diff --git a/kubevirt/README.md b/kubevirt/README.md index a5ee1d8b..4fce3cc5 100644 --- a/kubevirt/README.md +++ b/kubevirt/README.md @@ -4,5 +4,5 @@ ## Resource -+ Code sources are [here](https://github.com/kcl-lang/artifacthub/tree/main/kubevirt) -+ Reference documents are [here][https://github.com/kcl-lang/artifacthub/tree/main/kubevirt/docs] ++ Code sources are [here](https://github.com/kcl-lang/modules/tree/main/kubevirt) ++ Reference documents are [here][https://github.com/kcl-lang/modules/tree/main/kubevirt/docs] diff --git a/kubevirt/crds/kubevirt.yaml b/kubevirt/crds/kubevirt.yaml new file mode 100644 index 00000000..5befb100 --- /dev/null +++ b/kubevirt/crds/kubevirt.yaml @@ -0,0 +1,12286 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: apiservers.config.openshift.io +spec: + group: config.openshift.io + names: + kind: APIServer + listKind: APIServerList + plural: apiservers + singular: apiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: APIServer holds configuration (like serving certificates, client + CA and CORS domains) shared by all API servers in the system, among them + especially kube-apiserver and openshift-apiserver. The canonical name of + an instance is 'cluster'. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + additionalCORSAllowedOrigins: + description: additionalCORSAllowedOrigins lists additional, user-defined + regular expressions describing hosts for which the API server allows + access using the CORS headers. This may be needed to access the + API and the integrated OAuth server from JavaScript applications. + The values are regular expressions that correspond to the Golang + regular expression language. + items: + type: string + type: array + clientCA: + description: 'clientCA references a ConfigMap containing a certificate + bundle for the signers that will be recognized for incoming client + certificates in addition to the operator managed signers. If this + is empty, then only operator managed signers are valid. You usually + only have to set this if you have your own PKI you wish to honor + client certificates from. The ConfigMap must exist in the openshift-config + namespace and contain the following required fields: - ConfigMap.Data["ca-bundle.crt"] + - CA bundle.' + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + required: + - name + type: object + encryption: + description: encryption allows the configuration of encryption of + resources at the datastore layer. + properties: + type: + description: "type defines what encryption type should be used + to encrypt resources at the datastore layer. When this field + is unset (i.e. when it is set to the empty string), identity + is implied. The behavior of unset can and will change over time. + \ Even if encryption is enabled by default, the meaning of unset + may change to a different encryption type based on changes in + best practices. \n When encryption is enabled, all sensitive + resources shipped with the platform are encrypted. This list + of sensitive resources can and will change over time. The current + authoritative list is: \n 1. secrets 2. configmaps 3. + routes.route.openshift.io 4. oauthaccesstokens.oauth.openshift.io + \ 5. oauthauthorizetokens.oauth.openshift.io" + enum: + - "" + - identity + - aescbc + type: string + type: object + servingCerts: + description: servingCert is the TLS cert info for serving secure traffic. + If not specified, operator managed certificates will be used for + serving secure traffic. + properties: + namedCertificates: + description: namedCertificates references secrets containing the + TLS cert info for serving secure traffic to specific hostnames. + If no named certificates are provided, or no named certificates + match the server name as understood by a client, the defaultServingCertificate + will be used. + items: + description: APIServerNamedServingCert maps a server DNS name, + as understood by a client, to a certificate. + properties: + names: + description: names is a optional list of explicit DNS names + (leading wildcards allowed) that should use this certificate + to serve secure traffic. If no names are provided, the + implicit names will be extracted from the certificates. + Exact names trump over wildcard names. Explicit names + defined here trump over extracted implicit names. + items: + type: string + type: array + servingCertificate: + description: 'servingCertificate references a kubernetes.io/tls + type secret containing the TLS cert info for serving secure + traffic. The secret must exist in the openshift-config + namespace and contain the following required fields: - + Secret.Data["tls.key"] - TLS private key. - Secret.Data["tls.crt"] + - TLS certificate.' + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + type: object + type: array + type: object + tlsSecurityProfile: + description: "tlsSecurityProfile specifies settings for TLS connections + for externally exposed servers. \n If unset, a default (which may + change between releases) is chosen. Note that only Old and Intermediate + profiles are currently supported, and the maximum available MinTLSVersions + is VersionTLS12." + properties: + custom: + description: "custom is a user-defined TLS security profile. Be + extremely careful using a custom profile as invalid configurations + can be catastrophic. An example custom profile looks like this: + \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 + \ - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 + \ minTLSVersion: TLSv1.1" + nullable: true + properties: + ciphers: + description: "ciphers is used to specify the cipher algorithms + that are negotiated during the TLS handshake. Operators + may remove entries their operands do not support. For example, + to use DES-CBC3-SHA (yaml): \n ciphers: - DES-CBC3-SHA" + items: + type: string + type: array + minTLSVersion: + description: "minTLSVersion is used to specify the minimal + version of the TLS protocol that is negotiated during the + TLS handshake. For example, to use TLS versions 1.1, 1.2 + and 1.3 (yaml): \n minTLSVersion: TLSv1.1 \n NOTE: currently + the highest minTLSVersion allowed is VersionTLS12" + type: string + type: object + intermediate: + description: "intermediate is a TLS security profile based on: + \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 + \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 + \ - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 + \ - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 + \ - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 + \ - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 + \ - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 + \ minTLSVersion: TLSv1.2" + nullable: true + type: object + modern: + description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility + \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 + \ - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 + \ minTLSVersion: TLSv1.3 \n NOTE: Currently unsupported." + nullable: true + type: object + old: + description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility + \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 + \ - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 + \ - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 + \ - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 + \ - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 + \ - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 + \ - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 + \ - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA + \ - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 + \ - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA + \ - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - + DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 + \ - AES128-SHA256 - AES256-SHA256 - AES128-SHA - + AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0" + nullable: true + type: object + type: + description: "type is one of Old, Intermediate, Modern or Custom. + Custom provides the ability to specify individual TLS security + profile parameters. Old, Intermediate and Modern are TLS security + profiles based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations + \n The profiles are intent based, so they may change over time + as new ciphers are developed and existing ciphers are found + to be insecure. Depending on precisely which ciphers are available + to a process, the list may be reduced. \n Note that the Modern + profile is currently not supported because it is not yet well + adopted by common software libraries." + type: string + type: object + type: object + status: + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: authentications.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Authentication + listKind: AuthenticationList + plural: authentications + singular: authentication + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Authentication specifies cluster-wide settings for authentication + (like OAuth and webhook token authenticators). The canonical name of an + instance is `cluster`. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + oauthMetadata: + description: 'oauthMetadata contains the discovery endpoint data for + OAuth 2.0 Authorization Server Metadata for an external OAuth server. + This discovery document can be viewed from its served location: + oc get --raw ''/.well-known/oauth-authorization-server'' For further + details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 + If oauthMetadata.name is non-empty, this value has precedence over + any metadata reference stored in status. The key "oauthMetadata" + is used to locate the data. If specified and the config map or expected + key is not found, no metadata is served. If the specified metadata + is not valid, no metadata is served. The namespace for this config + map is openshift-config.' + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + required: + - name + type: object + type: + description: type identifies the cluster managed, user facing authentication + mode in use. Specifically, it manages the component that responds + to login attempts. The default is IntegratedOAuth. + type: string + webhookTokenAuthenticators: + description: webhookTokenAuthenticators configures remote token reviewers. + These remote authentication webhooks can be used to verify bearer + tokens via the tokenreviews.authentication.k8s.io REST API. This + is required to honor bearer tokens that are provisioned by an external + authentication service. The namespace for these secrets is openshift-config. + items: + description: webhookTokenAuthenticator holds the necessary configuration + options for a remote token authenticator + properties: + kubeConfig: + description: 'kubeConfig contains kube config file data which + describes how to access the remote webhook service. For further + details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication + The key "kubeConfig" is used to locate the data. If the secret + or expected key is not found, the webhook is not honored. + If the specified kube config data is not valid, the webhook + is not honored. The namespace for this secret is determined + by the point of use.' + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + type: object + type: array + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + properties: + integratedOAuthMetadata: + description: 'integratedOAuthMetadata contains the discovery endpoint + data for OAuth 2.0 Authorization Server Metadata for the in-cluster + integrated OAuth server. This discovery document can be viewed from + its served location: oc get --raw ''/.well-known/oauth-authorization-server'' + For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 + This contains the observed value based on cluster state. An explicitly + set value in spec.oauthMetadata has precedence over this field. + This field has no meaning if authentication spec.type is not set + to IntegratedOAuth. The key "oauthMetadata" is used to locate the + data. If the config map or expected key is not found, no metadata + is served. If the specified metadata is not valid, no metadata is + served. The namespace for this config map is openshift-config-managed.' + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + required: + - name + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: builds.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Build + listKind: BuildList + plural: builds + singular: build + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "Build configures the behavior of OpenShift builds for the entire + cluster. This includes default settings that can be overridden in BuildConfig + objects, and overrides which are applied to all builds. \n The canonical + name is \"cluster\"" + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec holds user-settable values for the build controller + configuration + properties: + additionalTrustedCA: + description: "AdditionalTrustedCA is a reference to a ConfigMap containing + additional CAs that should be trusted for image pushes and pulls + during builds. The namespace for this config map is openshift-config. + \n DEPRECATED: Additional CAs for image pull and push should be + set on image.config.openshift.io/cluster instead." + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + required: + - name + type: object + buildDefaults: + description: BuildDefaults controls the default information for Builds + properties: + defaultProxy: + description: "DefaultProxy contains the default proxy settings + for all build operations, including image pull/push and source + download. \n Values can be overrode by setting the `HTTP_PROXY`, + `HTTPS_PROXY`, and `NO_PROXY` environment variables in the build + config's strategy." + properties: + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. Empty + means unset and will not result in an env var. + type: string + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS + requests. Empty means unset and will not result in an env + var. + type: string + noProxy: + description: noProxy is a comma-separated list of hostnames + and/or CIDRs for which the proxy should not be used. Empty + means unset and will not result in an env var. + type: string + readinessEndpoints: + description: readinessEndpoints is a list of endpoints used + to verify readiness of the proxy. + items: + type: string + type: array + trustedCA: + description: "trustedCA is a reference to a ConfigMap containing + a CA certificate bundle used for client egress HTTPS connections. + The certificate bundle must be from the CA that signed the + proxy's certificate and be signed for everything. The trustedCA + field should only be consumed by a proxy validator. The + validator is responsible for reading the certificate bundle + from required key \"ca-bundle.crt\" and copying it to a + ConfigMap named \"trusted-ca-bundle\" in the \"openshift-config-managed\" + namespace. The namespace for the ConfigMap referenced by + trustedCA is \"openshift-config\". Here is an example ConfigMap + (in yaml): \n apiVersion: v1 kind: ConfigMap metadata: name: + user-ca-bundle namespace: openshift-config data: ca-bundle.crt: + | -----BEGIN CERTIFICATE----- Custom CA certificate + bundle. -----END CERTIFICATE-----" + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + required: + - name + type: object + type: object + env: + description: Env is a set of default environment variables that + will be applied to the build if the specified variables do not + exist on the build + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, metadata.labels, metadata.annotations, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + gitProxy: + description: "GitProxy contains the proxy settings for git operations + only. If set, this will override any Proxy settings for all + git commands, such as git clone. \n Values that are not set + here will be inherited from DefaultProxy." + properties: + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. Empty + means unset and will not result in an env var. + type: string + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS + requests. Empty means unset and will not result in an env + var. + type: string + noProxy: + description: noProxy is a comma-separated list of hostnames + and/or CIDRs for which the proxy should not be used. Empty + means unset and will not result in an env var. + type: string + readinessEndpoints: + description: readinessEndpoints is a list of endpoints used + to verify readiness of the proxy. + items: + type: string + type: array + trustedCA: + description: "trustedCA is a reference to a ConfigMap containing + a CA certificate bundle used for client egress HTTPS connections. + The certificate bundle must be from the CA that signed the + proxy's certificate and be signed for everything. The trustedCA + field should only be consumed by a proxy validator. The + validator is responsible for reading the certificate bundle + from required key \"ca-bundle.crt\" and copying it to a + ConfigMap named \"trusted-ca-bundle\" in the \"openshift-config-managed\" + namespace. The namespace for the ConfigMap referenced by + trustedCA is \"openshift-config\". Here is an example ConfigMap + (in yaml): \n apiVersion: v1 kind: ConfigMap metadata: name: + user-ca-bundle namespace: openshift-config data: ca-bundle.crt: + | -----BEGIN CERTIFICATE----- Custom CA certificate + bundle. -----END CERTIFICATE-----" + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + required: + - name + type: object + type: object + imageLabels: + description: ImageLabels is a list of docker labels that are applied + to the resulting image. User can override a default label by + providing a label with the same name in their Build/BuildConfig. + items: + properties: + name: + description: Name defines the name of the label. It must + have non-zero length. + type: string + value: + description: Value defines the literal value of the label. + type: string + type: object + type: array + resources: + description: Resources defines resource requirements to execute + the build. + properties: + limits: + additionalProperties: + type: string + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + type: string + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + type: object + buildOverrides: + description: BuildOverrides controls override settings for builds + properties: + imageLabels: + description: ImageLabels is a list of docker labels that are applied + to the resulting image. If user provided a label in their Build/BuildConfig + with the same name as one in this list, the user's label will + be overwritten. + items: + properties: + name: + description: Name defines the name of the label. It must + have non-zero length. + type: string + value: + description: Value defines the literal value of the label. + type: string + type: object + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector is a selector which must be true for + the build pod to fit on a node + type: object + tolerations: + description: Tolerations is a list of Tolerations that will override + any existing tolerations set on a build pod. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: consoles.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Console + listKind: ConsoleList + plural: consoles + singular: console + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Console holds cluster-wide configuration for the web console, + including the logout URL, and reports the public URL of the console. The + canonical name is `cluster`. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + authentication: + description: ConsoleAuthentication defines a list of optional configuration + for console authentication. + properties: + logoutRedirect: + description: 'An optional, absolute URL to redirect web browsers + to after logging out of the console. If not specified, it will + redirect to the default login page. This is required when using + an identity provider that supports single sign-on (SSO) such + as: - OpenID (Keycloak, Azure) - RequestHeader (GSSAPI, SSPI, + SAML) - OAuth (GitHub, GitLab, Google) Logging out of the console + will destroy the user''s token. The logoutRedirect provides + the user the option to perform single logout (SLO) through the + identity provider to destroy their single sign-on session.' + pattern: ^$|^((https):\/\/?)[^\s()<>]+(?:\([\w\d]+\)|([^[:punct:]\s]|\/?))$ + type: string + type: object + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + properties: + consoleURL: + description: The URL for the console. This will be derived from the + host for the route that is created for the console. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: dnses.config.openshift.io +spec: + group: config.openshift.io + names: + kind: DNS + listKind: DNSList + plural: dnses + singular: dns + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: DNS holds cluster-wide information about DNS. The canonical name + is `cluster` + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + baseDomain: + description: "baseDomain is the base domain of the cluster. All managed + DNS records will be sub-domains of this base. \n For example, given + the base domain `openshift.example.com`, an API server DNS record + may be created for `cluster-api.openshift.example.com`. \n Once + set, this field cannot be changed." + type: string + privateZone: + description: "privateZone is the location where all the DNS records + that are only available internally to the cluster exist. \n If this + field is nil, no private records should be created. \n Once set, + this field cannot be changed." + properties: + id: + description: "id is the identifier that can be used to find the + DNS hosted zone. \n on AWS zone can be fetched using `ID` as + id in [1] on Azure zone can be fetched using `ID` as a pre-determined + name in [2], on GCP zone can be fetched using `ID` as a pre-determined + name in [3]. \n [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options + [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show + [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get" + type: string + tags: + additionalProperties: + type: string + description: "tags can be used to query the DNS hosted zone. \n + on AWS, resourcegroupstaggingapi [1] can be used to fetch a + zone using `Tags` as tag-filters, \n [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options" + type: object + type: object + publicZone: + description: "publicZone is the location where all the DNS records + that are publicly accessible to the internet exist. \n If this field + is nil, no public records should be created. \n Once set, this field + cannot be changed." + properties: + id: + description: "id is the identifier that can be used to find the + DNS hosted zone. \n on AWS zone can be fetched using `ID` as + id in [1] on Azure zone can be fetched using `ID` as a pre-determined + name in [2], on GCP zone can be fetched using `ID` as a pre-determined + name in [3]. \n [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options + [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show + [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get" + type: string + tags: + additionalProperties: + type: string + description: "tags can be used to query the DNS hosted zone. \n + on AWS, resourcegroupstaggingapi [1] can be used to fetch a + zone using `Tags` as tag-filters, \n [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options" + type: object + type: object + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: featuregates.config.openshift.io +spec: + group: config.openshift.io + names: + kind: FeatureGate + listKind: FeatureGateList + plural: featuregates + singular: featuregate + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Feature holds cluster-wide information about feature gates. The + canonical name is `cluster` + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + customNoUpgrade: + description: customNoUpgrade allows the enabling or disabling of any + feature. Turning this feature set on IS NOT SUPPORTED, CANNOT BE + UNDONE, and PREVENTS UPGRADES. Because of its nature, this setting + cannot be validated. If you have any typos or accidentally apply + invalid combinations your cluster may fail in an unrecoverable way. featureSet + must equal "CustomNoUpgrade" must be set to use this field. + nullable: true + properties: + disabled: + description: disabled is a list of all feature gates that you + want to force off + items: + type: string + type: array + enabled: + description: enabled is a list of all feature gates that you want + to force on + items: + type: string + type: array + type: object + featureSet: + description: featureSet changes the list of features in the cluster. The + default is empty. Be very careful adjusting this setting. Turning + on or off features may cause irreversible changes in your cluster + which cannot be undone. + type: string + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: images.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Image + listKind: ImageList + plural: images + singular: image + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Image governs policies related to imagestream imports and runtime + configuration for external registries. It allows cluster admins to configure + which registries OpenShift is allowed to import images from, extra CA trust + bundles for external registries, and policies to blacklist/whitelist registry + hostnames. When exposing OpenShift's image registry to the public, this + also lets cluster admins specify the external hostname. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + additionalTrustedCA: + description: additionalTrustedCA is a reference to a ConfigMap containing + additional CAs that should be trusted during imagestream import, + pod image pull, build image pull, and imageregistry pullthrough. + The namespace for this config map is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + required: + - name + type: object + allowedRegistriesForImport: + description: allowedRegistriesForImport limits the container image + registries that normal users may import images from. Set this list + to the registries that you trust to contain valid Docker images + and that you want applications to be able to import from. Users + with permission to create Images or ImageStreamMappings via the + API are not affected by this policy - typically only administrators + or system integrations will have those permissions. + items: + description: RegistryLocation contains a location of the registry + specified by the registry domain name. The domain name might include + wildcards, like '*' or '??'. + properties: + domainName: + description: domainName specifies a domain name for the registry + In case the registry use non-standard (80 or 443) port, the + port should be included in the domain name as well. + type: string + insecure: + description: insecure indicates whether the registry is secure + (https) or insecure (http) By default (if not specified) the + registry is assumed as secure. + type: boolean + type: object + type: array + externalRegistryHostnames: + description: externalRegistryHostnames provides the hostnames for + the default external image registry. The external hostname should + be set only when the image registry is exposed externally. The first + value is used in 'publicDockerImageRepository' field in ImageStreams. + The value must be in "hostname[:port]" format. + items: + type: string + type: array + registrySources: + description: registrySources contains configuration that determines + how the container runtime should treat individual registries when + accessing images for builds+pods. (e.g. whether or not to allow + insecure access). It does not contain configuration for the internal + cluster registry. + properties: + allowedRegistries: + description: "allowedRegistries are whitelisted for image pull/push. + All other registries are blocked. \n Only one of BlockedRegistries + or AllowedRegistries may be set." + items: + type: string + type: array + blockedRegistries: + description: "blockedRegistries are blacklisted from image pull/push. + All other registries are allowed. \n Only one of BlockedRegistries + or AllowedRegistries may be set." + items: + type: string + type: array + insecureRegistries: + description: insecureRegistries are registries which do not have + a valid TLS certificates or only support HTTP connections. + items: + type: string + type: array + type: object + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + properties: + externalRegistryHostnames: + description: externalRegistryHostnames provides the hostnames for + the default external image registry. The external hostname should + be set only when the image registry is exposed externally. The first + value is used in 'publicDockerImageRepository' field in ImageStreams. + The value must be in "hostname[:port]" format. + items: + type: string + type: array + internalRegistryHostname: + description: internalRegistryHostname sets the hostname for the default + internal image registry. The value must be in "hostname[:port]" + format. This value is set by the image registry operator which controls + the internal registry hostname. For backward compatibility, users + can still use OPENSHIFT_DEFAULT_REGISTRY environment variable but + this setting overrides the environment variable. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: infrastructures.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Infrastructure + listKind: InfrastructureList + plural: infrastructures + singular: infrastructure + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Infrastructure holds cluster-wide information about Infrastructure. The + canonical name is `cluster` + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + cloudConfig: + description: cloudConfig is a reference to a ConfigMap containing + the cloud provider configuration file. This configuration file is + used to configure the Kubernetes cloud provider integration when + using the built-in cloud provider integration or the external cloud + controller manager. The namespace for this config map is openshift-config. + properties: + key: + description: Key allows pointing to a specific key/value inside + of the configmap. This is useful for logical file references. + type: string + name: + type: string + type: object + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + properties: + apiServerInternalURI: + description: apiServerInternalURL is a valid URI with scheme(http/https), + address and port. apiServerInternalURL can be used by components + like kubelets, to contact the Kubernetes API server using the infrastructure + provider rather than Kubernetes networking. + type: string + apiServerURL: + description: apiServerURL is a valid URI with scheme(http/https), + address and port. apiServerURL can be used by components like the + web console to tell users where to find the Kubernetes API. + type: string + etcdDiscoveryDomain: + description: 'etcdDiscoveryDomain is the domain used to fetch the + SRV records for discovering etcd servers and clients. For more info: + https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery' + type: string + infrastructureName: + description: infrastructureName uniquely identifies a cluster with + a human friendly name. Once set it should not be changed. Must be + of max length 27 and must have only alphanumeric or hyphen characters. + type: string + platform: + description: "platform is the underlying infrastructure provider for + the cluster. \n Deprecated: Use platformStatus.type instead." + type: string + platformStatus: + description: platformStatus holds status information specific to the + underlying infrastructure provider. + properties: + aws: + description: AWS contains settings specific to the Amazon Web + Services infrastructure provider. + properties: + region: + description: region holds the default AWS region for new AWS + resources created by the cluster. + type: string + type: object + azure: + description: Azure contains settings specific to the Azure infrastructure + provider. + properties: + networkResourceGroupName: + description: networkResourceGroupName is the Resource Group + for network resources like the Virtual Network and Subnets + used by the cluster. If empty, the value is same as ResourceGroupName. + type: string + resourceGroupName: + description: resourceGroupName is the Resource Group for new + Azure resources created for the cluster. + type: string + type: object + baremetal: + description: BareMetal contains settings specific to the BareMetal + platform. + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact + the Kubernetes API server that can be used by components + inside the cluster, like kubelets using the infrastructure + rather than Kubernetes networking. It is the IP that the + Infrastructure.status.apiServerInternalURI points to. It + is the IP for a self-hosted load balancer in front of the + API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the + default ingress controller. The IP is a suitable target + of a wildcard DNS record used to resolve default route host + names. + type: string + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal + DNS used by the nodes. Unlike the one managed by the DNS + operator, `NodeDNSIP` provides name resolution for the nodes + themselves. There is no DNS-as-a-service for BareMetal deployments. + In order to minimize necessary changes to the datacenter + DNS, a DNS service is hosted as a static pod to serve those + hostnames to the nodes in the cluster. + type: string + type: object + gcp: + description: GCP contains settings specific to the Google Cloud + Platform infrastructure provider. + properties: + projectID: + description: resourceGroupName is the Project ID for new GCP + resources created for the cluster. + type: string + region: + description: region holds the region for new GCP resources + created for the cluster. + type: string + type: object + openstack: + description: OpenStack contains settings specific to the OpenStack + infrastructure provider. + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact + the Kubernetes API server that can be used by components + inside the cluster, like kubelets using the infrastructure + rather than Kubernetes networking. It is the IP that the + Infrastructure.status.apiServerInternalURI points to. It + is the IP for a self-hosted load balancer in front of the + API servers. + type: string + cloudName: + description: cloudName is the name of the desired OpenStack + cloud in the client configuration file (`clouds.yaml`). + type: string + ingressIP: + description: ingressIP is an external IP which routes to the + default ingress controller. The IP is a suitable target + of a wildcard DNS record used to resolve default route host + names. + type: string + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal + DNS used by the nodes. Unlike the one managed by the DNS + operator, `NodeDNSIP` provides name resolution for the nodes + themselves. There is no DNS-as-a-service for OpenStack deployments. + In order to minimize necessary changes to the datacenter + DNS, a DNS service is hosted as a static pod to serve those + hostnames to the nodes in the cluster. + type: string + type: object + ovirt: + description: Ovirt contains settings specific to the oVirt infrastructure + provider. + properties: + apiServerInternalIP: + description: apiServerInternalIP is an IP address to contact + the Kubernetes API server that can be used by components + inside the cluster, like kubelets using the infrastructure + rather than Kubernetes networking. It is the IP that the + Infrastructure.status.apiServerInternalURI points to. It + is the IP for a self-hosted load balancer in front of the + API servers. + type: string + ingressIP: + description: ingressIP is an external IP which routes to the + default ingress controller. The IP is a suitable target + of a wildcard DNS record used to resolve default route host + names. + type: string + nodeDNSIP: + description: nodeDNSIP is the IP address for the internal + DNS used by the nodes. Unlike the one managed by the DNS + operator, `NodeDNSIP` provides name resolution for the nodes + themselves. There is no DNS-as-a-service for oVirt deployments. + In order to minimize necessary changes to the datacenter + DNS, a DNS service is hosted as a static pod to serve those + hostnames to the nodes in the cluster. + type: string + type: object + type: + description: type is the underlying infrastructure provider for + the cluster. This value controls whether infrastructure automation + such as service load balancers, dynamic volume provisioning, + machine creation and deletion, and other integrations are enabled. + If None, no infrastructure automation is enabled. Allowed values + are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", + "VSphere", "oVirt", and "None". Individual components may not + support all platforms, and must handle unrecognized platforms + as None if they do not support that platform. + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: ingresses.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Ingress + listKind: IngressList + plural: ingresses + singular: ingress + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Ingress holds cluster-wide information about ingress, including + the default ingress domain used for routes. The canonical name is `cluster`. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + domain: + description: "domain is used to generate a default host name for a + route when the route's host name is empty. The generated host name + will follow this pattern: \"..\". + \n It is also used as the default wildcard domain suffix for ingress. + The default ingresscontroller domain will follow this pattern: \"*.\". + \n Once set, changing domain is not currently supported." + type: string + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: networks.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Network + listKind: NetworkList + plural: networks + singular: network + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: 'Network holds cluster-wide information about Network. The canonical + name is `cluster`. It is used to configure the desired network configuration, + such as: IP address pools for services/pod IPs, network plugin, etc. Please + view network.spec for an explanation on what applies when configuring this + resource.' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration. As a general + rule, this SHOULD NOT be read directly. Instead, you should consume + the NetworkStatus, as it indicates the currently deployed configuration. + Currently, most spec fields are immutable after installation. Please + view the individual ones for further details on each. + properties: + clusterNetwork: + description: IP address pool to use for pod IPs. This field is immutable + after installation. + items: + description: ClusterNetworkEntry is a contiguous block of IP addresses + from which pod IPs are allocated. + properties: + cidr: + description: The complete block for pod IPs. + type: string + hostPrefix: + description: The size (prefix) of block to allocate to each + node. + format: int32 + minimum: 0 + type: integer + type: object + type: array + externalIP: + description: externalIP defines configuration for controllers that + affect Service.ExternalIP. If nil, then ExternalIP is not allowed + to be set. + properties: + autoAssignCIDRs: + description: autoAssignCIDRs is a list of CIDRs from which to + automatically assign Service.ExternalIP. These are assigned + when the service is of type LoadBalancer. In general, this is + only useful for bare-metal clusters. In Openshift 3.x, this + was misleadingly called "IngressIPs". Automatically assigned + External IPs are not affected by any ExternalIPPolicy rules. + Currently, only one entry may be provided. + items: + type: string + type: array + policy: + description: policy is a set of restrictions applied to the ExternalIP + field. If nil or empty, then ExternalIP is not allowed to be + set. + properties: + allowedCIDRs: + description: allowedCIDRs is the list of allowed CIDRs. + items: + type: string + type: array + rejectedCIDRs: + description: rejectedCIDRs is the list of disallowed CIDRs. + These take precedence over allowedCIDRs. + items: + type: string + type: array + type: object + type: object + networkType: + description: 'NetworkType is the plugin that is to be deployed (e.g. + OpenShiftSDN). This should match a value that the cluster-network-operator + understands, or else no networking will be installed. Currently + supported values are: - OpenShiftSDN This field is immutable after + installation.' + type: string + serviceNetwork: + description: IP address pool for services. Currently, we only support + a single entry here. This field is immutable after installation. + items: + type: string + type: array + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + properties: + clusterNetwork: + description: IP address pool to use for pod IPs. + items: + description: ClusterNetworkEntry is a contiguous block of IP addresses + from which pod IPs are allocated. + properties: + cidr: + description: The complete block for pod IPs. + type: string + hostPrefix: + description: The size (prefix) of block to allocate to each + node. + format: int32 + minimum: 0 + type: integer + type: object + type: array + clusterNetworkMTU: + description: ClusterNetworkMTU is the MTU for inter-pod networking. + type: integer + networkType: + description: NetworkType is the plugin that is deployed (e.g. OpenShiftSDN). + type: string + serviceNetwork: + description: IP address pool for services. Currently, we only support + a single entry here. + items: + type: string + type: array + type: object + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: oauths.config.openshift.io +spec: + group: config.openshift.io + names: + kind: OAuth + listKind: OAuthList + plural: oauths + singular: oauth + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: OAuth holds cluster-wide information about OAuth. The canonical + name is `cluster`. It is used to configure the integrated OAuth server. + This configuration is only honored when the top level Authentication config + has type set to IntegratedOAuth. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OAuthSpec contains desired cluster auth configuration + properties: + identityProviders: + description: identityProviders is an ordered list of ways for a user + to identify themselves. When this list is empty, no identities are + provisioned for users. + items: + description: IdentityProvider provides identities for users authenticating + using credentials + properties: + basicAuth: + description: basicAuth contains configuration options for the + BasicAuth IdP + properties: + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. The namespace for this config map is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + required: + - name + type: object + tlsClientCert: + description: tlsClientCert is an optional reference to a + secret by name that contains the PEM-encoded TLS client + certificate to present when connecting to the server. + The key "tls.crt" is used to locate the data. If specified + and the secret or expected key is not found, the identity + provider is not honored. If the specified certificate + data is not valid, the identity provider is not honored. + The namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + tlsClientKey: + description: tlsClientKey is an optional reference to a + secret by name that contains the PEM-encoded TLS private + key for the client certificate referenced in tlsClientCert. + The key "tls.key" is used to locate the data. If specified + and the secret or expected key is not found, the identity + provider is not honored. If the specified certificate + data is not valid, the identity provider is not honored. + The namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + url: + description: url is the remote URL to connect to + type: string + type: object + github: + description: github enables user authentication using GitHub + credentials + properties: + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. This can only be configured when hostname is set + to a non-empty value. The namespace for this config map + is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + required: + - name + type: object + clientID: + description: clientID is the oauth client ID + type: string + clientSecret: + description: clientSecret is a required reference to the + secret by name containing the oauth client secret. The + key "clientSecret" is used to locate the data. If the + secret or expected key is not found, the identity provider + is not honored. The namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + hostname: + description: hostname is the optional domain (e.g. "mycompany.com") + for use with a hosted instance of GitHub Enterprise. It + must match the GitHub Enterprise settings value configured + at /setup/settings#hostname. + type: string + organizations: + description: organizations optionally restricts which organizations + are allowed to log in + items: + type: string + type: array + teams: + description: teams optionally restricts which teams are + allowed to log in. Format is /. + items: + type: string + type: array + type: object + gitlab: + description: gitlab enables user authentication using GitLab + credentials + properties: + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. The namespace for this config map is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + required: + - name + type: object + clientID: + description: clientID is the oauth client ID + type: string + clientSecret: + description: clientSecret is a required reference to the + secret by name containing the oauth client secret. The + key "clientSecret" is used to locate the data. If the + secret or expected key is not found, the identity provider + is not honored. The namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + url: + description: url is the oauth server base URL + type: string + type: object + google: + description: google enables user authentication using Google + credentials + properties: + clientID: + description: clientID is the oauth client ID + type: string + clientSecret: + description: clientSecret is a required reference to the + secret by name containing the oauth client secret. The + key "clientSecret" is used to locate the data. If the + secret or expected key is not found, the identity provider + is not honored. The namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + hostedDomain: + description: hostedDomain is the optional Google App domain + (e.g. "mycompany.com") to restrict logins to + type: string + type: object + htpasswd: + description: htpasswd enables user authentication using an HTPasswd + file to validate credentials + properties: + fileData: + description: fileData is a required reference to a secret + by name containing the data to use as the htpasswd file. + The key "htpasswd" is used to locate the data. If the + secret or expected key is not found, the identity provider + is not honored. If the specified htpasswd data is not + valid, the identity provider is not honored. The namespace + for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + type: object + keystone: + description: keystone enables user authentication using keystone + password credentials + properties: + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. The namespace for this config map is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + required: + - name + type: object + domainName: + description: domainName is required for keystone v3 + type: string + tlsClientCert: + description: tlsClientCert is an optional reference to a + secret by name that contains the PEM-encoded TLS client + certificate to present when connecting to the server. + The key "tls.crt" is used to locate the data. If specified + and the secret or expected key is not found, the identity + provider is not honored. If the specified certificate + data is not valid, the identity provider is not honored. + The namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + tlsClientKey: + description: tlsClientKey is an optional reference to a + secret by name that contains the PEM-encoded TLS private + key for the client certificate referenced in tlsClientCert. + The key "tls.key" is used to locate the data. If specified + and the secret or expected key is not found, the identity + provider is not honored. If the specified certificate + data is not valid, the identity provider is not honored. + The namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + url: + description: url is the remote URL to connect to + type: string + type: object + ldap: + description: ldap enables user authentication using LDAP credentials + properties: + attributes: + description: attributes maps LDAP attributes to identities + properties: + email: + description: email is the list of attributes whose values + should be used as the email address. Optional. If + unspecified, no email is set for the identity + items: + type: string + type: array + id: + description: id is the list of attributes whose values + should be used as the user ID. Required. First non-empty + attribute is used. At least one attribute is required. + If none of the listed attribute have a value, authentication + fails. LDAP standard identity attribute is "dn" + items: + type: string + type: array + name: + description: name is the list of attributes whose values + should be used as the display name. Optional. If unspecified, + no display name is set for the identity LDAP standard + display name attribute is "cn" + items: + type: string + type: array + preferredUsername: + description: preferredUsername is the list of attributes + whose values should be used as the preferred username. + LDAP standard login attribute is "uid" + items: + type: string + type: array + type: object + bindDN: + description: bindDN is an optional DN to bind with during + the search phase. + type: string + bindPassword: + description: bindPassword is an optional reference to a + secret by name containing a password to bind with during + the search phase. The key "bindPassword" is used to locate + the data. If specified and the secret or expected key + is not found, the identity provider is not honored. The + namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. The namespace for this config map is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + required: + - name + type: object + insecure: + description: 'insecure, if true, indicates the connection + should not use TLS WARNING: Should not be set to `true` + with the URL scheme "ldaps://" as "ldaps://" URLs always attempt + to connect using TLS, even when `insecure` is set to `true` + When `true`, "ldap://" URLS connect insecurely. When `false`, + "ldap://" URLs are upgraded to a TLS connection using + StartTLS as specified in https://tools.ietf.org/html/rfc2830.' + type: boolean + url: + description: 'url is an RFC 2255 URL which specifies the + LDAP search parameters to use. The syntax of the URL is: + ldap://host:port/basedn?attribute?scope?filter' + type: string + type: object + mappingMethod: + description: mappingMethod determines how identities from this + provider are mapped to users Defaults to "claim" + type: string + name: + description: 'name is used to qualify the identities returned + by this provider. - It MUST be unique and not shared by any + other identity provider used - It MUST be a valid path segment: + name cannot equal "." or ".." or contain "/" or "%" or ":" Ref: + https://godoc.org/github.com/openshift/origin/pkg/user/apis/user/validation#ValidateIdentityProviderName' + type: string + openID: + description: openID enables user authentication using OpenID + credentials + properties: + ca: + description: ca is an optional reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. The key "ca.crt" is used to locate + the data. If specified and the config map or expected + key is not found, the identity provider is not honored. + If the specified ca data is not valid, the identity provider + is not honored. If empty, the default system roots are + used. The namespace for this config map is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + required: + - name + type: object + claims: + description: claims mappings + properties: + email: + description: email is the list of claims whose values + should be used as the email address. Optional. If + unspecified, no email is set for the identity + items: + type: string + type: array + name: + description: name is the list of claims whose values + should be used as the display name. Optional. If unspecified, + no display name is set for the identity + items: + type: string + type: array + preferredUsername: + description: preferredUsername is the list of claims + whose values should be used as the preferred username. + If unspecified, the preferred username is determined + from the value of the sub claim + items: + type: string + type: array + type: object + clientID: + description: clientID is the oauth client ID + type: string + clientSecret: + description: clientSecret is a required reference to the + secret by name containing the oauth client secret. The + key "clientSecret" is used to locate the data. If the + secret or expected key is not found, the identity provider + is not honored. The namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + secret + type: string + required: + - name + type: object + extraAuthorizeParameters: + additionalProperties: + type: string + description: extraAuthorizeParameters are any custom parameters + to add to the authorize request. + type: object + extraScopes: + description: extraScopes are any scopes to request in addition + to the standard "openid" scope. + items: + type: string + type: array + issuer: + description: issuer is the URL that the OpenID Provider + asserts as its Issuer Identifier. It must use the https + scheme with no query or fragment component. + type: string + type: object + requestHeader: + description: requestHeader enables user authentication using + request header credentials + properties: + ca: + description: ca is a required reference to a config map + by name containing the PEM-encoded CA bundle. It is used + as a trust anchor to validate the TLS certificate presented + by the remote server. Specifically, it allows verification + of incoming requests to prevent header spoofing. The key + "ca.crt" is used to locate the data. If the config map + or expected key is not found, the identity provider is + not honored. If the specified ca data is not valid, the + identity provider is not honored. The namespace for this + config map is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced + config map + type: string + required: + - name + type: object + challengeURL: + description: challengeURL is a URL to redirect unauthenticated + /authorize requests to Unauthenticated requests from OAuth + clients which expect WWW-Authenticate challenges will + be redirected here. ${url} is replaced with the current + URL, escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} + ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} + Required when challenge is set to true. + type: string + clientCommonNames: + description: clientCommonNames is an optional list of common + names to require a match from. If empty, any client certificate + validated against the clientCA bundle is considered authoritative. + items: + type: string + type: array + emailHeaders: + description: emailHeaders is the set of headers to check + for the email address + items: + type: string + type: array + headers: + description: headers is the set of headers to check for + identity information + items: + type: string + type: array + loginURL: + description: loginURL is a URL to redirect unauthenticated + /authorize requests to Unauthenticated requests from OAuth + clients which expect interactive logins will be redirected + here ${url} is replaced with the current URL, escaped + to be safe in a query parameter https://www.example.com/sso-login?then=${url} + ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} + Required when login is set to true. + type: string + nameHeaders: + description: nameHeaders is the set of headers to check + for the display name + items: + type: string + type: array + preferredUsernameHeaders: + description: preferredUsernameHeaders is the set of headers + to check for the preferred username + items: + type: string + type: array + type: object + type: + description: type identifies the identity provider type for + this entry. + type: string + type: object + type: array + templates: + description: templates allow you to customize pages like the login + page. + properties: + error: + description: error is the name of a secret that specifies a go + template to use to render error pages during the authentication + or grant flow. The key "errors.html" is used to locate the template + data. If specified and the secret or expected key is not found, + the default error page is used. If the specified template is + not valid, the default error page is used. If unspecified, the + default error page is used. The namespace for this secret is + openshift-config. + properties: + name: + description: name is the metadata.name of the referenced secret + type: string + required: + - name + type: object + login: + description: login is the name of a secret that specifies a go + template to use to render the login page. The key "login.html" + is used to locate the template data. If specified and the secret + or expected key is not found, the default login page is used. + If the specified template is not valid, the default login page + is used. If unspecified, the default login page is used. The + namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced secret + type: string + required: + - name + type: object + providerSelection: + description: providerSelection is the name of a secret that specifies + a go template to use to render the provider selection page. + The key "providers.html" is used to locate the template data. + If specified and the secret or expected key is not found, the + default provider selection page is used. If the specified template + is not valid, the default provider selection page is used. If + unspecified, the default provider selection page is used. The + namespace for this secret is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced secret + type: string + required: + - name + type: object + type: object + tokenConfig: + description: tokenConfig contains options for authorization and access + tokens + properties: + accessTokenInactivityTimeoutSeconds: + description: 'accessTokenInactivityTimeoutSeconds defines the + default token inactivity timeout for tokens granted by any client. + The value represents the maximum amount of time that can occur + between consecutive uses of the token. Tokens become invalid + if they are not used within this temporal window. The user will + need to acquire a new token to regain access once a token times + out. Valid values are integer values: x < 0 Tokens time out + is enabled but tokens never timeout unless configured per client + (e.g. `-1`) x = 0 Tokens time out is disabled (default) x + > 0 Tokens time out if there is no activity for x seconds The + current minimum allowed value for X is 300 (5 minutes)' + format: int32 + type: integer + accessTokenMaxAgeSeconds: + description: accessTokenMaxAgeSeconds defines the maximum age + of access tokens + format: int32 + type: integer + type: object + type: object + status: + description: OAuthStatus shows current known state of OAuth server in + the cluster + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: operatorhubs.config.openshift.io +spec: + group: config.openshift.io + names: + kind: OperatorHub + listKind: OperatorHubList + plural: operatorhubs + singular: operatorhub + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: OperatorHub is the Schema for the operatorhubs API. It can be + used to change the state of the default hub sources for OperatorHub on the + cluster from enabled to disabled and vice versa. