserved fields for cloud-init: env.meta-data , env.network-config , env.user-data |
config.environment.* |
envFrom |
yes | kubelet does all the work and are merged with env |
|
image |
yes* | only lxc images, see FAQ | the container image |
imagePullPolicy |
yes | kubelet decides itself when to pull the image through CRI | |
lifecycle |
- | not CRI related | |
livenessProbe |
- | not CRI related | |
name |
yes | ||
ports |
yes | config.devices.*.type=proxy |
|
readinessProbe |
- | not CRI related | |
resources |
yes | see limits.md | config.limits.* |
securityContext |
incomplete* | yet only securityContext.privileged |
config.security.privileged |
stdin |
? | ||
stdinOnce |
? | ||
terminationMessagePath |
? | ||
terminationMessagePolicy |
? | ||
tty |
? | ||
volumeDevices |
yes | with CRI Devices |
config.devices.*.type=block |
volumeMounts |
yes | with CRI Mounts |
config.devices.*.type=disk |
workingDir |
? |