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OperatorHubSpec defines the desired state of OperatorHub + properties: + disableAllDefaultSources: + description: disableAllDefaultSources allows you to disable all the + default hub sources. If this is true, a specific entry in sources + can be used to enable a default source. If this is false, a specific + entry in sources can be used to disable or enable a default source. + type: boolean + sources: + description: sources is the list of default hub sources and their + configuration. If the list is empty, it implies that the default + hub sources are enabled on the cluster unless disableAllDefaultSources + is true. If disableAllDefaultSources is true and sources is not + empty, the configuration present in sources will take precedence. + The list of default hub sources and their current state will always + be reflected in the status block. + items: + description: HubSource is used to specify the hub source and its + configuration + properties: + disabled: + description: disabled is used to disable a default hub source + on cluster + type: boolean + name: + description: name is the name of one of the default hub sources + maxLength: 253 + minLength: 1 + type: string + type: object + type: array + type: object + status: + description: OperatorHubStatus defines the observed state of OperatorHub. + The current state of the default hub sources will always be reflected + here. + properties: + sources: + description: sources encapsulates the result of applying the configuration + for each hub source + items: + description: HubSourceStatus is used to reflect the current state + of applying the configuration to a default source + properties: + disabled: + description: disabled is used to disable a default hub source + on cluster + type: boolean + message: + description: message provides more information regarding failures + type: string + name: + description: name is the name of one of the default hub sources + maxLength: 253 + minLength: 1 + type: string + status: + description: status indicates success or failure in applying + the configuration + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: projects.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Project + listKind: ProjectList + plural: projects + singular: project + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Project holds cluster-wide information about Project. The canonical + name is `cluster` + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + projectRequestMessage: + description: projectRequestMessage is the string presented to a user + if they are unable to request a project via the projectrequest api + endpoint + type: string + projectRequestTemplate: + description: projectRequestTemplate is the template to use for creating + projects in response to projectrequest. This must point to a template + in 'openshift-config' namespace. It is optional. If it is not specified, + a default template is used. + properties: + name: + description: name is the metadata.name of the referenced project + request template + type: string + type: object + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: proxies.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Proxy + listKind: ProxyList + plural: proxies + singular: proxy + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Proxy holds cluster-wide information on how to configure default + proxies for the cluster. The canonical name is `cluster` + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec holds user-settable values for the proxy configuration + properties: + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. Empty + means unset and will not result in an env var. + type: string + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS requests. Empty + means unset and will not result in an env var. + type: string + noProxy: + description: noProxy is a comma-separated list of hostnames and/or + CIDRs for which the proxy should not be used. Empty means unset + and will not result in an env var. + type: string + readinessEndpoints: + description: readinessEndpoints is a list of endpoints used to verify + readiness of the proxy. + items: + type: string + type: array + trustedCA: + description: "trustedCA is a reference to a ConfigMap containing a + CA certificate bundle used for client egress HTTPS connections. + The certificate bundle must be from the CA that signed the proxy's + certificate and be signed for everything. The trustedCA field should + only be consumed by a proxy validator. The validator is responsible + for reading the certificate bundle from required key \"ca-bundle.crt\" + and copying it to a ConfigMap named \"trusted-ca-bundle\" in the + \"openshift-config-managed\" namespace. The namespace for the ConfigMap + referenced by trustedCA is \"openshift-config\". Here is an example + ConfigMap (in yaml): \n apiVersion: v1 kind: ConfigMap metadata: + \ name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: + | -----BEGIN CERTIFICATE----- Custom CA certificate bundle. + \ -----END CERTIFICATE-----" + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + required: + - name + type: object + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + properties: + httpProxy: + description: httpProxy is the URL of the proxy for HTTP requests. + type: string + httpsProxy: + description: httpsProxy is the URL of the proxy for HTTPS requests. + type: string + noProxy: + description: noProxy is a comma-separated list of hostnames and/or + CIDRs for which the proxy should not be used. + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: schedulers.config.openshift.io +spec: + group: config.openshift.io + names: + kind: Scheduler + listKind: SchedulerList + plural: schedulers + singular: scheduler + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Scheduler holds cluster-wide config information to run the Kubernetes + Scheduler and influence its placement decisions. The canonical name for + this config is `cluster`. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + defaultNodeSelector: + description: 'defaultNodeSelector helps set the cluster-wide default + node selector to restrict pod placement to specific nodes. This + is applied to the pods created in all namespaces without a specified + nodeSelector value. For example, defaultNodeSelector: "type=user-node,region=east" + would set nodeSelector field in pod spec to "type=user-node,region=east" + to all pods created in all namespaces. Namespaces having project-wide + node selectors won''t be impacted even if this field is set. This + adds an annotation section to the namespace. For example, if a new + namespace is created with node-selector=''type=user-node,region=east'', + the annotation openshift.io/node-selector: type=user-node,region=east + gets added to the project. When the openshift.io/node-selector annotation + is set on the project the value is used in preference to the value + we are setting for defaultNodeSelector field. For instance, openshift.io/node-selector: + "type=user-node,region=west" means that the default of "type=user-node,region=east" + set in defaultNodeSelector would not be applied.' + type: string + mastersSchedulable: + description: 'MastersSchedulable allows masters nodes to be schedulable. + When this flag is turned on, all the master nodes in the cluster + will be made schedulable, so that workload pods can run on them. + The default value for this field is false, meaning none of the master + nodes are schedulable. Important Note: Once the workload pods start + running on the master nodes, extreme care must be taken to ensure + that cluster-critical control plane components are not impacted. + Please turn on this field after doing due diligence.' + type: boolean + policy: + description: policy is a reference to a ConfigMap containing scheduler + policy which has user specified predicates and priorities. If this + ConfigMap is not available scheduler will default to use DefaultAlgorithmProvider. + The namespace for this configmap is openshift-config. + properties: + name: + description: name is the metadata.name of the referenced config + map + type: string + required: + - name + type: object + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: network-attachment-definitions.k8s.cni.cncf.io +spec: + group: k8s.cni.cncf.io + names: + kind: NetworkAttachmentDefinition + listKind: NetworkAttachmentDefinitionList + plural: network-attachment-definitions + shortNames: + - net-attach-def + singular: network-attachment-definition + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: 'NetworkAttachmentDefinition is a CRD schema specified by the + Network Plumbing Working Group to express the intent for attaching pods + to one or more logical or physical networks. More information available + at: https://github.com/k8snetworkplumbingwg/multi-net-spec' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this represen + tation of an object. Servers should convert recognized schemas to the + latest internal value, and may reject unrecognized values. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkAttachmentDefinition spec defines the desired state + of a network attachment + properties: + config: + description: NetworkAttachmentDefinition config is a JSON-formatted + CNI configuration + type: string + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: kubevirts.kubevirt.io +spec: + group: kubevirt.io + names: + categories: + - all + kind: KubeVirt + listKind: KubeVirtList + plural: kubevirts + shortNames: + - kv + - kvs + singular: kubevirt + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.phase + name: Phase + type: string + name: v1 + schema: + openAPIV3Schema: + description: KubeVirt represents the object deploying all KubeVirt resources + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + certificateRotateStrategy: + properties: + selfSigned: + properties: + ca: + description: CA configuration CA certs are kept in the CA + bundle as long as they are valid + properties: + duration: + description: The requested 'duration' (i.e. lifetime) + of the Certificate. + type: string + renewBefore: + description: The amount of time before the currently issued + certificate's "notAfter" time that we will begin to + attempt to renew the certificate. + type: string + type: object + caOverlapInterval: + description: Deprecated. Use CA.Duration and CA.RenewBefore + instead + type: string + caRotateInterval: + description: Deprecated. Use CA.Duration instead + type: string + certRotateInterval: + description: Deprecated. Use Server.Duration instead + type: string + server: + description: Server configuration Certs are rotated and discarded + properties: + duration: + description: The requested 'duration' (i.e. lifetime) + of the Certificate. + type: string + renewBefore: + description: The amount of time before the currently issued + certificate's "notAfter" time that we will begin to + attempt to renew the certificate. + type: string + type: object + type: object + type: object + configuration: + description: holds kubevirt configurations. same as the virt-configMap + properties: + additionalGuestMemoryOverheadRatio: + description: AdditionalGuestMemoryOverheadRatio can be used to + increase the virtualization infrastructure overhead. This is + useful, since the calculation of this overhead is not accurate + and cannot be entirely known in advance. The ratio that is being + set determines by which factor to increase the overhead calculated + by Kubevirt. A higher ratio means that the VMs would be less + compromised by node pressures, but would mean that fewer VMs + could be scheduled to a node. If not set, the default is 1. + type: string + apiConfiguration: + description: ReloadableComponentConfiguration holds all generic + k8s configuration options which can be reloaded by components + without requiring a restart. + properties: + restClient: + description: RestClient can be used to tune certain aspects + of the k8s client in use. + properties: + rateLimiter: + description: RateLimiter allows selecting and configuring + different rate limiters for the k8s client. + properties: + tokenBucketRateLimiter: + properties: + burst: + description: Maximum burst for throttle. If it's + zero, the component default will be used + type: integer + qps: + description: QPS indicates the maximum QPS to + the apiserver from this client. If it's zero, + the component default will be used + type: number + required: + - burst + - qps + type: object + type: object + type: object + type: object + architectureConfiguration: + properties: + amd64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + arm64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + defaultArchitecture: + type: string + ppc64le: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + type: object + autoCPULimitNamespaceLabelSelector: + description: When set, AutoCPULimitNamespaceLabelSelector will + set a CPU limit on virt-launcher for VMIs running inside namespaces + that match the label selector. The CPU limit will equal the + number of requested vCPUs. This setting does not apply to VMIs + with dedicated CPUs. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + controllerConfiguration: + description: ReloadableComponentConfiguration holds all generic + k8s configuration options which can be reloaded by components + without requiring a restart. + properties: + restClient: + description: RestClient can be used to tune certain aspects + of the k8s client in use. + properties: + rateLimiter: + description: RateLimiter allows selecting and configuring + different rate limiters for the k8s client. + properties: + tokenBucketRateLimiter: + properties: + burst: + description: Maximum burst for throttle. If it's + zero, the component default will be used + type: integer + qps: + description: QPS indicates the maximum QPS to + the apiserver from this client. If it's zero, + the component default will be used + type: number + required: + - burst + - qps + type: object + type: object + type: object + type: object + cpuModel: + type: string + cpuRequest: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + defaultRuntimeClass: + type: string + developerConfiguration: + description: DeveloperConfiguration holds developer options + properties: + cpuAllocationRatio: + description: 'For each requested virtual CPU, CPUAllocationRatio + defines how much physical CPU to request per VMI from the + hosting node. The value is in fraction of a CPU thread (or + core on non-hyperthreaded nodes). For example, a value of + 1 means 1 physical CPU thread per VMI CPU thread. A value + of 100 would be 1% of a physical thread allocated for each + requested VMI thread. This option has no effect on VMIs + that request dedicated CPUs. More information at: https://kubevirt.io/user-guide/operations/node_overcommit/#node-cpu-allocation-ratio + Defaults to 10' + type: integer + diskVerification: + description: DiskVerification holds container disks verification + limits + properties: + memoryLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + required: + - memoryLimit + type: object + featureGates: + description: FeatureGates is the list of experimental features + to enable. Defaults to none + items: + type: string + type: array + logVerbosity: + description: LogVerbosity sets log verbosity level of various + components + properties: + nodeVerbosity: + additionalProperties: + type: integer + description: NodeVerbosity represents a map of nodes with + a specific verbosity level + type: object + virtAPI: + type: integer + virtController: + type: integer + virtHandler: + type: integer + virtLauncher: + type: integer + virtOperator: + type: integer + type: object + memoryOvercommit: + description: MemoryOvercommit is the percentage of memory + we want to give VMIs compared to the amount given to its + parent pod (virt-launcher). For example, a value of 102 + means the VMI will "see" 2% more memory than its parent + pod. Values under 100 are effectively "undercommits". Overcommits + can lead to memory exhaustion, which in turn can lead to + crashes. Use carefully. Defaults to 100 + type: integer + minimumClusterTSCFrequency: + description: Allow overriding the automatically determined + minimum TSC frequency of the cluster and fixate the minimum + to this frequency. + format: int64 + type: integer + minimumReservePVCBytes: + description: MinimumReservePVCBytes is the amount of space, + in bytes, to leave unused on disks. Defaults to 131072 (128KiB) + format: int64 + type: integer + nodeSelectors: + additionalProperties: + type: string + description: NodeSelectors allows restricting VMI creation + to nodes that match a set of labels. Defaults to none + type: object + pvcTolerateLessSpaceUpToPercent: + description: LessPVCSpaceToleration determines how much smaller, + in percentage, disk PVCs are allowed to be compared to the + requested size (to account for various overheads). Defaults + to 10 + type: integer + useEmulation: + description: UseEmulation can be set to true to allow fallback + to software emulation in case hardware-assisted emulation + is not available. Defaults to false + type: boolean + type: object + emulatedMachines: + items: + type: string + type: array + evictionStrategy: + description: EvictionStrategy defines at the cluster level if + the VirtualMachineInstance should be migrated instead of shut-off + in case of a node drain. If the VirtualMachineInstance specific + field is set it overrides the cluster level one. + type: string + handlerConfiguration: + description: ReloadableComponentConfiguration holds all generic + k8s configuration options which can be reloaded by components + without requiring a restart. + properties: + restClient: + description: RestClient can be used to tune certain aspects + of the k8s client in use. + properties: + rateLimiter: + description: RateLimiter allows selecting and configuring + different rate limiters for the k8s client. + properties: + tokenBucketRateLimiter: + properties: + burst: + description: Maximum burst for throttle. If it's + zero, the component default will be used + type: integer + qps: + description: QPS indicates the maximum QPS to + the apiserver from this client. If it's zero, + the component default will be used + type: number + required: + - burst + - qps + type: object + type: object + type: object + type: object + imagePullPolicy: + description: PullPolicy describes a policy for if/when to pull + a container image + type: string + ksmConfiguration: + description: KSMConfiguration holds the information regarding + the enabling the KSM in the nodes (if available). + properties: + nodeLabelSelector: + description: NodeLabelSelector is a selector that filters + in which nodes the KSM will be enabled. Empty NodeLabelSelector + will enable ksm for every node. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: object + liveUpdateConfiguration: + description: LiveUpdateConfiguration holds defaults for live update + features + properties: + maxCpuSockets: + description: MaxCpuSockets holds the maximum amount of sockets + that can be hotplugged + format: int32 + type: integer + maxGuest: + anyOf: + - type: integer + - type: string + description: MaxGuest defines the maximum amount memory that + can be allocated to the guest using hotplug. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxHotplugRatio: + description: 'MaxHotplugRatio is the ratio used to define + the max amount of a hotplug resource that can be made available + to a VM when the specific Max* setting is not defined (MaxCpuSockets, + MaxGuest) Example: VM is configured with 512Mi of guest + memory, if MaxGuest is not defined and MaxHotplugRatio is + 2 then MaxGuest = 1Gi defaults to 4' + format: int32 + type: integer + type: object + machineType: + description: Deprecated. Use architectureConfiguration instead. + type: string + mediatedDevicesConfiguration: + description: MediatedDevicesConfiguration holds information about + MDEV types to be defined, if available + properties: + mediatedDeviceTypes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mediatedDevicesTypes: + description: Deprecated. Use mediatedDeviceTypes instead. + items: + type: string + type: array + x-kubernetes-list-type: atomic + nodeMediatedDeviceTypes: + items: + description: NodeMediatedDeviceTypesConfig holds information + about MDEV types to be defined in a specific node that + matches the NodeSelector field. + properties: + mediatedDeviceTypes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mediatedDevicesTypes: + description: Deprecated. Use mediatedDeviceTypes instead. + items: + type: string + type: array + x-kubernetes-list-type: atomic + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must + be true for the vmi to fit on a node. Selector which + must match a node''s labels for the vmi to be scheduled + on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + required: + - nodeSelector + type: object + type: array + x-kubernetes-list-type: atomic + type: object + memBalloonStatsPeriod: + format: int32 + type: integer + migrations: + description: MigrationConfiguration holds migration options. Can + be overridden for specific groups of VMs though migration policies. + Visit https://kubevirt.io/user-guide/operations/migration_policies/ + for more information. + properties: + allowAutoConverge: + description: AllowAutoConverge allows the platform to compromise + performance/availability of VMIs to guarantee successful + VMI live migrations. Defaults to false + type: boolean + allowPostCopy: + description: AllowPostCopy enables post-copy live migrations. + Such migrations allow even the busiest VMIs to successfully + live-migrate. However, events like a network failure can + cause a VMI crash. If set to true, migrations will still + start in pre-copy, but switch to post-copy when CompletionTimeoutPerGiB + triggers. Defaults to false + type: boolean + bandwidthPerMigration: + anyOf: + - type: integer + - type: string + description: BandwidthPerMigration limits the amount of network + bandwidth live migrations are allowed to use. The value + is in quantity per second. Defaults to 0 (no limit) + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + completionTimeoutPerGiB: + description: CompletionTimeoutPerGiB is the maximum number + of seconds per GiB a migration is allowed to take. If a + live-migration takes longer to migrate than this value multiplied + by the size of the VMI, the migration will be cancelled, + unless AllowPostCopy is true. Defaults to 800 + format: int64 + type: integer + disableTLS: + description: When set to true, DisableTLS will disable the + additional layer of live migration encryption provided by + KubeVirt. This is usually a bad idea. Defaults to false + type: boolean + matchSELinuxLevelOnMigration: + description: By default, the SELinux level of target virt-launcher + pods is forced to the level of the source virt-launcher. + When set to true, MatchSELinuxLevelOnMigration lets the + CRI auto-assign a random level to the target. That will + ensure the target virt-launcher doesn't share categories + with another pod on the node. However, migrations will fail + when using RWX volumes that don't automatically deal with + SELinux levels. + type: boolean + network: + description: Network is the name of the CNI network to use + for live migrations. By default, migrations go through the + pod network. + type: string + nodeDrainTaintKey: + description: 'NodeDrainTaintKey defines the taint key that + indicates a node should be drained. Note: this option relies + on the deprecated node taint feature. Default: kubevirt.io/drain' + type: string + parallelMigrationsPerCluster: + description: ParallelMigrationsPerCluster is the total number + of concurrent live migrations allowed cluster-wide. Defaults + to 5 + format: int32 + type: integer + parallelOutboundMigrationsPerNode: + description: ParallelOutboundMigrationsPerNode is the maximum + number of concurrent outgoing live migrations allowed per + node. Defaults to 2 + format: int32 + type: integer + progressTimeout: + description: ProgressTimeout is the maximum number of seconds + a live migration is allowed to make no progress. Hitting + this timeout means a migration transferred 0 data for that + many seconds. The migration is then considered stuck and + therefore cancelled. Defaults to 150 + format: int64 + type: integer + unsafeMigrationOverride: + description: UnsafeMigrationOverride allows live migrations + to occur even if the compatibility check indicates the migration + will be unsafe to the guest. Defaults to false + type: boolean + type: object + minCPUModel: + type: string + network: + description: NetworkConfiguration holds network options + properties: + binding: + additionalProperties: + properties: + domainAttachmentType: + description: 'DomainAttachmentType is a standard domain + network attachment method kubevirt supports. Supported + values: "tap". The standard domain attachment can + be used instead or in addition to the sidecarImage. + version: 1alphav1' + type: string + migration: + description: 'Migration means the VM using the plugin + can be safely migrated version: 1alphav1' + properties: + method: + description: 'Method defines a pre-defined migration + methodology version: 1alphav1' + type: string + type: object + networkAttachmentDefinition: + description: 'NetworkAttachmentDefinition references + to a NetworkAttachmentDefinition CR object. Format: + , /. If namespace is not specified, + VMI namespace is assumed. version: 1alphav1' + type: string + sidecarImage: + description: 'SidecarImage references a container image + that runs in the virt-launcher pod. The sidecar handles + (libvirt) domain configuration and optional services. + version: 1alphav1' + type: string + type: object + type: object + defaultNetworkInterface: + type: string + permitBridgeInterfaceOnPodNetwork: + type: boolean + permitSlirpInterface: + type: boolean + type: object + obsoleteCPUModels: + additionalProperties: + type: boolean + type: object + ovmfPath: + type: string + permittedHostDevices: + description: PermittedHostDevices holds information about devices + allowed for passthrough + properties: + mediatedDevices: + items: + description: MediatedHostDevice represents a host mediated + device allowed for passthrough + properties: + externalResourceProvider: + type: boolean + mdevNameSelector: + type: string + resourceName: + type: string + required: + - mdevNameSelector + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic + pciHostDevices: + items: + description: PciHostDevice represents a host PCI device + allowed for passthrough + properties: + externalResourceProvider: + description: If true, KubeVirt will leave the allocation + and monitoring to an external device plugin + type: boolean + pciVendorSelector: + description: The vendor_id:product_id tuple of the PCI + device + type: string + resourceName: + description: The name of the resource that is representing + the device. Exposed by a device plugin and requested + by VMs. Typically of the form vendor.com/product_name + type: string + required: + - pciVendorSelector + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic + usb: + items: + properties: + externalResourceProvider: + description: If true, KubeVirt will leave the allocation + and monitoring to an external device plugin + type: boolean + resourceName: + description: 'Identifies the list of USB host devices. + e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, + etc' + type: string + selectors: + items: + properties: + product: + type: string + vendor: + type: string + required: + - product + - vendor + type: object + type: array + x-kubernetes-list-type: atomic + required: + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic + type: object + seccompConfiguration: + description: SeccompConfiguration holds Seccomp configuration + for Kubevirt components + properties: + virtualMachineInstanceProfile: + description: VirtualMachineInstanceProfile defines what profile + should be used with virt-launcher. Defaults to none + properties: + customProfile: + description: CustomProfile allows to request arbitrary + profile for virt-launcher + properties: + localhostProfile: + type: string + runtimeDefaultProfile: + type: boolean + type: object + type: object + type: object + selinuxLauncherType: + type: string + smbios: + properties: + family: + type: string + manufacturer: + type: string + product: + type: string + sku: + type: string + version: + type: string + type: object + supportContainerResources: + description: SupportContainerResources specifies the resource + requirements for various types of supporting containers such + as container disks/virtiofs/sidecars and hotplug attachment + pods. If omitted a sensible default will be supplied. + items: + description: SupportContainerResources are used to specify the + cpu/memory request and limits for the containers that support + various features of Virtual Machines. These containers are + usually idle and don't require a lot of memory or cpu. + properties: + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: + type: string + required: + - resources + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + supportedGuestAgentVersions: + description: deprecated + items: + type: string + type: array + tlsConfiguration: + description: TLSConfiguration holds TLS options + properties: + ciphers: + items: + type: string + type: array + x-kubernetes-list-type: set + minTLSVersion: + description: "MinTLSVersion is a way to specify the minimum + protocol version that is acceptable for TLS connections. + Protocol versions are based on the following most common + TLS configurations: \n https://ssl-config.mozilla.org/ + \n Note that SSLv3.0 is not a supported protocol version + due to well known vulnerabilities such as POODLE: https://en.wikipedia.org/wiki/POODLE" + enum: + - VersionTLS10 + - VersionTLS11 + - VersionTLS12 + - VersionTLS13 + type: string + type: object + virtualMachineInstancesPerNode: + type: integer + virtualMachineOptions: + description: VirtualMachineOptions holds the cluster level information + regarding the virtual machine. + properties: + disableFreePageReporting: + description: DisableFreePageReporting disable the free page + reporting of memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. + This will have effect only if AutoattachMemBalloon is not + false and the vmi is not requesting any high performance + feature (dedicatedCPU/realtime/hugePages), in which free + page reporting is always disabled. + type: object + disableSerialConsoleLog: + description: DisableSerialConsoleLog disables logging the + auto-attached default serial console. If not set, serial + console logs will be written to a file and then streamed + from a container named 'guest-console-log'. The value can + be individually overridden for each VM, not relevant if + AutoattachSerialConsole is disabled. + type: object + type: object + vmRolloutStrategy: + description: VMRolloutStrategy defines how changes to a VM object + propagate to its VMI + enum: + - Stage + - LiveUpdate + nullable: true + type: string + vmStateStorageClass: + description: VMStateStorageClass is the name of the storage class + to use for the PVCs created to preserve VM state, like TPM. + The storage class must support RWX in filesystem mode. + type: string + webhookConfiguration: + description: ReloadableComponentConfiguration holds all generic + k8s configuration options which can be reloaded by components + without requiring a restart. + properties: + restClient: + description: RestClient can be used to tune certain aspects + of the k8s client in use. + properties: + rateLimiter: + description: RateLimiter allows selecting and configuring + different rate limiters for the k8s client. + properties: + tokenBucketRateLimiter: + properties: + burst: + description: Maximum burst for throttle. If it's + zero, the component default will be used + type: integer + qps: + description: QPS indicates the maximum QPS to + the apiserver from this client. If it's zero, + the component default will be used + type: number + required: + - burst + - qps + type: object + type: object + type: object + type: object + type: object + customizeComponents: + properties: + flags: + description: Configure the value used for deployment and daemonset + resources + properties: + api: + additionalProperties: + type: string + type: object + controller: + additionalProperties: + type: string + type: object + handler: + additionalProperties: + type: string + type: object + type: object + patches: + items: + properties: + patch: + type: string + resourceName: + minLength: 1 + type: string + resourceType: + minLength: 1 + type: string + type: + type: string + required: + - patch + - resourceName + - resourceType + - type + type: object + type: array + x-kubernetes-list-type: atomic + type: object + imagePullPolicy: + description: The ImagePullPolicy to use. + type: string + imagePullSecrets: + description: The imagePullSecrets to pull the container images from + Defaults to none + items: + description: LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: array + x-kubernetes-list-type: atomic + imageRegistry: + description: The image registry to pull the container images from + Defaults to the same registry the operator's container image is + pulled from. + type: string + imageTag: + description: The image tag to use for the continer images installed. + Defaults to the same tag as the operator's container image. + type: string + infra: + description: selectors and tolerations that should apply to KubeVirt + infrastructure components + properties: + nodePlacement: + description: nodePlacement describes scheduling configuration + for specific KubeVirt components + properties: + affinity: + description: affinity enables pod affinity/anti-affinity placement + expanding the types of constraints that can be expressed + with nodeSelector. affinity is going to be applied to the + relevant kind of pods in parallel with nodeSelector See + https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: 'nodeSelector is the node selector applied to + the relevant kind of pods It specifies a map of key-value + pairs: for the pod to be eligible to run on a node, the + node must have each of the indicated key-value pairs as + labels (it can have additional labels as well). See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector' + type: object + tolerations: + description: tolerations is a list of tolerations applied + to the relevant kind of pods See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + for more info. These are additional tolerations other than + default ones. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + replicas: + description: 'replicas indicates how many replicas should be created + for each KubeVirt infrastructure component (like virt-api or + virt-controller). Defaults to 2. WARNING: this is an advanced + feature that prevents auto-scaling for core kubevirt components. + Please use with caution!' + type: integer + type: object + monitorAccount: + description: The name of the Prometheus service account that needs + read-access to KubeVirt endpoints Defaults to prometheus-k8s + type: string + monitorNamespace: + description: The namespace Prometheus is deployed in Defaults to openshift-monitor + type: string + productComponent: + description: Designate the apps.kubevirt.io/component label for KubeVirt + components. Useful if KubeVirt is included as part of a product. + If ProductComponent is not specified, the component label default + value is kubevirt. + type: string + productName: + description: Designate the apps.kubevirt.io/part-of label for KubeVirt + components. Useful if KubeVirt is included as part of a product. + If ProductName is not specified, the part-of label will be omitted. + type: string + productVersion: + description: Designate the apps.kubevirt.io/version label for KubeVirt + components. Useful if KubeVirt is included as part of a product. + If ProductVersion is not specified, KubeVirt's version will be used. + type: string + serviceMonitorNamespace: + description: The namespace the service monitor will be deployed When + ServiceMonitorNamespace is set, then we'll install the service monitor + object in that namespace otherwise we will use the monitoring namespace. + type: string + uninstallStrategy: + description: Specifies if kubevirt can be deleted if workloads are + still present. This is mainly a precaution to avoid accidental data + loss + type: string + workloadUpdateStrategy: + description: WorkloadUpdateStrategy defines at the cluster level how + to handle automated workload updates + properties: + batchEvictionInterval: + description: "BatchEvictionInterval Represents the interval to + wait before issuing the next batch of shutdowns \n Defaults + to 1 minute" + type: string + batchEvictionSize: + description: "BatchEvictionSize Represents the number of VMIs + that can be forced updated per the BatchShutdownInteral interval + \n Defaults to 10" + type: integer + workloadUpdateMethods: + description: "WorkloadUpdateMethods defines the methods that can + be used to disrupt workloads during automated workload updates. + When multiple methods are present, the least disruptive method + takes precedence over more disruptive methods. For example if + both LiveMigrate and Shutdown methods are listed, only VMs which + are not live migratable will be restarted/shutdown \n An empty + list defaults to no automated workload updating" + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + workloads: + description: selectors and tolerations that should apply to KubeVirt + workloads + properties: + nodePlacement: + description: nodePlacement describes scheduling configuration + for specific KubeVirt components + properties: + affinity: + description: affinity enables pod affinity/anti-affinity placement + expanding the types of constraints that can be expressed + with nodeSelector. affinity is going to be applied to the + relevant kind of pods in parallel with nodeSelector See + https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: 'nodeSelector is the node selector applied to + the relevant kind of pods It specifies a map of key-value + pairs: for the pod to be eligible to run on a node, the + node must have each of the indicated key-value pairs as + labels (it can have additional labels as well). See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector' + type: object + tolerations: + description: tolerations is a list of tolerations applied + to the relevant kind of pods See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + for more info. These are additional tolerations other than + default ones. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + replicas: + description: 'replicas indicates how many replicas should be created + for each KubeVirt infrastructure component (like virt-api or + virt-controller). Defaults to 2. WARNING: this is an advanced + feature that prevents auto-scaling for core kubevirt components. + Please use with caution!' + type: integer + type: object + type: object + status: + description: KubeVirtStatus represents information pertaining to a KubeVirt + deployment. + properties: + conditions: + items: + description: KubeVirtCondition represents a condition of a KubeVirt + deployment + properties: + lastProbeTime: + format: date-time + nullable: true + type: string + lastTransitionTime: + format: date-time + nullable: true + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + defaultArchitecture: + type: string + generations: + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - lastGeneration + - name + - resource + type: object + type: array + x-kubernetes-list-type: atomic + observedDeploymentConfig: + type: string + observedDeploymentID: + type: string + observedGeneration: + format: int64 + type: integer + observedKubeVirtRegistry: + type: string + observedKubeVirtVersion: + type: string + operatorVersion: + type: string + outdatedVirtualMachineInstanceWorkloads: + type: integer + phase: + description: KubeVirtPhase is a label for the phase of a KubeVirt + deployment at the current time. + type: string + targetDeploymentConfig: + type: string + targetDeploymentID: + type: string + targetKubeVirtRegistry: + type: string + targetKubeVirtVersion: + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.phase + name: Phase + type: string + name: v1alpha3 + schema: + openAPIV3Schema: + description: KubeVirt represents the object deploying all KubeVirt resources + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + certificateRotateStrategy: + properties: + selfSigned: + properties: + ca: + description: CA configuration CA certs are kept in the CA + bundle as long as they are valid + properties: + duration: + description: The requested 'duration' (i.e. lifetime) + of the Certificate. + type: string + renewBefore: + description: The amount of time before the currently issued + certificate's "notAfter" time that we will begin to + attempt to renew the certificate. + type: string + type: object + caOverlapInterval: + description: Deprecated. Use CA.Duration and CA.RenewBefore + instead + type: string + caRotateInterval: + description: Deprecated. Use CA.Duration instead + type: string + certRotateInterval: + description: Deprecated. Use Server.Duration instead + type: string + server: + description: Server configuration Certs are rotated and discarded + properties: + duration: + description: The requested 'duration' (i.e. lifetime) + of the Certificate. + type: string + renewBefore: + description: The amount of time before the currently issued + certificate's "notAfter" time that we will begin to + attempt to renew the certificate. + type: string + type: object + type: object + type: object + configuration: + description: holds kubevirt configurations. same as the virt-configMap + properties: + additionalGuestMemoryOverheadRatio: + description: AdditionalGuestMemoryOverheadRatio can be used to + increase the virtualization infrastructure overhead. This is + useful, since the calculation of this overhead is not accurate + and cannot be entirely known in advance. The ratio that is being + set determines by which factor to increase the overhead calculated + by Kubevirt. A higher ratio means that the VMs would be less + compromised by node pressures, but would mean that fewer VMs + could be scheduled to a node. If not set, the default is 1. + type: string + apiConfiguration: + description: ReloadableComponentConfiguration holds all generic + k8s configuration options which can be reloaded by components + without requiring a restart. + properties: + restClient: + description: RestClient can be used to tune certain aspects + of the k8s client in use. + properties: + rateLimiter: + description: RateLimiter allows selecting and configuring + different rate limiters for the k8s client. + properties: + tokenBucketRateLimiter: + properties: + burst: + description: Maximum burst for throttle. If it's + zero, the component default will be used + type: integer + qps: + description: QPS indicates the maximum QPS to + the apiserver from this client. If it's zero, + the component default will be used + type: number + required: + - burst + - qps + type: object + type: object + type: object + type: object + architectureConfiguration: + properties: + amd64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + arm64: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + defaultArchitecture: + type: string + ppc64le: + properties: + emulatedMachines: + items: + type: string + type: array + x-kubernetes-list-type: atomic + machineType: + type: string + ovmfPath: + type: string + type: object + type: object + autoCPULimitNamespaceLabelSelector: + description: When set, AutoCPULimitNamespaceLabelSelector will + set a CPU limit on virt-launcher for VMIs running inside namespaces + that match the label selector. The CPU limit will equal the + number of requested vCPUs. This setting does not apply to VMIs + with dedicated CPUs. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + controllerConfiguration: + description: ReloadableComponentConfiguration holds all generic + k8s configuration options which can be reloaded by components + without requiring a restart. + properties: + restClient: + description: RestClient can be used to tune certain aspects + of the k8s client in use. + properties: + rateLimiter: + description: RateLimiter allows selecting and configuring + different rate limiters for the k8s client. + properties: + tokenBucketRateLimiter: + properties: + burst: + description: Maximum burst for throttle. If it's + zero, the component default will be used + type: integer + qps: + description: QPS indicates the maximum QPS to + the apiserver from this client. If it's zero, + the component default will be used + type: number + required: + - burst + - qps + type: object + type: object + type: object + type: object + cpuModel: + type: string + cpuRequest: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + defaultRuntimeClass: + type: string + developerConfiguration: + description: DeveloperConfiguration holds developer options + properties: + cpuAllocationRatio: + description: 'For each requested virtual CPU, CPUAllocationRatio + defines how much physical CPU to request per VMI from the + hosting node. The value is in fraction of a CPU thread (or + core on non-hyperthreaded nodes). For example, a value of + 1 means 1 physical CPU thread per VMI CPU thread. A value + of 100 would be 1% of a physical thread allocated for each + requested VMI thread. This option has no effect on VMIs + that request dedicated CPUs. More information at: https://kubevirt.io/user-guide/operations/node_overcommit/#node-cpu-allocation-ratio + Defaults to 10' + type: integer + diskVerification: + description: DiskVerification holds container disks verification + limits + properties: + memoryLimit: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + required: + - memoryLimit + type: object + featureGates: + description: FeatureGates is the list of experimental features + to enable. Defaults to none + items: + type: string + type: array + logVerbosity: + description: LogVerbosity sets log verbosity level of various + components + properties: + nodeVerbosity: + additionalProperties: + type: integer + description: NodeVerbosity represents a map of nodes with + a specific verbosity level + type: object + virtAPI: + type: integer + virtController: + type: integer + virtHandler: + type: integer + virtLauncher: + type: integer + virtOperator: + type: integer + type: object + memoryOvercommit: + description: MemoryOvercommit is the percentage of memory + we want to give VMIs compared to the amount given to its + parent pod (virt-launcher). For example, a value of 102 + means the VMI will "see" 2% more memory than its parent + pod. Values under 100 are effectively "undercommits". Overcommits + can lead to memory exhaustion, which in turn can lead to + crashes. Use carefully. Defaults to 100 + type: integer + minimumClusterTSCFrequency: + description: Allow overriding the automatically determined + minimum TSC frequency of the cluster and fixate the minimum + to this frequency. + format: int64 + type: integer + minimumReservePVCBytes: + description: MinimumReservePVCBytes is the amount of space, + in bytes, to leave unused on disks. Defaults to 131072 (128KiB) + format: int64 + type: integer + nodeSelectors: + additionalProperties: + type: string + description: NodeSelectors allows restricting VMI creation + to nodes that match a set of labels. Defaults to none + type: object + pvcTolerateLessSpaceUpToPercent: + description: LessPVCSpaceToleration determines how much smaller, + in percentage, disk PVCs are allowed to be compared to the + requested size (to account for various overheads). Defaults + to 10 + type: integer + useEmulation: + description: UseEmulation can be set to true to allow fallback + to software emulation in case hardware-assisted emulation + is not available. Defaults to false + type: boolean + type: object + emulatedMachines: + items: + type: string + type: array + evictionStrategy: + description: EvictionStrategy defines at the cluster level if + the VirtualMachineInstance should be migrated instead of shut-off + in case of a node drain. If the VirtualMachineInstance specific + field is set it overrides the cluster level one. + type: string + handlerConfiguration: + description: ReloadableComponentConfiguration holds all generic + k8s configuration options which can be reloaded by components + without requiring a restart. + properties: + restClient: + description: RestClient can be used to tune certain aspects + of the k8s client in use. + properties: + rateLimiter: + description: RateLimiter allows selecting and configuring + different rate limiters for the k8s client. + properties: + tokenBucketRateLimiter: + properties: + burst: + description: Maximum burst for throttle. If it's + zero, the component default will be used + type: integer + qps: + description: QPS indicates the maximum QPS to + the apiserver from this client. If it's zero, + the component default will be used + type: number + required: + - burst + - qps + type: object + type: object + type: object + type: object + imagePullPolicy: + description: PullPolicy describes a policy for if/when to pull + a container image + type: string + ksmConfiguration: + description: KSMConfiguration holds the information regarding + the enabling the KSM in the nodes (if available). + properties: + nodeLabelSelector: + description: NodeLabelSelector is a selector that filters + in which nodes the KSM will be enabled. Empty NodeLabelSelector + will enable ksm for every node. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: object + liveUpdateConfiguration: + description: LiveUpdateConfiguration holds defaults for live update + features + properties: + maxCpuSockets: + description: MaxCpuSockets holds the maximum amount of sockets + that can be hotplugged + format: int32 + type: integer + maxGuest: + anyOf: + - type: integer + - type: string + description: MaxGuest defines the maximum amount memory that + can be allocated to the guest using hotplug. + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxHotplugRatio: + description: 'MaxHotplugRatio is the ratio used to define + the max amount of a hotplug resource that can be made available + to a VM when the specific Max* setting is not defined (MaxCpuSockets, + MaxGuest) Example: VM is configured with 512Mi of guest + memory, if MaxGuest is not defined and MaxHotplugRatio is + 2 then MaxGuest = 1Gi defaults to 4' + format: int32 + type: integer + type: object + machineType: + description: Deprecated. Use architectureConfiguration instead. + type: string + mediatedDevicesConfiguration: + description: MediatedDevicesConfiguration holds information about + MDEV types to be defined, if available + properties: + mediatedDeviceTypes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mediatedDevicesTypes: + description: Deprecated. Use mediatedDeviceTypes instead. + items: + type: string + type: array + x-kubernetes-list-type: atomic + nodeMediatedDeviceTypes: + items: + description: NodeMediatedDeviceTypesConfig holds information + about MDEV types to be defined in a specific node that + matches the NodeSelector field. + properties: + mediatedDeviceTypes: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mediatedDevicesTypes: + description: Deprecated. Use mediatedDeviceTypes instead. + items: + type: string + type: array + x-kubernetes-list-type: atomic + nodeSelector: + additionalProperties: + type: string + description: 'NodeSelector is a selector which must + be true for the vmi to fit on a node. Selector which + must match a node''s labels for the vmi to be scheduled + on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + required: + - nodeSelector + type: object + type: array + x-kubernetes-list-type: atomic + type: object + memBalloonStatsPeriod: + format: int32 + type: integer + migrations: + description: MigrationConfiguration holds migration options. Can + be overridden for specific groups of VMs though migration policies. + Visit https://kubevirt.io/user-guide/operations/migration_policies/ + for more information. + properties: + allowAutoConverge: + description: AllowAutoConverge allows the platform to compromise + performance/availability of VMIs to guarantee successful + VMI live migrations. Defaults to false + type: boolean + allowPostCopy: + description: AllowPostCopy enables post-copy live migrations. + Such migrations allow even the busiest VMIs to successfully + live-migrate. However, events like a network failure can + cause a VMI crash. If set to true, migrations will still + start in pre-copy, but switch to post-copy when CompletionTimeoutPerGiB + triggers. Defaults to false + type: boolean + bandwidthPerMigration: + anyOf: + - type: integer + - type: string + description: BandwidthPerMigration limits the amount of network + bandwidth live migrations are allowed to use. The value + is in quantity per second. Defaults to 0 (no limit) + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + completionTimeoutPerGiB: + description: CompletionTimeoutPerGiB is the maximum number + of seconds per GiB a migration is allowed to take. If a + live-migration takes longer to migrate than this value multiplied + by the size of the VMI, the migration will be cancelled, + unless AllowPostCopy is true. Defaults to 800 + format: int64 + type: integer + disableTLS: + description: When set to true, DisableTLS will disable the + additional layer of live migration encryption provided by + KubeVirt. This is usually a bad idea. Defaults to false + type: boolean + matchSELinuxLevelOnMigration: + description: By default, the SELinux level of target virt-launcher + pods is forced to the level of the source virt-launcher. + When set to true, MatchSELinuxLevelOnMigration lets the + CRI auto-assign a random level to the target. That will + ensure the target virt-launcher doesn't share categories + with another pod on the node. However, migrations will fail + when using RWX volumes that don't automatically deal with + SELinux levels. + type: boolean + network: + description: Network is the name of the CNI network to use + for live migrations. By default, migrations go through the + pod network. + type: string + nodeDrainTaintKey: + description: 'NodeDrainTaintKey defines the taint key that + indicates a node should be drained. Note: this option relies + on the deprecated node taint feature. Default: kubevirt.io/drain' + type: string + parallelMigrationsPerCluster: + description: ParallelMigrationsPerCluster is the total number + of concurrent live migrations allowed cluster-wide. Defaults + to 5 + format: int32 + type: integer + parallelOutboundMigrationsPerNode: + description: ParallelOutboundMigrationsPerNode is the maximum + number of concurrent outgoing live migrations allowed per + node. Defaults to 2 + format: int32 + type: integer + progressTimeout: + description: ProgressTimeout is the maximum number of seconds + a live migration is allowed to make no progress. Hitting + this timeout means a migration transferred 0 data for that + many seconds. The migration is then considered stuck and + therefore cancelled. Defaults to 150 + format: int64 + type: integer + unsafeMigrationOverride: + description: UnsafeMigrationOverride allows live migrations + to occur even if the compatibility check indicates the migration + will be unsafe to the guest. Defaults to false + type: boolean + type: object + minCPUModel: + type: string + network: + description: NetworkConfiguration holds network options + properties: + binding: + additionalProperties: + properties: + domainAttachmentType: + description: 'DomainAttachmentType is a standard domain + network attachment method kubevirt supports. Supported + values: "tap". The standard domain attachment can + be used instead or in addition to the sidecarImage. + version: 1alphav1' + type: string + migration: + description: 'Migration means the VM using the plugin + can be safely migrated version: 1alphav1' + properties: + method: + description: 'Method defines a pre-defined migration + methodology version: 1alphav1' + type: string + type: object + networkAttachmentDefinition: + description: 'NetworkAttachmentDefinition references + to a NetworkAttachmentDefinition CR object. Format: + , /. If namespace is not specified, + VMI namespace is assumed. version: 1alphav1' + type: string + sidecarImage: + description: 'SidecarImage references a container image + that runs in the virt-launcher pod. The sidecar handles + (libvirt) domain configuration and optional services. + version: 1alphav1' + type: string + type: object + type: object + defaultNetworkInterface: + type: string + permitBridgeInterfaceOnPodNetwork: + type: boolean + permitSlirpInterface: + type: boolean + type: object + obsoleteCPUModels: + additionalProperties: + type: boolean + type: object + ovmfPath: + type: string + permittedHostDevices: + description: PermittedHostDevices holds information about devices + allowed for passthrough + properties: + mediatedDevices: + items: + description: MediatedHostDevice represents a host mediated + device allowed for passthrough + properties: + externalResourceProvider: + type: boolean + mdevNameSelector: + type: string + resourceName: + type: string + required: + - mdevNameSelector + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic + pciHostDevices: + items: + description: PciHostDevice represents a host PCI device + allowed for passthrough + properties: + externalResourceProvider: + description: If true, KubeVirt will leave the allocation + and monitoring to an external device plugin + type: boolean + pciVendorSelector: + description: The vendor_id:product_id tuple of the PCI + device + type: string + resourceName: + description: The name of the resource that is representing + the device. Exposed by a device plugin and requested + by VMs. Typically of the form vendor.com/product_name + type: string + required: + - pciVendorSelector + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic + usb: + items: + properties: + externalResourceProvider: + description: If true, KubeVirt will leave the allocation + and monitoring to an external device plugin + type: boolean + resourceName: + description: 'Identifies the list of USB host devices. + e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, + etc' + type: string + selectors: + items: + properties: + product: + type: string + vendor: + type: string + required: + - product + - vendor + type: object + type: array + x-kubernetes-list-type: atomic + required: + - resourceName + type: object + type: array + x-kubernetes-list-type: atomic + type: object + seccompConfiguration: + description: SeccompConfiguration holds Seccomp configuration + for Kubevirt components + properties: + virtualMachineInstanceProfile: + description: VirtualMachineInstanceProfile defines what profile + should be used with virt-launcher. Defaults to none + properties: + customProfile: + description: CustomProfile allows to request arbitrary + profile for virt-launcher + properties: + localhostProfile: + type: string + runtimeDefaultProfile: + type: boolean + type: object + type: object + type: object + selinuxLauncherType: + type: string + smbios: + properties: + family: + type: string + manufacturer: + type: string + product: + type: string + sku: + type: string + version: + type: string + type: object + supportContainerResources: + description: SupportContainerResources specifies the resource + requirements for various types of supporting containers such + as container disks/virtiofs/sidecars and hotplug attachment + pods. If omitted a sensible default will be supplied. + items: + description: SupportContainerResources are used to specify the + cpu/memory request and limits for the containers that support + various features of Virtual Machines. These containers are + usually idle and don't require a lot of memory or cpu. + properties: + resources: + description: ResourceRequirements describes the compute + resource requirements. + properties: + claims: + description: "Claims lists the names of resources, defined + in spec.resourceClaims, that are used by this container. + \n This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. \n This field + is immutable. It can only be set for containers." + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: Name must match the name of one entry + in pod.spec.resourceClaims of the Pod where + this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + type: + type: string + required: + - resources + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + supportedGuestAgentVersions: + description: deprecated + items: + type: string + type: array + tlsConfiguration: + description: TLSConfiguration holds TLS options + properties: + ciphers: + items: + type: string + type: array + x-kubernetes-list-type: set + minTLSVersion: + description: "MinTLSVersion is a way to specify the minimum + protocol version that is acceptable for TLS connections. + Protocol versions are based on the following most common + TLS configurations: \n https://ssl-config.mozilla.org/ + \n Note that SSLv3.0 is not a supported protocol version + due to well known vulnerabilities such as POODLE: https://en.wikipedia.org/wiki/POODLE" + enum: + - VersionTLS10 + - VersionTLS11 + - VersionTLS12 + - VersionTLS13 + type: string + type: object + virtualMachineInstancesPerNode: + type: integer + virtualMachineOptions: + description: VirtualMachineOptions holds the cluster level information + regarding the virtual machine. + properties: + disableFreePageReporting: + description: DisableFreePageReporting disable the free page + reporting of memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. + This will have effect only if AutoattachMemBalloon is not + false and the vmi is not requesting any high performance + feature (dedicatedCPU/realtime/hugePages), in which free + page reporting is always disabled. + type: object + disableSerialConsoleLog: + description: DisableSerialConsoleLog disables logging the + auto-attached default serial console. If not set, serial + console logs will be written to a file and then streamed + from a container named 'guest-console-log'. The value can + be individually overridden for each VM, not relevant if + AutoattachSerialConsole is disabled. + type: object + type: object + vmRolloutStrategy: + description: VMRolloutStrategy defines how changes to a VM object + propagate to its VMI + enum: + - Stage + - LiveUpdate + nullable: true + type: string + vmStateStorageClass: + description: VMStateStorageClass is the name of the storage class + to use for the PVCs created to preserve VM state, like TPM. + The storage class must support RWX in filesystem mode. + type: string + webhookConfiguration: + description: ReloadableComponentConfiguration holds all generic + k8s configuration options which can be reloaded by components + without requiring a restart. + properties: + restClient: + description: RestClient can be used to tune certain aspects + of the k8s client in use. + properties: + rateLimiter: + description: RateLimiter allows selecting and configuring + different rate limiters for the k8s client. + properties: + tokenBucketRateLimiter: + properties: + burst: + description: Maximum burst for throttle. If it's + zero, the component default will be used + type: integer + qps: + description: QPS indicates the maximum QPS to + the apiserver from this client. If it's zero, + the component default will be used + type: number + required: + - burst + - qps + type: object + type: object + type: object + type: object + type: object + customizeComponents: + properties: + flags: + description: Configure the value used for deployment and daemonset + resources + properties: + api: + additionalProperties: + type: string + type: object + controller: + additionalProperties: + type: string + type: object + handler: + additionalProperties: + type: string + type: object + type: object + patches: + items: + properties: + patch: + type: string + resourceName: + minLength: 1 + type: string + resourceType: + minLength: 1 + type: string + type: + type: string + required: + - patch + - resourceName + - resourceType + - type + type: object + type: array + x-kubernetes-list-type: atomic + type: object + imagePullPolicy: + description: The ImagePullPolicy to use. + type: string + imagePullSecrets: + description: The imagePullSecrets to pull the container images from + Defaults to none + items: + description: LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: array + x-kubernetes-list-type: atomic + imageRegistry: + description: The image registry to pull the container images from + Defaults to the same registry the operator's container image is + pulled from. + type: string + imageTag: + description: The image tag to use for the continer images installed. + Defaults to the same tag as the operator's container image. + type: string + infra: + description: selectors and tolerations that should apply to KubeVirt + infrastructure components + properties: + nodePlacement: + description: nodePlacement describes scheduling configuration + for specific KubeVirt components + properties: + affinity: + description: affinity enables pod affinity/anti-affinity placement + expanding the types of constraints that can be expressed + with nodeSelector. affinity is going to be applied to the + relevant kind of pods in parallel with nodeSelector See + https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: 'nodeSelector is the node selector applied to + the relevant kind of pods It specifies a map of key-value + pairs: for the pod to be eligible to run on a node, the + node must have each of the indicated key-value pairs as + labels (it can have additional labels as well). See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector' + type: object + tolerations: + description: tolerations is a list of tolerations applied + to the relevant kind of pods See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + for more info. These are additional tolerations other than + default ones. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + replicas: + description: 'replicas indicates how many replicas should be created + for each KubeVirt infrastructure component (like virt-api or + virt-controller). Defaults to 2. WARNING: this is an advanced + feature that prevents auto-scaling for core kubevirt components. + Please use with caution!' + type: integer + type: object + monitorAccount: + description: The name of the Prometheus service account that needs + read-access to KubeVirt endpoints Defaults to prometheus-k8s + type: string + monitorNamespace: + description: The namespace Prometheus is deployed in Defaults to openshift-monitor + type: string + productComponent: + description: Designate the apps.kubevirt.io/component label for KubeVirt + components. Useful if KubeVirt is included as part of a product. + If ProductComponent is not specified, the component label default + value is kubevirt. + type: string + productName: + description: Designate the apps.kubevirt.io/part-of label for KubeVirt + components. Useful if KubeVirt is included as part of a product. + If ProductName is not specified, the part-of label will be omitted. + type: string + productVersion: + description: Designate the apps.kubevirt.io/version label for KubeVirt + components. Useful if KubeVirt is included as part of a product. + If ProductVersion is not specified, KubeVirt's version will be used. + type: string + serviceMonitorNamespace: + description: The namespace the service monitor will be deployed When + ServiceMonitorNamespace is set, then we'll install the service monitor + object in that namespace otherwise we will use the monitoring namespace. + type: string + uninstallStrategy: + description: Specifies if kubevirt can be deleted if workloads are + still present. This is mainly a precaution to avoid accidental data + loss + type: string + workloadUpdateStrategy: + description: WorkloadUpdateStrategy defines at the cluster level how + to handle automated workload updates + properties: + batchEvictionInterval: + description: "BatchEvictionInterval Represents the interval to + wait before issuing the next batch of shutdowns \n Defaults + to 1 minute" + type: string + batchEvictionSize: + description: "BatchEvictionSize Represents the number of VMIs + that can be forced updated per the BatchShutdownInteral interval + \n Defaults to 10" + type: integer + workloadUpdateMethods: + description: "WorkloadUpdateMethods defines the methods that can + be used to disrupt workloads during automated workload updates. + When multiple methods are present, the least disruptive method + takes precedence over more disruptive methods. For example if + both LiveMigrate and Shutdown methods are listed, only VMs which + are not live migratable will be restarted/shutdown \n An empty + list defaults to no automated workload updating" + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + workloads: + description: selectors and tolerations that should apply to KubeVirt + workloads + properties: + nodePlacement: + description: nodePlacement describes scheduling configuration + for specific KubeVirt components + properties: + affinity: + description: affinity enables pod affinity/anti-affinity placement + expanding the types of constraints that can be expressed + with nodeSelector. affinity is going to be applied to the + relevant kind of pods in parallel with nodeSelector See + https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity + properties: + nodeAffinity: + description: Describes node affinity scheduling rules + for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term + matches all objects with implicit weight 0 (i.e. + it's a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated + with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching + the corresponding nodeSelectorTerm, in the + range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to an update), the system may or may not try + to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector + terms. The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them + are ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: The label key that the + selector applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. + If the operator is Gt or Lt, the + values array must have a single + element, which will be interpreted + as an integer. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements + of this field and adding "weight" to the sum if + the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + affinity requirements specified by this field cease + to be met at some point during pod execution (e.g. + due to a pod label update), the system may or may + not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, + etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule + pods to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node + that violates one or more of the expressions. The + node that is most preferred is the one with the + greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to + the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum + are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, + associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of + resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set + of namespaces that the term applies to. + The term is applied to the union of the + namespaces selected by this field and + the ones listed in the namespaces field. + null selector and null or empty namespaces + list means "this pod's namespace". An + empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: operator represents + a key's relationship to a set + of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array + of string values. If the operator + is In or NotIn, the values array + must be non-empty. If the operator + is Exists or DoesNotExist, the + values array must be empty. + This array is replaced during + a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of + {key,value} pairs. A single {key,value} + in the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are + ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static + list of namespace names that the term + applies to. The term is applied to the + union of the namespaces listed in this + field and the ones selected by namespaceSelector. + null or empty namespaces list and null + namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where co-located + is defined as running on a node whose + value of the label with key topologyKey + matches that of any node on which any + of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching + the corresponding podAffinityTerm, in the + range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the + pod will not be scheduled onto the node. If the + anti-affinity requirements specified by this field + cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may + or may not try to eventually evict the pod from + its node. When there are multiple elements, the + lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those + matching the labelSelector relative to the given + namespace(s)) that this pod should be co-located + (affinity) or not co-located (anti-affinity) with, + where co-located is defined as running on a node + whose value of the label with key + matches that of any node on which a pod of the + set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by + this field and the ones listed in the namespaces + field. null selector and null or empty namespaces + list means "this pod's namespace". An empty + selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. + The term is applied to the union of the namespaces + listed in this field and the ones selected + by namespaceSelector. null or empty namespaces + list and null namespaceSelector means "this + pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: 'nodeSelector is the node selector applied to + the relevant kind of pods It specifies a map of key-value + pairs: for the pod to be eligible to run on a node, the + node must have each of the indicated key-value pairs as + labels (it can have additional labels as well). See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector' + type: object + tolerations: + description: tolerations is a list of tolerations applied + to the relevant kind of pods See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + for more info. These are additional tolerations other than + default ones. + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Key is the taint key that the toleration + applies to. Empty means match all taint keys. If the + key is empty, operator must be Exists; this combination + means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists and Equal. + Defaults to Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate all taints of + a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period + of time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the + taint forever (do not evict). Zero and negative values + will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration + matches to. If the operator is Exists, the value should + be empty, otherwise just a regular string. + type: string + type: object + type: array + type: object + replicas: + description: 'replicas indicates how many replicas should be created + for each KubeVirt infrastructure component (like virt-api or + virt-controller). Defaults to 2. WARNING: this is an advanced + feature that prevents auto-scaling for core kubevirt components. + Please use with caution!' + type: integer + type: object + type: object + status: + description: KubeVirtStatus represents information pertaining to a KubeVirt + deployment. + properties: + conditions: + items: + description: KubeVirtCondition represents a condition of a KubeVirt + deployment + properties: + lastProbeTime: + format: date-time + nullable: true + type: string + lastTransitionTime: + format: date-time + nullable: true + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + defaultArchitecture: + type: string + generations: + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + required: + - group + - lastGeneration + - name + - resource + type: object + type: array + x-kubernetes-list-type: atomic + observedDeploymentConfig: + type: string + observedDeploymentID: + type: string + observedGeneration: + format: int64 + type: integer + observedKubeVirtRegistry: + type: string + observedKubeVirtVersion: + type: string + operatorVersion: + type: string + outdatedVirtualMachineInstanceWorkloads: + type: integer + phase: + description: KubeVirtPhase is a label for the phase of a KubeVirt + deployment at the current time. + type: string + targetDeploymentConfig: + type: string + targetDeploymentID: + type: string + targetKubeVirtRegistry: + type: string + targetKubeVirtVersion: + type: string + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: authentications.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: Authentication + listKind: AuthenticationList + plural: authentications + singular: authentication + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Authentication provides information to configure an operator + to manage authentication. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: consoles.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: Console + listKind: ConsoleList + plural: consoles + singular: console + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Console provides a means to configure an operator to manage the + console. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConsoleSpec is the specification of the desired behavior + of the Console. + properties: + customization: + description: customization is used to optionally provide a small set + of customization options to the web console. + properties: + brand: + description: brand is the default branding of the web console + which can be overridden by providing the brand field. There + is a limited set of specific brand options. This field controls + elements of the console such as the logo. Invalid value will + prevent a console rollout. + pattern: ^$|^(ocp|origin|okd|dedicated|online|azure)$ + type: string + customLogoFile: + description: 'customLogoFile replaces the default OpenShift logo + in the masthead and about dialog. It is a reference to a ConfigMap + in the openshift-config namespace. This can be created with + a command like ''oc create configmap custom-logo --from-file=/path/to/file + -n openshift-config''. Image size must be less than 1 MB due + to constraints on the ConfigMap size. The ConfigMap key should + include a file extension so that the console serves the file + with the correct MIME type. Recommended logo specifications: + Dimensions: Max height of 68px and max width of 200px SVG format + preferred' + properties: + key: + description: Key allows pointing to a specific key/value inside + of the configmap. This is useful for logical file references. + type: string + name: + type: string + type: object + customProductName: + description: customProductName is the name that will be displayed + in page titles, logo alt text, and the about dialog instead + of the normal OpenShift product name. + type: string + documentationBaseURL: + description: documentationBaseURL links to external documentation + are shown in various sections of the web console. Providing + documentationBaseURL will override the default documentation + URL. Invalid value will prevent a console rollout. + pattern: ^$|^((https):\/\/?)[^\s()<>]+(?:\([\w\d]+\)|([^[:punct:]\s]|\/?))\/$ + type: string + type: object + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + providers: + description: providers contains configuration for using specific service + providers. + properties: + statuspage: + description: statuspage contains ID for statuspage.io page that + provides status info about. + properties: + pageID: + description: pageID is the unique ID assigned by Statuspage + for your page. This must be a public page. + type: string + type: object + type: object + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: ConsoleStatus defines the observed status of the Console. + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: dnses.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: DNS + listKind: DNSList + plural: dnses + singular: dns + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "DNS manages the CoreDNS component to provide a name resolution + service for pods and services in the cluster. \n This supports the DNS-based + service discovery specification: https://github.com/kubernetes/dns/blob/master/docs/specification.md + \n More details: https://kubernetes.io/docs/tasks/administer-cluster/coredns" + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + DNS. + properties: + servers: + description: "servers is a list of DNS resolvers that provide name + query delegation for one or more subdomains outside the scope of + the cluster domain. If servers consists of more than one Server, + longest suffix match will be used to determine the Server. \n For + example, if there are two Servers, one for \"foo.com\" and another + for \"a.foo.com\", and the name query is for \"www.a.foo.com\", + it will be routed to the Server with Zone \"a.foo.com\". \n If this + field is nil, no servers are created." + items: + description: Server defines the schema for a server that runs per + instance of CoreDNS. + properties: + forwardPlugin: + description: forwardPlugin defines a schema for configuring + CoreDNS to proxy DNS messages to upstream resolvers. + properties: + upstreams: + description: "upstreams is a list of resolvers to forward + name queries for subdomains of Zones. Upstreams are randomized + when more than 1 upstream is specified. Each instance + of CoreDNS performs health checking of Upstreams. When + a healthy upstream returns an error during the exchange, + another resolver is tried from Upstreams. Each upstream + is represented by an IP address or IP:port if the upstream + listens on a port other than 53. \n A maximum of 15 upstreams + is allowed per ForwardPlugin." + items: + type: string + maxItems: 15 + type: array + type: object + name: + description: name is required and specifies a unique name for + the server. Name must comply with the Service Name Syntax + of rfc6335. + type: string + zones: + description: zones is required and specifies the subdomains + that Server is authoritative for. Zones must conform to the + rfc1123 definition of a subdomain. Specifying the cluster + domain (i.e., "cluster.local") is invalid. + items: + type: string + type: array + type: object + type: array + type: object + status: + description: status is the most recently observed status of the DNS. + properties: + clusterDomain: + description: "clusterDomain is the local cluster DNS domain suffix + for DNS services. This will be a subdomain as defined in RFC 1034, + section 3.5: https://tools.ietf.org/html/rfc1034#section-3.5 Example: + \"cluster.local\" \n More info: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service" + type: string + clusterIP: + description: "clusterIP is the service IP through which this DNS is + made available. \n In the case of the default DNS, this will be + a well known IP that is used as the default nameserver for pods + that are using the default ClusterFirst DNS policy. \n In general, + this IP can be specified in a pod's spec.dnsConfig.nameservers list + or used explicitly when performing name resolution from within the + cluster. Example: dig foo.com @ \n More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" + type: string + conditions: + description: "conditions provide information about the state of the + DNS on the cluster. \n These are the supported DNS conditions: \n + \ * Available - True if the following conditions are met: * + DNS controller daemonset is available. - False if any of those + conditions are unsatisfied." + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + required: + - clusterDomain + - clusterIP + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: ingresscontrollers.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: IngressController + listKind: IngressControllerList + plural: ingresscontrollers + singular: ingresscontroller + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: "IngressController describes a managed ingress controller for + the cluster. The controller can service OpenShift Route and Kubernetes Ingress + resources. \n When an IngressController is created, a new ingress controller + deployment is created to allow external traffic to reach the services that + expose Ingress or Route resources. Updating this resource may lead to disruption + for public facing network connections as a new ingress controller revision + may be rolled out. \n https://kubernetes.io/docs/concepts/services-networking/ingress-controllers + \n Whenever possible, sensible defaults for the platform are used. See each + field for more details." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + IngressController. + properties: + defaultCertificate: + description: "defaultCertificate is a reference to a secret containing + the default certificate served by the ingress controller. When Routes + don't specify their own certificate, defaultCertificate is used. + \n The secret must contain the following keys and data: \n tls.crt: + certificate file contents tls.key: key file contents \n If unset, + a wildcard certificate is automatically generated and used. The + certificate is valid for the ingress controller domain (and subdomains) + and the generated certificate's CA will be automatically integrated + with the cluster's trust store. \n The in-use certificate (whether + generated or user-specified) will be automatically integrated with + OpenShift's built-in OAuth server." + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + domain: + description: "domain is a DNS name serviced by the ingress controller + and is used to configure multiple features: \n * For the LoadBalancerService + endpoint publishing strategy, domain is used to configure DNS + records. See endpointPublishingStrategy. \n * When using a generated + default certificate, the certificate will be valid for domain + and its subdomains. See defaultCertificate. \n * The value is published + to individual Route statuses so that end-users know where to target + external DNS records. \n domain must be unique among all IngressControllers, + and cannot be updated. \n If empty, defaults to ingress.config.openshift.io/cluster + .spec.domain." + type: string + endpointPublishingStrategy: + description: "endpointPublishingStrategy is used to publish the ingress + controller endpoints to other networks, enable load balancer integrations, + etc. \n If unset, the default is based on infrastructure.config.openshift.io/cluster + .status.platform: \n AWS: LoadBalancerService (with External + scope) Azure: LoadBalancerService (with External scope) GCP: + \ LoadBalancerService (with External scope) Libvirt: HostNetwork + \n Any other platform types (including None) default to HostNetwork. + \n endpointPublishingStrategy cannot be updated." + properties: + hostNetwork: + description: hostNetwork holds parameters for the HostNetwork + endpoint publishing strategy. Present only if type is HostNetwork. + type: object + loadBalancer: + description: loadBalancer holds parameters for the load balancer. + Present only if type is LoadBalancerService. + properties: + scope: + description: scope indicates the scope at which the load balancer + is exposed. Possible values are "External" and "Internal". + type: string + required: + - scope + type: object + private: + description: private holds parameters for the Private endpoint + publishing strategy. Present only if type is Private. + type: object + type: + description: "type is the publishing strategy to use. Valid values + are: \n * LoadBalancerService \n Publishes the ingress controller + using a Kubernetes LoadBalancer Service. \n In this configuration, + the ingress controller deployment uses container networking. + A LoadBalancer Service is created to publish the deployment. + \n See: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer + \n If domain is set, a wildcard DNS record will be managed to + point at the LoadBalancer Service's external name. DNS records + are managed only in DNS zones defined by dns.config.openshift.io/cluster + .spec.publicZone and .spec.privateZone. \n Wildcard DNS management + is currently supported only on the AWS, Azure, and GCP platforms. + \n * HostNetwork \n Publishes the ingress controller on node + ports where the ingress controller is deployed. \n In this configuration, + the ingress controller deployment uses host networking, bound + to node ports 80 and 443. The user is responsible for configuring + an external load balancer to publish the ingress controller + via the node ports. \n * Private \n Does not publish the ingress + controller. \n In this configuration, the ingress controller + deployment uses container networking, and is not explicitly + published. The user must manually publish the ingress controller." + type: string + required: + - type + type: object + namespaceSelector: + description: "namespaceSelector is used to filter the set of namespaces + serviced by the ingress controller. This is useful for implementing + shards. \n If unset, the default is no filtering." + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + nodePlacement: + description: "nodePlacement enables explicit control over the scheduling + of the ingress controller. \n If unset, defaults are used. See NodePlacement + for more details." + properties: + nodeSelector: + description: "nodeSelector is the node selector applied to ingress + controller deployments. \n If unset, the default is: \n beta.kubernetes.io/os: + linux node-role.kubernetes.io/worker: '' \n If set, the specified + selector is used and replaces the default." + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + tolerations: + description: "tolerations is a list of tolerations applied to + ingress controller deployments. \n The default is an empty list. + \n See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/" + items: + description: The pod this Toleration is attached to tolerates + any taint that matches the triple using + the matching operator . + properties: + effect: + description: Effect indicates the taint effect to match. + Empty means match all taint effects. When specified, allowed + values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match + all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to + the value. Valid operators are Exists and Equal. Defaults + to Equal. Exists is equivalent to wildcard for value, + so that a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of + time the toleration (which must be of effect NoExecute, + otherwise this field is ignored) tolerates the taint. + By default, it is not set, which means tolerate the taint + forever (do not evict). Zero and negative values will + be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + type: object + replicas: + description: replicas is the desired number of ingress controller + replicas. If unset, defaults to 2. + format: int32 + type: integer + routeSelector: + description: "routeSelector is used to filter the set of Routes serviced + by the ingress controller. This is useful for implementing shards. + \n If unset, the default is no filtering." + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + tlsSecurityProfile: + description: "tlsSecurityProfile specifies settings for TLS connections + for ingresscontrollers. \n If unset, the default is based on the + apiservers.config.openshift.io/cluster resource. \n Note that when + using the Old, Intermediate, and Modern profile types, the effective + profile configuration is subject to change between releases. For + example, given a specification to use the Intermediate profile deployed + on release X.Y.Z, an upgrade to release X.Y.Z+1 may cause a new + profile configuration to be applied to the ingress controller, resulting + in a rollout. \n Note that the minimum TLS version for ingress controllers + is 1.1, and the maximum TLS version is 1.2. An implication of this + restriction is that the Modern TLS profile type cannot be used because + it requires TLS 1.3." + properties: + custom: + description: "custom is a user-defined TLS security profile. Be + extremely careful using a custom profile as invalid configurations + can be catastrophic. An example custom profile looks like this: + \n ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 + \ - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 + \ minTLSVersion: TLSv1.1" + nullable: true + properties: + ciphers: + description: "ciphers is used to specify the cipher algorithms + that are negotiated during the TLS handshake. Operators + may remove entries their operands do not support. For example, + to use DES-CBC3-SHA (yaml): \n ciphers: - DES-CBC3-SHA" + items: + type: string + type: array + minTLSVersion: + description: "minTLSVersion is used to specify the minimal + version of the TLS protocol that is negotiated during the + TLS handshake. For example, to use TLS versions 1.1, 1.2 + and 1.3 (yaml): \n minTLSVersion: TLSv1.1 \n NOTE: currently + the highest minTLSVersion allowed is VersionTLS12" + type: string + type: object + intermediate: + description: "intermediate is a TLS security profile based on: + \n https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 + \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 + \ - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 + \ - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 + \ - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 + \ - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 + \ - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 + \ minTLSVersion: TLSv1.2" + nullable: true + type: object + modern: + description: "modern is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility + \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 + \ - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 + \ minTLSVersion: TLSv1.3 \n NOTE: Currently unsupported." + nullable: true + type: object + old: + description: "old is a TLS security profile based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility + \n and looks like this (yaml): \n ciphers: - TLS_AES_128_GCM_SHA256 + \ - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 + \ - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 + \ - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 + \ - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 + \ - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 + \ - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 + \ - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA + \ - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 + \ - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA + \ - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - + DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 + \ - AES128-SHA256 - AES256-SHA256 - AES128-SHA - + AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0" + nullable: true + type: object + type: + description: "type is one of Old, Intermediate, Modern or Custom. + Custom provides the ability to specify individual TLS security + profile parameters. Old, Intermediate and Modern are TLS security + profiles based on: \n https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations + \n The profiles are intent based, so they may change over time + as new ciphers are developed and existing ciphers are found + to be insecure. Depending on precisely which ciphers are available + to a process, the list may be reduced. \n Note that the Modern + profile is currently not supported because it is not yet well + adopted by common software libraries." + type: string + type: object + type: object + status: + description: status is the most recently observed status of the IngressController. + properties: + availableReplicas: + description: availableReplicas is number of observed available replicas + according to the ingress controller deployment. + format: int32 + type: integer + conditions: + description: "conditions is a list of conditions and their status. + \n Available means the ingress controller deployment is available + and servicing route and ingress resources (i.e, .status.availableReplicas + equals .spec.replicas) \n There are additional conditions which + indicate the status of other ingress controller features and capabilities. + \n * LoadBalancerManaged - True if the following conditions + are met: * The endpoint publishing strategy requires a service + load balancer. - False if any of those conditions are unsatisfied. + \n * LoadBalancerReady - True if the following conditions are + met: * A load balancer is managed. * The load balancer is + ready. - False if any of those conditions are unsatisfied. \n + \ * DNSManaged - True if the following conditions are met: * + The endpoint publishing strategy and platform support DNS. * + The ingress controller domain is set. * dns.config.openshift.io/cluster + configures DNS zones. - False if any of those conditions are unsatisfied. + \n * DNSReady - True if the following conditions are met: * + DNS is managed. * DNS records have been successfully created. + \ - False if any of those conditions are unsatisfied." + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + domain: + description: domain is the actual domain in use. + type: string + endpointPublishingStrategy: + description: endpointPublishingStrategy is the actual strategy in + use. + properties: + hostNetwork: + description: hostNetwork holds parameters for the HostNetwork + endpoint publishing strategy. Present only if type is HostNetwork. + type: object + loadBalancer: + description: loadBalancer holds parameters for the load balancer. + Present only if type is LoadBalancerService. + properties: + scope: + description: scope indicates the scope at which the load balancer + is exposed. Possible values are "External" and "Internal". + type: string + required: + - scope + type: object + private: + description: private holds parameters for the Private endpoint + publishing strategy. Present only if type is Private. + type: object + type: + description: "type is the publishing strategy to use. Valid values + are: \n * LoadBalancerService \n Publishes the ingress controller + using a Kubernetes LoadBalancer Service. \n In this configuration, + the ingress controller deployment uses container networking. + A LoadBalancer Service is created to publish the deployment. + \n See: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer + \n If domain is set, a wildcard DNS record will be managed to + point at the LoadBalancer Service's external name. DNS records + are managed only in DNS zones defined by dns.config.openshift.io/cluster + .spec.publicZone and .spec.privateZone. \n Wildcard DNS management + is currently supported only on the AWS, Azure, and GCP platforms. + \n * HostNetwork \n Publishes the ingress controller on node + ports where the ingress controller is deployed. \n In this configuration, + the ingress controller deployment uses host networking, bound + to node ports 80 and 443. The user is responsible for configuring + an external load balancer to publish the ingress controller + via the node ports. \n * Private \n Does not publish the ingress + controller. \n In this configuration, the ingress controller + deployment uses container networking, and is not explicitly + published. The user must manually publish the ingress controller." + type: string + required: + - type + type: object + observedGeneration: + description: observedGeneration is the most recent generation observed. + format: int64 + type: integer + selector: + description: selector is a label selector, in string format, for ingress + controller pods corresponding to the IngressController. The number + of matching pods should equal the value of availableReplicas. + type: string + tlsProfile: + description: tlsProfile is the TLS connection configuration that is + in effect. + properties: + ciphers: + description: "ciphers is used to specify the cipher algorithms + that are negotiated during the TLS handshake. Operators may + remove entries their operands do not support. For example, + to use DES-CBC3-SHA (yaml): \n ciphers: - DES-CBC3-SHA" + items: + type: string + type: array + minTLSVersion: + description: "minTLSVersion is used to specify the minimal version + of the TLS protocol that is negotiated during the TLS handshake. + For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): \n + \ minTLSVersion: TLSv1.1 \n NOTE: currently the highest minTLSVersion + allowed is VersionTLS12" + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.availableReplicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: kubeapiservers.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: KubeAPIServer + listKind: KubeAPIServerList + plural: kubeapiservers + singular: kubeapiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: KubeAPIServer provides information to configure an operator to + manage kube-apiserver. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Kubernetes API Server + properties: + failedRevisionLimit: + description: failedRevisionLimit is the number of failed static pod + installer revisions to keep on disk and in the api -1 = unlimited, + 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: forceRedeploymentReason can be used to force the redeployment + of the operand by providing a unique string. This provides a mechanism + to kick a previously failed deployment and provide a reason why + you think it will work this time instead of failing again on the + same config. + type: string + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Force)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + succeededRevisionLimit: + description: succeededRevisionLimit is the number of successful static + pod installer revisions to keep on disk and in the api -1 = unlimited, + 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Kubernetes + API Server + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: currentRevision is the generation of the most recently + successful deployment + format: int32 + type: integer + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of the errors + during the failed deployment referenced in lastFailedRevision + items: + type: string + type: array + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: targetRevision is the generation of the deployment + we're trying to apply + format: int32 + type: integer + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: kubecontrollermanagers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: KubeControllerManager + listKind: KubeControllerManagerList + plural: kubecontrollermanagers + singular: kubecontrollermanager + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: KubeControllerManager provides information to configure an operator + to manage kube-controller-manager. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Kubernetes Controller Manager + properties: + failedRevisionLimit: + description: failedRevisionLimit is the number of failed static pod + installer revisions to keep on disk and in the api -1 = unlimited, + 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: forceRedeploymentReason can be used to force the redeployment + of the operand by providing a unique string. This provides a mechanism + to kick a previously failed deployment and provide a reason why + you think it will work this time instead of failing again on the + same config. + type: string + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Force)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + succeededRevisionLimit: + description: succeededRevisionLimit is the number of successful static + pod installer revisions to keep on disk and in the api -1 = unlimited, + 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Kubernetes + Controller Manager + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: currentRevision is the generation of the most recently + successful deployment + format: int32 + type: integer + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of the errors + during the failed deployment referenced in lastFailedRevision + items: + type: string + type: array + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: targetRevision is the generation of the deployment + we're trying to apply + format: int32 + type: integer + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: kubeschedulers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: KubeScheduler + listKind: KubeSchedulerList + plural: kubeschedulers + singular: kubescheduler + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: KubeScheduler provides information to configure an operator to + manage scheduler. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + Kubernetes Scheduler + properties: + failedRevisionLimit: + description: failedRevisionLimit is the number of failed static pod + installer revisions to keep on disk and in the api -1 = unlimited, + 0 or unset = 5 (default) + format: int32 + type: integer + forceRedeploymentReason: + description: forceRedeploymentReason can be used to force the redeployment + of the operand by providing a unique string. This provides a mechanism + to kick a previously failed deployment and provide a reason why + you think it will work this time instead of failing again on the + same config. + type: string + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Force)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + succeededRevisionLimit: + description: succeededRevisionLimit is the number of successful static + pod installer revisions to keep on disk and in the api -1 = unlimited, + 0 or unset = 5 (default) + format: int32 + type: integer + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status is the most recently observed status of the Kubernetes + Scheduler + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + latestAvailableRevision: + description: latestAvailableRevision is the deploymentID of the most + recent deployment + format: int32 + type: integer + latestAvailableRevisionReason: + description: latestAvailableRevisionReason describe the detailed reason + for the most recent deployment + type: string + nodeStatuses: + description: nodeStatuses track the deployment values and errors across + individual nodes + items: + description: NodeStatus provides information about the current state + of a particular node managed by this operator. + properties: + currentRevision: + description: currentRevision is the generation of the most recently + successful deployment + format: int32 + type: integer + lastFailedRevision: + description: lastFailedRevision is the generation of the deployment + we tried and failed to deploy. + format: int32 + type: integer + lastFailedRevisionErrors: + description: lastFailedRevisionErrors is a list of the errors + during the failed deployment referenced in lastFailedRevision + items: + type: string + type: array + nodeName: + description: nodeName is the name of the node + type: string + targetRevision: + description: targetRevision is the generation of the deployment + we're trying to apply + format: int32 + type: integer + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: kubestorageversionmigrators.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: KubeStorageVersionMigrator + listKind: KubeStorageVersionMigratorList + plural: kubestorageversionmigrators + singular: kubestorageversionmigrator + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: KubeStorageVersionMigrator provides information to configure + an operator to manage kube-storage-version-migrator. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: networks.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: Network + listKind: NetworkList + plural: networks + singular: network + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Network describes the cluster's desired network configuration. + It is consumed by the cluster-network-operator. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkSpec is the top-level network configuration object. + properties: + additionalNetworks: + description: additionalNetworks is a list of extra networks to make + available to pods when multiple networks are enabled. + items: + description: AdditionalNetworkDefinition configures an extra network + that is available but not created by default. Instead, pods must + request them by name. type must be specified, along with exactly + one "Config" that matches the type. + properties: + name: + description: name is the name of the network. This will be populated + in the resulting CRD This must be unique. + type: string + namespace: + description: namespace is the namespace of the network. This + will be populated in the resulting CRD If not given the network + will be created in the default namespace. + type: string + rawCNIConfig: + description: rawCNIConfig is the raw CNI configuration json + to create in the NetworkAttachmentDefinition CRD + type: string + simpleMacvlanConfig: + description: SimpleMacvlanConfig configures the macvlan interface + in case of type:NetworkTypeSimpleMacvlan + properties: + ipamConfig: + description: IPAMConfig configures IPAM module will be used + for IP Address Management (IPAM). + properties: + staticIPAMConfig: + description: StaticIPAMConfig configures the static + IP address in case of type:IPAMTypeStatic + properties: + addresses: + description: Addresses configures IP address for + the interface + items: + description: StaticIPAMAddresses provides IP address + and Gateway for static IPAM addresses + properties: + address: + description: Address is the IP address in + CIDR format + type: string + gateway: + description: Gateway is IP inside of subnet + to designate as the gateway + type: string + type: object + type: array + dns: + description: DNS configures DNS for the interface + properties: + domain: + description: Domain configures the domainname + the local domain used for short hostname lookups + type: string + nameservers: + description: Nameservers points DNS servers + for IP lookup + items: + type: string + type: array + search: + description: Search configures priority ordered + search domains for short hostname lookups + items: + type: string + type: array + type: object + routes: + description: Routes configures IP routes for the + interface + items: + description: StaticIPAMRoutes provides Destination/Gateway + pairs for static IPAM routes + properties: + destination: + description: Destination points the IP route + destination + type: string + gateway: + description: Gateway is the route's next-hop + IP address If unset, a default gateway is + assumed (as determined by the CNI plugin). + type: string + type: object + type: array + type: object + type: + description: Type is the type of IPAM module will be + used for IP Address Management(IPAM). The supported + values are IPAMTypeDHCP, IPAMTypeStatic + type: string + type: object + master: + description: master is the host interface to create the + macvlan interface from. If not specified, it will be default + route interface + type: string + mode: + description: 'mode is the macvlan mode: bridge, private, + vepa, passthru. The default is bridge' + type: string + mtu: + description: mtu is the mtu to use for the macvlan interface. + if unset, host's kernel will select the value. + format: int32 + minimum: 0 + type: integer + type: object + type: + description: type is the type of network The supported values + are NetworkTypeRaw, NetworkTypeSimpleMacvlan + type: string + type: object + type: array + clusterNetwork: + description: clusterNetwork is the IP address pool to use for pod + IPs. Some network providers, e.g. OpenShift SDN, support multiple + ClusterNetworks. Others only support one. This is equivalent to + the cluster-cidr. + items: + description: ClusterNetworkEntry is a subnet from which to allocate + PodIPs. A network of size HostPrefix (in CIDR notation) will be + allocated when nodes join the cluster. Not all network providers + support multiple ClusterNetworks + properties: + cidr: + type: string + hostPrefix: + format: int32 + minimum: 0 + type: integer + type: object + type: array + defaultNetwork: + description: defaultNetwork is the "default" network that all pods + will receive + properties: + kuryrConfig: + description: KuryrConfig configures the kuryr plugin + properties: + controllerProbesPort: + description: The port kuryr-controller will listen for readiness + and liveness requests. + format: int32 + minimum: 0 + type: integer + daemonProbesPort: + description: The port kuryr-daemon will listen for readiness + and liveness requests. + format: int32 + minimum: 0 + type: integer + enablePortPoolsPrepopulation: + description: enablePortPoolsPrepopulation when true will make + Kuryr prepopulate each newly created port pool with a minimum + number of ports. Kuryr uses Neutron port pooling to fight + the fact that it takes a significant amount of time to create + one. Instead of creating it when pod is being deployed, + Kuryr keeps a number of ports ready to be attached to pods. + By default port prepopulation is disabled. + type: boolean + openStackServiceNetwork: + description: openStackServiceNetwork contains the CIDR of + network from which to allocate IPs for OpenStack Octavia's + Amphora VMs. Please note that with Amphora driver Octavia + uses two IPs from that network for each loadbalancer - one + given by OpenShift and second for VRRP connections. As the + first one is managed by OpenShift's and second by Neutron's + IPAMs, those need to come from different pools. Therefore + `openStackServiceNetwork` needs to be at least twice the + size of `serviceNetwork`, and whole `serviceNetwork` must + be overlapping with `openStackServiceNetwork`. cluster-network-operator + will then make sure VRRP IPs are taken from the ranges inside + `openStackServiceNetwork` that are not overlapping with + `serviceNetwork`, effectivly preventing conflicts. If not + set cluster-network-operator will use `serviceNetwork` expanded + by decrementing the prefix size by 1. + type: string + poolBatchPorts: + description: poolBatchPorts sets a number of ports that should + be created in a single batch request to extend the port + pool. The default is 3. For more information about port + pools see enablePortPoolsPrepopulation setting. + minimum: 0 + type: integer + poolMaxPorts: + description: poolMaxPorts sets a maximum number of free ports + that are being kept in a port pool. If the number of ports + exceeds this setting, free ports will get deleted. Setting + 0 will disable this upper bound, effectively preventing + pools from shrinking and this is the default value. For + more information about port pools see enablePortPoolsPrepopulation + setting. + minimum: 0 + type: integer + poolMinPorts: + description: poolMinPorts sets a minimum number of free ports + that should be kept in a port pool. If the number of ports + is lower than this setting, new ports will get created and + added to pool. The default is 1. For more information about + port pools see enablePortPoolsPrepopulation setting. + minimum: 1 + type: integer + type: object + openshiftSDNConfig: + description: openShiftSDNConfig configures the openshift-sdn plugin + properties: + enableUnidling: + description: enableUnidling controls whether or not the service + proxy will support idling and unidling of services. By default, + unidling is enabled. + type: boolean + mode: + description: mode is one of "Multitenant", "Subnet", or "NetworkPolicy" + type: string + mtu: + description: mtu is the mtu to use for the tunnel interface. + Defaults to 1450 if unset. This must be 50 bytes smaller + than the machine's uplink. + format: int32 + minimum: 0 + type: integer + useExternalOpenvswitch: + description: useExternalOpenvswitch tells the operator not + to install openvswitch, because it will be provided separately. + If set, you must provide it yourself. + type: boolean + vxlanPort: + description: vxlanPort is the port to use for all vxlan packets. + The default is 4789. + format: int32 + minimum: 0 + type: integer + type: object + ovnKubernetesConfig: + description: oVNKubernetesConfig configures the ovn-kubernetes + plugin. This is currently not implemented. + properties: + genevePort: + description: geneve port is the UDP port to be used by geneve + encapulation. Default is 6081 + format: int32 + minimum: 1 + type: integer + hybridOverlayConfig: + description: HybridOverlayConfig configures an additional + overlay network for peers that are not using OVN. + properties: + hybridClusterNetwork: + description: HybridClusterNetwork defines a network space + given to nodes on an additional overlay network. + items: + description: ClusterNetworkEntry is a subnet from which + to allocate PodIPs. A network of size HostPrefix (in + CIDR notation) will be allocated when nodes join the + cluster. Not all network providers support multiple + ClusterNetworks + properties: + cidr: + type: string + hostPrefix: + format: int32 + minimum: 0 + type: integer + type: object + type: array + type: object + mtu: + description: mtu is the MTU to use for the tunnel interface. + This must be 100 bytes smaller than the uplink mtu. Default + is 1400 + format: int32 + minimum: 0 + type: integer + type: object + type: + description: type is the type of network All NetworkTypes are + supported except for NetworkTypeRaw + type: string + type: object + deployKubeProxy: + description: deployKubeProxy specifies whether or not a standalone + kube-proxy should be deployed by the operator. Some network providers + include kube-proxy or similar functionality. If unset, the plugin + will attempt to select the correct value, which is false when OpenShift + SDN and ovn-kubernetes are used and true otherwise. + type: boolean + disableMultiNetwork: + description: disableMultiNetwork specifies whether or not multiple + pod network support should be disabled. If unset, this property + defaults to 'false' and multiple network support is enabled. + type: boolean + kubeProxyConfig: + description: kubeProxyConfig lets us configure desired proxy configuration. + If not specified, sensible defaults will be chosen by OpenShift + directly. Not consumed by all network providers - currently only + openshift-sdn. + properties: + bindAddress: + description: The address to "bind" on Defaults to 0.0.0.0 + type: string + iptablesSyncPeriod: + description: 'The period that iptables rules are refreshed. Default: + 30s' + type: string + proxyArguments: + additionalProperties: + description: ProxyArgumentList is a list of arguments to pass + to the kubeproxy process + items: + type: string + type: array + description: Any additional arguments to pass to the kubeproxy + process + type: object + type: object + logLevel: + description: logLevel allows configuring the logging level of the + components deployed by the operator. Currently only Kuryr SDN is + affected by this setting. Please note that turning on extensive + logging may affect performance. The default value is "Normal". + type: string + serviceNetwork: + description: serviceNetwork is the ip address pool to use for Service + IPs Currently, all existing network providers only support a single + value here, but this is an array to allow for growth. + items: + type: string + type: array + type: object + status: + description: NetworkStatus is currently unused. Instead, status is reported + in the Network.config.openshift.io object. + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: openshiftapiservers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: OpenShiftAPIServer + listKind: OpenShiftAPIServerList + plural: openshiftapiservers + singular: openshiftapiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: OpenShiftAPIServer provides information to configure an operator + to manage openshift-apiserver. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec is the specification of the desired behavior of the + OpenShift API Server. + properties: + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status defines the observed status of the OpenShift API Server. + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + latestAvailableRevision: + description: latestAvailableRevision is the latest revision used as + suffix of revisioned secrets like encryption-config. A new revision + causes a new deployment of pods. + format: int32 + minimum: 0 + type: integer + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: openshiftcontrollermanagers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: OpenShiftControllerManager + listKind: OpenShiftControllerManagerList + plural: openshiftcontrollermanagers + singular: openshiftcontrollermanager + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: OpenShiftControllerManager provides information to configure + an operator to manage openshift-controller-manager. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: servicecas.operator.openshift.io +spec: + group: operator.openshift.io + names: + kind: ServiceCA + listKind: ServiceCAList + plural: servicecas + singular: serviceca + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ServiceCA provides information to configure an operator to manage + the service cert controllers + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: spec holds user settable values for configuration + properties: + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: status holds observed values from the cluster. They may not + be overridden. + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: servicecatalogapiservers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: ServiceCatalogAPIServer + listKind: ServiceCatalogAPIServerList + plural: servicecatalogapiservers + singular: servicecatalogapiserver + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ServiceCatalogAPIServer provides information to configure an + operator to manage Service Catalog API Server + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: servicecatalogcontrollermanagers.operator.openshift.io +spec: + group: operator.openshift.io + names: + categories: + - coreoperators + kind: ServiceCatalogControllerManager + listKind: ServiceCatalogControllerManagerList + plural: servicecatalogcontrollermanagers + singular: servicecatalogcontrollermanager + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ServiceCatalogControllerManager provides information to configure + an operator to manage Service Catalog Controller Manager + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + logLevel: + description: logLevel is an intent based logging for an overall component. It + does not give fine grained control, but it is a simple way to manage + coarse grained logging choices that operators have to interpret + for their operands. + type: string + managementState: + description: managementState indicates whether and how the operator + should manage the component + pattern: ^(Managed|Unmanaged|Force|Removed)$ + type: string + observedConfig: + description: observedConfig holds a sparse config that controller + has observed from the cluster state. It exists in spec because + it is an input to the level for the operator + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + operatorLogLevel: + description: operatorLogLevel is an intent based logging for the operator + itself. It does not give fine grained control, but it is a simple + way to manage coarse grained logging choices that operators have + to interpret for themselves. + type: string + unsupportedConfigOverrides: + description: 'unsupportedConfigOverrides holds a sparse config that + will override any previously set options. It only needs to be the + fields to override it will end up overlaying in the following order: + 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides' + nullable: true + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + properties: + conditions: + description: conditions is a list of conditions and their status + items: + description: OperatorCondition is just the standard condition fields. + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + generations: + description: generations are used to determine when an item needs + to be reconciled or has changed in a way that needs a reaction. + items: + description: GenerationStatus keeps track of the generation for + a given resource so that decisions about forced updates can be + made. + properties: + group: + description: group is the group of the thing you're tracking + type: string + hash: + description: hash is an optional field set for resources without + generation that are content sensitive like secrets and configmaps + type: string + lastGeneration: + description: lastGeneration is the last generation of the workload + controller involved + format: int64 + type: integer + name: + description: name is the name of the thing you're tracking + type: string + namespace: + description: namespace is where the thing you're tracking is + type: string + resource: + description: resource is the resource type of the thing you're + tracking + type: string + type: object + type: array + observedGeneration: + description: observedGeneration is the last generation change you've + dealt with + format: int64 + type: integer + readyReplicas: + description: readyReplicas indicates how many replicas are ready and + at the desired state + format: int32 + type: integer + version: + description: version is the level this availability applies to + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: securitycontextconstraints.security.openshift.io +spec: + group: security.openshift.io + names: + kind: SecurityContextConstraints + listKind: SecurityContextConstraintsList + plural: securitycontextconstraints + singular: securitycontextconstraints + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: SecurityContextConstraints governs the ability to make requests + that affect the SecurityContext that will be applied to a container. For + historical reasons SCC was exposed under the core Kubernetes API group. + That exposure is deprecated and will be removed in a future release - users + should instead use the security.openshift.io group to manage SecurityContextConstraints. + properties: + allowHostDirVolumePlugin: + description: AllowHostDirVolumePlugin determines if the policy allow containers + to use the HostDir volume plugin + type: boolean + allowHostIPC: + description: AllowHostIPC determines if the policy allows host ipc in + the containers. + type: boolean + allowHostNetwork: + description: AllowHostNetwork determines if the policy allows the use + of HostNetwork in the pod spec. + type: boolean + allowHostPID: + description: AllowHostPID determines if the policy allows host pid in + the containers. + type: boolean + allowHostPorts: + description: AllowHostPorts determines if the policy allows host ports + in the containers. + type: boolean + allowPrivilegeEscalation: + description: AllowPrivilegeEscalation determines if a pod can request + to allow privilege escalation. If unspecified, defaults to true. + nullable: true + type: boolean + allowPrivilegedContainer: + description: AllowPrivilegedContainer determines if a container can request + to be run as privileged. + type: boolean + allowedCapabilities: + description: AllowedCapabilities is a list of capabilities that can be + requested to add to the container. Capabilities in this field maybe + added at the pod author's discretion. You must not list a capability + in both AllowedCapabilities and RequiredDropCapabilities. To allow all + capabilities you may use '*'. + items: + description: Capability represent POSIX capabilities type + type: string + nullable: true + type: array + allowedFlexVolumes: + description: AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty + or nil indicates that all Flexvolumes may be used. This parameter is + effective only when the usage of the Flexvolumes is allowed in the "Volumes" + field. + items: + description: AllowedFlexVolume represents a single Flexvolume that is + allowed to be used. + properties: + driver: + description: Driver is the name of the Flexvolume driver. + type: string + required: + - driver + type: object + nullable: true + type: array + allowedUnsafeSysctls: + description: "AllowedUnsafeSysctls is a list of explicitly allowed unsafe + sysctls, defaults to none. Each entry is either a plain sysctl name + or ends in \"*\" in which case it is considered as a prefix of allowed + sysctls. Single * means all unsafe sysctls are allowed. Kubelet has + to whitelist all allowed unsafe sysctls explicitly to avoid rejection. + \n Examples: e.g. \"foo/*\" allows \"foo/bar\", \"foo/baz\", etc. e.g. + \"foo.*\" allows \"foo.bar\", \"foo.baz\", etc." + items: + type: string + nullable: true + type: array + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + defaultAddCapabilities: + description: DefaultAddCapabilities is the default set of capabilities + that will be added to the container unless the pod spec specifically + drops the capability. You may not list a capabiility in both DefaultAddCapabilities + and RequiredDropCapabilities. + items: + description: Capability represent POSIX capabilities type + type: string + nullable: true + type: array + defaultAllowPrivilegeEscalation: + description: DefaultAllowPrivilegeEscalation controls the default setting + for whether a process can gain more privileges than its parent process. + nullable: true + type: boolean + forbiddenSysctls: + description: "ForbiddenSysctls is a list of explicitly forbidden sysctls, + defaults to none. Each entry is either a plain sysctl name or ends in + \"*\" in which case it is considered as a prefix of forbidden sysctls. + Single * means all sysctls are forbidden. \n Examples: e.g. \"foo/*\" + forbids \"foo/bar\", \"foo/baz\", etc. e.g. \"foo.*\" forbids \"foo.bar\", + \"foo.baz\", etc." + items: + type: string + nullable: true + type: array + fsGroup: + description: FSGroup is the strategy that will dictate what fs group is + used by the SecurityContext. + nullable: true + properties: + ranges: + description: Ranges are the allowed ranges of fs groups. If you would + like to force a single fs group then supply a single range with + the same start and end. + items: + description: 'IDRange provides a min/max of an allowed range of + IDs. TODO: this could be reused for UIDs.' + properties: + max: + description: Max is the end of the range, inclusive. + format: int64 + type: integer + min: + description: Min is the start of the range, inclusive. + format: int64 + type: integer + type: object + type: array + type: + description: Type is the strategy that will dictate what FSGroup is + used in the SecurityContext. + type: string + type: object + groups: + description: The groups that have permission to use this security context + constraints + items: + type: string + nullable: true + type: array + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + priority: + description: Priority influences the sort order of SCCs when evaluating + which SCCs to try first for a given pod request based on access in the + Users and Groups fields. The higher the int, the higher priority. An + unset value is considered a 0 priority. If scores for multiple SCCs + are equal they will be sorted from most restrictive to least restrictive. + If both priorities and restrictions are equal the SCCs will be sorted + by name. + format: int32 + nullable: true + type: integer + readOnlyRootFilesystem: + description: ReadOnlyRootFilesystem when set to true will force containers + to run with a read only root file system. If the container specifically + requests to run with a non-read only root file system the SCC should + deny the pod. If set to false the container may run with a read only + root file system if it wishes but it will not be forced to. + type: boolean + requiredDropCapabilities: + description: RequiredDropCapabilities are the capabilities that will be + dropped from the container. These are required to be dropped and cannot + be added. + items: + description: Capability represent POSIX capabilities type + type: string + nullable: true + type: array + runAsUser: + description: RunAsUser is the strategy that will dictate what RunAsUser + is used in the SecurityContext. + nullable: true + properties: + type: + description: Type is the strategy that will dictate what RunAsUser + is used in the SecurityContext. + type: string + uid: + description: UID is the user id that containers must run as. Required + for the MustRunAs strategy if not using namespace/service account + allocated uids. + format: int64 + type: integer + uidRangeMax: + description: UIDRangeMax defines the max value for a strategy that + allocates by range. + format: int64 + type: integer + uidRangeMin: + description: UIDRangeMin defines the min value for a strategy that + allocates by range. + format: int64 + type: integer + type: object + seLinuxContext: + description: SELinuxContext is the strategy that will dictate what labels + will be set in the SecurityContext. + nullable: true + properties: + seLinuxOptions: + description: seLinuxOptions required to run as; required for MustRunAs + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + type: object + type: + description: Type is the strategy that will dictate what SELinux context + is used in the SecurityContext. + type: string + type: object + seccompProfiles: + description: "SeccompProfiles lists the allowed profiles that may be set + for the pod or container's seccomp annotations. An unset (nil) or empty + value means that no profiles may be specifid by the pod or container.\tThe + wildcard '*' may be used to allow all profiles. When used to generate + a value for a pod the first non-wildcard profile will be used as the + default." + items: + type: string + nullable: true + type: array + supplementalGroups: + description: SupplementalGroups is the strategy that will dictate what + supplemental groups are used by the SecurityContext. + nullable: true + properties: + ranges: + description: Ranges are the allowed ranges of supplemental groups. If + you would like to force a single supplemental group then supply + a single range with the same start and end. + items: + description: 'IDRange provides a min/max of an allowed range of + IDs. TODO: this could be reused for UIDs.' + properties: + max: + description: Max is the end of the range, inclusive. + format: int64 + type: integer + min: + description: Min is the start of the range, inclusive. + format: int64 + type: integer + type: object + type: array + type: + description: Type is the strategy that will dictate what supplemental + groups is used in the SecurityContext. + type: string + type: object + users: + description: The users who have permissions to use this security context + constraints + items: + type: string + nullable: true + type: array + volumes: + description: Volumes is a white list of allowed volume plugins. FSType + corresponds directly with the field names of a VolumeSource (azureFile, + configMap, emptyDir). To allow all volumes you may use "*". To allow + no volumes, set to ["none"]. + items: + description: FS Type gives strong typing to different file systems that + are used by volumes. + type: string + nullable: true + type: array + required: + - allowHostDirVolumePlugin + - allowHostIPC + - allowHostNetwork + - allowHostPID + - allowHostPorts + - allowPrivilegedContainer + - allowedCapabilities + - defaultAddCapabilities + - priority + - readOnlyRootFilesystem + - requiredDropCapabilities + - volumes + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: + - v1 diff --git a/kubevirt/docs/kubevirt.md b/kubevirt/docs/kubevirt.md index 1900ee3b..d43e84f8 100644 --- a/kubevirt/docs/kubevirt.md +++ b/kubevirt/docs/kubevirt.md @@ -2,16 +2,269 @@ ## Index -- k8s - - apimachinery - - pkg - - apis - - meta - - v1 - - [ManagedFieldsEntry](#managedfieldsentry) - - [ObjectMeta](#objectmeta) - - [OwnerReference](#ownerreference) - v1 + - [APIServer](#apiserver) + - [Build](#build) + - [ConfigAuthentication](#configauthentication) + - [ConfigConsole](#configconsole) + - [ConfigDNS](#configdns) + - [ConfigNetwork](#confignetwork) + - [ConfigOpenshiftIoV1APIServerSpec](#configopenshiftiov1apiserverspec) + - [ConfigOpenshiftIoV1APIServerSpecClientCA](#configopenshiftiov1apiserverspecclientca) + - [ConfigOpenshiftIoV1APIServerSpecEncryption](#configopenshiftiov1apiserverspecencryption) + - [ConfigOpenshiftIoV1APIServerSpecServingCerts](#configopenshiftiov1apiserverspecservingcerts) + - [ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0](#configopenshiftiov1apiserverspecservingcertsnamedcertificatesitems0) + - [ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0ServingCertificate](#configopenshiftiov1apiserverspecservingcertsnamedcertificatesitems0servingcertificate) + - [ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfile](#configopenshiftiov1apiserverspectlssecurityprofile) + - [ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfileCustom](#configopenshiftiov1apiserverspectlssecurityprofilecustom) + - [ConfigOpenshiftIoV1AuthenticationSpec](#configopenshiftiov1authenticationspec) + - [ConfigOpenshiftIoV1AuthenticationSpecOauthMetadata](#configopenshiftiov1authenticationspecoauthmetadata) + - [ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0](#configopenshiftiov1authenticationspecwebhooktokenauthenticatorsitems0) + - [ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0KubeConfig](#configopenshiftiov1authenticationspecwebhooktokenauthenticatorsitems0kubeconfig) + - [ConfigOpenshiftIoV1AuthenticationStatus](#configopenshiftiov1authenticationstatus) + - [ConfigOpenshiftIoV1AuthenticationStatusIntegratedOAuthMetadata](#configopenshiftiov1authenticationstatusintegratedoauthmetadata) + - [ConfigOpenshiftIoV1BuildSpec](#configopenshiftiov1buildspec) + - [ConfigOpenshiftIoV1BuildSpecAdditionalTrustedCA](#configopenshiftiov1buildspecadditionaltrustedca) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaults](#configopenshiftiov1buildspecbuilddefaults) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxy](#configopenshiftiov1buildspecbuilddefaultsdefaultproxy) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxyTrustedCA](#configopenshiftiov1buildspecbuilddefaultsdefaultproxytrustedca) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0](#configopenshiftiov1buildspecbuilddefaultsenvitems0) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFrom](#configopenshiftiov1buildspecbuilddefaultsenvitems0valuefrom) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromConfigMapKeyRef](#configopenshiftiov1buildspecbuilddefaultsenvitems0valuefromconfigmapkeyref) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromFieldRef](#configopenshiftiov1buildspecbuilddefaultsenvitems0valuefromfieldref) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromResourceFieldRef](#configopenshiftiov1buildspecbuilddefaultsenvitems0valuefromresourcefieldref) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromSecretKeyRef](#configopenshiftiov1buildspecbuilddefaultsenvitems0valuefromsecretkeyref) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxy](#configopenshiftiov1buildspecbuilddefaultsgitproxy) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxyTrustedCA](#configopenshiftiov1buildspecbuilddefaultsgitproxytrustedca) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsImageLabelsItems0](#configopenshiftiov1buildspecbuilddefaultsimagelabelsitems0) + - [ConfigOpenshiftIoV1BuildSpecBuildDefaultsResources](#configopenshiftiov1buildspecbuilddefaultsresources) + - [ConfigOpenshiftIoV1BuildSpecBuildOverrides](#configopenshiftiov1buildspecbuildoverrides) + - [ConfigOpenshiftIoV1BuildSpecBuildOverridesImageLabelsItems0](#configopenshiftiov1buildspecbuildoverridesimagelabelsitems0) + - [ConfigOpenshiftIoV1BuildSpecBuildOverridesTolerationsItems0](#configopenshiftiov1buildspecbuildoverridestolerationsitems0) + - [ConfigOpenshiftIoV1ConsoleSpec](#configopenshiftiov1consolespec) + - [ConfigOpenshiftIoV1ConsoleSpecAuthentication](#configopenshiftiov1consolespecauthentication) + - [ConfigOpenshiftIoV1ConsoleStatus](#configopenshiftiov1consolestatus) + - [ConfigOpenshiftIoV1DNSSpec](#configopenshiftiov1dnsspec) + - [ConfigOpenshiftIoV1DNSSpecPrivateZone](#configopenshiftiov1dnsspecprivatezone) + - [ConfigOpenshiftIoV1DNSSpecPublicZone](#configopenshiftiov1dnsspecpubliczone) + - [ConfigOpenshiftIoV1FeatureGateSpec](#configopenshiftiov1featuregatespec) + - [ConfigOpenshiftIoV1FeatureGateSpecCustomNoUpgrade](#configopenshiftiov1featuregatespeccustomnoupgrade) + - [ConfigOpenshiftIoV1ImageSpec](#configopenshiftiov1imagespec) + - [ConfigOpenshiftIoV1ImageSpecAdditionalTrustedCA](#configopenshiftiov1imagespecadditionaltrustedca) + - [ConfigOpenshiftIoV1ImageSpecAllowedRegistriesForImportItems0](#configopenshiftiov1imagespecallowedregistriesforimportitems0) + - [ConfigOpenshiftIoV1ImageSpecRegistrySources](#configopenshiftiov1imagespecregistrysources) + - [ConfigOpenshiftIoV1ImageStatus](#configopenshiftiov1imagestatus) + - [ConfigOpenshiftIoV1InfrastructureSpec](#configopenshiftiov1infrastructurespec) + - [ConfigOpenshiftIoV1InfrastructureSpecCloudConfig](#configopenshiftiov1infrastructurespeccloudconfig) + - [ConfigOpenshiftIoV1InfrastructureStatus](#configopenshiftiov1infrastructurestatus) + - [ConfigOpenshiftIoV1InfrastructureStatusPlatformStatus](#configopenshiftiov1infrastructurestatusplatformstatus) + - [ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAws](#configopenshiftiov1infrastructurestatusplatformstatusaws) + - [ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAzure](#configopenshiftiov1infrastructurestatusplatformstatusazure) + - [ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusBaremetal](#configopenshiftiov1infrastructurestatusplatformstatusbaremetal) + - [ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusGcp](#configopenshiftiov1infrastructurestatusplatformstatusgcp) + - [ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOpenstack](#configopenshiftiov1infrastructurestatusplatformstatusopenstack) + - [ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOvirt](#configopenshiftiov1infrastructurestatusplatformstatusovirt) + - [ConfigOpenshiftIoV1IngressSpec](#configopenshiftiov1ingressspec) + - [ConfigOpenshiftIoV1NetworkSpec](#configopenshiftiov1networkspec) + - [ConfigOpenshiftIoV1NetworkSpecClusterNetworkItems0](#configopenshiftiov1networkspecclusternetworkitems0) + - [ConfigOpenshiftIoV1NetworkSpecExternalIP](#configopenshiftiov1networkspecexternalip) + - [ConfigOpenshiftIoV1NetworkSpecExternalIPPolicy](#configopenshiftiov1networkspecexternalippolicy) + - [ConfigOpenshiftIoV1NetworkStatus](#configopenshiftiov1networkstatus) + - [ConfigOpenshiftIoV1NetworkStatusClusterNetworkItems0](#configopenshiftiov1networkstatusclusternetworkitems0) + - [ConfigOpenshiftIoV1OAuthSpec](#configopenshiftiov1oauthspec) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0](#configopenshiftiov1oauthspecidentityprovidersitems0) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuth](#configopenshiftiov1oauthspecidentityprovidersitems0basicauth) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthCa](#configopenshiftiov1oauthspecidentityprovidersitems0basicauthca) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientCert](#configopenshiftiov1oauthspecidentityprovidersitems0basicauthtlsclientcert) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientKey](#configopenshiftiov1oauthspecidentityprovidersitems0basicauthtlsclientkey) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Github](#configopenshiftiov1oauthspecidentityprovidersitems0github) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubCa](#configopenshiftiov1oauthspecidentityprovidersitems0githubca) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubClientSecret](#configopenshiftiov1oauthspecidentityprovidersitems0githubclientsecret) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Gitlab](#configopenshiftiov1oauthspecidentityprovidersitems0gitlab) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabCa](#configopenshiftiov1oauthspecidentityprovidersitems0gitlabca) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabClientSecret](#configopenshiftiov1oauthspecidentityprovidersitems0gitlabclientsecret) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Google](#configopenshiftiov1oauthspecidentityprovidersitems0google) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GoogleClientSecret](#configopenshiftiov1oauthspecidentityprovidersitems0googleclientsecret) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Htpasswd](#configopenshiftiov1oauthspecidentityprovidersitems0htpasswd) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0HtpasswdFileData](#configopenshiftiov1oauthspecidentityprovidersitems0htpasswdfiledata) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Keystone](#configopenshiftiov1oauthspecidentityprovidersitems0keystone) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneCa](#configopenshiftiov1oauthspecidentityprovidersitems0keystoneca) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientCert](#configopenshiftiov1oauthspecidentityprovidersitems0keystonetlsclientcert) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientKey](#configopenshiftiov1oauthspecidentityprovidersitems0keystonetlsclientkey) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Ldap](#configopenshiftiov1oauthspecidentityprovidersitems0ldap) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapAttributes](#configopenshiftiov1oauthspecidentityprovidersitems0ldapattributes) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapBindPassword](#configopenshiftiov1oauthspecidentityprovidersitems0ldapbindpassword) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapCa](#configopenshiftiov1oauthspecidentityprovidersitems0ldapca) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenID](#configopenshiftiov1oauthspecidentityprovidersitems0openid) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDCa](#configopenshiftiov1oauthspecidentityprovidersitems0openidca) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClaims](#configopenshiftiov1oauthspecidentityprovidersitems0openidclaims) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClientSecret](#configopenshiftiov1oauthspecidentityprovidersitems0openidclientsecret) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeader](#configopenshiftiov1oauthspecidentityprovidersitems0requestheader) + - [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeaderCa](#configopenshiftiov1oauthspecidentityprovidersitems0requestheaderca) + - [ConfigOpenshiftIoV1OAuthSpecTemplates](#configopenshiftiov1oauthspectemplates) + - [ConfigOpenshiftIoV1OAuthSpecTemplatesError](#configopenshiftiov1oauthspectemplateserror) + - [ConfigOpenshiftIoV1OAuthSpecTemplatesLogin](#configopenshiftiov1oauthspectemplateslogin) + - [ConfigOpenshiftIoV1OAuthSpecTemplatesProviderSelection](#configopenshiftiov1oauthspectemplatesproviderselection) + - [ConfigOpenshiftIoV1OAuthSpecTokenConfig](#configopenshiftiov1oauthspectokenconfig) + - [ConfigOpenshiftIoV1OperatorHubSpec](#configopenshiftiov1operatorhubspec) + - [ConfigOpenshiftIoV1OperatorHubSpecSourcesItems0](#configopenshiftiov1operatorhubspecsourcesitems0) + - [ConfigOpenshiftIoV1OperatorHubStatus](#configopenshiftiov1operatorhubstatus) + - [ConfigOpenshiftIoV1OperatorHubStatusSourcesItems0](#configopenshiftiov1operatorhubstatussourcesitems0) + - [ConfigOpenshiftIoV1ProjectSpec](#configopenshiftiov1projectspec) + - [ConfigOpenshiftIoV1ProjectSpecProjectRequestTemplate](#configopenshiftiov1projectspecprojectrequesttemplate) + - [ConfigOpenshiftIoV1ProxySpec](#configopenshiftiov1proxyspec) + - [ConfigOpenshiftIoV1ProxySpecTrustedCA](#configopenshiftiov1proxyspectrustedca) + - [ConfigOpenshiftIoV1ProxyStatus](#configopenshiftiov1proxystatus) + - [ConfigOpenshiftIoV1SchedulerSpec](#configopenshiftiov1schedulerspec) + - [ConfigOpenshiftIoV1SchedulerSpecPolicy](#configopenshiftiov1schedulerspecpolicy) + - [FeatureGate](#featuregate) + - [Image](#image) + - [Infrastructure](#infrastructure) + - [Ingress](#ingress) + - [IngressController](#ingresscontroller) + - [K8sCniCncfIoV1NetworkAttachmentDefinitionSpec](#k8scnicncfiov1networkattachmentdefinitionspec) + - [KubeAPIServer](#kubeapiserver) + - [KubeControllerManager](#kubecontrollermanager) + - [KubeScheduler](#kubescheduler) + - [KubeStorageVersionMigrator](#kubestorageversionmigrator) + - [KubeVirt](#kubevirt) + - [KubevirtIoV1KubeVirtSpec](#kubevirtiov1kubevirtspec) + - [KubevirtIoV1KubeVirtSpecCertificateRotateStrategy](#kubevirtiov1kubevirtspeccertificaterotatestrategy) + - [KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSigned](#kubevirtiov1kubevirtspeccertificaterotatestrategyselfsigned) + - [KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedCa](#kubevirtiov1kubevirtspeccertificaterotatestrategyselfsignedca) + - [KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedServer](#kubevirtiov1kubevirtspeccertificaterotatestrategyselfsignedserver) + - [KubevirtIoV1KubeVirtSpecConfiguration](#kubevirtiov1kubevirtspecconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationAPIConfiguration](#kubevirtiov1kubevirtspecconfigurationapiconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClient](#kubevirtiov1kubevirtspecconfigurationapiconfigurationrestclient) + - [KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiter](#kubevirtiov1kubevirtspecconfigurationapiconfigurationrestclientratelimiter) + - [KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiterTokenBucketRateLimiter](#kubevirtiov1kubevirtspecconfigurationapiconfigurationrestclientratelimitertokenbucketratelimiter) + - [KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfiguration](#kubevirtiov1kubevirtspecconfigurationarchitectureconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationAmd64](#kubevirtiov1kubevirtspecconfigurationarchitectureconfigurationamd64) + - [KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationArm64](#kubevirtiov1kubevirtspecconfigurationarchitectureconfigurationarm64) + - [KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationPpc64le](#kubevirtiov1kubevirtspecconfigurationarchitectureconfigurationppc64le) + - [KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelector](#kubevirtiov1kubevirtspecconfigurationautocpulimitnamespacelabelselector) + - [KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecconfigurationautocpulimitnamespacelabelselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecConfigurationControllerConfiguration](#kubevirtiov1kubevirtspecconfigurationcontrollerconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClient](#kubevirtiov1kubevirtspecconfigurationcontrollerconfigurationrestclient) + - [KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiter](#kubevirtiov1kubevirtspecconfigurationcontrollerconfigurationrestclientratelimiter) + - [KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiterTokenBucketRateLimiter](#kubevirtiov1kubevirtspecconfigurationcontrollerconfigurationrestclientratelimitertokenbucketratelimiter) + - [KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfiguration](#kubevirtiov1kubevirtspecconfigurationdeveloperconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationDiskVerification](#kubevirtiov1kubevirtspecconfigurationdeveloperconfigurationdiskverification) + - [KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationLogVerbosity](#kubevirtiov1kubevirtspecconfigurationdeveloperconfigurationlogverbosity) + - [KubevirtIoV1KubeVirtSpecConfigurationHandlerConfiguration](#kubevirtiov1kubevirtspecconfigurationhandlerconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClient](#kubevirtiov1kubevirtspecconfigurationhandlerconfigurationrestclient) + - [KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiter](#kubevirtiov1kubevirtspecconfigurationhandlerconfigurationrestclientratelimiter) + - [KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiterTokenBucketRateLimiter](#kubevirtiov1kubevirtspecconfigurationhandlerconfigurationrestclientratelimitertokenbucketratelimiter) + - [KubevirtIoV1KubeVirtSpecConfigurationKsmConfiguration](#kubevirtiov1kubevirtspecconfigurationksmconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelector](#kubevirtiov1kubevirtspecconfigurationksmconfigurationnodelabelselector) + - [KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecconfigurationksmconfigurationnodelabelselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecConfigurationLiveUpdateConfiguration](#kubevirtiov1kubevirtspecconfigurationliveupdateconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfiguration](#kubevirtiov1kubevirtspecconfigurationmediateddevicesconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfigurationNodeMediatedDeviceTypesItems0](#kubevirtiov1kubevirtspecconfigurationmediateddevicesconfigurationnodemediateddevicetypesitems0) + - [KubevirtIoV1KubeVirtSpecConfigurationMigrations](#kubevirtiov1kubevirtspecconfigurationmigrations) + - [KubevirtIoV1KubeVirtSpecConfigurationNetwork](#kubevirtiov1kubevirtspecconfigurationnetwork) + - [KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnon](#kubevirtiov1kubevirtspecconfigurationnetworkbindinganon) + - [KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnonMigration](#kubevirtiov1kubevirtspecconfigurationnetworkbindinganonmigration) + - [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevices](#kubevirtiov1kubevirtspecconfigurationpermittedhostdevices) + - [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesMediatedDevicesItems0](#kubevirtiov1kubevirtspecconfigurationpermittedhostdevicesmediateddevicesitems0) + - [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesPciHostDevicesItems0](#kubevirtiov1kubevirtspecconfigurationpermittedhostdevicespcihostdevicesitems0) + - [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0](#kubevirtiov1kubevirtspecconfigurationpermittedhostdevicesusbitems0) + - [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0SelectorsItems0](#kubevirtiov1kubevirtspecconfigurationpermittedhostdevicesusbitems0selectorsitems0) + - [KubevirtIoV1KubeVirtSpecConfigurationSeccompConfiguration](#kubevirtiov1kubevirtspecconfigurationseccompconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfile](#kubevirtiov1kubevirtspecconfigurationseccompconfigurationvirtualmachineinstanceprofile) + - [KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfileCustomProfile](#kubevirtiov1kubevirtspecconfigurationseccompconfigurationvirtualmachineinstanceprofilecustomprofile) + - [KubevirtIoV1KubeVirtSpecConfigurationSmbios](#kubevirtiov1kubevirtspecconfigurationsmbios) + - [KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0](#kubevirtiov1kubevirtspecconfigurationsupportcontainerresourcesitems0) + - [KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0Resources](#kubevirtiov1kubevirtspecconfigurationsupportcontainerresourcesitems0resources) + - [KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0ResourcesClaimsItems0](#kubevirtiov1kubevirtspecconfigurationsupportcontainerresourcesitems0resourcesclaimsitems0) + - [KubevirtIoV1KubeVirtSpecConfigurationTLSConfiguration](#kubevirtiov1kubevirtspecconfigurationtlsconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationVirtualMachineOptions](#kubevirtiov1kubevirtspecconfigurationvirtualmachineoptions) + - [KubevirtIoV1KubeVirtSpecConfigurationWebhookConfiguration](#kubevirtiov1kubevirtspecconfigurationwebhookconfiguration) + - [KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClient](#kubevirtiov1kubevirtspecconfigurationwebhookconfigurationrestclient) + - [KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiter](#kubevirtiov1kubevirtspecconfigurationwebhookconfigurationrestclientratelimiter) + - [KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiterTokenBucketRateLimiter](#kubevirtiov1kubevirtspecconfigurationwebhookconfigurationrestclientratelimitertokenbucketratelimiter) + - [KubevirtIoV1KubeVirtSpecCustomizeComponents](#kubevirtiov1kubevirtspeccustomizecomponents) + - [KubevirtIoV1KubeVirtSpecCustomizeComponentsFlags](#kubevirtiov1kubevirtspeccustomizecomponentsflags) + - [KubevirtIoV1KubeVirtSpecCustomizeComponentsPatchesItems0](#kubevirtiov1kubevirtspeccustomizecomponentspatchesitems0) + - [KubevirtIoV1KubeVirtSpecImagePullSecretsItems0](#kubevirtiov1kubevirtspecimagepullsecretsitems0) + - [KubevirtIoV1KubeVirtSpecInfra](#kubevirtiov1kubevirtspecinfra) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacement](#kubevirtiov1kubevirtspecinfranodeplacement) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinity](#kubevirtiov1kubevirtspecinfranodeplacementaffinity) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinity](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinity) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preference) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchfieldsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecution) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchfieldsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinity](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinity) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinity](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinity) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecInfraNodePlacementTolerationsItems0](#kubevirtiov1kubevirtspecinfranodeplacementtolerationsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadUpdateStrategy](#kubevirtiov1kubevirtspecworkloadupdatestrategy) + - [KubevirtIoV1KubeVirtSpecWorkloads](#kubevirtiov1kubevirtspecworkloads) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacement](#kubevirtiov1kubevirtspecworkloadsnodeplacement) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinity](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinity) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinity](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinity) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preference) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchfieldsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecution) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchfieldsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinity](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinity) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinity](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinity) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0) + - [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementTolerationsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementtolerationsitems0) + - [KubevirtIoV1KubeVirtStatus](#kubevirtiov1kubevirtstatus) + - [KubevirtIoV1KubeVirtStatusConditionsItems0](#kubevirtiov1kubevirtstatusconditionsitems0) + - [KubevirtIoV1KubeVirtStatusGenerationsItems0](#kubevirtiov1kubevirtstatusgenerationsitems0) - [KubevirtIoV1VirtualMachineInstanceSpec](#kubevirtiov1virtualmachineinstancespec) - [KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0) - [KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKey](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickey) @@ -182,1814 +435,4744 @@ - [KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0HotplugVolume](#kubevirtiov1virtualmachineinstancestatusvolumestatusitems0hotplugvolume) - [KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0MemoryDumpVolume](#kubevirtiov1virtualmachineinstancestatusvolumestatusitems0memorydumpvolume) - [KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0PersistentVolumeClaimInfo](#kubevirtiov1virtualmachineinstancestatusvolumestatusitems0persistentvolumeclaiminfo) + - [NetworkAttachmentDefinition](#networkattachmentdefinition) + - [OAuth](#oauth) + - [OpenShiftAPIServer](#openshiftapiserver) + - [OpenShiftControllerManager](#openshiftcontrollermanager) + - [OperatorAuthentication](#operatorauthentication) + - [OperatorConsole](#operatorconsole) + - [OperatorDNS](#operatordns) + - [OperatorHub](#operatorhub) + - [OperatorNetwork](#operatornetwork) + - [OperatorOpenshiftIoV1AuthenticationSpec](#operatoropenshiftiov1authenticationspec) + - [OperatorOpenshiftIoV1AuthenticationStatus](#operatoropenshiftiov1authenticationstatus) + - [OperatorOpenshiftIoV1AuthenticationStatusConditionsItems0](#operatoropenshiftiov1authenticationstatusconditionsitems0) + - [OperatorOpenshiftIoV1AuthenticationStatusGenerationsItems0](#operatoropenshiftiov1authenticationstatusgenerationsitems0) + - [OperatorOpenshiftIoV1ConsoleSpec](#operatoropenshiftiov1consolespec) + - [OperatorOpenshiftIoV1ConsoleSpecCustomization](#operatoropenshiftiov1consolespeccustomization) + - [OperatorOpenshiftIoV1ConsoleSpecCustomizationCustomLogoFile](#operatoropenshiftiov1consolespeccustomizationcustomlogofile) + - [OperatorOpenshiftIoV1ConsoleSpecProviders](#operatoropenshiftiov1consolespecproviders) + - [OperatorOpenshiftIoV1ConsoleSpecProvidersStatuspage](#operatoropenshiftiov1consolespecprovidersstatuspage) + - [OperatorOpenshiftIoV1ConsoleStatus](#operatoropenshiftiov1consolestatus) + - [OperatorOpenshiftIoV1ConsoleStatusConditionsItems0](#operatoropenshiftiov1consolestatusconditionsitems0) + - [OperatorOpenshiftIoV1ConsoleStatusGenerationsItems0](#operatoropenshiftiov1consolestatusgenerationsitems0) + - [OperatorOpenshiftIoV1DNSSpec](#operatoropenshiftiov1dnsspec) + - [OperatorOpenshiftIoV1DNSSpecServersItems0](#operatoropenshiftiov1dnsspecserversitems0) + - [OperatorOpenshiftIoV1DNSSpecServersItems0ForwardPlugin](#operatoropenshiftiov1dnsspecserversitems0forwardplugin) + - [OperatorOpenshiftIoV1DNSStatus](#operatoropenshiftiov1dnsstatus) + - [OperatorOpenshiftIoV1DNSStatusConditionsItems0](#operatoropenshiftiov1dnsstatusconditionsitems0) + - [OperatorOpenshiftIoV1IngressControllerSpec](#operatoropenshiftiov1ingresscontrollerspec) + - [OperatorOpenshiftIoV1IngressControllerSpecDefaultCertificate](#operatoropenshiftiov1ingresscontrollerspecdefaultcertificate) + - [OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategy](#operatoropenshiftiov1ingresscontrollerspecendpointpublishingstrategy) + - [OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategyLoadBalancer](#operatoropenshiftiov1ingresscontrollerspecendpointpublishingstrategyloadbalancer) + - [OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelector](#operatoropenshiftiov1ingresscontrollerspecnamespaceselector) + - [OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelectorMatchExpressionsItems0](#operatoropenshiftiov1ingresscontrollerspecnamespaceselectormatchexpressionsitems0) + - [OperatorOpenshiftIoV1IngressControllerSpecNodePlacement](#operatoropenshiftiov1ingresscontrollerspecnodeplacement) + - [OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelector](#operatoropenshiftiov1ingresscontrollerspecnodeplacementnodeselector) + - [OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelectorMatchExpressionsItems0](#operatoropenshiftiov1ingresscontrollerspecnodeplacementnodeselectormatchexpressionsitems0) + - [OperatorOpenshiftIoV1IngressControllerSpecNodePlacementTolerationsItems0](#operatoropenshiftiov1ingresscontrollerspecnodeplacementtolerationsitems0) + - [OperatorOpenshiftIoV1IngressControllerSpecRouteSelector](#operatoropenshiftiov1ingresscontrollerspecrouteselector) + - [OperatorOpenshiftIoV1IngressControllerSpecRouteSelectorMatchExpressionsItems0](#operatoropenshiftiov1ingresscontrollerspecrouteselectormatchexpressionsitems0) + - [OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfile](#operatoropenshiftiov1ingresscontrollerspectlssecurityprofile) + - [OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfileCustom](#operatoropenshiftiov1ingresscontrollerspectlssecurityprofilecustom) + - [OperatorOpenshiftIoV1IngressControllerStatus](#operatoropenshiftiov1ingresscontrollerstatus) + - [OperatorOpenshiftIoV1IngressControllerStatusConditionsItems0](#operatoropenshiftiov1ingresscontrollerstatusconditionsitems0) + - [OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategy](#operatoropenshiftiov1ingresscontrollerstatusendpointpublishingstrategy) + - [OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategyLoadBalancer](#operatoropenshiftiov1ingresscontrollerstatusendpointpublishingstrategyloadbalancer) + - [OperatorOpenshiftIoV1IngressControllerStatusTLSProfile](#operatoropenshiftiov1ingresscontrollerstatustlsprofile) + - [OperatorOpenshiftIoV1KubeAPIServerSpec](#operatoropenshiftiov1kubeapiserverspec) + - [OperatorOpenshiftIoV1KubeAPIServerStatus](#operatoropenshiftiov1kubeapiserverstatus) + - [OperatorOpenshiftIoV1KubeAPIServerStatusConditionsItems0](#operatoropenshiftiov1kubeapiserverstatusconditionsitems0) + - [OperatorOpenshiftIoV1KubeAPIServerStatusGenerationsItems0](#operatoropenshiftiov1kubeapiserverstatusgenerationsitems0) + - [OperatorOpenshiftIoV1KubeAPIServerStatusNodeStatusesItems0](#operatoropenshiftiov1kubeapiserverstatusnodestatusesitems0) + - [OperatorOpenshiftIoV1KubeControllerManagerSpec](#operatoropenshiftiov1kubecontrollermanagerspec) + - [OperatorOpenshiftIoV1KubeControllerManagerStatus](#operatoropenshiftiov1kubecontrollermanagerstatus) + - [OperatorOpenshiftIoV1KubeControllerManagerStatusConditionsItems0](#operatoropenshiftiov1kubecontrollermanagerstatusconditionsitems0) + - [OperatorOpenshiftIoV1KubeControllerManagerStatusGenerationsItems0](#operatoropenshiftiov1kubecontrollermanagerstatusgenerationsitems0) + - [OperatorOpenshiftIoV1KubeControllerManagerStatusNodeStatusesItems0](#operatoropenshiftiov1kubecontrollermanagerstatusnodestatusesitems0) + - [OperatorOpenshiftIoV1KubeSchedulerSpec](#operatoropenshiftiov1kubeschedulerspec) + - [OperatorOpenshiftIoV1KubeSchedulerStatus](#operatoropenshiftiov1kubeschedulerstatus) + - [OperatorOpenshiftIoV1KubeSchedulerStatusConditionsItems0](#operatoropenshiftiov1kubeschedulerstatusconditionsitems0) + - [OperatorOpenshiftIoV1KubeSchedulerStatusGenerationsItems0](#operatoropenshiftiov1kubeschedulerstatusgenerationsitems0) + - [OperatorOpenshiftIoV1KubeSchedulerStatusNodeStatusesItems0](#operatoropenshiftiov1kubeschedulerstatusnodestatusesitems0) + - [OperatorOpenshiftIoV1KubeStorageVersionMigratorSpec](#operatoropenshiftiov1kubestorageversionmigratorspec) + - [OperatorOpenshiftIoV1KubeStorageVersionMigratorStatus](#operatoropenshiftiov1kubestorageversionmigratorstatus) + - [OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusConditionsItems0](#operatoropenshiftiov1kubestorageversionmigratorstatusconditionsitems0) + - [OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusGenerationsItems0](#operatoropenshiftiov1kubestorageversionmigratorstatusgenerationsitems0) + - [OperatorOpenshiftIoV1NetworkSpec](#operatoropenshiftiov1networkspec) + - [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0](#operatoropenshiftiov1networkspecadditionalnetworksitems0) + - [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfig](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfig) + - [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfig](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfigipamconfig) + - [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfig](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfigipamconfigstaticipamconfig) + - [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigAddressesItems0](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfigipamconfigstaticipamconfigaddressesitems0) + - [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigDNS](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfigipamconfigstaticipamconfigdns) + - [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigRoutesItems0](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfigipamconfigstaticipamconfigroutesitems0) + - [OperatorOpenshiftIoV1NetworkSpecClusterNetworkItems0](#operatoropenshiftiov1networkspecclusternetworkitems0) + - [OperatorOpenshiftIoV1NetworkSpecDefaultNetwork](#operatoropenshiftiov1networkspecdefaultnetwork) + - [OperatorOpenshiftIoV1NetworkSpecDefaultNetworkKuryrConfig](#operatoropenshiftiov1networkspecdefaultnetworkkuryrconfig) + - [OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOpenshiftSDNConfig](#operatoropenshiftiov1networkspecdefaultnetworkopenshiftsdnconfig) + - [OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfig](#operatoropenshiftiov1networkspecdefaultnetworkovnkubernetesconfig) + - [OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfig](#operatoropenshiftiov1networkspecdefaultnetworkovnkubernetesconfighybridoverlayconfig) + - [OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfigHybridClusterNetworkItems0](#operatoropenshiftiov1networkspecdefaultnetworkovnkubernetesconfighybridoverlayconfighybridclusternetworkitems0) + - [OperatorOpenshiftIoV1NetworkSpecKubeProxyConfig](#operatoropenshiftiov1networkspeckubeproxyconfig) + - [OperatorOpenshiftIoV1OpenShiftAPIServerSpec](#operatoropenshiftiov1openshiftapiserverspec) + - [OperatorOpenshiftIoV1OpenShiftAPIServerStatus](#operatoropenshiftiov1openshiftapiserverstatus) + - [OperatorOpenshiftIoV1OpenShiftAPIServerStatusConditionsItems0](#operatoropenshiftiov1openshiftapiserverstatusconditionsitems0) + - [OperatorOpenshiftIoV1OpenShiftAPIServerStatusGenerationsItems0](#operatoropenshiftiov1openshiftapiserverstatusgenerationsitems0) + - [OperatorOpenshiftIoV1OpenShiftControllerManagerSpec](#operatoropenshiftiov1openshiftcontrollermanagerspec) + - [OperatorOpenshiftIoV1OpenShiftControllerManagerStatus](#operatoropenshiftiov1openshiftcontrollermanagerstatus) + - [OperatorOpenshiftIoV1OpenShiftControllerManagerStatusConditionsItems0](#operatoropenshiftiov1openshiftcontrollermanagerstatusconditionsitems0) + - [OperatorOpenshiftIoV1OpenShiftControllerManagerStatusGenerationsItems0](#operatoropenshiftiov1openshiftcontrollermanagerstatusgenerationsitems0) + - [OperatorOpenshiftIoV1ServiceCASpec](#operatoropenshiftiov1servicecaspec) + - [OperatorOpenshiftIoV1ServiceCAStatus](#operatoropenshiftiov1servicecastatus) + - [OperatorOpenshiftIoV1ServiceCAStatusConditionsItems0](#operatoropenshiftiov1servicecastatusconditionsitems0) + - [OperatorOpenshiftIoV1ServiceCAStatusGenerationsItems0](#operatoropenshiftiov1servicecastatusgenerationsitems0) + - [OperatorOpenshiftIoV1ServiceCatalogAPIServerSpec](#operatoropenshiftiov1servicecatalogapiserverspec) + - [OperatorOpenshiftIoV1ServiceCatalogAPIServerStatus](#operatoropenshiftiov1servicecatalogapiserverstatus) + - [OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusConditionsItems0](#operatoropenshiftiov1servicecatalogapiserverstatusconditionsitems0) + - [OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusGenerationsItems0](#operatoropenshiftiov1servicecatalogapiserverstatusgenerationsitems0) + - [OperatorOpenshiftIoV1ServiceCatalogControllerManagerSpec](#operatoropenshiftiov1servicecatalogcontrollermanagerspec) + - [OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatus](#operatoropenshiftiov1servicecatalogcontrollermanagerstatus) + - [OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusConditionsItems0](#operatoropenshiftiov1servicecatalogcontrollermanagerstatusconditionsitems0) + - [OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusGenerationsItems0](#operatoropenshiftiov1servicecatalogcontrollermanagerstatusgenerationsitems0) + - [Project](#project) + - [Proxy](#proxy) + - [Scheduler](#scheduler) + - [SecurityContextConstraints](#securitycontextconstraints) + - [SecurityOpenshiftIoV1SecurityContextConstraintsAllowedFlexVolumesItems0](#securityopenshiftiov1securitycontextconstraintsallowedflexvolumesitems0) + - [SecurityOpenshiftIoV1SecurityContextConstraintsFsGroup](#securityopenshiftiov1securitycontextconstraintsfsgroup) + - [SecurityOpenshiftIoV1SecurityContextConstraintsFsGroupRangesItems0](#securityopenshiftiov1securitycontextconstraintsfsgrouprangesitems0) + - [SecurityOpenshiftIoV1SecurityContextConstraintsRunAsUser](#securityopenshiftiov1securitycontextconstraintsrunasuser) + - [SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContext](#securityopenshiftiov1securitycontextconstraintsselinuxcontext) + - [SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContextSeLinuxOptions](#securityopenshiftiov1securitycontextconstraintsselinuxcontextselinuxoptions) + - [SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroups](#securityopenshiftiov1securitycontextconstraintssupplementalgroups) + - [SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroupsRangesItems0](#securityopenshiftiov1securitycontextconstraintssupplementalgroupsrangesitems0) + - [ServiceCA](#serviceca) + - [ServiceCatalogAPIServer](#servicecatalogapiserver) + - [ServiceCatalogControllerManager](#servicecatalogcontrollermanager) - [VirtualMachineInstance](#virtualmachineinstance) ## Schemas -### ManagedFieldsEntry +### APIServer -ManagedFieldsEntry is a workflow-id, a FieldSet and the group version of the resource that the fieldset applies to. +APIServer holds configuration (like serving certificates, client CA and CORS domains) shared by all API servers in the system, among them especially kube-apiserver and openshift-apiserver. The canonical name of an instance is 'cluster'. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**apiVersion**|str|APIVersion defines the version of this resource that this field set applies to. The format is "group/version" just like the top-level APIVersion field. It is necessary to track the version of a field set because it cannot be automatically converted.|| -|**fieldsType**|str|FieldsType is the discriminator for the different fields format and version. There is currently only one possible value: "FieldsV1"|| -|**fieldsV1**|any|FieldsV1 holds the first JSON version format as described in the "FieldsV1" type.|| -|**manager**|str|Manager is an identifier of the workflow managing these fields.|| -|**operation**|str|Operation is the type of operation which lead to this ManagedFieldsEntry being created. The only valid values for this field are 'Apply' and 'Update'.|| -|**time**|str|Time is timestamp of when these fields were set. It should always be empty if Operation is 'Apply'|| -### ObjectMeta +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"APIServer"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"APIServer"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1APIServerSpec](#configopenshiftiov1apiserverspec)|spec|| +|**status**|any|status|| +### Build -ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. +Build configures the behavior of OpenShift builds for the entire cluster. This includes default settings that can be overridden in BuildConfig objects, and overrides which are applied to all builds. The canonical name is "cluster" #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**annotations**|{str:str}|Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations|| -|**clusterName**|str|The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.|| -|**creationTimestamp**|str|CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC.

Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata|| -|**deletionGracePeriodSeconds**|int|Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.|| -|**deletionTimestamp**|str|DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested.

Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata|| -|**finalizers**|[str]|Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. Finalizers may be processed and removed in any order. Order is NOT enforced because it introduces significant risk of stuck finalizers. finalizers is a shared field, any actor with permission can reorder it. If the finalizer list is processed in order, then this can lead to a situation in which the component responsible for the first finalizer in the list is waiting for a signal (field value, external system, or other) produced by a component responsible for a finalizer later in the list, resulting in a deadlock. Without enforced ordering finalizers are free to order amongst themselves and are not vulnerable to ordering changes in the list.|| -|**generateName**|str|GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.

If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).

Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency|| -|**generation**|int|A sequence number representing a specific generation of the desired state. Populated by the system. Read-only.|| -|**labels**|{str:str}|Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels|| -|**managedFields**|[[ManagedFieldsEntry](#managedfieldsentry)]|ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.|| -|**name**|str|Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names|| -|**namespace**|str|Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.

Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces|| -|**ownerReferences**|[[OwnerReference](#ownerreference)]|List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.|| -|**resourceVersion**|str|An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources.

Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency|| -|**selfLink**|str|SelfLink is a URL representing this object. Populated by the system. Read-only.

DEPRECATED Kubernetes will stop propagating this field in 1.20 release and the field is planned to be removed in 1.21 release.|| -|**uid**|str|UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations.

Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids|| -### OwnerReference +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"Build"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Build"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1BuildSpec](#configopenshiftiov1buildspec)|spec|| +### ConfigAuthentication -OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field. +Authentication specifies cluster-wide settings for authentication (like OAuth and webhook token authenticators). The canonical name of an instance is `cluster`. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**apiVersion** `required`|str|API version of the referent.|| -|**blockOwnerDeletion**|bool|If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.|| -|**controller**|bool|If true, this reference points to the managing controller.|| -|**kind** `required`|str|Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|| -|**name** `required`|str|Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names|| -|**uid** `required`|str|UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids|| -### KubevirtIoV1VirtualMachineInstanceSpec +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"Authentication"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Authentication"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1AuthenticationSpec](#configopenshiftiov1authenticationspec)|spec|| +|**status**|[ConfigOpenshiftIoV1AuthenticationStatus](#configopenshiftiov1authenticationstatus)|status|| +### ConfigConsole -VirtualMachineInstance Spec contains the VirtualMachineInstance specification. +Console holds cluster-wide configuration for the web console, including the logout URL, and reports the public URL of the console. The canonical name is `cluster`. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**accessCredentials**|[[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0)]|Specifies a set of public keys to inject into the vm guest|| -|**affinity**|[KubevirtIoV1VirtualMachineInstanceSpecAffinity](#kubevirtiov1virtualmachineinstancespecaffinity)|affinity|| -|**dnsConfig**|[KubevirtIoV1VirtualMachineInstanceSpecDNSConfig](#kubevirtiov1virtualmachineinstancespecdnsconfig)|dns config|| -|**dnsPolicy**|str|Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.|| -|**domain** `required`|[KubevirtIoV1VirtualMachineInstanceSpecDomain](#kubevirtiov1virtualmachineinstancespecdomain)|domain|| -|**evictionStrategy**|str|EvictionStrategy can be set to "LiveMigrate" if the VirtualMachineInstance should be migrated instead of shut-off in case of a node drain.|| -|**hostname**|str|Specifies the hostname of the vmi If not specified, the hostname will be set to the name of the vmi, if dhcp or cloud-init is configured properly.|| -|**livenessProbe**|[KubevirtIoV1VirtualMachineInstanceSpecLivenessProbe](#kubevirtiov1virtualmachineinstancespeclivenessprobe)|liveness probe|| -|**networks**|[[KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0](#kubevirtiov1virtualmachineinstancespecnetworksitems0)]|List of networks that can be attached to a vm's virtual interface.|| -|**nodeSelector**|{str:str}|NodeSelector is a selector which must be true for the vmi to fit on a node. Selector which must match a node's labels for the vmi to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/|| -|**priorityClassName**|str|If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default.|| -|**readinessProbe**|[KubevirtIoV1VirtualMachineInstanceSpecReadinessProbe](#kubevirtiov1virtualmachineinstancespecreadinessprobe)|readiness probe|| -|**schedulerName**|str|If specified, the VMI will be dispatched by specified scheduler. If not specified, the VMI will be dispatched by default scheduler.|| -|**startStrategy**|str|StartStrategy can be set to "Paused" if Virtual Machine should be started in paused state.|| -|**subdomain**|str|If specified, the fully qualified vmi hostname will be "...svc.". If not specified, the vmi will not have a domainname at all. The DNS entry will resolve to the vmi, no matter if the vmi itself can pick up a hostname.|| -|**terminationGracePeriodSeconds**|int|Grace period observed after signalling a VirtualMachineInstance to stop after which the VirtualMachineInstance is force terminated.|| -|**tolerations**|[[KubevirtIoV1VirtualMachineInstanceSpecTolerationsItems0](#kubevirtiov1virtualmachineinstancespectolerationsitems0)]|If toleration is specified, obey all the toleration rules.|| -|**topologySpreadConstraints**|[[KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0](#kubevirtiov1virtualmachineinstancespectopologyspreadconstraintsitems0)]|TopologySpreadConstraints describes how a group of VMIs will be spread across a given topology domains. K8s scheduler will schedule VMI pods in a way which abides by the constraints.|| -|**volumes**|[[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0](#kubevirtiov1virtualmachineinstancespecvolumesitems0)]|List of volumes that can be mounted by disks belonging to the vmi.|| -### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0 +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"Console"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Console"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1ConsoleSpec](#configopenshiftiov1consolespec)|spec|| +|**status**|[ConfigOpenshiftIoV1ConsoleStatus](#configopenshiftiov1consolestatus)|status|| +### ConfigDNS -AccessCredential represents a credential source that can be used to authorize remote access to the vm guest Only one of its members may be specified. +DNS holds cluster-wide information about DNS. The canonical name is `cluster` #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**sshPublicKey**|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKey](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickey)|ssh public key|| -|**userPassword**|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPassword](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0userpassword)|user password|| -### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKey +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"DNS"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"DNS"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1DNSSpec](#configopenshiftiov1dnsspec)|spec|| +|**status**|any|status holds observed values from the cluster. They may not be overridden.|| +### ConfigNetwork -SSHPublicKey represents the source and method of applying a ssh public key into a guest virtual machine. +Network holds cluster-wide information about Network. The canonical name is `cluster`. It is used to configure the desired network configuration, such as: IP address pools for services/pod IPs, network plugin, etc. Please view network.spec for an explanation on what applies when configuring this resource. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**propagationMethod** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeyPropagationMethod](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickeypropagationmethod)|propagation method|| -|**source** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeySource](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickeysource)|source|| -### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeyPropagationMethod +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"Network"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Network"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1NetworkSpec](#configopenshiftiov1networkspec)|spec|| +|**status**|[ConfigOpenshiftIoV1NetworkStatus](#configopenshiftiov1networkstatus)|status|| +### ConfigOpenshiftIoV1APIServerSpec -PropagationMethod represents how the public key is injected into the vm guest. +config openshift io v1 API server spec #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**configDrive**|any|ConfigDrivePropagation means that the ssh public keys are injected into the VM using metadata using the configDrive cloud-init provider|| -|**qemuGuestAgent**|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeyPropagationMethodQemuGuestAgent](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickeypropagationmethodqemuguestagent)|qemu guest agent|| -### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeyPropagationMethodQemuGuestAgent +|**additionalCORSAllowedOrigins**|[str]|additionalCORSAllowedOrigins lists additional, user-defined regular expressions describing hosts for which the API server allows access using the CORS headers. This may be needed to access the API and the integrated OAuth server from JavaScript applications. The values are regular expressions that correspond to the Golang regular expression language.|| +|**clientCA**|[ConfigOpenshiftIoV1APIServerSpecClientCA](#configopenshiftiov1apiserverspecclientca)|client c a|| +|**encryption**|[ConfigOpenshiftIoV1APIServerSpecEncryption](#configopenshiftiov1apiserverspecencryption)|encryption|| +|**servingCerts**|[ConfigOpenshiftIoV1APIServerSpecServingCerts](#configopenshiftiov1apiserverspecservingcerts)|serving certs|| +|**tlsSecurityProfile**|[ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfile](#configopenshiftiov1apiserverspectlssecurityprofile)|tls security profile|| +### ConfigOpenshiftIoV1APIServerSpecClientCA -QemuGuestAgentAccessCredentailPropagation means ssh public keys are dynamically injected into the vm at runtime via the qemu guest agent. This feature requires the qemu guest agent to be running within the guest. +clientCA references a ConfigMap containing a certificate bundle for the signers that will be recognized for incoming client certificates in addition to the operator managed signers. If this is empty, then only operator managed signers are valid. You usually only have to set this if you have your own PKI you wish to honor client certificates from. The ConfigMap must exist in the openshift-config namespace and contain the following required fields: - ConfigMap.Data["ca-bundle.crt"] - CA bundle. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**users** `required`|[str]|Users represents a list of guest users that should have the ssh public keys added to their authorized_keys file.|| -### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeySource +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1APIServerSpecEncryption -Source represents where the public keys are pulled from +encryption allows the configuration of encryption of resources at the datastore layer. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**secret**|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeySourceSecret](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickeysourcesecret)|secret|| -### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeySourceSecret +|**type**|"" \| "identity" \| "aescbc"||| +### ConfigOpenshiftIoV1APIServerSpecServingCerts -Secret means that the access credential is pulled from a kubernetes secret +servingCert is the TLS cert info for serving secure traffic. If not specified, operator managed certificates will be used for serving secure traffic. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**secretName** `required`|str|SecretName represents the name of the secret in the VMI's namespace|| -### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPassword +|**namedCertificates**|[[ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0](#configopenshiftiov1apiserverspecservingcertsnamedcertificatesitems0)]|namedCertificates references secrets containing the TLS cert info for serving secure traffic to specific hostnames. If no named certificates are provided, or no named certificates match the server name as understood by a client, the defaultServingCertificate will be used.|| +### ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0 -UserPassword represents the source and method for applying a guest user's password +APIServerNamedServingCert maps a server DNS name, as understood by a client, to a certificate. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**propagationMethod** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordPropagationMethod](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0userpasswordpropagationmethod)|propagation method|| -|**source** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordSource](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0userpasswordsource)|source|| -### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordPropagationMethod +|**names**|[str]|names is a optional list of explicit DNS names (leading wildcards allowed) that should use this certificate to serve secure traffic. If no names are provided, the implicit names will be extracted from the certificates. Exact names trump over wildcard names. Explicit names defined here trump over extracted implicit names.|| +|**servingCertificate**|[ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0ServingCertificate](#configopenshiftiov1apiserverspecservingcertsnamedcertificatesitems0servingcertificate)|serving certificate|| +### ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0ServingCertificate -propagationMethod represents how the user passwords are injected into the vm guest. +servingCertificate references a kubernetes.io/tls type secret containing the TLS cert info for serving secure traffic. The secret must exist in the openshift-config namespace and contain the following required fields: - Secret.Data["tls.key"] - TLS private key. - Secret.Data["tls.crt"] - TLS certificate. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**qemuGuestAgent**|any|QemuGuestAgentAccessCredentailPropagation means passwords are dynamically injected into the vm at runtime via the qemu guest agent. This feature requires the qemu guest agent to be running within the guest.|| -### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordSource +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfile -Source represents where the user passwords are pulled from +tlsSecurityProfile specifies settings for TLS connections for externally exposed servers. If unset, a default (which may change between releases) is chosen. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**secret**|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordSourceSecret](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0userpasswordsourcesecret)|secret|| -### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordSourceSecret +|**custom**|[ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfileCustom](#configopenshiftiov1apiserverspectlssecurityprofilecustom)|custom|| +|**intermediate**|any|intermediate is a TLS security profile based on:
https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
and looks like this (yaml):
ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2|| +|**modern**|any|modern is a TLS security profile based on:
https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
and looks like this (yaml):
ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3
NOTE: Currently unsupported.|| +|**old**|any|old is a TLS security profile based on:
https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
and looks like this (yaml):
ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0|| +|**type**|str||| +### ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfileCustom -Secret means that the access credential is pulled from a kubernetes secret +custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1 #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**secretName** `required`|str|SecretName represents the name of the secret in the VMI's namespace|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinity +|**ciphers**|[str]|ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml):
ciphers: - DES-CBC3-SHA|| +|**minTLSVersion**|str|minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):
minTLSVersion: TLSv1.1
NOTE: currently the highest minTLSVersion allowed is VersionTLS12|| +### ConfigOpenshiftIoV1AuthenticationSpec -If affinity is specifies, obey all the affinity rules +spec holds user settable values for configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**nodeAffinity**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinity](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinity)|node affinity|| -|**podAffinity**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinity](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinity)|pod affinity|| -|**podAntiAffinity**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinity](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinity)|pod anti affinity|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinity +|**oauthMetadata**|[ConfigOpenshiftIoV1AuthenticationSpecOauthMetadata](#configopenshiftiov1authenticationspecoauthmetadata)|oauth metadata|| +|**type**|str||| +|**webhookTokenAuthenticators**|[[ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0](#configopenshiftiov1authenticationspecwebhooktokenauthenticatorsitems0)]|webhookTokenAuthenticators configures remote token reviewers. These remote authentication webhooks can be used to verify bearer tokens via the tokenreviews.authentication.k8s.io REST API. This is required to honor bearer tokens that are provisioned by an external authentication service. The namespace for these secrets is openshift-config.|| +### ConfigOpenshiftIoV1AuthenticationSpecOauthMetadata -Describes node affinity scheduling rules for the pod. +oauthMetadata contains the discovery endpoint data for OAuth 2.0 Authorization Server Metadata for an external OAuth server. This discovery document can be viewed from its served location: oc get --raw '/.well-known/oauth-authorization-server' For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 If oauthMetadata.name is non-empty, this value has precedence over any metadata reference stored in status. The key "oauthMetadata" is used to locate the data. If specified and the config map or expected key is not found, no metadata is served. If the specified metadata is not valid, no metadata is served. The namespace for this config map is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.|| -|**requiredDuringSchedulingIgnoredDuringExecution**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinityrequiredduringschedulingignoredduringexecution)|required during scheduling ignored during execution|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0 -An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +webhookTokenAuthenticator holds the necessary configuration options for a remote token authenticator #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**preference** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preference)|preference|| -|**weight** `required`|int|Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference +|**kubeConfig**|[ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0KubeConfig](#configopenshiftiov1authenticationspecwebhooktokenauthenticatorsitems0kubeconfig)|kube config|| +### ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0KubeConfig -A node selector term, associated with the corresponding weight. +kubeConfig contains kube config file data which describes how to access the remote webhook service. For further details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication The key "kubeConfig" is used to locate the data. If the secret or expected key is not found, the webhook is not honored. If the specified kube config data is not valid, the webhook is not honored. The namespace for this secret is determined by the point of use. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchexpressionsitems0)]|A list of node selector requirements by node's labels.|| -|**matchFields**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchfieldsitems0)]|A list of node selector requirements by node's fields.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0 +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1AuthenticationStatus -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +status holds observed values from the cluster. They may not be overridden. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|The label key that the selector applies to.|| -|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| -|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0 +|**integratedOAuthMetadata**|[ConfigOpenshiftIoV1AuthenticationStatusIntegratedOAuthMetadata](#configopenshiftiov1authenticationstatusintegratedoauthmetadata)|integrated o auth metadata|| +### ConfigOpenshiftIoV1AuthenticationStatusIntegratedOAuthMetadata -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +integratedOAuthMetadata contains the discovery endpoint data for OAuth 2.0 Authorization Server Metadata for the in-cluster integrated OAuth server. This discovery document can be viewed from its served location: oc get --raw '/.well-known/oauth-authorization-server' For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 This contains the observed value based on cluster state. An explicitly set value in spec.oauthMetadata has precedence over this field. This field has no meaning if authentication spec.type is not set to IntegratedOAuth. The key "oauthMetadata" is used to locate the data. If the config map or expected key is not found, no metadata is served. If the specified metadata is not valid, no metadata is served. The namespace for this config map is openshift-config-managed. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|The label key that the selector applies to.|| -|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| -|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1BuildSpec -If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. +Spec holds user-settable values for the build controller configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**nodeSelectorTerms** `required`|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0)]|Required. A list of node selector terms. The terms are ORed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0 +|**additionalTrustedCA**|[ConfigOpenshiftIoV1BuildSpecAdditionalTrustedCA](#configopenshiftiov1buildspecadditionaltrustedca)|additional trusted c a|| +|**buildDefaults**|[ConfigOpenshiftIoV1BuildSpecBuildDefaults](#configopenshiftiov1buildspecbuilddefaults)|build defaults|| +|**buildOverrides**|[ConfigOpenshiftIoV1BuildSpecBuildOverrides](#configopenshiftiov1buildspecbuildoverrides)|build overrides|| +### ConfigOpenshiftIoV1BuildSpecAdditionalTrustedCA -A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +AdditionalTrustedCA is a reference to a ConfigMap containing additional CAs that should be trusted for image pushes and pulls during builds. The namespace for this config map is openshift-config. DEPRECATED: Additional CAs for image pull and push should be set on image.config.openshift.io/cluster instead. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchexpressionsitems0)]|A list of node selector requirements by node's labels.|| -|**matchFields**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchfieldsitems0)]|A list of node selector requirements by node's fields.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0 +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaults -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +BuildDefaults controls the default information for Builds #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|The label key that the selector applies to.|| -|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| -|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0 +|**defaultProxy**|[ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxy](#configopenshiftiov1buildspecbuilddefaultsdefaultproxy)|default proxy|| +|**env**|[[ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0](#configopenshiftiov1buildspecbuilddefaultsenvitems0)]|Env is a set of default environment variables that will be applied to the build if the specified variables do not exist on the build|| +|**gitProxy**|[ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxy](#configopenshiftiov1buildspecbuilddefaultsgitproxy)|git proxy|| +|**imageLabels**|[[ConfigOpenshiftIoV1BuildSpecBuildDefaultsImageLabelsItems0](#configopenshiftiov1buildspecbuilddefaultsimagelabelsitems0)]|ImageLabels is a list of docker labels that are applied to the resulting image. User can override a default label by providing a label with the same name in their Build/BuildConfig.|| +|**resources**|[ConfigOpenshiftIoV1BuildSpecBuildDefaultsResources](#configopenshiftiov1buildspecbuilddefaultsresources)|resources|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxy -A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +DefaultProxy contains the default proxy settings for all build operations, including image pull/push and source download. Values can be overrode by setting the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables in the build config's strategy. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|The label key that the selector applies to.|| -|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| -|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinity +|**httpProxy**|str|httpProxy is the URL of the proxy for HTTP requests. Empty means unset and will not result in an env var.|| +|**httpsProxy**|str|httpsProxy is the URL of the proxy for HTTPS requests. Empty means unset and will not result in an env var.|| +|**noProxy**|str|noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. Empty means unset and will not result in an env var.|| +|**readinessEndpoints**|[str]|readinessEndpoints is a list of endpoints used to verify readiness of the proxy.|| +|**trustedCA**|[ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxyTrustedCA](#configopenshiftiov1buildspecbuilddefaultsdefaultproxytrustedca)|trusted c a|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxyTrustedCA -Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +trustedCA is a reference to a ConfigMap containing a CA certificate bundle used for client egress HTTPS connections. The certificate bundle must be from the CA that signed the proxy's certificate and be signed for everything. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from required key "ca-bundle.crt" and copying it to a ConfigMap named "trusted-ca-bundle" in the "openshift-config-managed" namespace. The namespace for the ConfigMap referenced by trustedCA is "openshift-config". Here is an example ConfigMap (in yaml): apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: \| -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE----- #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.|| -|**requiredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0)]|If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0 -The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +EnvVar represents an environment variable present in a Container. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**podAffinityTerm** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm)|pod affinity term|| -|**weight** `required`|int|weight associated with matching the corresponding podAffinityTerm, in the range 1-100.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm +|**name** `required`|str|Name of the environment variable. Must be a C_IDENTIFIER.|| +|**value**|str|Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".|| +|**valueFrom**|[ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFrom](#configopenshiftiov1buildspecbuilddefaultsenvitems0valuefrom)|value from|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFrom -Required. A pod affinity term, associated with the corresponding weight. +Source for the environment variable's value. Cannot be used if value is not empty. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**labelSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| -|**namespaceSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| -|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace"|| -|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector +|**configMapKeyRef**|[ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromConfigMapKeyRef](#configopenshiftiov1buildspecbuilddefaultsenvitems0valuefromconfigmapkeyref)|config map key ref|| +|**fieldRef**|[ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromFieldRef](#configopenshiftiov1buildspecbuilddefaultsenvitems0valuefromfieldref)|field ref|| +|**resourceFieldRef**|[ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromResourceFieldRef](#configopenshiftiov1buildspecbuilddefaultsenvitems0valuefromresourcefieldref)|resource field ref|| +|**secretKeyRef**|[ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromSecretKeyRef](#configopenshiftiov1buildspecbuilddefaultsenvitems0valuefromsecretkeyref)|secret key ref|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromConfigMapKeyRef -A label query over a set of resources, in this case pods. +Selects a key of a ConfigMap. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| -|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0 +|**key** `required`|str|The key to select.|| +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +|**optional**|bool|Specify whether the ConfigMap or its key must be defined|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromFieldRef -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|key is the label key that the selector applies to.|| -|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| -|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector +|**apiVersion**|str|Version of the schema the FieldPath is written in terms of, defaults to "v1".|| +|**fieldPath** `required`|str|Path of the field to select in the specified API version.|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromResourceFieldRef -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. +Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| -|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0 +|**containerName**|str|Container name: required for volumes, optional for env vars|| +|**divisor**|str|Specifies the output format of the exposed resources, defaults to "1"|| +|**resource** `required`|str|Required: resource to select|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromSecretKeyRef -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +Selects a key of a secret in the pod's namespace #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|key is the label key that the selector applies to.|| -|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| -|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0 +|**key** `required`|str|The key of the secret to select from. Must be a valid secret key.|| +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +|**optional**|bool|Specify whether the Secret or its key must be defined|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxy -Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +GitProxy contains the proxy settings for git operations only. If set, this will override any Proxy settings for all git commands, such as git clone. Values that are not set here will be inherited from DefaultProxy. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**labelSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| -|**namespaceSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| -|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace"|| -|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector +|**httpProxy**|str|httpProxy is the URL of the proxy for HTTP requests. Empty means unset and will not result in an env var.|| +|**httpsProxy**|str|httpsProxy is the URL of the proxy for HTTPS requests. Empty means unset and will not result in an env var.|| +|**noProxy**|str|noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. Empty means unset and will not result in an env var.|| +|**readinessEndpoints**|[str]|readinessEndpoints is a list of endpoints used to verify readiness of the proxy.|| +|**trustedCA**|[ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxyTrustedCA](#configopenshiftiov1buildspecbuilddefaultsgitproxytrustedca)|trusted c a|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxyTrustedCA -A label query over a set of resources, in this case pods. +trustedCA is a reference to a ConfigMap containing a CA certificate bundle used for client egress HTTPS connections. The certificate bundle must be from the CA that signed the proxy's certificate and be signed for everything. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from required key "ca-bundle.crt" and copying it to a ConfigMap named "trusted-ca-bundle" in the "openshift-config-managed" namespace. The namespace for the ConfigMap referenced by trustedCA is "openshift-config". Here is an example ConfigMap (in yaml): apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: \| -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE----- #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| -|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0 +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsImageLabelsItems0 -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +config openshift io v1 build spec build defaults image labels items0 #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|key is the label key that the selector applies to.|| -|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| -|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector +|**name**|str|Name defines the name of the label. It must have non-zero length.|| +|**value**|str|Value defines the literal value of the label.|| +### ConfigOpenshiftIoV1BuildSpecBuildDefaultsResources -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. +Resources defines resource requirements to execute the build. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| -|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0 +|**limits**|{str:str}|Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/|| +|**requests**|{str:str}|Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/|| +### ConfigOpenshiftIoV1BuildSpecBuildOverrides -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +BuildOverrides controls override settings for builds #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|key is the label key that the selector applies to.|| -|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| -|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinity +|**imageLabels**|[[ConfigOpenshiftIoV1BuildSpecBuildOverridesImageLabelsItems0](#configopenshiftiov1buildspecbuildoverridesimagelabelsitems0)]|ImageLabels is a list of docker labels that are applied to the resulting image. If user provided a label in their Build/BuildConfig with the same name as one in this list, the user's label will be overwritten.|| +|**nodeSelector**|{str:str}|NodeSelector is a selector which must be true for the build pod to fit on a node|| +|**tolerations**|[[ConfigOpenshiftIoV1BuildSpecBuildOverridesTolerationsItems0](#configopenshiftiov1buildspecbuildoverridestolerationsitems0)]|Tolerations is a list of Tolerations that will override any existing tolerations set on a build pod.|| +### ConfigOpenshiftIoV1BuildSpecBuildOverridesImageLabelsItems0 -Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +config openshift io v1 build spec build overrides image labels items0 #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.|| -|**requiredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0)]|If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 +|**name**|str|Name defines the name of the label. It must have non-zero length.|| +|**value**|str|Value defines the literal value of the label.|| +### ConfigOpenshiftIoV1BuildSpecBuildOverridesTolerationsItems0 -The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**podAffinityTerm** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm)|pod affinity term|| -|**weight** `required`|int|weight associated with matching the corresponding podAffinityTerm, in the range 1-100.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm +|**effect**|str|Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.|| +|**key**|str|Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.|| +|**operator**|str|Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.|| +|**tolerationSeconds**|int|TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.|| +|**value**|str|Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.|| +### ConfigOpenshiftIoV1ConsoleSpec -Required. A pod affinity term, associated with the corresponding weight. +spec holds user settable values for configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**labelSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| -|**namespaceSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| -|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace"|| -|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector +|**authentication**|[ConfigOpenshiftIoV1ConsoleSpecAuthentication](#configopenshiftiov1consolespecauthentication)|authentication|| +### ConfigOpenshiftIoV1ConsoleSpecAuthentication -A label query over a set of resources, in this case pods. +ConsoleAuthentication defines a list of optional configuration for console authentication. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| -|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0 +|**logoutRedirect**|str|An optional, absolute URL to redirect web browsers to after logging out of the console. If not specified, it will redirect to the default login page. This is required when using an identity provider that supports single sign-on (SSO) such as: - OpenID (Keycloak, Azure) - RequestHeader (GSSAPI, SSPI, SAML) - OAuth (GitHub, GitLab, Google) Logging out of the console will destroy the user's token. The logoutRedirect provides the user the option to perform single logout (SLO) through the identity provider to destroy their single sign-on session.|| +### ConfigOpenshiftIoV1ConsoleStatus -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +status holds observed values from the cluster. They may not be overridden. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|key is the label key that the selector applies to.|| -|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| -|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector +|**consoleURL**|str|The URL for the console. This will be derived from the host for the route that is created for the console.|| +### ConfigOpenshiftIoV1DNSSpec -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. +spec holds user settable values for configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| -|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0 +|**baseDomain**|str|baseDomain is the base domain of the cluster. All managed DNS records will be sub-domains of this base.
For example, given the base domain `openshift.example.com`, an API server DNS record may be created for `cluster-api.openshift.example.com`.
Once set, this field cannot be changed.|| +|**privateZone**|[ConfigOpenshiftIoV1DNSSpecPrivateZone](#configopenshiftiov1dnsspecprivatezone)|private zone|| +|**publicZone**|[ConfigOpenshiftIoV1DNSSpecPublicZone](#configopenshiftiov1dnsspecpubliczone)|public zone|| +### ConfigOpenshiftIoV1DNSSpecPrivateZone -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +privateZone is the location where all the DNS records that are only available internally to the cluster exist. If this field is nil, no private records should be created. Once set, this field cannot be changed. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|key is the label key that the selector applies to.|| -|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| -|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0 +|**id**|str|id is the identifier that can be used to find the DNS hosted zone.
on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3].
[1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get|| +|**tags**|{str:str}|tags can be used to query the DNS hosted zone.
on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters,
[1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options|| +### ConfigOpenshiftIoV1DNSSpecPublicZone -Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running +publicZone is the location where all the DNS records that are publicly accessible to the internet exist. If this field is nil, no public records should be created. Once set, this field cannot be changed. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**labelSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| -|**namespaceSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| -|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace"|| -|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector +|**id**|str|id is the identifier that can be used to find the DNS hosted zone.
on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3].
[1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get|| +|**tags**|{str:str}|tags can be used to query the DNS hosted zone.
on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters,
[1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options|| +### ConfigOpenshiftIoV1FeatureGateSpec -A label query over a set of resources, in this case pods. +spec holds user settable values for configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| -|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0 +|**customNoUpgrade**|[ConfigOpenshiftIoV1FeatureGateSpecCustomNoUpgrade](#configopenshiftiov1featuregatespeccustomnoupgrade)|custom no upgrade|| +|**featureSet**|str|featureSet changes the list of features in the cluster. The default is empty. Be very careful adjusting this setting. Turning on or off features may cause irreversible changes in your cluster which cannot be undone.|| +### ConfigOpenshiftIoV1FeatureGateSpecCustomNoUpgrade -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +customNoUpgrade allows the enabling or disabling of any feature. Turning this feature set on IS NOT SUPPORTED, CANNOT BE UNDONE, and PREVENTS UPGRADES. Because of its nature, this setting cannot be validated. If you have any typos or accidentally apply invalid combinations your cluster may fail in an unrecoverable way. featureSet must equal "CustomNoUpgrade" must be set to use this field. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|key is the label key that the selector applies to.|| -|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| -|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector +|**disabled**|[str]|disabled is a list of all feature gates that you want to force off|| +|**enabled**|[str]|enabled is a list of all feature gates that you want to force on|| +### ConfigOpenshiftIoV1ImageSpec -A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. +spec holds user settable values for configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| -|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| -### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0 +|**additionalTrustedCA**|[ConfigOpenshiftIoV1ImageSpecAdditionalTrustedCA](#configopenshiftiov1imagespecadditionaltrustedca)|additional trusted c a|| +|**allowedRegistriesForImport**|[[ConfigOpenshiftIoV1ImageSpecAllowedRegistriesForImportItems0](#configopenshiftiov1imagespecallowedregistriesforimportitems0)]|allowedRegistriesForImport limits the container image registries that normal users may import images from. Set this list to the registries that you trust to contain valid Docker images and that you want applications to be able to import from. Users with permission to create Images or ImageStreamMappings via the API are not affected by this policy - typically only administrators or system integrations will have those permissions.|| +|**externalRegistryHostnames**|[str]|externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in "hostname[:port]" format.|| +|**registrySources**|[ConfigOpenshiftIoV1ImageSpecRegistrySources](#configopenshiftiov1imagespecregistrysources)|registry sources|| +### ConfigOpenshiftIoV1ImageSpecAdditionalTrustedCA -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +additionalTrustedCA is a reference to a ConfigMap containing additional CAs that should be trusted during imagestream import, pod image pull, build image pull, and imageregistry pullthrough. The namespace for this config map is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|key is the label key that the selector applies to.|| -|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| -|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecDNSConfig +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1ImageSpecAllowedRegistriesForImportItems0 -Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy. +RegistryLocation contains a location of the registry specified by the registry domain name. The domain name might include wildcards, like '*' or '??'. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**nameservers**|[str]|A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.|| -|**options**|[[KubevirtIoV1VirtualMachineInstanceSpecDNSConfigOptionsItems0](#kubevirtiov1virtualmachineinstancespecdnsconfigoptionsitems0)]|A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.|| -|**searches**|[str]|A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.|| -### KubevirtIoV1VirtualMachineInstanceSpecDNSConfigOptionsItems0 +|**domainName**|str|domainName specifies a domain name for the registry In case the registry use non-standard (80 or 443) port, the port should be included in the domain name as well.|| +|**insecure**|bool|insecure indicates whether the registry is secure (https) or insecure (http) By default (if not specified) the registry is assumed as secure.|| +### ConfigOpenshiftIoV1ImageSpecRegistrySources -PodDNSConfigOption defines DNS resolver options of a pod. +registrySources contains configuration that determines how the container runtime should treat individual registries when accessing images for builds+pods. (e.g. whether or not to allow insecure access). It does not contain configuration for the internal cluster registry. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name**|str|Required.|| -|**value**|str|value|| -### KubevirtIoV1VirtualMachineInstanceSpecDomain +|**allowedRegistries**|[str]|allowedRegistries are whitelisted for image pull/push. All other registries are blocked.
Only one of BlockedRegistries or AllowedRegistries may be set.|| +|**blockedRegistries**|[str]|blockedRegistries are blacklisted from image pull/push. All other registries are allowed.
Only one of BlockedRegistries or AllowedRegistries may be set.|| +|**insecureRegistries**|[str]|insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections.|| +### ConfigOpenshiftIoV1ImageStatus -Specification of the desired behavior of the VirtualMachineInstance on the host. +status holds observed values from the cluster. They may not be overridden. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**chassis**|[KubevirtIoV1VirtualMachineInstanceSpecDomainChassis](#kubevirtiov1virtualmachineinstancespecdomainchassis)|chassis|| -|**clock**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClock](#kubevirtiov1virtualmachineinstancespecdomainclock)|clock|| -|**cpu**|[KubevirtIoV1VirtualMachineInstanceSpecDomainCPU](#kubevirtiov1virtualmachineinstancespecdomaincpu)|cpu|| -|**devices** `required`|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevices](#kubevirtiov1virtualmachineinstancespecdomaindevices)|devices|| -|**features**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeatures](#kubevirtiov1virtualmachineinstancespecdomainfeatures)|features|| -|**firmware**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmware](#kubevirtiov1virtualmachineinstancespecdomainfirmware)|firmware|| -|**ioThreadsPolicy**|str|Controls whether or not disks will share IOThreads. Omitting IOThreadsPolicy disables use of IOThreads. One of: shared, auto|| -|**launchSecurity**|[KubevirtIoV1VirtualMachineInstanceSpecDomainLaunchSecurity](#kubevirtiov1virtualmachineinstancespecdomainlaunchsecurity)|launch security|| -|**machine**|[KubevirtIoV1VirtualMachineInstanceSpecDomainMachine](#kubevirtiov1virtualmachineinstancespecdomainmachine)|machine|| -|**memory**|[KubevirtIoV1VirtualMachineInstanceSpecDomainMemory](#kubevirtiov1virtualmachineinstancespecdomainmemory)|memory|| -|**resources**|[KubevirtIoV1VirtualMachineInstanceSpecDomainResources](#kubevirtiov1virtualmachineinstancespecdomainresources)|resources|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainCPU +|**externalRegistryHostnames**|[str]|externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in "hostname[:port]" format.|| +|**internalRegistryHostname**|str|internalRegistryHostname sets the hostname for the default internal image registry. The value must be in "hostname[:port]" format. This value is set by the image registry operator which controls the internal registry hostname. For backward compatibility, users can still use OPENSHIFT_DEFAULT_REGISTRY environment variable but this setting overrides the environment variable.|| +### ConfigOpenshiftIoV1InfrastructureSpec -CPU allow specified the detailed CPU topology inside the vmi. +spec holds user settable values for configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**cores**|int|Cores specifies the number of cores inside the vmi. Must be a value greater or equal 1.|| -|**dedicatedCpuPlacement**|bool|DedicatedCPUPlacement requests the scheduler to place the VirtualMachineInstance on a node with enough dedicated pCPUs and pin the vCPUs to it.|| -|**features**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainCPUFeaturesItems0](#kubevirtiov1virtualmachineinstancespecdomaincpufeaturesitems0)]|Features specifies the CPU features list inside the VMI.|| -|**isolateEmulatorThread**|bool|IsolateEmulatorThread requests one more dedicated pCPU to be allocated for the VMI to place the emulator thread on it.|| -|**model**|str|Model specifies the CPU model inside the VMI. List of available models https://github.com/libvirt/libvirt/tree/master/src/cpu_map. It is possible to specify special cases like "host-passthrough" to get the same CPU as the node and "host-model" to get CPU closest to the node one. Defaults to host-model.|| -|**numa**|[KubevirtIoV1VirtualMachineInstanceSpecDomainCPUNuma](#kubevirtiov1virtualmachineinstancespecdomaincpunuma)|numa|| -|**realtime**|[KubevirtIoV1VirtualMachineInstanceSpecDomainCPURealtime](#kubevirtiov1virtualmachineinstancespecdomaincpurealtime)|realtime|| -|**sockets**|int|Sockets specifies the number of sockets inside the vmi. Must be a value greater or equal 1.|| -|**threads**|int|Threads specifies the number of threads inside the vmi. Must be a value greater or equal 1.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainCPUFeaturesItems0 +|**cloudConfig**|[ConfigOpenshiftIoV1InfrastructureSpecCloudConfig](#configopenshiftiov1infrastructurespeccloudconfig)|cloud config|| +### ConfigOpenshiftIoV1InfrastructureSpecCloudConfig -CPUFeature allows specifying a CPU feature. +cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name** `required`|str|Name of the CPU feature|| -|**policy**|str|Policy is the CPU feature attribute which can have the following attributes: force - The virtual CPU will claim the feature is supported regardless of it being supported by host CPU. require - Guest creation will fail unless the feature is supported by the host CPU or the hypervisor is able to emulate it. optional - The feature will be supported by virtual CPU if and only if it is supported by host CPU. disable - The feature will not be supported by virtual CPU. forbid - Guest creation will fail if the feature is supported by host CPU. Defaults to require|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainCPUNuma +|**key**|str|Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references.|| +|**name**|str|name|| +### ConfigOpenshiftIoV1InfrastructureStatus -NUMA allows specifying settings for the guest NUMA topology +status holds observed values from the cluster. They may not be overridden. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**guestMappingPassthrough**|any|GuestMappingPassthrough will create an efficient guest topology based on host CPUs exclusively assigned to a pod. The created topology ensures that memory and CPUs on the virtual numa nodes never cross boundaries of host numa nodes.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainCPURealtime +|**apiServerInternalURI**|str|apiServerInternalURL is a valid URI with scheme(http/https), address and port. apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking.|| +|**apiServerURL**|str|apiServerURL is a valid URI with scheme(http/https), address and port. apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API.|| +|**etcdDiscoveryDomain**|str|etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery|| +|**infrastructureName**|str|infrastructureName uniquely identifies a cluster with a human friendly name. Once set it should not be changed. Must be of max length 27 and must have only alphanumeric or hyphen characters.|| +|**platform**|str|platform is the underlying infrastructure provider for the cluster.
Deprecated: Use platformStatus.type instead.|| +|**platformStatus**|[ConfigOpenshiftIoV1InfrastructureStatusPlatformStatus](#configopenshiftiov1infrastructurestatusplatformstatus)|platform status|| +### ConfigOpenshiftIoV1InfrastructureStatusPlatformStatus -Realtime instructs the virt-launcher to tune the VMI for lower latency, optional for real time workloads +platformStatus holds status information specific to the underlying infrastructure provider. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**mask**|str|Mask defines the vcpu mask expression that defines which vcpus are used for realtime. Format matches libvirt's expressions. Example: "0-3,^1","0,2,3","2-3"|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainChassis +|**aws**|[ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAws](#configopenshiftiov1infrastructurestatusplatformstatusaws)|aws|| +|**azure**|[ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAzure](#configopenshiftiov1infrastructurestatusplatformstatusazure)|azure|| +|**baremetal**|[ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusBaremetal](#configopenshiftiov1infrastructurestatusplatformstatusbaremetal)|baremetal|| +|**gcp**|[ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusGcp](#configopenshiftiov1infrastructurestatusplatformstatusgcp)|gcp|| +|**openstack**|[ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOpenstack](#configopenshiftiov1infrastructurestatusplatformstatusopenstack)|openstack|| +|**ovirt**|[ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOvirt](#configopenshiftiov1infrastructurestatusplatformstatusovirt)|ovirt|| +|**type**|str||| +### ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAws -Chassis specifies the chassis info passed to the domain. +AWS contains settings specific to the Amazon Web Services infrastructure provider. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**asset**|str|asset|| -|**manufacturer**|str|manufacturer|| -|**serial**|str|serial|| -|**sku**|str|sku|| -|**version**|str|version|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainClock +|**region**|str|region holds the default AWS region for new AWS resources created by the cluster.|| +### ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAzure -Clock sets the clock and timers of the vmi. +Azure contains settings specific to the Azure infrastructure provider. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**timer**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimer](#kubevirtiov1virtualmachineinstancespecdomainclocktimer)|timer|| -|**timezone**|str|Timezone sets the guest clock to the specified timezone. Zone name follows the TZ environment variable format (e.g. 'America/New_York').|| -|**utc**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockUtc](#kubevirtiov1virtualmachineinstancespecdomainclockutc)|utc|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimer +|**networkResourceGroupName**|str|networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. If empty, the value is same as ResourceGroupName.|| +|**resourceGroupName**|str|resourceGroupName is the Resource Group for new Azure resources created for the cluster.|| +### ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusBaremetal -Timer specifies whih timers are attached to the vmi. +BareMetal contains settings specific to the BareMetal platform. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**hpet**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerHpet](#kubevirtiov1virtualmachineinstancespecdomainclocktimerhpet)|hpet|| -|**hyperv**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerHyperv](#kubevirtiov1virtualmachineinstancespecdomainclocktimerhyperv)|hyperv|| -|**kvm**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerKvm](#kubevirtiov1virtualmachineinstancespecdomainclocktimerkvm)|kvm|| -|**pit**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerPit](#kubevirtiov1virtualmachineinstancespecdomainclocktimerpit)|pit|| -|**rtc**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerRtc](#kubevirtiov1virtualmachineinstancespecdomainclocktimerrtc)|rtc|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerHpet +|**apiServerInternalIP**|str|apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers.|| +|**ingressIP**|str|ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names.|| +|**nodeDNSIP**|str|nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for BareMetal deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster.|| +### ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusGcp -HPET (High Precision Event Timer) - multiple timers with periodic interrupts. +GCP contains settings specific to the Google Cloud Platform infrastructure provider. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**present**|bool|Enabled set to false makes sure that the machine type or a preset can't add the timer. Defaults to true.|| -|**tickPolicy**|str|TickPolicy determines what happens when QEMU misses a deadline for injecting a tick to the guest. One of "delay", "catchup", "merge", "discard".|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerHyperv +|**projectID**|str|resourceGroupName is the Project ID for new GCP resources created for the cluster.|| +|**region**|str|region holds the region for new GCP resources created for the cluster.|| +### ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOpenstack -Hyperv (Hypervclock) - lets guests read the host’s wall clock time (paravirtualized). For windows guests. +OpenStack contains settings specific to the OpenStack infrastructure provider. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**present**|bool|Enabled set to false makes sure that the machine type or a preset can't add the timer. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerKvm +|**apiServerInternalIP**|str|apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers.|| +|**cloudName**|str|cloudName is the name of the desired OpenStack cloud in the client configuration file (`clouds.yaml`).|| +|**ingressIP**|str|ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names.|| +|**nodeDNSIP**|str|nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for OpenStack deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster.|| +### ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOvirt -KVM (KVM clock) - lets guests read the host’s wall clock time (paravirtualized). For linux guests. +Ovirt contains settings specific to the oVirt infrastructure provider. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**present**|bool|Enabled set to false makes sure that the machine type or a preset can't add the timer. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerPit +|**apiServerInternalIP**|str|apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers.|| +|**ingressIP**|str|ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names.|| +|**nodeDNSIP**|str|nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for oVirt deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster.|| +### ConfigOpenshiftIoV1IngressSpec -PIT (Programmable Interval Timer) - a timer with periodic interrupts. +spec holds user settable values for configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**present**|bool|Enabled set to false makes sure that the machine type or a preset can't add the timer. Defaults to true.|| -|**tickPolicy**|str|TickPolicy determines what happens when QEMU misses a deadline for injecting a tick to the guest. One of "delay", "catchup", "discard".|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerRtc +|**domain**|str|domain is used to generate a default host name for a route when the route's host name is empty. The generated host name will follow this pattern: "<route-name>.<route-namespace>.<domain>".
It is also used as the default wildcard domain suffix for ingress. The default ingresscontroller domain will follow this pattern: "*.<domain>".
Once set, changing domain is not currently supported.|| +### ConfigOpenshiftIoV1NetworkSpec -RTC (Real Time Clock) - a continuously running timer with periodic interrupts. +spec holds user settable values for configuration. As a general rule, this SHOULD NOT be read directly. Instead, you should consume the NetworkStatus, as it indicates the currently deployed configuration. Currently, most spec fields are immutable after installation. Please view the individual ones for further details on each. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**present**|bool|Enabled set to false makes sure that the machine type or a preset can't add the timer. Defaults to true.|| -|**tickPolicy**|str|TickPolicy determines what happens when QEMU misses a deadline for injecting a tick to the guest. One of "delay", "catchup".|| -|**track**|str|Track the guest or the wall clock.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainClockUtc +|**clusterNetwork**|[[ConfigOpenshiftIoV1NetworkSpecClusterNetworkItems0](#configopenshiftiov1networkspecclusternetworkitems0)]|IP address pool to use for pod IPs. This field is immutable after installation.|| +|**externalIP**|[ConfigOpenshiftIoV1NetworkSpecExternalIP](#configopenshiftiov1networkspecexternalip)|external IP|| +|**networkType**|str|NetworkType is the plugin that is to be deployed (e.g. OpenShiftSDN). This should match a value that the cluster-network-operator understands, or else no networking will be installed. Currently supported values are: - OpenShiftSDN This field is immutable after installation.|| +|**serviceNetwork**|[str]|IP address pool for services. Currently, we only support a single entry here. This field is immutable after installation.|| +### ConfigOpenshiftIoV1NetworkSpecClusterNetworkItems0 -UTC sets the guest clock to UTC on each boot. If an offset is specified, guest changes to the clock will be kept during reboots and are not reset. +ClusterNetworkEntry is a contiguous block of IP addresses from which pod IPs are allocated. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**offsetSeconds**|int|OffsetSeconds specifies an offset in seconds, relative to UTC. If set, guest changes to the clock will be kept during reboots and not reset.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevices +|**cidr**|str|The complete block for pod IPs.|| +|**hostPrefix**|int|The size (prefix) of block to allocate to each node.|| +### ConfigOpenshiftIoV1NetworkSpecExternalIP -Devices allows adding disks, network interfaces, and others +externalIP defines configuration for controllers that affect Service.ExternalIP. If nil, then ExternalIP is not allowed to be set. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**autoattachGraphicsDevice**|bool|Whether to attach the default graphics device or not. VNC will not be available if set to false. Defaults to true.|| -|**autoattachInputDevice**|bool|Whether to attach an Input Device. Defaults to false.|| -|**autoattachMemBalloon**|bool|Whether to attach the Memory balloon device with default period. Period can be adjusted in virt-config. Defaults to true.|| -|**autoattachPodInterface**|bool|Whether to attach a pod network interface. Defaults to true.|| -|**autoattachSerialConsole**|bool|Whether to attach the default serial console or not. Serial console access will not be available if set to false. Defaults to true.|| -|**autoattachVSOCK**|bool|Whether to attach the VSOCK CID to the VM or not. VSOCK access will be available if set to true. Defaults to false.|| -|**blockMultiQueue**|bool|Whether or not to enable virtio multi-queue for block devices. Defaults to false.|| -|**clientPassthrough**|any|To configure and access client devices such as redirecting USB|| -|**disableHotplug**|bool|DisableHotplug disabled the ability to hotplug disks.|| -|**disks**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0)]|Disks describes disks, cdroms and luns which are connected to the vmi.|| -|**filesystems**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesFilesystemsItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesfilesystemsitems0)]|Filesystems describes filesystem which is connected to the vmi.|| -|**gpus**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesgpusitems0)]|Whether to attach a GPU device to the vmi.|| -|**hostDevices**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesHostDevicesItems0](#kubevirtiov1virtualmachineinstancespecdomaindeviceshostdevicesitems0)]|Whether to attach a host device to the vmi.|| -|**inputs**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInputsItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesinputsitems0)]|Inputs describe input devices|| -|**interfaces**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesinterfacesitems0)]|Interfaces describe network interfaces which are added to the vmi.|| -|**networkInterfaceMultiqueue**|bool|If specified, virtual network interfaces configured with a virtio bus will also enable the vhost multiqueue feature for network devices. The number of queues created depends on additional factors of the VirtualMachineInstance, like the number of guest CPUs.|| -|**rng**|any|Whether to have random number generator from host|| -|**sound**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesSound](#kubevirtiov1virtualmachineinstancespecdomaindevicessound)|sound|| -|**tpm**|any|Whether to emulate a TPM device.|| -|**useVirtioTransitional**|bool|Fall back to legacy virtio 0.9 support if virtio bus is selected on devices. This is helpful for old machines like CentOS6 or RHEL6 which do not understand virtio_non_transitional (virtio 1.0).|| -|**watchdog**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesWatchdog](#kubevirtiov1virtualmachineinstancespecdomaindeviceswatchdog)|watchdog|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0 +|**autoAssignCIDRs**|[str]|autoAssignCIDRs is a list of CIDRs from which to automatically assign Service.ExternalIP. These are assigned when the service is of type LoadBalancer. In general, this is only useful for bare-metal clusters. In Openshift 3.x, this was misleadingly called "IngressIPs". Automatically assigned External IPs are not affected by any ExternalIPPolicy rules. Currently, only one entry may be provided.|| +|**policy**|[ConfigOpenshiftIoV1NetworkSpecExternalIPPolicy](#configopenshiftiov1networkspecexternalippolicy)|policy|| +### ConfigOpenshiftIoV1NetworkSpecExternalIPPolicy -kubevirt io v1 virtual machine instance spec domain devices disks items0 +policy is a set of restrictions applied to the ExternalIP field. If nil or empty, then ExternalIP is not allowed to be set. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**blockSize**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSize](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0blocksize)|block size|| -|**bootOrder**|int|BootOrder is an integer value > 0, used to determine ordering of boot devices. Lower values take precedence. Each disk or interface that has a boot order must have a unique value. Disks without a boot order are not tried if a disk with a boot order exists.|| -|**cache**|str|Cache specifies which kvm disk cache mode should be used. Supported values are: CacheNone, CacheWriteThrough.|| -|**cdrom**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Cdrom](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0cdrom)|cdrom|| -|**dedicatedIOThread**|bool|dedicatedIOThread indicates this disk should have an exclusive IO Thread. Enabling this implies useIOThreads = true. Defaults to false.|| -|**disk**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Disk](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0disk)|disk|| -|**io**|str|IO specifies which QEMU disk IO mode should be used. Supported values are: native, default, threads.|| -|**lun**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Lun](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0lun)|lun|| -|**name** `required`|str|Name is the device name|| -|**serial**|str|Serial provides the ability to specify a serial number for the disk device.|| -|**shareable**|bool|If specified the disk is made sharable and multiple write from different VMs are permitted|| -|**tag**|str|If specified, disk address and its tag will be provided to the guest via config drive metadata|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSize +|**allowedCIDRs**|[str]|allowedCIDRs is the list of allowed CIDRs.|| +|**rejectedCIDRs**|[str]|rejectedCIDRs is the list of disallowed CIDRs. These take precedence over allowedCIDRs.|| +### ConfigOpenshiftIoV1NetworkStatus -If specified, the virtual disk will be presented with the given block sizes. +status holds observed values from the cluster. They may not be overridden. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**custom**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSizeCustom](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0blocksizecustom)|custom|| -|**matchVolume**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSizeMatchVolume](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0blocksizematchvolume)|match volume|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSizeCustom +|**clusterNetwork**|[[ConfigOpenshiftIoV1NetworkStatusClusterNetworkItems0](#configopenshiftiov1networkstatusclusternetworkitems0)]|IP address pool to use for pod IPs.|| +|**clusterNetworkMTU**|int|ClusterNetworkMTU is the MTU for inter-pod networking.|| +|**networkType**|str|NetworkType is the plugin that is deployed (e.g. OpenShiftSDN).|| +|**serviceNetwork**|[str]|IP address pool for services. Currently, we only support a single entry here.|| +### ConfigOpenshiftIoV1NetworkStatusClusterNetworkItems0 -CustomBlockSize represents the desired logical and physical block size for a VM disk. +ClusterNetworkEntry is a contiguous block of IP addresses from which pod IPs are allocated. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**logical** `required`|int|logical|| -|**physical** `required`|int|physical|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSizeMatchVolume +|**cidr**|str|The complete block for pod IPs.|| +|**hostPrefix**|int|The size (prefix) of block to allocate to each node.|| +### ConfigOpenshiftIoV1OAuthSpec -Represents if a feature is enabled or disabled. +OAuthSpec contains desired cluster auth configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Cdrom +|**identityProviders**|[[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0](#configopenshiftiov1oauthspecidentityprovidersitems0)]|identityProviders is an ordered list of ways for a user to identify themselves. When this list is empty, no identities are provisioned for users.|| +|**templates**|[ConfigOpenshiftIoV1OAuthSpecTemplates](#configopenshiftiov1oauthspectemplates)|templates|| +|**tokenConfig**|[ConfigOpenshiftIoV1OAuthSpecTokenConfig](#configopenshiftiov1oauthspectokenconfig)|token config|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0 -Attach a volume as a cdrom to the vmi. +IdentityProvider provides identities for users authenticating using credentials #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**bus**|str|Bus indicates the type of disk device to emulate. supported values: virtio, sata, scsi.|| -|**readonly**|bool|ReadOnly. Defaults to true.|| -|**tray**|str|Tray indicates if the tray of the device is open or closed. Allowed values are "open" and "closed". Defaults to closed.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Disk +|**basicAuth**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuth](#configopenshiftiov1oauthspecidentityprovidersitems0basicauth)|basic auth|| +|**github**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Github](#configopenshiftiov1oauthspecidentityprovidersitems0github)|github|| +|**gitlab**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Gitlab](#configopenshiftiov1oauthspecidentityprovidersitems0gitlab)|gitlab|| +|**google**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Google](#configopenshiftiov1oauthspecidentityprovidersitems0google)|google|| +|**htpasswd**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Htpasswd](#configopenshiftiov1oauthspecidentityprovidersitems0htpasswd)|htpasswd|| +|**keystone**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Keystone](#configopenshiftiov1oauthspecidentityprovidersitems0keystone)|keystone|| +|**ldap**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Ldap](#configopenshiftiov1oauthspecidentityprovidersitems0ldap)|ldap|| +|**mappingMethod**|str|mappingMethod determines how identities from this provider are mapped to users Defaults to "claim"|| +|**name**|str|name is used to qualify the identities returned by this provider. - It MUST be unique and not shared by any other identity provider used - It MUST be a valid path segment: name cannot equal "." or ".." or contain "/" or "%" or ":" Ref: https://godoc.org/github.com/openshift/origin/pkg/user/apis/user/validation#ValidateIdentityProviderName|| +|**openID**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenID](#configopenshiftiov1oauthspecidentityprovidersitems0openid)|open ID|| +|**requestHeader**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeader](#configopenshiftiov1oauthspecidentityprovidersitems0requestheader)|request header|| +|**type**|str||| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuth -Attach a volume as a disk to the vmi. +basicAuth contains configuration options for the BasicAuth IdP #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**bus**|str|Bus indicates the type of disk device to emulate. supported values: virtio, sata, scsi, usb.|| -|**pciAddress**|str|If specified, the virtual disk will be placed on the guests pci address with the specified PCI address. For example: 0000:81:01.10|| -|**readonly**|bool|ReadOnly. Defaults to false.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Lun +|**ca**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthCa](#configopenshiftiov1oauthspecidentityprovidersitems0basicauthca)|ca|| +|**tlsClientCert**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientCert](#configopenshiftiov1oauthspecidentityprovidersitems0basicauthtlsclientcert)|tls client cert|| +|**tlsClientKey**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientKey](#configopenshiftiov1oauthspecidentityprovidersitems0basicauthtlsclientkey)|tls client key|| +|**url**|str|url is the remote URL to connect to|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthCa -Attach a volume as a LUN to the vmi. +ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. The namespace for this config map is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**bus**|str|Bus indicates the type of disk device to emulate. supported values: virtio, sata, scsi.|| -|**readonly**|bool|ReadOnly. Defaults to false.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesFilesystemsItems0 +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientCert -kubevirt io v1 virtual machine instance spec domain devices filesystems items0 +tlsClientCert is an optional reference to a secret by name that contains the PEM-encoded TLS client certificate to present when connecting to the server. The key "tls.crt" is used to locate the data. If specified and the secret or expected key is not found, the identity provider is not honored. If the specified certificate data is not valid, the identity provider is not honored. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name** `required`|str|Name is the device name|| -|**virtiofs** `required`|any|Virtiofs is supported|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0 +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientKey -kubevirt io v1 virtual machine instance spec domain devices gpus items0 +tlsClientKey is an optional reference to a secret by name that contains the PEM-encoded TLS private key for the client certificate referenced in tlsClientCert. The key "tls.key" is used to locate the data. If specified and the secret or expected key is not found, the identity provider is not honored. If the specified certificate data is not valid, the identity provider is not honored. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**deviceName** `required`|str|device name|| -|**name** `required`|str|Name of the GPU device as exposed by a device plugin|| -|**tag**|str|If specified, the virtual network interface address and its tag will be provided to the guest via config drive|| -|**virtualGPUOptions**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptions](#kubevirtiov1virtualmachineinstancespecdomaindevicesgpusitems0virtualgpuoptions)|virtual g p u options|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptions +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Github -kubevirt io v1 virtual machine instance spec domain devices gpus items0 virtual g p u options +github enables user authentication using GitHub credentials #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**display**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptionsDisplay](#kubevirtiov1virtualmachineinstancespecdomaindevicesgpusitems0virtualgpuoptionsdisplay)|display|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptionsDisplay +|**ca**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubCa](#configopenshiftiov1oauthspecidentityprovidersitems0githubca)|ca|| +|**clientID**|str|clientID is the oauth client ID|| +|**clientSecret**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubClientSecret](#configopenshiftiov1oauthspecidentityprovidersitems0githubclientsecret)|client secret|| +|**hostname**|str|hostname is the optional domain (e.g. "mycompany.com") for use with a hosted instance of GitHub Enterprise. It must match the GitHub Enterprise settings value configured at /setup/settings#hostname.|| +|**organizations**|[str]|organizations optionally restricts which organizations are allowed to log in|| +|**teams**|[str]|teams optionally restricts which teams are allowed to log in. Format is <org>/<team>.|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubCa -kubevirt io v1 virtual machine instance spec domain devices gpus items0 virtual g p u options display +ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. This can only be configured when hostname is set to a non-empty value. The namespace for this config map is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if a display addapter backed by a vGPU should be enabled or disabled on the guest. Defaults to true.|| -|**ramFB**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptionsDisplayRAMFB](#kubevirtiov1virtualmachineinstancespecdomaindevicesgpusitems0virtualgpuoptionsdisplayramfb)|ram f b|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptionsDisplayRAMFB +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubClientSecret -Enables a boot framebuffer, until the guest OS loads a real GPU driver Defaults to true. +clientSecret is a required reference to the secret by name containing the oauth client secret. The key "clientSecret" is used to locate the data. If the secret or expected key is not found, the identity provider is not honored. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesHostDevicesItems0 +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Gitlab -kubevirt io v1 virtual machine instance spec domain devices host devices items0 +gitlab enables user authentication using GitLab credentials #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**deviceName** `required`|str|DeviceName is the resource name of the host device exposed by a device plugin|| -|**name** `required`|str|name|| -|**tag**|str|If specified, the virtual network interface address and its tag will be provided to the guest via config drive|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInputsItems0 +|**ca**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabCa](#configopenshiftiov1oauthspecidentityprovidersitems0gitlabca)|ca|| +|**clientID**|str|clientID is the oauth client ID|| +|**clientSecret**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabClientSecret](#configopenshiftiov1oauthspecidentityprovidersitems0gitlabclientsecret)|client secret|| +|**url**|str|url is the oauth server base URL|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabCa -kubevirt io v1 virtual machine instance spec domain devices inputs items0 +ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. The namespace for this config map is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**bus**|str|Bus indicates the bus of input device to emulate. Supported values: virtio, usb.|| -|**name** `required`|str|Name is the device name|| -|**type** `required`|str||| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0 +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabClientSecret -kubevirt io v1 virtual machine instance spec domain devices interfaces items0 +clientSecret is a required reference to the secret by name containing the oauth client secret. The key "clientSecret" is used to locate the data. If the secret or expected key is not found, the identity provider is not honored. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**acpiIndex**|int|If specified, the ACPI index is used to provide network interface device naming, that is stable across changes in PCI addresses assigned to the device. This value is required to be unique across all devices and be between 1 and (16*1024-1).|| -|**bootOrder**|int|BootOrder is an integer value > 0, used to determine ordering of boot devices. Lower values take precedence. Each interface or disk that has a boot order must have a unique value. Interfaces without a boot order are not tried.|| -|**bridge**|any|InterfaceBridge connects to a given network via a linux bridge.|| -|**dhcpOptions**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0DhcpOptions](#kubevirtiov1virtualmachineinstancespecdomaindevicesinterfacesitems0dhcpoptions)|dhcp options|| -|**macAddress**|str|Interface MAC address. For example: de:ad:00:00:be:af or DE-AD-00-00-BE-AF.|| -|**macvtap**|any|InterfaceMacvtap connects to a given network by extending the Kubernetes node's L2 networks via a macvtap interface.|| -|**masquerade**|any|InterfaceMasquerade connects to a given network using netfilter rules to nat the traffic.|| -|**model**|str|Interface model. One of: e1000, e1000e, ne2k_pci, pcnet, rtl8139, virtio. Defaults to virtio. TODO:(ihar) switch to enums once opengen-api supports them. See: https://github.com/kubernetes/kube-openapi/issues/51|| -|**name** `required`|str|Logical name of the interface as well as a reference to the associated networks. Must match the Name of a Network.|| -|**passt**|any|InterfacePasst connects to a given network.|| -|**pciAddress**|str|If specified, the virtual network interface will be placed on the guests pci address with the specified PCI address. For example: 0000:81:01.10|| -|**ports**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0PortsItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesinterfacesitems0portsitems0)]|List of ports to be forwarded to the virtual machine.|| -|**slirp**|any|InterfaceSlirp connects to a given network using QEMU user networking mode.|| -|**sriov**|any|InterfaceSRIOV connects to a given network by passing-through an SR-IOV PCI device via vfio.|| -|**tag**|str|If specified, the virtual network interface address and its tag will be provided to the guest via config drive|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0DhcpOptions +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Google -If specified the network interface will pass additional DHCP options to the VMI +google enables user authentication using Google credentials #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**bootFileName**|str|If specified will pass option 67 to interface's DHCP server|| -|**ntpServers**|[str]|If specified will pass the configured NTP server to the VM via DHCP option 042.|| -|**privateOptions**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0DhcpOptionsPrivateOptionsItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesinterfacesitems0dhcpoptionsprivateoptionsitems0)]|If specified will pass extra DHCP options for private use, range: 224-254|| -|**tftpServerName**|str|If specified will pass option 66 to interface's DHCP server|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0DhcpOptionsPrivateOptionsItems0 +|**clientID**|str|clientID is the oauth client ID|| +|**clientSecret**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GoogleClientSecret](#configopenshiftiov1oauthspecidentityprovidersitems0googleclientsecret)|client secret|| +|**hostedDomain**|str|hostedDomain is the optional Google App domain (e.g. "mycompany.com") to restrict logins to|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GoogleClientSecret -DHCPExtraOptions defines Extra DHCP options for a VM. +clientSecret is a required reference to the secret by name containing the oauth client secret. The key "clientSecret" is used to locate the data. If the secret or expected key is not found, the identity provider is not honored. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**option** `required`|int|Option is an Integer value from 224-254 Required.|| -|**value** `required`|str|Value is a String value for the Option provided Required.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0PortsItems0 +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Htpasswd -Port represents a port to expose from the virtual machine. Default protocol TCP. The port field is mandatory +htpasswd enables user authentication using an HTPasswd file to validate credentials #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name**|str|If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.|| -|**port** `required`|int|Number of port to expose for the virtual machine. This must be a valid port number, 0 < x < 65536.|| -|**protocol**|str||| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesSound +|**fileData**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0HtpasswdFileData](#configopenshiftiov1oauthspecidentityprovidersitems0htpasswdfiledata)|file data|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0HtpasswdFileData -Whether to emulate a sound device. +fileData is a required reference to a secret by name containing the data to use as the htpasswd file. The key "htpasswd" is used to locate the data. If the secret or expected key is not found, the identity provider is not honored. If the specified htpasswd data is not valid, the identity provider is not honored. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**model**|str|We only support ich9 or ac97. If SoundDevice is not set: No sound card is emulated. If SoundDevice is set but Model is not: ich9|| -|**name** `required`|str|User's defined name for this sound device|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesWatchdog +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Keystone -Watchdog describes a watchdog device which can be added to the vmi. +keystone enables user authentication using keystone password credentials #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**i6300esb**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesWatchdogI6300esb](#kubevirtiov1virtualmachineinstancespecdomaindeviceswatchdogi6300esb)|i6300esb|| -|**name** `required`|str|Name of the watchdog.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesWatchdogI6300esb +|**ca**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneCa](#configopenshiftiov1oauthspecidentityprovidersitems0keystoneca)|ca|| +|**domainName**|str|domainName is required for keystone v3|| +|**tlsClientCert**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientCert](#configopenshiftiov1oauthspecidentityprovidersitems0keystonetlsclientcert)|tls client cert|| +|**tlsClientKey**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientKey](#configopenshiftiov1oauthspecidentityprovidersitems0keystonetlsclientkey)|tls client key|| +|**url**|str|url is the remote URL to connect to|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneCa -i6300esb watchdog device. +ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. The namespace for this config map is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**action**|str|The action to take. Valid values are poweroff, reset, shutdown. Defaults to reset.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeatures +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientCert -Features like acpi, apic, hyperv, smm. +tlsClientCert is an optional reference to a secret by name that contains the PEM-encoded TLS client certificate to present when connecting to the server. The key "tls.crt" is used to locate the data. If specified and the secret or expected key is not found, the identity provider is not honored. If the specified certificate data is not valid, the identity provider is not honored. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**acpi**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesAcpi](#kubevirtiov1virtualmachineinstancespecdomainfeaturesacpi)|acpi|| -|**apic**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesApic](#kubevirtiov1virtualmachineinstancespecdomainfeaturesapic)|apic|| -|**hyperv**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHyperv](#kubevirtiov1virtualmachineinstancespecdomainfeatureshyperv)|hyperv|| -|**kvm**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesKvm](#kubevirtiov1virtualmachineinstancespecdomainfeatureskvm)|kvm|| -|**pvspinlock**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesPvspinlock](#kubevirtiov1virtualmachineinstancespecdomainfeaturespvspinlock)|pvspinlock|| -|**smm**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesSmm](#kubevirtiov1virtualmachineinstancespecdomainfeaturessmm)|smm|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesAcpi +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientKey -ACPI enables/disables ACPI inside the guest. Defaults to enabled. +tlsClientKey is an optional reference to a secret by name that contains the PEM-encoded TLS private key for the client certificate referenced in tlsClientCert. The key "tls.key" is used to locate the data. If specified and the secret or expected key is not found, the identity provider is not honored. If the specified certificate data is not valid, the identity provider is not honored. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesApic +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Ldap -Defaults to the machine type setting. +ldap enables user authentication using LDAP credentials #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -|**endOfInterrupt**|bool|EndOfInterrupt enables the end of interrupt notification in the guest. Defaults to false.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHyperv +|**attributes**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapAttributes](#configopenshiftiov1oauthspecidentityprovidersitems0ldapattributes)|attributes|| +|**bindDN**|str|bindDN is an optional DN to bind with during the search phase.|| +|**bindPassword**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapBindPassword](#configopenshiftiov1oauthspecidentityprovidersitems0ldapbindpassword)|bind password|| +|**ca**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapCa](#configopenshiftiov1oauthspecidentityprovidersitems0ldapca)|ca|| +|**insecure**|bool|insecure, if true, indicates the connection should not use TLS WARNING: Should not be set to `true` with the URL scheme "ldaps://" as "ldaps://" URLs always attempt to connect using TLS, even when `insecure` is set to `true` When `true`, "ldap://" URLS connect insecurely. When `false`, "ldap://" URLs are upgraded to a TLS connection using StartTLS as specified in https://tools.ietf.org/html/rfc2830.|| +|**url**|str|url is an RFC 2255 URL which specifies the LDAP search parameters to use. The syntax of the URL is: ldap://host:port/basedn?attribute?scope?filter|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapAttributes -Defaults to the machine type setting. +attributes maps LDAP attributes to identities #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**evmcs**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervEvmcs](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervevmcs)|evmcs|| -|**frequencies**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervFrequencies](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervfrequencies)|frequencies|| -|**ipi**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervIpi](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervipi)|ipi|| -|**reenlightenment**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervReenlightenment](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervreenlightenment)|reenlightenment|| -|**relaxed**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervRelaxed](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervrelaxed)||| -|**reset**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervReset](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervreset)|reset|| -|**runtime**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervRuntime](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervruntime)|runtime|| -|**spinlocks**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSpinlocks](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervspinlocks)|spinlocks|| -|**synic**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynic](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervsynic)|synic|| -|**synictimer**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynictimer](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervsynictimer)|synictimer|| -|**tlbflush**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervTlbflush](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervtlbflush)|tlbflush|| -|**vapic**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVapic](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervvapic)|vapic|| -|**vendorid**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVendorid](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervvendorid)|vendorid|| -|**vpindex**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVpindex](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervvpindex)|vpindex|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervEvmcs +|**email**|[str]|email is the list of attributes whose values should be used as the email address. Optional. If unspecified, no email is set for the identity|| +|**id**|[str]|id is the list of attributes whose values should be used as the user ID. Required. First non-empty attribute is used. At least one attribute is required. If none of the listed attribute have a value, authentication fails. LDAP standard identity attribute is "dn"|| +|**name**|[str]|name is the list of attributes whose values should be used as the display name. Optional. If unspecified, no display name is set for the identity LDAP standard display name attribute is "cn"|| +|**preferredUsername**|[str]|preferredUsername is the list of attributes whose values should be used as the preferred username. LDAP standard login attribute is "uid"|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapBindPassword -EVMCS Speeds up L2 vmexits, but disables other virtualization features. Requires vapic. Defaults to the machine type setting. +bindPassword is an optional reference to a secret by name containing a password to bind with during the search phase. The key "bindPassword" is used to locate the data. If specified and the secret or expected key is not found, the identity provider is not honored. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervFrequencies +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapCa -Frequencies improves the TSC clock source handling for Hyper-V on KVM. Defaults to the machine type setting. +ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. The namespace for this config map is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervIpi +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenID -IPI improves performances in overcommited environments. Requires vpindex. Defaults to the machine type setting. +openID enables user authentication using OpenID credentials #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervReenlightenment +|**ca**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDCa](#configopenshiftiov1oauthspecidentityprovidersitems0openidca)|ca|| +|**claims**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClaims](#configopenshiftiov1oauthspecidentityprovidersitems0openidclaims)|claims|| +|**clientID**|str|clientID is the oauth client ID|| +|**clientSecret**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClientSecret](#configopenshiftiov1oauthspecidentityprovidersitems0openidclientsecret)|client secret|| +|**extraAuthorizeParameters**|{str:str}|extraAuthorizeParameters are any custom parameters to add to the authorize request.|| +|**extraScopes**|[str]|extraScopes are any scopes to request in addition to the standard "openid" scope.|| +|**issuer**|str|issuer is the URL that the OpenID Provider asserts as its Issuer Identifier. It must use the https scheme with no query or fragment component.|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDCa -Reenlightenment enables the notifications on TSC frequency changes. Defaults to the machine type setting. +ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. The namespace for this config map is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervRelaxed +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClaims -Relaxed instructs the guest OS to disable watchdog timeouts. Defaults to the machine type setting. +claims mappings #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervReset +|**email**|[str]|email is the list of claims whose values should be used as the email address. Optional. If unspecified, no email is set for the identity|| +|**name**|[str]|name is the list of claims whose values should be used as the display name. Optional. If unspecified, no display name is set for the identity|| +|**preferredUsername**|[str]|preferredUsername is the list of claims whose values should be used as the preferred username. If unspecified, the preferred username is determined from the value of the sub claim|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClientSecret -Reset enables Hyperv reboot/reset for the vmi. Requires synic. Defaults to the machine type setting. +clientSecret is a required reference to the secret by name containing the oauth client secret. The key "clientSecret" is used to locate the data. If the secret or expected key is not found, the identity provider is not honored. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervRuntime +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeader -Runtime improves the time accounting to improve scheduling in the guest. Defaults to the machine type setting. +requestHeader enables user authentication using request header credentials #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSpinlocks +|**ca**|[ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeaderCa](#configopenshiftiov1oauthspecidentityprovidersitems0requestheaderca)|ca|| +|**challengeURL**|str|challengeURL is a URL to redirect unauthenticated /authorize requests to Unauthenticated requests from OAuth clients which expect WWW-Authenticate challenges will be redirected here. ${url} is replaced with the current URL, escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} Required when challenge is set to true.|| +|**clientCommonNames**|[str]|clientCommonNames is an optional list of common names to require a match from. If empty, any client certificate validated against the clientCA bundle is considered authoritative.|| +|**emailHeaders**|[str]|emailHeaders is the set of headers to check for the email address|| +|**headers**|[str]|headers is the set of headers to check for identity information|| +|**loginURL**|str|loginURL is a URL to redirect unauthenticated /authorize requests to Unauthenticated requests from OAuth clients which expect interactive logins will be redirected here ${url} is replaced with the current URL, escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} Required when login is set to true.|| +|**nameHeaders**|[str]|nameHeaders is the set of headers to check for the display name|| +|**preferredUsernameHeaders**|[str]|preferredUsernameHeaders is the set of headers to check for the preferred username|| +### ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeaderCa -Spinlocks allows to configure the spinlock retry attempts. +ca is a required reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. Specifically, it allows verification of incoming requests to prevent header spoofing. The key "ca.crt" is used to locate the data. If the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. The namespace for this config map is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -|**spinlocks**|int|Retries indicates the number of retries. Must be a value greater or equal 4096. Defaults to 4096.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynic +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1OAuthSpecTemplates -SyNIC enables the Synthetic Interrupt Controller. Defaults to the machine type setting. +templates allow you to customize pages like the login page. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynictimer +|**error**|[ConfigOpenshiftIoV1OAuthSpecTemplatesError](#configopenshiftiov1oauthspectemplateserror)|error|| +|**login**|[ConfigOpenshiftIoV1OAuthSpecTemplatesLogin](#configopenshiftiov1oauthspectemplateslogin)|login|| +|**providerSelection**|[ConfigOpenshiftIoV1OAuthSpecTemplatesProviderSelection](#configopenshiftiov1oauthspectemplatesproviderselection)|provider selection|| +### ConfigOpenshiftIoV1OAuthSpecTemplatesError -SyNICTimer enables Synthetic Interrupt Controller Timers, reducing CPU load. Defaults to the machine type setting. +error is the name of a secret that specifies a go template to use to render error pages during the authentication or grant flow. The key "errors.html" is used to locate the template data. If specified and the secret or expected key is not found, the default error page is used. If the specified template is not valid, the default error page is used. If unspecified, the default error page is used. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**direct**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynictimerDirect](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervsynictimerdirect)|direct|| -|**enabled**|bool|enabled|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynictimerDirect +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecTemplatesLogin -Represents if a feature is enabled or disabled. +login is the name of a secret that specifies a go template to use to render the login page. The key "login.html" is used to locate the template data. If specified and the secret or expected key is not found, the default login page is used. If the specified template is not valid, the default login page is used. If unspecified, the default login page is used. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervTlbflush +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecTemplatesProviderSelection -TLBFlush improves performances in overcommited environments. Requires vpindex. Defaults to the machine type setting. +providerSelection is the name of a secret that specifies a go template to use to render the provider selection page. The key "providers.html" is used to locate the template data. If specified and the secret or expected key is not found, the default provider selection page is used. If the specified template is not valid, the default provider selection page is used. If unspecified, the default provider selection page is used. The namespace for this secret is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVapic +|**name** `required`|str|name is the metadata.name of the referenced secret|| +### ConfigOpenshiftIoV1OAuthSpecTokenConfig -VAPIC improves the paravirtualized handling of interrupts. Defaults to the machine type setting. +tokenConfig contains options for authorization and access tokens #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVendorid +|**accessTokenInactivityTimeoutSeconds**|int|accessTokenInactivityTimeoutSeconds defines the default token inactivity timeout for tokens granted by any client. The value represents the maximum amount of time that can occur between consecutive uses of the token. Tokens become invalid if they are not used within this temporal window. The user will need to acquire a new token to regain access once a token times out. Valid values are integer values: x < 0 Tokens time out is enabled but tokens never timeout unless configured per client (e.g. `-1`) x = 0 Tokens time out is disabled (default) x > 0 Tokens time out if there is no activity for x seconds The current minimum allowed value for X is 300 (5 minutes)|| +|**accessTokenMaxAgeSeconds**|int|accessTokenMaxAgeSeconds defines the maximum age of access tokens|| +### ConfigOpenshiftIoV1OperatorHubSpec -VendorID allows setting the hypervisor vendor id. Defaults to the machine type setting. +OperatorHubSpec defines the desired state of OperatorHub #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -|**vendorid**|str|VendorID sets the hypervisor vendor id, visible to the vmi. String up to twelve characters.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVpindex +|**disableAllDefaultSources**|bool|disableAllDefaultSources allows you to disable all the default hub sources. If this is true, a specific entry in sources can be used to enable a default source. If this is false, a specific entry in sources can be used to disable or enable a default source.|| +|**sources**|[[ConfigOpenshiftIoV1OperatorHubSpecSourcesItems0](#configopenshiftiov1operatorhubspecsourcesitems0)]|sources is the list of default hub sources and their configuration. If the list is empty, it implies that the default hub sources are enabled on the cluster unless disableAllDefaultSources is true. If disableAllDefaultSources is true and sources is not empty, the configuration present in sources will take precedence. The list of default hub sources and their current state will always be reflected in the status block.|| +### ConfigOpenshiftIoV1OperatorHubSpecSourcesItems0 -VPIndex enables the Virtual Processor Index to help windows identifying virtual processors. Defaults to the machine type setting. +HubSource is used to specify the hub source and its configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesKvm +|**disabled**|bool|disabled is used to disable a default hub source on cluster|| +|**name**|str|name is the name of one of the default hub sources|| +### ConfigOpenshiftIoV1OperatorHubStatus -Configure how KVM presence is exposed to the guest. +OperatorHubStatus defines the observed state of OperatorHub. The current state of the default hub sources will always be reflected here. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**hidden**|bool|Hide the KVM hypervisor from standard MSR based discovery. Defaults to false|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesPvspinlock +|**sources**|[[ConfigOpenshiftIoV1OperatorHubStatusSourcesItems0](#configopenshiftiov1operatorhubstatussourcesitems0)]|sources encapsulates the result of applying the configuration for each hub source|| +### ConfigOpenshiftIoV1OperatorHubStatusSourcesItems0 -Notify the guest that the host supports paravirtual spinlocks. For older kernels this feature should be explicitly disabled. +HubSourceStatus is used to reflect the current state of applying the configuration to a default source #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesSmm +|**disabled**|bool|disabled is used to disable a default hub source on cluster|| +|**message**|str|message provides more information regarding failures|| +|**name**|str|name is the name of one of the default hub sources|| +|**status**|str|status indicates success or failure in applying the configuration|| +### ConfigOpenshiftIoV1ProjectSpec -SMM enables/disables System Management Mode. TSEG not yet implemented. +spec holds user settable values for configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmware +|**projectRequestMessage**|str|projectRequestMessage is the string presented to a user if they are unable to request a project via the projectrequest api endpoint|| +|**projectRequestTemplate**|[ConfigOpenshiftIoV1ProjectSpecProjectRequestTemplate](#configopenshiftiov1projectspecprojectrequesttemplate)|project request template|| +### ConfigOpenshiftIoV1ProjectSpecProjectRequestTemplate -Firmware. +projectRequestTemplate is the template to use for creating projects in response to projectrequest. This must point to a template in 'openshift-config' namespace. It is optional. If it is not specified, a default template is used. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**bootloader**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloader](#kubevirtiov1virtualmachineinstancespecdomainfirmwarebootloader)|bootloader|| -|**kernelBoot**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareKernelBoot](#kubevirtiov1virtualmachineinstancespecdomainfirmwarekernelboot)|kernel boot|| -|**serial**|str|The system-serial-number in SMBIOS|| -|**uuid**|str|UUID reported by the vmi bios. Defaults to a random generated uid.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloader +|**name**|str|name is the metadata.name of the referenced project request template|| +### ConfigOpenshiftIoV1ProxySpec -Settings to control the bootloader that is used. +Spec holds user-settable values for the proxy configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**bios**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloaderBios](#kubevirtiov1virtualmachineinstancespecdomainfirmwarebootloaderbios)|bios|| -|**efi**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloaderEfi](#kubevirtiov1virtualmachineinstancespecdomainfirmwarebootloaderefi)|efi|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloaderBios +|**httpProxy**|str|httpProxy is the URL of the proxy for HTTP requests. Empty means unset and will not result in an env var.|| +|**httpsProxy**|str|httpsProxy is the URL of the proxy for HTTPS requests. Empty means unset and will not result in an env var.|| +|**noProxy**|str|noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. Empty means unset and will not result in an env var.|| +|**readinessEndpoints**|[str]|readinessEndpoints is a list of endpoints used to verify readiness of the proxy.|| +|**trustedCA**|[ConfigOpenshiftIoV1ProxySpecTrustedCA](#configopenshiftiov1proxyspectrustedca)|trusted c a|| +### ConfigOpenshiftIoV1ProxySpecTrustedCA -If set (default), BIOS will be used. +trustedCA is a reference to a ConfigMap containing a CA certificate bundle used for client egress HTTPS connections. The certificate bundle must be from the CA that signed the proxy's certificate and be signed for everything. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from required key "ca-bundle.crt" and copying it to a ConfigMap named "trusted-ca-bundle" in the "openshift-config-managed" namespace. The namespace for the ConfigMap referenced by trustedCA is "openshift-config". Here is an example ConfigMap (in yaml): apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: \| -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE----- #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**useSerial**|bool|If set, the BIOS output will be transmitted over serial|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloaderEfi +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### ConfigOpenshiftIoV1ProxyStatus -If set, EFI will be used instead of BIOS. +status holds observed values from the cluster. They may not be overridden. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**secureBoot**|bool|If set, SecureBoot will be enabled and the OVMF roms will be swapped for SecureBoot-enabled ones. Requires SMM to be enabled. Defaults to true|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareKernelBoot +|**httpProxy**|str|httpProxy is the URL of the proxy for HTTP requests.|| +|**httpsProxy**|str|httpsProxy is the URL of the proxy for HTTPS requests.|| +|**noProxy**|str|noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used.|| +### ConfigOpenshiftIoV1SchedulerSpec -Settings to set the kernel for booting. +spec holds user settable values for configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**container**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareKernelBootContainer](#kubevirtiov1virtualmachineinstancespecdomainfirmwarekernelbootcontainer)|container|| -|**kernelArgs**|str|Arguments to be passed to the kernel at boot time|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareKernelBootContainer +|**defaultNodeSelector**|str|defaultNodeSelector helps set the cluster-wide default node selector to restrict pod placement to specific nodes. This is applied to the pods created in all namespaces without a specified nodeSelector value. For example, defaultNodeSelector: "type=user-node,region=east" would set nodeSelector field in pod spec to "type=user-node,region=east" to all pods created in all namespaces. Namespaces having project-wide node selectors won't be impacted even if this field is set. This adds an annotation section to the namespace. For example, if a new namespace is created with node-selector='type=user-node,region=east', the annotation openshift.io/node-selector: type=user-node,region=east gets added to the project. When the openshift.io/node-selector annotation is set on the project the value is used in preference to the value we are setting for defaultNodeSelector field. For instance, openshift.io/node-selector: "type=user-node,region=west" means that the default of "type=user-node,region=east" set in defaultNodeSelector would not be applied.|| +|**mastersSchedulable**|bool|MastersSchedulable allows masters nodes to be schedulable. When this flag is turned on, all the master nodes in the cluster will be made schedulable, so that workload pods can run on them. The default value for this field is false, meaning none of the master nodes are schedulable. Important Note: Once the workload pods start running on the master nodes, extreme care must be taken to ensure that cluster-critical control plane components are not impacted. Please turn on this field after doing due diligence.|| +|**policy**|[ConfigOpenshiftIoV1SchedulerSpecPolicy](#configopenshiftiov1schedulerspecpolicy)|policy|| +### ConfigOpenshiftIoV1SchedulerSpecPolicy -Container defines the container that containes kernel artifacts +policy is a reference to a ConfigMap containing scheduler policy which has user specified predicates and priorities. If this ConfigMap is not available scheduler will default to use DefaultAlgorithmProvider. The namespace for this configmap is openshift-config. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**image** `required`|str|Image that contains initrd / kernel files.|| -|**imagePullPolicy**|str|Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images|| -|**imagePullSecret**|str|ImagePullSecret is the name of the Docker registry secret required to pull the image. The secret must already exist.|| -|**initrdPath**|str|the fully-qualified path to the ramdisk image in the host OS|| -|**kernelPath**|str|The fully-qualified path to the kernel image in the host OS|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainLaunchSecurity +|**name** `required`|str|name is the metadata.name of the referenced config map|| +### FeatureGate -Launch Security setting of the vmi. +Feature holds cluster-wide information about feature gates. The canonical name is `cluster` #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**sev**|any|AMD Secure Encrypted Virtualization (SEV).|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainMachine +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"FeatureGate"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"FeatureGate"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1FeatureGateSpec](#configopenshiftiov1featuregatespec)|spec|| +|**status**|any|status holds observed values from the cluster. They may not be overridden.|| +### Image -Machine type. +Image governs policies related to imagestream imports and runtime configuration for external registries. It allows cluster admins to configure which registries OpenShift is allowed to import images from, extra CA trust bundles for external registries, and policies to blacklist/whitelist registry hostnames. When exposing OpenShift's image registry to the public, this also lets cluster admins specify the external hostname. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**type**|str||| -### KubevirtIoV1VirtualMachineInstanceSpecDomainMemory +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"Image"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Image"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1ImageSpec](#configopenshiftiov1imagespec)|spec|| +|**status**|[ConfigOpenshiftIoV1ImageStatus](#configopenshiftiov1imagestatus)|status|| +### Infrastructure -Memory allow specifying the VMI memory features. +Infrastructure holds cluster-wide information about Infrastructure. The canonical name is `cluster` #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**guest**|int | str|Guest allows to specifying the amount of memory which is visible inside the Guest OS. The Guest must lie between Requests and Limits from the resources section. Defaults to the requested memory in the resources section if not specified.|| -|**hugepages**|[KubevirtIoV1VirtualMachineInstanceSpecDomainMemoryHugepages](#kubevirtiov1virtualmachineinstancespecdomainmemoryhugepages)|hugepages|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainMemoryHugepages +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"Infrastructure"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Infrastructure"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1InfrastructureSpec](#configopenshiftiov1infrastructurespec)|spec|| +|**status**|[ConfigOpenshiftIoV1InfrastructureStatus](#configopenshiftiov1infrastructurestatus)|status|| +### Ingress -Hugepages allow to use hugepages for the VirtualMachineInstance instead of regular memory. +Ingress holds cluster-wide information about ingress, including the default ingress domain used for routes. The canonical name is `cluster`. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**pageSize**|str|PageSize specifies the hugepage size, for x86_64 architecture valid values are 1Gi and 2Mi.|| -### KubevirtIoV1VirtualMachineInstanceSpecDomainResources +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"Ingress"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Ingress"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1IngressSpec](#configopenshiftiov1ingressspec)|spec|| +|**status**|any|status holds observed values from the cluster. They may not be overridden.|| +### IngressController -Resources describes the Compute Resources required by this vmi. +IngressController describes a managed ingress controller for the cluster. The controller can service OpenShift Route and Kubernetes Ingress resources. When an IngressController is created, a new ingress controller deployment is created to allow external traffic to reach the services that expose Ingress or Route resources. Updating this resource may lead to disruption for public facing network connections as a new ingress controller revision may be rolled out. https://kubernetes.io/docs/concepts/services-networking/ingress-controllers Whenever possible, sensible defaults for the platform are used. See each field for more details. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**limits**|{str:int | str}|Limits describes the maximum amount of compute resources allowed. Valid resource keys are "memory" and "cpu".|| -|**overcommitGuestOverhead**|bool|Don't ask the scheduler to take the guest-management overhead into account. Instead put the overhead only into the container's memory limit. This can lead to crashes if all memory is in use on a node. Defaults to false.|| -|**requests**|{str:int | str}|Requests is a description of the initial vmi resources. Valid resource keys are "memory" and "cpu".|| -### KubevirtIoV1VirtualMachineInstanceSpecLivenessProbe +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"IngressController"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"IngressController"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec**|[OperatorOpenshiftIoV1IngressControllerSpec](#operatoropenshiftiov1ingresscontrollerspec)|spec|| +|**status**|[OperatorOpenshiftIoV1IngressControllerStatus](#operatoropenshiftiov1ingresscontrollerstatus)|status|| +### K8sCniCncfIoV1NetworkAttachmentDefinitionSpec -Periodic probe of VirtualMachineInstance liveness. VirtualmachineInstances will be stopped if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +NetworkAttachmentDefinition spec defines the desired state of a network attachment #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**exec**|[KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeExec](#kubevirtiov1virtualmachineinstancespeclivenessprobeexec)|exec|| -|**failureThreshold**|int|Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.|| -|**guestAgentPing**|any|GuestAgentPing contacts the qemu-guest-agent for availability checks.|| -|**httpGet**|[KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeHTTPGet](#kubevirtiov1virtualmachineinstancespeclivenessprobehttpget)|http get|| -|**initialDelaySeconds**|int|Number of seconds after the VirtualMachineInstance has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes|| -|**periodSeconds**|int|How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.|| -|**successThreshold**|int|Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.|| -|**tcpSocket**|[KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeTCPSocket](#kubevirtiov1virtualmachineinstancespeclivenessprobetcpsocket)|tcp socket|| -|**timeoutSeconds**|int|Number of seconds after which the probe times out. For exec probes the timeout fails the probe but does not terminate the command running on the guest. This means a blocking command can result in an increasing load on the guest. A small buffer will be added to the resulting workload exec probe to compensate for delays caused by the qemu guest exec mechanism. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes|| -### KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeExec +|**config**|str|NetworkAttachmentDefinition config is a JSON-formatted CNI configuration|| +### KubeAPIServer -One and only one of the following should be specified. Exec specifies the action to take, it will be executed on the guest through the qemu-guest-agent. If the guest agent is not available, this probe will fail. +KubeAPIServer provides information to configure an operator to manage kube-apiserver. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**command**|[str]|Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('\|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.|| -### KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeHTTPGet +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"KubeAPIServer"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"KubeAPIServer"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1KubeAPIServerSpec](#operatoropenshiftiov1kubeapiserverspec)|spec|| +|**status**|[OperatorOpenshiftIoV1KubeAPIServerStatus](#operatoropenshiftiov1kubeapiserverstatus)|status|| +### KubeControllerManager -HTTPGet specifies the http request to perform. +KubeControllerManager provides information to configure an operator to manage kube-controller-manager. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**host**|str|Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.|| -|**httpHeaders**|[[KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeHTTPGetHTTPHeadersItems0](#kubevirtiov1virtualmachineinstancespeclivenessprobehttpgethttpheadersitems0)]|Custom headers to set in the request. HTTP allows repeated headers.|| -|**path**|str|Path to access on the HTTP server.|| -|**port** `required`|int | str|Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.|| -|**scheme**|str|Scheme to use for connecting to the host. Defaults to HTTP.|| -### KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeHTTPGetHTTPHeadersItems0 +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"KubeControllerManager"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"KubeControllerManager"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1KubeControllerManagerSpec](#operatoropenshiftiov1kubecontrollermanagerspec)|spec|| +|**status**|[OperatorOpenshiftIoV1KubeControllerManagerStatus](#operatoropenshiftiov1kubecontrollermanagerstatus)|status|| +### KubeScheduler -HTTPHeader describes a custom header to be used in HTTP probes +KubeScheduler provides information to configure an operator to manage scheduler. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name** `required`|str|The header field name|| -|**value** `required`|str|The header field value|| -### KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeTCPSocket +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"KubeScheduler"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"KubeScheduler"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1KubeSchedulerSpec](#operatoropenshiftiov1kubeschedulerspec)|spec|| +|**status**|[OperatorOpenshiftIoV1KubeSchedulerStatus](#operatoropenshiftiov1kubeschedulerstatus)|status|| +### KubeStorageVersionMigrator -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +KubeStorageVersionMigrator provides information to configure an operator to manage kube-storage-version-migrator. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**host**|str|Optional: Host name to connect to, defaults to the pod IP.|| -|**port** `required`|int | str|Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.|| -### KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0 +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"KubeStorageVersionMigrator"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"KubeStorageVersionMigrator"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1KubeStorageVersionMigratorSpec](#operatoropenshiftiov1kubestorageversionmigratorspec)|spec|| +|**status**|[OperatorOpenshiftIoV1KubeStorageVersionMigratorStatus](#operatoropenshiftiov1kubestorageversionmigratorstatus)|status|| +### KubeVirt -Network represents a network type and a resource that should be connected to the vm. +KubeVirt represents the object deploying all KubeVirt resources #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**multus**|[KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0Multus](#kubevirtiov1virtualmachineinstancespecnetworksitems0multus)|multus|| -|**name** `required`|str|Network name. Must be a DNS_LABEL and unique within the vm. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names|| -|**pod**|[KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0Pod](#kubevirtiov1virtualmachineinstancespecnetworksitems0pod)|pod|| -### KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0Multus +|**apiVersion** `required` `readOnly`|"kubevirt.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"kubevirt.io/v1"| +|**kind** `required` `readOnly`|"KubeVirt"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"KubeVirt"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[KubevirtIoV1KubeVirtSpec](#kubevirtiov1kubevirtspec)|spec|| +|**status**|[KubevirtIoV1KubeVirtStatus](#kubevirtiov1kubevirtstatus)|status|| +### KubevirtIoV1KubeVirtSpec -Represents the multus cni network. +kubevirt io v1 kube virt spec #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**default**|bool|Select the default network and add it to the multus-cni.io/default-network annotation.|| -|**networkName** `required`|str|References to a NetworkAttachmentDefinition CRD object. Format: , /. If namespace is not specified, VMI namespace is assumed.|| -### KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0Pod +|**certificateRotateStrategy**|[KubevirtIoV1KubeVirtSpecCertificateRotateStrategy](#kubevirtiov1kubevirtspeccertificaterotatestrategy)|certificate rotate strategy|| +|**configuration**|[KubevirtIoV1KubeVirtSpecConfiguration](#kubevirtiov1kubevirtspecconfiguration)|configuration|| +|**customizeComponents**|[KubevirtIoV1KubeVirtSpecCustomizeComponents](#kubevirtiov1kubevirtspeccustomizecomponents)|customize components|| +|**imagePullPolicy**|str|The ImagePullPolicy to use.|| +|**imagePullSecrets**|[[KubevirtIoV1KubeVirtSpecImagePullSecretsItems0](#kubevirtiov1kubevirtspecimagepullsecretsitems0)]|The imagePullSecrets to pull the container images from Defaults to none|| +|**imageRegistry**|str|The image registry to pull the container images from Defaults to the same registry the operator's container image is pulled from.|| +|**imageTag**|str|The image tag to use for the continer images installed. Defaults to the same tag as the operator's container image.|| +|**infra**|[KubevirtIoV1KubeVirtSpecInfra](#kubevirtiov1kubevirtspecinfra)|infra|| +|**monitorAccount**|str|The name of the Prometheus service account that needs read-access to KubeVirt endpoints Defaults to prometheus-k8s|| +|**monitorNamespace**|str|The namespace Prometheus is deployed in Defaults to openshift-monitor|| +|**productComponent**|str|Designate the apps.kubevirt.io/component label for KubeVirt components. Useful if KubeVirt is included as part of a product. If ProductComponent is not specified, the component label default value is kubevirt.|| +|**productName**|str|Designate the apps.kubevirt.io/part-of label for KubeVirt components. Useful if KubeVirt is included as part of a product. If ProductName is not specified, the part-of label will be omitted.|| +|**productVersion**|str|Designate the apps.kubevirt.io/version label for KubeVirt components. Useful if KubeVirt is included as part of a product. If ProductVersion is not specified, KubeVirt's version will be used.|| +|**serviceMonitorNamespace**|str|The namespace the service monitor will be deployed When ServiceMonitorNamespace is set, then we'll install the service monitor object in that namespace otherwise we will use the monitoring namespace.|| +|**uninstallStrategy**|str|Specifies if kubevirt can be deleted if workloads are still present. This is mainly a precaution to avoid accidental data loss|| +|**workloadUpdateStrategy**|[KubevirtIoV1KubeVirtSpecWorkloadUpdateStrategy](#kubevirtiov1kubevirtspecworkloadupdatestrategy)|workload update strategy|| +|**workloads**|[KubevirtIoV1KubeVirtSpecWorkloads](#kubevirtiov1kubevirtspecworkloads)|workloads|| +### KubevirtIoV1KubeVirtSpecCertificateRotateStrategy -Represents the stock pod network interface. +kubevirt io v1 kube virt spec certificate rotate strategy #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**vmIPv6NetworkCIDR**|str|IPv6 CIDR for the vm network. Defaults to fd10:0:2::/120 if not specified.|| -|**vmNetworkCIDR**|str|CIDR for vm network. Default 10.0.2.0/24 if not specified.|| -### KubevirtIoV1VirtualMachineInstanceSpecReadinessProbe +|**selfSigned**|[KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSigned](#kubevirtiov1kubevirtspeccertificaterotatestrategyselfsigned)|self signed|| +### KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSigned -Periodic probe of VirtualMachineInstance service readiness. VirtualmachineInstances will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +kubevirt io v1 kube virt spec certificate rotate strategy self signed #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**exec**|[KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeExec](#kubevirtiov1virtualmachineinstancespecreadinessprobeexec)|exec|| -|**failureThreshold**|int|Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.|| -|**guestAgentPing**|any|GuestAgentPing contacts the qemu-guest-agent for availability checks.|| -|**httpGet**|[KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeHTTPGet](#kubevirtiov1virtualmachineinstancespecreadinessprobehttpget)|http get|| -|**initialDelaySeconds**|int|Number of seconds after the VirtualMachineInstance has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes|| -|**periodSeconds**|int|How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.|| -|**successThreshold**|int|Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.|| -|**tcpSocket**|[KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeTCPSocket](#kubevirtiov1virtualmachineinstancespecreadinessprobetcpsocket)|tcp socket|| -|**timeoutSeconds**|int|Number of seconds after which the probe times out. For exec probes the timeout fails the probe but does not terminate the command running on the guest. This means a blocking command can result in an increasing load on the guest. A small buffer will be added to the resulting workload exec probe to compensate for delays caused by the qemu guest exec mechanism. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes|| -### KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeExec +|**ca**|[KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedCa](#kubevirtiov1kubevirtspeccertificaterotatestrategyselfsignedca)|ca|| +|**caOverlapInterval**|str|Deprecated. Use CA.Duration and CA.RenewBefore instead|| +|**caRotateInterval**|str|Deprecated. Use CA.Duration instead|| +|**certRotateInterval**|str|Deprecated. Use Server.Duration instead|| +|**server**|[KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedServer](#kubevirtiov1kubevirtspeccertificaterotatestrategyselfsignedserver)|server|| +### KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedCa -One and only one of the following should be specified. Exec specifies the action to take, it will be executed on the guest through the qemu-guest-agent. If the guest agent is not available, this probe will fail. +CA configuration CA certs are kept in the CA bundle as long as they are valid #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**command**|[str]|Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('\|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.|| -### KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeHTTPGet +|**duration**|str|The requested 'duration' (i.e. lifetime) of the Certificate.|| +|**renewBefore**|str|The amount of time before the currently issued certificate's "notAfter" time that we will begin to attempt to renew the certificate.|| +### KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedServer -HTTPGet specifies the http request to perform. +Server configuration Certs are rotated and discarded #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**host**|str|Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.|| -|**httpHeaders**|[[KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeHTTPGetHTTPHeadersItems0](#kubevirtiov1virtualmachineinstancespecreadinessprobehttpgethttpheadersitems0)]|Custom headers to set in the request. HTTP allows repeated headers.|| -|**path**|str|Path to access on the HTTP server.|| -|**port** `required`|int | str|Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.|| -|**scheme**|str|Scheme to use for connecting to the host. Defaults to HTTP.|| -### KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeHTTPGetHTTPHeadersItems0 +|**duration**|str|The requested 'duration' (i.e. lifetime) of the Certificate.|| +|**renewBefore**|str|The amount of time before the currently issued certificate's "notAfter" time that we will begin to attempt to renew the certificate.|| +### KubevirtIoV1KubeVirtSpecConfiguration -HTTPHeader describes a custom header to be used in HTTP probes +holds kubevirt configurations. same as the virt-configMap #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name** `required`|str|The header field name|| -|**value** `required`|str|The header field value|| -### KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeTCPSocket +|**additionalGuestMemoryOverheadRatio**|str|AdditionalGuestMemoryOverheadRatio can be used to increase the virtualization infrastructure overhead. This is useful, since the calculation of this overhead is not accurate and cannot be entirely known in advance. The ratio that is being set determines by which factor to increase the overhead calculated by Kubevirt. A higher ratio means that the VMs would be less compromised by node pressures, but would mean that fewer VMs could be scheduled to a node. If not set, the default is 1.|| +|**apiConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationAPIConfiguration](#kubevirtiov1kubevirtspecconfigurationapiconfiguration)|api configuration|| +|**architectureConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfiguration](#kubevirtiov1kubevirtspecconfigurationarchitectureconfiguration)|architecture configuration|| +|**autoCPULimitNamespaceLabelSelector**|[KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelector](#kubevirtiov1kubevirtspecconfigurationautocpulimitnamespacelabelselector)|auto CPU limit namespace label selector|| +|**controllerConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationControllerConfiguration](#kubevirtiov1kubevirtspecconfigurationcontrollerconfiguration)|controller configuration|| +|**cpuModel**|str|cpu model|| +|**cpuRequest**|int \| str|cpu request|| +|**defaultRuntimeClass**|str|default runtime class|| +|**developerConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfiguration](#kubevirtiov1kubevirtspecconfigurationdeveloperconfiguration)|developer configuration|| +|**emulatedMachines**|[str]|emulated machines|| +|**evictionStrategy**|str|EvictionStrategy defines at the cluster level if the VirtualMachineInstance should be migrated instead of shut-off in case of a node drain. If the VirtualMachineInstance specific field is set it overrides the cluster level one.|| +|**handlerConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationHandlerConfiguration](#kubevirtiov1kubevirtspecconfigurationhandlerconfiguration)|handler configuration|| +|**imagePullPolicy**|str|PullPolicy describes a policy for if/when to pull a container image|| +|**ksmConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationKsmConfiguration](#kubevirtiov1kubevirtspecconfigurationksmconfiguration)|ksm configuration|| +|**liveUpdateConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationLiveUpdateConfiguration](#kubevirtiov1kubevirtspecconfigurationliveupdateconfiguration)|live update configuration|| +|**machineType**|str|Deprecated. Use architectureConfiguration instead.|| +|**mediatedDevicesConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfiguration](#kubevirtiov1kubevirtspecconfigurationmediateddevicesconfiguration)|mediated devices configuration|| +|**memBalloonStatsPeriod**|int|mem balloon stats period|| +|**migrations**|[KubevirtIoV1KubeVirtSpecConfigurationMigrations](#kubevirtiov1kubevirtspecconfigurationmigrations)|migrations|| +|**minCPUModel**|str|min CPU model|| +|**network**|[KubevirtIoV1KubeVirtSpecConfigurationNetwork](#kubevirtiov1kubevirtspecconfigurationnetwork)|network|| +|**obsoleteCPUModels**|{str:bool}|obsolete CPU models|| +|**ovmfPath**|str|ovmf path|| +|**permittedHostDevices**|[KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevices](#kubevirtiov1kubevirtspecconfigurationpermittedhostdevices)|permitted host devices|| +|**seccompConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationSeccompConfiguration](#kubevirtiov1kubevirtspecconfigurationseccompconfiguration)|seccomp configuration|| +|**selinuxLauncherType**|str|selinux launcher type|| +|**smbios**|[KubevirtIoV1KubeVirtSpecConfigurationSmbios](#kubevirtiov1kubevirtspecconfigurationsmbios)|smbios|| +|**supportContainerResources**|[[KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0](#kubevirtiov1kubevirtspecconfigurationsupportcontainerresourcesitems0)]|SupportContainerResources specifies the resource requirements for various types of supporting containers such as container disks/virtiofs/sidecars and hotplug attachment pods. If omitted a sensible default will be supplied.|| +|**supportedGuestAgentVersions**|[str]|deprecated|| +|**tlsConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationTLSConfiguration](#kubevirtiov1kubevirtspecconfigurationtlsconfiguration)|tls configuration|| +|**virtualMachineInstancesPerNode**|int|virtual machine instances per node|| +|**virtualMachineOptions**|[KubevirtIoV1KubeVirtSpecConfigurationVirtualMachineOptions](#kubevirtiov1kubevirtspecconfigurationvirtualmachineoptions)|virtual machine options|| +|**vmRolloutStrategy**|"Stage" \| "LiveUpdate"|VMRolloutStrategy defines how changes to a VM object propagate to its VMI|| +|**vmStateStorageClass**|str|VMStateStorageClass is the name of the storage class to use for the PVCs created to preserve VM state, like TPM. The storage class must support RWX in filesystem mode.|| +|**webhookConfiguration**|[KubevirtIoV1KubeVirtSpecConfigurationWebhookConfiguration](#kubevirtiov1kubevirtspecconfigurationwebhookconfiguration)|webhook configuration|| +### KubevirtIoV1KubeVirtSpecConfigurationAPIConfiguration -TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook +ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components without requiring a restart. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**host**|str|Optional: Host name to connect to, defaults to the pod IP.|| -|**port** `required`|int | str|Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.|| -### KubevirtIoV1VirtualMachineInstanceSpecTolerationsItems0 +|**restClient**|[KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClient](#kubevirtiov1kubevirtspecconfigurationapiconfigurationrestclient)|rest client|| +### KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClient -The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . +RestClient can be used to tune certain aspects of the k8s client in use. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**effect**|str|Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.|| -|**key**|str|Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.|| -|**operator**|str|Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.|| -|**tolerationSeconds**|int|TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.|| -|**value**|str|Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.|| -### KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0 +|**rateLimiter**|[KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiter](#kubevirtiov1kubevirtspecconfigurationapiconfigurationrestclientratelimiter)|rate limiter|| +### KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiter -TopologySpreadConstraint specifies how to spread matching pods among the given topology. +RateLimiter allows selecting and configuring different rate limiters for the k8s client. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**labelSelector**|[KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0LabelSelector](#kubevirtiov1virtualmachineinstancespectopologyspreadconstraintsitems0labelselector)|label selector|| -|**maxSkew** `required`|int|MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: \| zone1 \| zone2 \| zone3 \| \| P \| P \| \| - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.|| -|**topologyKey** `required`|str|TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a "bucket", and try to put balanced number of pods into each bucket. It's a required field.|| -|**whenUnsatisfiable** `required`|str|WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: \| zone1 \| zone2 \| zone3 \| \| P P P \| P \| P \| If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.|| -### KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0LabelSelector +|**tokenBucketRateLimiter**|[KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiterTokenBucketRateLimiter](#kubevirtiov1kubevirtspecconfigurationapiconfigurationrestclientratelimitertokenbucketratelimiter)|token bucket rate limiter|| +### KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiterTokenBucketRateLimiter -LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. +kubevirt io v1 kube virt spec configuration API configuration rest client rate limiter token bucket rate limiter #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespectopologyspreadconstraintsitems0labelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| -|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| -### KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0LabelSelectorMatchExpressionsItems0 +|**burst** `required`|int|Maximum burst for throttle. If it's zero, the component default will be used|| +|**qps** `required`|float|QPS indicates the maximum QPS to the apiserver from this client. If it's zero, the component default will be used|| +### KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfiguration -A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. +kubevirt io v1 kube virt spec configuration architecture configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**key** `required`|str|key is the label key that the selector applies to.|| -|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| -|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0 +|**amd64**|[KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationAmd64](#kubevirtiov1kubevirtspecconfigurationarchitectureconfigurationamd64)|amd64|| +|**arm64**|[KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationArm64](#kubevirtiov1kubevirtspecconfigurationarchitectureconfigurationarm64)|arm64|| +|**defaultArchitecture**|str|default architecture|| +|**ppc64le**|[KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationPpc64le](#kubevirtiov1kubevirtspecconfigurationarchitectureconfigurationppc64le)|ppc64le|| +### KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationAmd64 -Volume represents a named volume in a vmi. +kubevirt io v1 kube virt spec configuration architecture configuration amd64 #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**cloudInitConfigDrive**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDrive](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitconfigdrive)|cloud init config drive|| -|**cloudInitNoCloud**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloud](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitnocloud)|cloud init no cloud|| -|**configMap**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ConfigMap](#kubevirtiov1virtualmachineinstancespecvolumesitems0configmap)|config map|| -|**containerDisk**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ContainerDisk](#kubevirtiov1virtualmachineinstancespecvolumesitems0containerdisk)|container disk|| -|**dataVolume**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DataVolume](#kubevirtiov1virtualmachineinstancespecvolumesitems0datavolume)|data volume|| -|**downwardAPI**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPI](#kubevirtiov1virtualmachineinstancespecvolumesitems0downwardapi)|downward API|| -|**downwardMetrics**|any|DownwardMetrics adds a very small disk to VMIs which contains a limited view of host and guest metrics. The disk content is compatible with vhostmd (https://github.com/vhostmd/vhostmd) and vm-dump-metrics.|| -|**emptyDisk**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0EmptyDisk](#kubevirtiov1virtualmachineinstancespecvolumesitems0emptydisk)|empty disk|| -|**ephemeral**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Ephemeral](#kubevirtiov1virtualmachineinstancespecvolumesitems0ephemeral)|ephemeral|| -|**hostDisk**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0HostDisk](#kubevirtiov1virtualmachineinstancespecvolumesitems0hostdisk)|host disk|| -|**memoryDump**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0MemoryDump](#kubevirtiov1virtualmachineinstancespecvolumesitems0memorydump)|memory dump|| -|**name** `required`|str|Volume's name. Must be a DNS_LABEL and unique within the vmi. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names|| -|**persistentVolumeClaim**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0PersistentVolumeClaim](#kubevirtiov1virtualmachineinstancespecvolumesitems0persistentvolumeclaim)|persistent volume claim|| -|**secret**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Secret](#kubevirtiov1virtualmachineinstancespecvolumesitems0secret)|secret|| -|**serviceAccount**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ServiceAccount](#kubevirtiov1virtualmachineinstancespecvolumesitems0serviceaccount)|service account|| -|**sysprep**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Sysprep](#kubevirtiov1virtualmachineinstancespecvolumesitems0sysprep)|sysprep|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDrive +|**emulatedMachines**|[str]|emulated machines|| +|**machineType**|str|machine type|| +|**ovmfPath**|str|ovmf path|| +### KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationArm64 -CloudInitConfigDrive represents a cloud-init Config Drive user-data source. The Config Drive data will be added as a disk to the vmi. A proper cloud-init installation is required inside the guest. More info: https://cloudinit.readthedocs.io/en/latest/topics/datasources/configdrive.html +kubevirt io v1 kube virt spec configuration architecture configuration arm64 #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**networkData**|str|NetworkData contains config drive inline cloud-init networkdata.|| -|**networkDataBase64**|str|NetworkDataBase64 contains config drive cloud-init networkdata as a base64 encoded string.|| -|**networkDataSecretRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDriveNetworkDataSecretRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitconfigdrivenetworkdatasecretref)|network data secret ref|| -|**secretRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDriveSecretRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitconfigdrivesecretref)|secret ref|| -|**userData**|str|UserData contains config drive inline cloud-init userdata.|| -|**userDataBase64**|str|UserDataBase64 contains config drive cloud-init userdata as a base64 encoded string.|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDriveNetworkDataSecretRef +|**emulatedMachines**|[str]|emulated machines|| +|**machineType**|str|machine type|| +|**ovmfPath**|str|ovmf path|| +### KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationPpc64le -NetworkDataSecretRef references a k8s secret that contains config drive networkdata. +kubevirt io v1 kube virt spec configuration architecture configuration ppc64le #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDriveSecretRef +|**emulatedMachines**|[str]|emulated machines|| +|**machineType**|str|machine type|| +|**ovmfPath**|str|ovmf path|| +### KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelector -UserDataSecretRef references a k8s secret that contains config drive userdata. +When set, AutoCPULimitNamespaceLabelSelector will set a CPU limit on virt-launcher for VMIs running inside namespaces that match the label selector. The CPU limit will equal the number of requested vCPUs. This setting does not apply to VMIs with dedicated CPUs. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloud +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecconfigurationautocpulimitnamespacelabelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelectorMatchExpressionsItems0 -CloudInitNoCloud represents a cloud-init NoCloud user-data source. The NoCloud data will be added as a disk to the vmi. A proper cloud-init installation is required inside the guest. More info: http://cloudinit.readthedocs.io/en/latest/topics/datasources/nocloud.html +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**networkData**|str|NetworkData contains NoCloud inline cloud-init networkdata.|| -|**networkDataBase64**|str|NetworkDataBase64 contains NoCloud cloud-init networkdata as a base64 encoded string.|| -|**networkDataSecretRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloudNetworkDataSecretRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitnocloudnetworkdatasecretref)|network data secret ref|| -|**secretRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloudSecretRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitnocloudsecretref)|secret ref|| -|**userData**|str|UserData contains NoCloud inline cloud-init userdata.|| -|**userDataBase64**|str|UserDataBase64 contains NoCloud cloud-init userdata as a base64 encoded string.|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloudNetworkDataSecretRef +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecConfigurationControllerConfiguration -NetworkDataSecretRef references a k8s secret that contains NoCloud networkdata. +ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components without requiring a restart. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloudSecretRef +|**restClient**|[KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClient](#kubevirtiov1kubevirtspecconfigurationcontrollerconfigurationrestclient)|rest client|| +### KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClient -UserDataSecretRef references a k8s secret that contains NoCloud userdata. +RestClient can be used to tune certain aspects of the k8s client in use. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ConfigMap +|**rateLimiter**|[KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiter](#kubevirtiov1kubevirtspecconfigurationcontrollerconfigurationrestclientratelimiter)|rate limiter|| +### KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiter -ConfigMapSource represents a reference to a ConfigMap in the same namespace. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/ +RateLimiter allows selecting and configuring different rate limiters for the k8s client. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| -|**optional**|bool|Specify whether the ConfigMap or it's keys must be defined|| -|**volumeLabel**|str|The volume label of the resulting disk inside the VMI. Different bootstrapping mechanisms require different values. Typical values are "cidata" (cloud-init), "config-2" (cloud-init) or "OEMDRV" (kickstart).|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ContainerDisk +|**tokenBucketRateLimiter**|[KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiterTokenBucketRateLimiter](#kubevirtiov1kubevirtspecconfigurationcontrollerconfigurationrestclientratelimitertokenbucketratelimiter)|token bucket rate limiter|| +### KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiterTokenBucketRateLimiter -ContainerDisk references a docker image, embedding a qcow or raw disk. More info: https://kubevirt.gitbooks.io/user-guide/registry-disk.html +kubevirt io v1 kube virt spec configuration controller configuration rest client rate limiter token bucket rate limiter #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**image** `required`|str|Image is the name of the image with the embedded disk.|| -|**imagePullPolicy**|str|Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images|| -|**imagePullSecret**|str|ImagePullSecret is the name of the Docker registry secret required to pull the image. The secret must already exist.|| -|**path**|str|Path defines the path to disk file in the container|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DataVolume +|**burst** `required`|int|Maximum burst for throttle. If it's zero, the component default will be used|| +|**qps** `required`|float|QPS indicates the maximum QPS to the apiserver from this client. If it's zero, the component default will be used|| +### KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfiguration -DataVolume represents the dynamic creation a PVC for this volume as well as the process of populating that PVC with a disk image. +DeveloperConfiguration holds developer options #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**hotpluggable**|bool|Hotpluggable indicates whether the volume can be hotplugged and hotunplugged.|| -|**name** `required`|str|Name of both the DataVolume and the PVC in the same namespace. After PVC population the DataVolume is garbage collected by default.|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPI +|**cpuAllocationRatio**|int|For each requested virtual CPU, CPUAllocationRatio defines how much physical CPU to request per VMI from the hosting node. The value is in fraction of a CPU thread (or core on non-hyperthreaded nodes). For example, a value of 1 means 1 physical CPU thread per VMI CPU thread. A value of 100 would be 1% of a physical thread allocated for each requested VMI thread. This option has no effect on VMIs that request dedicated CPUs. More information at: https://kubevirt.io/user-guide/operations/node_overcommit/#node-cpu-allocation-ratio Defaults to 10|| +|**diskVerification**|[KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationDiskVerification](#kubevirtiov1kubevirtspecconfigurationdeveloperconfigurationdiskverification)|disk verification|| +|**featureGates**|[str]|FeatureGates is the list of experimental features to enable. Defaults to none|| +|**logVerbosity**|[KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationLogVerbosity](#kubevirtiov1kubevirtspecconfigurationdeveloperconfigurationlogverbosity)|log verbosity|| +|**memoryOvercommit**|int|MemoryOvercommit is the percentage of memory we want to give VMIs compared to the amount given to its parent pod (virt-launcher). For example, a value of 102 means the VMI will "see" 2% more memory than its parent pod. Values under 100 are effectively "undercommits". Overcommits can lead to memory exhaustion, which in turn can lead to crashes. Use carefully. Defaults to 100|| +|**minimumClusterTSCFrequency**|int|Allow overriding the automatically determined minimum TSC frequency of the cluster and fixate the minimum to this frequency.|| +|**minimumReservePVCBytes**|int|MinimumReservePVCBytes is the amount of space, in bytes, to leave unused on disks. Defaults to 131072 (128KiB)|| +|**nodeSelectors**|{str:str}|NodeSelectors allows restricting VMI creation to nodes that match a set of labels. Defaults to none|| +|**pvcTolerateLessSpaceUpToPercent**|int|LessPVCSpaceToleration determines how much smaller, in percentage, disk PVCs are allowed to be compared to the requested size (to account for various overheads). Defaults to 10|| +|**useEmulation**|bool|UseEmulation can be set to true to allow fallback to software emulation in case hardware-assisted emulation is not available. Defaults to false|| +### KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationDiskVerification -DownwardAPI represents downward API about the pod that should populate this volume +DiskVerification holds container disks verification limits #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**fields**|[[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0](#kubevirtiov1virtualmachineinstancespecvolumesitems0downwardapifieldsitems0)]|Fields is a list of downward API volume file|| -|**volumeLabel**|str|The volume label of the resulting disk inside the VMI. Different bootstrapping mechanisms require different values. Typical values are "cidata" (cloud-init), "config-2" (cloud-init) or "OEMDRV" (kickstart).|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0 +|**memoryLimit** `required`|int \| str|memory limit|| +### KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationLogVerbosity -DownwardAPIVolumeFile represents information to create the file containing the pod field +LogVerbosity sets log verbosity level of various components #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**fieldRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0FieldRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0downwardapifieldsitems0fieldref)|field ref|| -|**mode**|int|Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.|| -|**path** `required`|str|Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'|| -|**resourceFieldRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0ResourceFieldRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0downwardapifieldsitems0resourcefieldref)|resource field ref|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0FieldRef +|**nodeVerbosity**|{str:int}|NodeVerbosity represents a map of nodes with a specific verbosity level|| +|**virtAPI**|int|virt API|| +|**virtController**|int|virt controller|| +|**virtHandler**|int|virt handler|| +|**virtLauncher**|int|virt launcher|| +|**virtOperator**|int|virt operator|| +### KubevirtIoV1KubeVirtSpecConfigurationHandlerConfiguration -Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components without requiring a restart. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**apiVersion**|str|Version of the schema the FieldPath is written in terms of, defaults to "v1".|| -|**fieldPath** `required`|str|Path of the field to select in the specified API version.|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0ResourceFieldRef +|**restClient**|[KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClient](#kubevirtiov1kubevirtspecconfigurationhandlerconfigurationrestclient)|rest client|| +### KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClient -Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. +RestClient can be used to tune certain aspects of the k8s client in use. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**containerName**|str|Container name: required for volumes, optional for env vars|| -|**divisor**|int | str|Specifies the output format of the exposed resources, defaults to "1"|| -|**resource** `required`|str|Required: resource to select|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0EmptyDisk +|**rateLimiter**|[KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiter](#kubevirtiov1kubevirtspecconfigurationhandlerconfigurationrestclientratelimiter)|rate limiter|| +### KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiter -EmptyDisk represents a temporary disk which shares the vmis lifecycle. More info: https://kubevirt.gitbooks.io/user-guide/disks-and-volumes.html +RateLimiter allows selecting and configuring different rate limiters for the k8s client. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**capacity** `required`|int | str|Capacity of the sparse disk.|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Ephemeral +|**tokenBucketRateLimiter**|[KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiterTokenBucketRateLimiter](#kubevirtiov1kubevirtspecconfigurationhandlerconfigurationrestclientratelimitertokenbucketratelimiter)|token bucket rate limiter|| +### KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiterTokenBucketRateLimiter -Ephemeral is a special volume source that "wraps" specified source and provides copy-on-write image on top of it. +kubevirt io v1 kube virt spec configuration handler configuration rest client rate limiter token bucket rate limiter #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**persistentVolumeClaim**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0EphemeralPersistentVolumeClaim](#kubevirtiov1virtualmachineinstancespecvolumesitems0ephemeralpersistentvolumeclaim)|persistent volume claim|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0EphemeralPersistentVolumeClaim +|**burst** `required`|int|Maximum burst for throttle. If it's zero, the component default will be used|| +|**qps** `required`|float|QPS indicates the maximum QPS to the apiserver from this client. If it's zero, the component default will be used|| +### KubevirtIoV1KubeVirtSpecConfigurationKsmConfiguration -PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. Directly attached to the vmi via qemu. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +KSMConfiguration holds the information regarding the enabling the KSM in the nodes (if available). #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**claimName** `required`|str|ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims|| -|**readOnly**|bool|Will force the ReadOnly setting in VolumeMounts. Default false.|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0HostDisk +|**nodeLabelSelector**|[KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelector](#kubevirtiov1kubevirtspecconfigurationksmconfigurationnodelabelselector)|node label selector|| +### KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelector -HostDisk represents a disk created on the cluster level +NodeLabelSelector is a selector that filters in which nodes the KSM will be enabled. Empty NodeLabelSelector will enable ksm for every node. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**capacity**|int | str|Capacity of the sparse disk|| -|**path** `required`|str|The path to HostDisk image located on the cluster|| -|**shared**|bool|Shared indicate whether the path is shared between nodes|| -|**type** `required`|str||| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0MemoryDump +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecconfigurationksmconfigurationnodelabelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelectorMatchExpressionsItems0 -MemoryDump is attached to the virt launcher and is populated with a memory dump of the vmi +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**claimName** `required`|str|ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims|| -|**hotpluggable**|bool|Hotpluggable indicates whether the volume can be hotplugged and hotunplugged.|| -|**readOnly**|bool|Will force the ReadOnly setting in VolumeMounts. Default false.|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0PersistentVolumeClaim +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecConfigurationLiveUpdateConfiguration -PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. Directly attached to the vmi via qemu. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims +LiveUpdateConfiguration holds defaults for live update features #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**claimName** `required`|str|ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims|| -|**hotpluggable**|bool|Hotpluggable indicates whether the volume can be hotplugged and hotunplugged.|| -|**readOnly**|bool|Will force the ReadOnly setting in VolumeMounts. Default false.|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Secret +|**maxCpuSockets**|int|MaxCpuSockets holds the maximum amount of sockets that can be hotplugged|| +|**maxGuest**|int \| str|MaxGuest defines the maximum amount memory that can be allocated to the guest using hotplug.|| +|**maxHotplugRatio**|int|MaxHotplugRatio is the ratio used to define the max amount of a hotplug resource that can be made available to a VM when the specific Max* setting is not defined (MaxCpuSockets, MaxGuest) Example: VM is configured with 512Mi of guest memory, if MaxGuest is not defined and MaxHotplugRatio is 2 then MaxGuest = 1Gi defaults to 4|| +### KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfiguration -SecretVolumeSource represents a reference to a secret data in the same namespace. More info: https://kubernetes.io/docs/concepts/configuration/secret/ +MediatedDevicesConfiguration holds information about MDEV types to be defined, if available #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**optional**|bool|Specify whether the Secret or it's keys must be defined|| -|**secretName**|str|Name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret|| -|**volumeLabel**|str|The volume label of the resulting disk inside the VMI. Different bootstrapping mechanisms require different values. Typical values are "cidata" (cloud-init), "config-2" (cloud-init) or "OEMDRV" (kickstart).|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ServiceAccount +|**mediatedDeviceTypes**|[str]|mediated device types|| +|**mediatedDevicesTypes**|[str]|Deprecated. Use mediatedDeviceTypes instead.|| +|**nodeMediatedDeviceTypes**|[[KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfigurationNodeMediatedDeviceTypesItems0](#kubevirtiov1kubevirtspecconfigurationmediateddevicesconfigurationnodemediateddevicetypesitems0)]|node mediated device types|| +### KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfigurationNodeMediatedDeviceTypesItems0 -ServiceAccountVolumeSource represents a reference to a service account. There can only be one volume of this type! More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +NodeMediatedDeviceTypesConfig holds information about MDEV types to be defined in a specific node that matches the NodeSelector field. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**serviceAccountName**|str|Name of the service account in the pod's namespace to use. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Sysprep +|**mediatedDeviceTypes**|[str]|mediated device types|| +|**mediatedDevicesTypes**|[str]|Deprecated. Use mediatedDeviceTypes instead.|| +|**nodeSelector** `required`|{str:str}|NodeSelector is a selector which must be true for the vmi to fit on a node. Selector which must match a node's labels for the vmi to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/|| +### KubevirtIoV1KubeVirtSpecConfigurationMigrations -Represents a Sysprep volume source. +MigrationConfiguration holds migration options. Can be overridden for specific groups of VMs though migration policies. Visit https://kubevirt.io/user-guide/operations/migration_policies/ for more information. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**configMap**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0SysprepConfigMap](#kubevirtiov1virtualmachineinstancespecvolumesitems0sysprepconfigmap)|config map|| -|**secret**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0SysprepSecret](#kubevirtiov1virtualmachineinstancespecvolumesitems0sysprepsecret)|secret|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0SysprepConfigMap +|**allowAutoConverge**|bool|AllowAutoConverge allows the platform to compromise performance/availability of VMIs to guarantee successful VMI live migrations. Defaults to false|| +|**allowPostCopy**|bool|AllowPostCopy enables post-copy live migrations. Such migrations allow even the busiest VMIs to successfully live-migrate. However, events like a network failure can cause a VMI crash. If set to true, migrations will still start in pre-copy, but switch to post-copy when CompletionTimeoutPerGiB triggers. Defaults to false|| +|**bandwidthPerMigration**|int \| str|BandwidthPerMigration limits the amount of network bandwidth live migrations are allowed to use. The value is in quantity per second. Defaults to 0 (no limit)|| +|**completionTimeoutPerGiB**|int|CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800|| +|**disableTLS**|bool|When set to true, DisableTLS will disable the additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false|| +|**matchSELinuxLevelOnMigration**|bool|By default, the SELinux level of target virt-launcher pods is forced to the level of the source virt-launcher. When set to true, MatchSELinuxLevelOnMigration lets the CRI auto-assign a random level to the target. That will ensure the target virt-launcher doesn't share categories with another pod on the node. However, migrations will fail when using RWX volumes that don't automatically deal with SELinux levels.|| +|**network**|str|Network is the name of the CNI network to use for live migrations. By default, migrations go through the pod network.|| +|**nodeDrainTaintKey**|str|NodeDrainTaintKey defines the taint key that indicates a node should be drained. Note: this option relies on the deprecated node taint feature. Default: kubevirt.io/drain|| +|**parallelMigrationsPerCluster**|int|ParallelMigrationsPerCluster is the total number of concurrent live migrations allowed cluster-wide. Defaults to 5|| +|**parallelOutboundMigrationsPerNode**|int|ParallelOutboundMigrationsPerNode is the maximum number of concurrent outgoing live migrations allowed per node. Defaults to 2|| +|**progressTimeout**|int|ProgressTimeout is the maximum number of seconds a live migration is allowed to make no progress. Hitting this timeout means a migration transferred 0 data for that many seconds. The migration is then considered stuck and therefore cancelled. Defaults to 150|| +|**unsafeMigrationOverride**|bool|UnsafeMigrationOverride allows live migrations to occur even if the compatibility check indicates the migration will be unsafe to the guest. Defaults to false|| +### KubevirtIoV1KubeVirtSpecConfigurationNetwork -ConfigMap references a ConfigMap that contains Sysprep answer file named autounattend.xml that should be attached as disk of CDROM type. +NetworkConfiguration holds network options #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| -### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0SysprepSecret +|**binding**|{str:[KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnon](#kubevirtiov1kubevirtspecconfigurationnetworkbindinganon)}|binding|| +|**defaultNetworkInterface**|str|default network interface|| +|**permitBridgeInterfaceOnPodNetwork**|bool|permit bridge interface on pod network|| +|**permitSlirpInterface**|bool|permit slirp interface|| +### KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnon -Secret references a k8s Secret that contains Sysprep answer file named autounattend.xml that should be attached as disk of CDROM type. +kubevirt io v1 kube virt spec configuration network binding anon #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| -### KubevirtIoV1VirtualMachineInstanceStatus +|**domainAttachmentType**|str|DomainAttachmentType is a standard domain network attachment method kubevirt supports. Supported values: "tap". The standard domain attachment can be used instead or in addition to the sidecarImage. version: 1alphav1|| +|**migration**|[KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnonMigration](#kubevirtiov1kubevirtspecconfigurationnetworkbindinganonmigration)|migration|| +|**networkAttachmentDefinition**|str|NetworkAttachmentDefinition references to a NetworkAttachmentDefinition CR object. Format: <name>, <namespace>/<name>. If namespace is not specified, VMI namespace is assumed. version: 1alphav1|| +|**sidecarImage**|str|SidecarImage references a container image that runs in the virt-launcher pod. The sidecar handles (libvirt) domain configuration and optional services. version: 1alphav1|| +### KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnonMigration -Status is the high level overview of how the VirtualMachineInstance is doing. It contains information available to controllers and users. +Migration means the VM using the plugin can be safely migrated version: 1alphav1 #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**VSOCKCID**|int|VSOCKCID is used to track the allocated VSOCK CID in the VM.|| -|**activePods**|{str:str}|ActivePods is a mapping of pod UID to node name. It is possible for multiple pods to be running for a single VMI during migration.|| -|**conditions**|[[KubevirtIoV1VirtualMachineInstanceStatusConditionsItems0](#kubevirtiov1virtualmachineinstancestatusconditionsitems0)]|Conditions are specific points in VirtualMachineInstance's pod runtime.|| -|**evacuationNodeName**|str|EvacuationNodeName is used to track the eviction process of a VMI. It stores the name of the node that we want to evacuate. It is meant to be used by KubeVirt core components only and can't be set or modified by users.|| -|**fsFreezeStatus**|str|FSFreezeStatus is the state of the fs of the guest it can be either frozen or thawed|| -|**guestOSInfo**|[KubevirtIoV1VirtualMachineInstanceStatusGuestOSInfo](#kubevirtiov1virtualmachineinstancestatusguestosinfo)|guest o s info|| -|**interfaces**|[[KubevirtIoV1VirtualMachineInstanceStatusInterfacesItems0](#kubevirtiov1virtualmachineinstancestatusinterfacesitems0)]|Interfaces represent the details of available network interfaces.|| -|**launcherContainerImageVersion**|str|LauncherContainerImageVersion indicates what container image is currently active for the vmi.|| -|**migrationMethod**|str|Represents the method using which the vmi can be migrated: live migration or block migration|| -|**migrationState**|[KubevirtIoV1VirtualMachineInstanceStatusMigrationState](#kubevirtiov1virtualmachineinstancestatusmigrationstate)|migration state|| -|**migrationTransport**|str|This represents the migration transport|| -|**nodeName**|str|NodeName is the name where the VirtualMachineInstance is currently running.|| -|**phase**|str|Phase is the status of the VirtualMachineInstance in kubernetes world. It is not the VirtualMachineInstance status, but partially correlates to it.|| -|**phaseTransitionTimestamps**|[[KubevirtIoV1VirtualMachineInstanceStatusPhaseTransitionTimestampsItems0](#kubevirtiov1virtualmachineinstancestatusphasetransitiontimestampsitems0)]|PhaseTransitionTimestamp is the timestamp of when the last phase change occurred|| +|**method**|str|Method defines a pre-defined migration methodology version: 1alphav1|| +### KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevices + +PermittedHostDevices holds information about devices allowed for passthrough + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**mediatedDevices**|[[KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesMediatedDevicesItems0](#kubevirtiov1kubevirtspecconfigurationpermittedhostdevicesmediateddevicesitems0)]|mediated devices|| +|**pciHostDevices**|[[KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesPciHostDevicesItems0](#kubevirtiov1kubevirtspecconfigurationpermittedhostdevicespcihostdevicesitems0)]|pci host devices|| +|**usb**|[[KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0](#kubevirtiov1kubevirtspecconfigurationpermittedhostdevicesusbitems0)]|usb|| +### KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesMediatedDevicesItems0 + +MediatedHostDevice represents a host mediated device allowed for passthrough + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**externalResourceProvider**|bool|external resource provider|| +|**mdevNameSelector** `required`|str|mdev name selector|| +|**resourceName** `required`|str|resource name|| +### KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesPciHostDevicesItems0 + +PciHostDevice represents a host PCI device allowed for passthrough + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**externalResourceProvider**|bool|If true, KubeVirt will leave the allocation and monitoring to an external device plugin|| +|**pciVendorSelector** `required`|str|The vendor_id:product_id tuple of the PCI device|| +|**resourceName** `required`|str|The name of the resource that is representing the device. Exposed by a device plugin and requested by VMs. Typically of the form vendor.com/product_name|| +### KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0 + +kubevirt io v1 kube virt spec configuration permitted host devices usb items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**externalResourceProvider**|bool|If true, KubeVirt will leave the allocation and monitoring to an external device plugin|| +|**resourceName** `required`|str|Identifies the list of USB host devices. e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, etc|| +|**selectors**|[[KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0SelectorsItems0](#kubevirtiov1kubevirtspecconfigurationpermittedhostdevicesusbitems0selectorsitems0)]|selectors|| +### KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0SelectorsItems0 + +kubevirt io v1 kube virt spec configuration permitted host devices usb items0 selectors items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**product** `required`|str|product|| +|**vendor** `required`|str|vendor|| +### KubevirtIoV1KubeVirtSpecConfigurationSeccompConfiguration + +SeccompConfiguration holds Seccomp configuration for Kubevirt components + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**virtualMachineInstanceProfile**|[KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfile](#kubevirtiov1kubevirtspecconfigurationseccompconfigurationvirtualmachineinstanceprofile)|virtual machine instance profile|| +### KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfile + +VirtualMachineInstanceProfile defines what profile should be used with virt-launcher. Defaults to none + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**customProfile**|[KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfileCustomProfile](#kubevirtiov1kubevirtspecconfigurationseccompconfigurationvirtualmachineinstanceprofilecustomprofile)|custom profile|| +### KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfileCustomProfile + +CustomProfile allows to request arbitrary profile for virt-launcher + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**localhostProfile**|str|localhost profile|| +|**runtimeDefaultProfile**|bool|runtime default profile|| +### KubevirtIoV1KubeVirtSpecConfigurationSmbios + +kubevirt io v1 kube virt spec configuration smbios + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**family**|str|family|| +|**manufacturer**|str|manufacturer|| +|**product**|str|product|| +|**sku**|str|sku|| +|**version**|str|version|| +### KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0 + +SupportContainerResources are used to specify the cpu/memory request and limits for the containers that support various features of Virtual Machines. These containers are usually idle and don't require a lot of memory or cpu. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**resources** `required`|[KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0Resources](#kubevirtiov1kubevirtspecconfigurationsupportcontainerresourcesitems0resources)|resources|| +|**type** `required`|str||| +### KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0Resources + +ResourceRequirements describes the compute resource requirements. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**claims**|[[KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0ResourcesClaimsItems0](#kubevirtiov1kubevirtspecconfigurationsupportcontainerresourcesitems0resourcesclaimsitems0)]|Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.
This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers.|| +|**limits**|{str:int \| str}|Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/|| +|**requests**|{str:int \| str}|Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/|| +### KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0ResourcesClaimsItems0 + +ResourceClaim references one entry in PodSpec.ResourceClaims. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.|| +### KubevirtIoV1KubeVirtSpecConfigurationTLSConfiguration + +TLSConfiguration holds TLS options + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**ciphers**|[str]|ciphers|| +|**minTLSVersion**|"VersionTLS10" \| "VersionTLS11" \| "VersionTLS12" \| "VersionTLS13"|MinTLSVersion is a way to specify the minimum protocol version that is acceptable for TLS connections. Protocol versions are based on the following most common TLS configurations:
https://ssl-config.mozilla.org/
Note that SSLv3.0 is not a supported protocol version due to well known vulnerabilities such as POODLE: https://en.wikipedia.org/wiki/POODLE|| +### KubevirtIoV1KubeVirtSpecConfigurationVirtualMachineOptions + +VirtualMachineOptions holds the cluster level information regarding the virtual machine. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**disableFreePageReporting**|any|DisableFreePageReporting disable the free page reporting of memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. This will have effect only if AutoattachMemBalloon is not false and the vmi is not requesting any high performance feature (dedicatedCPU/realtime/hugePages), in which free page reporting is always disabled.|| +|**disableSerialConsoleLog**|any|DisableSerialConsoleLog disables logging the auto-attached default serial console. If not set, serial console logs will be written to a file and then streamed from a container named 'guest-console-log'. The value can be individually overridden for each VM, not relevant if AutoattachSerialConsole is disabled.|| +### KubevirtIoV1KubeVirtSpecConfigurationWebhookConfiguration + +ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components without requiring a restart. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**restClient**|[KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClient](#kubevirtiov1kubevirtspecconfigurationwebhookconfigurationrestclient)|rest client|| +### KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClient + +RestClient can be used to tune certain aspects of the k8s client in use. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**rateLimiter**|[KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiter](#kubevirtiov1kubevirtspecconfigurationwebhookconfigurationrestclientratelimiter)|rate limiter|| +### KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiter + +RateLimiter allows selecting and configuring different rate limiters for the k8s client. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**tokenBucketRateLimiter**|[KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiterTokenBucketRateLimiter](#kubevirtiov1kubevirtspecconfigurationwebhookconfigurationrestclientratelimitertokenbucketratelimiter)|token bucket rate limiter|| +### KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiterTokenBucketRateLimiter + +kubevirt io v1 kube virt spec configuration webhook configuration rest client rate limiter token bucket rate limiter + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**burst** `required`|int|Maximum burst for throttle. If it's zero, the component default will be used|| +|**qps** `required`|float|QPS indicates the maximum QPS to the apiserver from this client. If it's zero, the component default will be used|| +### KubevirtIoV1KubeVirtSpecCustomizeComponents + +kubevirt io v1 kube virt spec customize components + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**flags**|[KubevirtIoV1KubeVirtSpecCustomizeComponentsFlags](#kubevirtiov1kubevirtspeccustomizecomponentsflags)|flags|| +|**patches**|[[KubevirtIoV1KubeVirtSpecCustomizeComponentsPatchesItems0](#kubevirtiov1kubevirtspeccustomizecomponentspatchesitems0)]|patches|| +### KubevirtIoV1KubeVirtSpecCustomizeComponentsFlags + +Configure the value used for deployment and daemonset resources + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**api**|{str:str}|api|| +|**controller**|{str:str}|controller|| +|**handler**|{str:str}|handler|| +### KubevirtIoV1KubeVirtSpecCustomizeComponentsPatchesItems0 + +kubevirt io v1 kube virt spec customize components patches items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**patch** `required`|str|patch|| +|**resourceName** `required`|str|resource name|| +|**resourceType** `required`|str|resource type|| +|**type** `required`|str||| +### KubevirtIoV1KubeVirtSpecImagePullSecretsItems0 + +LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +### KubevirtIoV1KubeVirtSpecInfra + +selectors and tolerations that should apply to KubeVirt infrastructure components + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**nodePlacement**|[KubevirtIoV1KubeVirtSpecInfraNodePlacement](#kubevirtiov1kubevirtspecinfranodeplacement)|node placement|| +|**replicas**|int|replicas indicates how many replicas should be created for each KubeVirt infrastructure component (like virt-api or virt-controller). Defaults to 2. WARNING: this is an advanced feature that prevents auto-scaling for core kubevirt components. Please use with caution!|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacement + +nodePlacement describes scheduling configuration for specific KubeVirt components + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**affinity**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinity](#kubevirtiov1kubevirtspecinfranodeplacementaffinity)|affinity|| +|**nodeSelector**|{str:str}|nodeSelector is the node selector applied to the relevant kind of pods It specifies a map of key-value pairs: for the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels (it can have additional labels as well). See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector|| +|**tolerations**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementTolerationsItems0](#kubevirtiov1kubevirtspecinfranodeplacementtolerationsitems0)]|tolerations is a list of tolerations applied to the relevant kind of pods See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. These are additional tolerations other than default ones.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinity + +affinity enables pod affinity/anti-affinity placement expanding the types of constraints that can be expressed with nodeSelector. affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**nodeAffinity**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinity](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinity)|node affinity|| +|**podAffinity**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinity](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinity)|pod affinity|| +|**podAntiAffinity**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinity](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinity)|pod anti affinity|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinity + +Describes node affinity scheduling rules for the pod. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.|| +|**requiredDuringSchedulingIgnoredDuringExecution**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecution)|required during scheduling ignored during execution|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 + +An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preference** `required`|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preference)|preference|| +|**weight** `required`|int|Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference + +A node selector term, associated with the corresponding weight. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchexpressionsitems0)]|A list of node selector requirements by node's labels.|| +|**matchFields**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchfieldsitems0)]|A list of node selector requirements by node's fields.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution + +If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**nodeSelectorTerms** `required`|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0)]|Required. A list of node selector terms. The terms are ORed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0 + +A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchexpressionsitems0)]|A list of node selector requirements by node's labels.|| +|**matchFields**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchfieldsitems0)]|A list of node selector requirements by node's fields.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinity + +Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.|| +|**requiredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0)]|If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 + +The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**podAffinityTerm** `required`|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm)|pod affinity term|| +|**weight** `required`|int|weight associated with matching the corresponding podAffinityTerm, in the range 1-100.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm + +Required. A pod affinity term, associated with the corresponding weight. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0 + +Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinity + +Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.|| +|**requiredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0)]|If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 + +The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**podAffinityTerm** `required`|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm)|pod affinity term|| +|**weight** `required`|int|weight associated with matching the corresponding podAffinityTerm, in the range 1-100.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm + +Required. A pod affinity term, associated with the corresponding weight. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0 + +Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecinfranodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecInfraNodePlacementTolerationsItems0 + +The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**effect**|str|Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.|| +|**key**|str|Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.|| +|**operator**|str|Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.|| +|**tolerationSeconds**|int|TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.|| +|**value**|str|Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.|| +### KubevirtIoV1KubeVirtSpecWorkloadUpdateStrategy + +WorkloadUpdateStrategy defines at the cluster level how to handle automated workload updates + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**batchEvictionInterval**|str|BatchEvictionInterval Represents the interval to wait before issuing the next batch of shutdowns
Defaults to 1 minute|| +|**batchEvictionSize**|int|BatchEvictionSize Represents the number of VMIs that can be forced updated per the BatchShutdownInteral interval
Defaults to 10|| +|**workloadUpdateMethods**|[str]|WorkloadUpdateMethods defines the methods that can be used to disrupt workloads during automated workload updates. When multiple methods are present, the least disruptive method takes precedence over more disruptive methods. For example if both LiveMigrate and Shutdown methods are listed, only VMs which are not live migratable will be restarted/shutdown
An empty list defaults to no automated workload updating|| +### KubevirtIoV1KubeVirtSpecWorkloads + +selectors and tolerations that should apply to KubeVirt workloads + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**nodePlacement**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacement](#kubevirtiov1kubevirtspecworkloadsnodeplacement)|node placement|| +|**replicas**|int|replicas indicates how many replicas should be created for each KubeVirt infrastructure component (like virt-api or virt-controller). Defaults to 2. WARNING: this is an advanced feature that prevents auto-scaling for core kubevirt components. Please use with caution!|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacement + +nodePlacement describes scheduling configuration for specific KubeVirt components + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**affinity**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinity](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinity)|affinity|| +|**nodeSelector**|{str:str}|nodeSelector is the node selector applied to the relevant kind of pods It specifies a map of key-value pairs: for the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels (it can have additional labels as well). See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector|| +|**tolerations**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementTolerationsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementtolerationsitems0)]|tolerations is a list of tolerations applied to the relevant kind of pods See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. These are additional tolerations other than default ones.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinity + +affinity enables pod affinity/anti-affinity placement expanding the types of constraints that can be expressed with nodeSelector. affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**nodeAffinity**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinity](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinity)|node affinity|| +|**podAffinity**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinity](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinity)|pod affinity|| +|**podAntiAffinity**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinity](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinity)|pod anti affinity|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinity + +Describes node affinity scheduling rules for the pod. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.|| +|**requiredDuringSchedulingIgnoredDuringExecution**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecution)|required during scheduling ignored during execution|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 + +An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preference** `required`|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preference)|preference|| +|**weight** `required`|int|Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference + +A node selector term, associated with the corresponding weight. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchexpressionsitems0)]|A list of node selector requirements by node's labels.|| +|**matchFields**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchfieldsitems0)]|A list of node selector requirements by node's fields.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution + +If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**nodeSelectorTerms** `required`|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0)]|Required. A list of node selector terms. The terms are ORed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0 + +A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchexpressionsitems0)]|A list of node selector requirements by node's labels.|| +|**matchFields**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchfieldsitems0)]|A list of node selector requirements by node's fields.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinity + +Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.|| +|**requiredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0)]|If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 + +The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**podAffinityTerm** `required`|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm)|pod affinity term|| +|**weight** `required`|int|weight associated with matching the corresponding podAffinityTerm, in the range 1-100.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm + +Required. A pod affinity term, associated with the corresponding weight. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0 + +Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinity + +Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.|| +|**requiredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0)]|If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 + +The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**podAffinityTerm** `required`|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm)|pod affinity term|| +|**weight** `required`|int|weight associated with matching the corresponding podAffinityTerm, in the range 1-100.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm + +Required. A pod affinity term, associated with the corresponding weight. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0 + +Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1kubevirtspecworkloadsnodeplacementaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementTolerationsItems0 + +The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**effect**|str|Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.|| +|**key**|str|Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.|| +|**operator**|str|Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.|| +|**tolerationSeconds**|int|TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.|| +|**value**|str|Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.|| +### KubevirtIoV1KubeVirtStatus + +KubeVirtStatus represents information pertaining to a KubeVirt deployment. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[KubevirtIoV1KubeVirtStatusConditionsItems0](#kubevirtiov1kubevirtstatusconditionsitems0)]|conditions|| +|**defaultArchitecture**|str|default architecture|| +|**generations**|[[KubevirtIoV1KubeVirtStatusGenerationsItems0](#kubevirtiov1kubevirtstatusgenerationsitems0)]|generations|| +|**observedDeploymentConfig**|str|observed deployment config|| +|**observedDeploymentID**|str|observed deployment ID|| +|**observedGeneration**|int|observed generation|| +|**observedKubeVirtRegistry**|str|observed kube virt registry|| +|**observedKubeVirtVersion**|str|observed kube virt version|| +|**operatorVersion**|str|operator version|| +|**outdatedVirtualMachineInstanceWorkloads**|int|outdated virtual machine instance workloads|| +|**phase**|str|KubeVirtPhase is a label for the phase of a KubeVirt deployment at the current time.|| +|**targetDeploymentConfig**|str|target deployment config|| +|**targetDeploymentID**|str|target deployment ID|| +|**targetKubeVirtRegistry**|str|target kube virt registry|| +|**targetKubeVirtVersion**|str|target kube virt version|| +### KubevirtIoV1KubeVirtStatusConditionsItems0 + +KubeVirtCondition represents a condition of a KubeVirt deployment + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastProbeTime**|str|last probe time|| +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status** `required`|str|status|| +|**type** `required`|str||| +### KubevirtIoV1KubeVirtStatusGenerationsItems0 + +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**group** `required`|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration** `required`|int|lastGeneration is the last generation of the workload controller involved|| +|**name** `required`|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource** `required`|str|resource is the resource type of the thing you're tracking|| +### KubevirtIoV1VirtualMachineInstanceSpec + +VirtualMachineInstance Spec contains the VirtualMachineInstance specification. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**accessCredentials**|[[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0)]|Specifies a set of public keys to inject into the vm guest|| +|**affinity**|[KubevirtIoV1VirtualMachineInstanceSpecAffinity](#kubevirtiov1virtualmachineinstancespecaffinity)|affinity|| +|**dnsConfig**|[KubevirtIoV1VirtualMachineInstanceSpecDNSConfig](#kubevirtiov1virtualmachineinstancespecdnsconfig)|dns config|| +|**dnsPolicy**|str|Set DNS policy for the pod. Defaults to "ClusterFirst". Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. To have DNS options set along with hostNetwork, you have to specify DNS policy explicitly to 'ClusterFirstWithHostNet'.|| +|**domain** `required`|[KubevirtIoV1VirtualMachineInstanceSpecDomain](#kubevirtiov1virtualmachineinstancespecdomain)|domain|| +|**evictionStrategy**|str|EvictionStrategy can be set to "LiveMigrate" if the VirtualMachineInstance should be migrated instead of shut-off in case of a node drain.|| +|**hostname**|str|Specifies the hostname of the vmi If not specified, the hostname will be set to the name of the vmi, if dhcp or cloud-init is configured properly.|| +|**livenessProbe**|[KubevirtIoV1VirtualMachineInstanceSpecLivenessProbe](#kubevirtiov1virtualmachineinstancespeclivenessprobe)|liveness probe|| +|**networks**|[[KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0](#kubevirtiov1virtualmachineinstancespecnetworksitems0)]|List of networks that can be attached to a vm's virtual interface.|| +|**nodeSelector**|{str:str}|NodeSelector is a selector which must be true for the vmi to fit on a node. Selector which must match a node's labels for the vmi to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/|| +|**priorityClassName**|str|If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default.|| +|**readinessProbe**|[KubevirtIoV1VirtualMachineInstanceSpecReadinessProbe](#kubevirtiov1virtualmachineinstancespecreadinessprobe)|readiness probe|| +|**schedulerName**|str|If specified, the VMI will be dispatched by specified scheduler. If not specified, the VMI will be dispatched by default scheduler.|| +|**startStrategy**|str|StartStrategy can be set to "Paused" if Virtual Machine should be started in paused state.|| +|**subdomain**|str|If specified, the fully qualified vmi hostname will be "<hostname>.<subdomain>.<pod namespace>.svc.<cluster domain>". If not specified, the vmi will not have a domainname at all. The DNS entry will resolve to the vmi, no matter if the vmi itself can pick up a hostname.|| +|**terminationGracePeriodSeconds**|int|Grace period observed after signalling a VirtualMachineInstance to stop after which the VirtualMachineInstance is force terminated.|| +|**tolerations**|[[KubevirtIoV1VirtualMachineInstanceSpecTolerationsItems0](#kubevirtiov1virtualmachineinstancespectolerationsitems0)]|If toleration is specified, obey all the toleration rules.|| +|**topologySpreadConstraints**|[[KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0](#kubevirtiov1virtualmachineinstancespectopologyspreadconstraintsitems0)]|TopologySpreadConstraints describes how a group of VMIs will be spread across a given topology domains. K8s scheduler will schedule VMI pods in a way which abides by the constraints.|| +|**volumes**|[[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0](#kubevirtiov1virtualmachineinstancespecvolumesitems0)]|List of volumes that can be mounted by disks belonging to the vmi.|| +### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0 + +AccessCredential represents a credential source that can be used to authorize remote access to the vm guest Only one of its members may be specified. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**sshPublicKey**|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKey](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickey)|ssh public key|| +|**userPassword**|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPassword](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0userpassword)|user password|| +### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKey + +SSHPublicKey represents the source and method of applying a ssh public key into a guest virtual machine. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**propagationMethod** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeyPropagationMethod](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickeypropagationmethod)|propagation method|| +|**source** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeySource](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickeysource)|source|| +### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeyPropagationMethod + +PropagationMethod represents how the public key is injected into the vm guest. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**configDrive**|any|ConfigDrivePropagation means that the ssh public keys are injected into the VM using metadata using the configDrive cloud-init provider|| +|**qemuGuestAgent**|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeyPropagationMethodQemuGuestAgent](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickeypropagationmethodqemuguestagent)|qemu guest agent|| +### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeyPropagationMethodQemuGuestAgent + +QemuGuestAgentAccessCredentailPropagation means ssh public keys are dynamically injected into the vm at runtime via the qemu guest agent. This feature requires the qemu guest agent to be running within the guest. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**users** `required`|[str]|Users represents a list of guest users that should have the ssh public keys added to their authorized_keys file.|| +### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeySource + +Source represents where the public keys are pulled from + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**secret**|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeySourceSecret](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0sshpublickeysourcesecret)|secret|| +### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0SSHPublicKeySourceSecret + +Secret means that the access credential is pulled from a kubernetes secret + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**secretName** `required`|str|SecretName represents the name of the secret in the VMI's namespace|| +### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPassword + +UserPassword represents the source and method for applying a guest user's password + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**propagationMethod** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordPropagationMethod](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0userpasswordpropagationmethod)|propagation method|| +|**source** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordSource](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0userpasswordsource)|source|| +### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordPropagationMethod + +propagationMethod represents how the user passwords are injected into the vm guest. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**qemuGuestAgent**|any|QemuGuestAgentAccessCredentailPropagation means passwords are dynamically injected into the vm at runtime via the qemu guest agent. This feature requires the qemu guest agent to be running within the guest.|| +### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordSource + +Source represents where the user passwords are pulled from + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**secret**|[KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordSourceSecret](#kubevirtiov1virtualmachineinstancespecaccesscredentialsitems0userpasswordsourcesecret)|secret|| +### KubevirtIoV1VirtualMachineInstanceSpecAccessCredentialsItems0UserPasswordSourceSecret + +Secret means that the access credential is pulled from a kubernetes secret + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**secretName** `required`|str|SecretName represents the name of the secret in the VMI's namespace|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinity + +If affinity is specifies, obey all the affinity rules + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**nodeAffinity**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinity](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinity)|node affinity|| +|**podAffinity**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinity](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinity)|pod affinity|| +|**podAntiAffinity**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinity](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinity)|pod anti affinity|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinity + +Describes node affinity scheduling rules for the pod. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.|| +|**requiredDuringSchedulingIgnoredDuringExecution**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinityrequiredduringschedulingignoredduringexecution)|required during scheduling ignored during execution|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 + +An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preference** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preference)|preference|| +|**weight** `required`|int|Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference + +A node selector term, associated with the corresponding weight. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchexpressionsitems0)]|A list of node selector requirements by node's labels.|| +|**matchFields**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinitypreferredduringschedulingignoredduringexecutionitems0preferencematchfieldsitems0)]|A list of node selector requirements by node's fields.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution + +If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**nodeSelectorTerms** `required`|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0)]|Required. A list of node selector terms. The terms are ORed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0 + +A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchexpressionsitems0)]|A list of node selector requirements by node's labels.|| +|**matchFields**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0](#kubevirtiov1virtualmachineinstancespecaffinitynodeaffinityrequiredduringschedulingignoredduringexecutionnodeselectortermsitems0matchfieldsitems0)]|A list of node selector requirements by node's fields.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0 + +A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|The label key that the selector applies to.|| +|**operator** `required`|str|Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.|| +|**values**|[str]|An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinity + +Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.|| +|**requiredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0)]|If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 + +The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**podAffinityTerm** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm)|pod affinity term|| +|**weight** `required`|int|weight associated with matching the corresponding podAffinityTerm, in the range 1-100.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm + +Required. A pod affinity term, associated with the corresponding weight. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace"|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0 + +Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace"|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinity + +Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**preferredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0)]|The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.|| +|**requiredDuringSchedulingIgnoredDuringExecution**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0)]|If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0 + +The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**podAffinityTerm** `required`|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinityterm)|pod affinity term|| +|**weight** `required`|int|weight associated with matching the corresponding podAffinityTerm, in the range 1-100.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm + +Required. A pod affinity term, associated with the corresponding weight. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace"|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0 + +Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| +|**namespaceSelector**|[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| +|**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace"|| +|**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector + +A label query over a set of resources, in this case pods. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector + +A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1VirtualMachineInstanceSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecDNSConfig + +Specifies the DNS parameters of a pod. Parameters specified here will be merged to the generated DNS configuration based on DNSPolicy. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**nameservers**|[str]|A list of DNS name server IP addresses. This will be appended to the base nameservers generated from DNSPolicy. Duplicated nameservers will be removed.|| +|**options**|[[KubevirtIoV1VirtualMachineInstanceSpecDNSConfigOptionsItems0](#kubevirtiov1virtualmachineinstancespecdnsconfigoptionsitems0)]|A list of DNS resolver options. This will be merged with the base options generated from DNSPolicy. Duplicated entries will be removed. Resolution options given in Options will override those that appear in the base DNSPolicy.|| +|**searches**|[str]|A list of DNS search domains for host-name lookup. This will be appended to the base search paths generated from DNSPolicy. Duplicated search paths will be removed.|| +### KubevirtIoV1VirtualMachineInstanceSpecDNSConfigOptionsItems0 + +PodDNSConfigOption defines DNS resolver options of a pod. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|Required.|| +|**value**|str|value|| +### KubevirtIoV1VirtualMachineInstanceSpecDomain + +Specification of the desired behavior of the VirtualMachineInstance on the host. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**chassis**|[KubevirtIoV1VirtualMachineInstanceSpecDomainChassis](#kubevirtiov1virtualmachineinstancespecdomainchassis)|chassis|| +|**clock**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClock](#kubevirtiov1virtualmachineinstancespecdomainclock)|clock|| +|**cpu**|[KubevirtIoV1VirtualMachineInstanceSpecDomainCPU](#kubevirtiov1virtualmachineinstancespecdomaincpu)|cpu|| +|**devices** `required`|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevices](#kubevirtiov1virtualmachineinstancespecdomaindevices)|devices|| +|**features**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeatures](#kubevirtiov1virtualmachineinstancespecdomainfeatures)|features|| +|**firmware**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmware](#kubevirtiov1virtualmachineinstancespecdomainfirmware)|firmware|| +|**ioThreadsPolicy**|str|Controls whether or not disks will share IOThreads. Omitting IOThreadsPolicy disables use of IOThreads. One of: shared, auto|| +|**launchSecurity**|[KubevirtIoV1VirtualMachineInstanceSpecDomainLaunchSecurity](#kubevirtiov1virtualmachineinstancespecdomainlaunchsecurity)|launch security|| +|**machine**|[KubevirtIoV1VirtualMachineInstanceSpecDomainMachine](#kubevirtiov1virtualmachineinstancespecdomainmachine)|machine|| +|**memory**|[KubevirtIoV1VirtualMachineInstanceSpecDomainMemory](#kubevirtiov1virtualmachineinstancespecdomainmemory)|memory|| +|**resources**|[KubevirtIoV1VirtualMachineInstanceSpecDomainResources](#kubevirtiov1virtualmachineinstancespecdomainresources)|resources|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainCPU + +CPU allow specified the detailed CPU topology inside the vmi. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**cores**|int|Cores specifies the number of cores inside the vmi. Must be a value greater or equal 1.|| +|**dedicatedCpuPlacement**|bool|DedicatedCPUPlacement requests the scheduler to place the VirtualMachineInstance on a node with enough dedicated pCPUs and pin the vCPUs to it.|| +|**features**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainCPUFeaturesItems0](#kubevirtiov1virtualmachineinstancespecdomaincpufeaturesitems0)]|Features specifies the CPU features list inside the VMI.|| +|**isolateEmulatorThread**|bool|IsolateEmulatorThread requests one more dedicated pCPU to be allocated for the VMI to place the emulator thread on it.|| +|**model**|str|Model specifies the CPU model inside the VMI. List of available models https://github.com/libvirt/libvirt/tree/master/src/cpu_map. It is possible to specify special cases like "host-passthrough" to get the same CPU as the node and "host-model" to get CPU closest to the node one. Defaults to host-model.|| +|**numa**|[KubevirtIoV1VirtualMachineInstanceSpecDomainCPUNuma](#kubevirtiov1virtualmachineinstancespecdomaincpunuma)|numa|| +|**realtime**|[KubevirtIoV1VirtualMachineInstanceSpecDomainCPURealtime](#kubevirtiov1virtualmachineinstancespecdomaincpurealtime)|realtime|| +|**sockets**|int|Sockets specifies the number of sockets inside the vmi. Must be a value greater or equal 1.|| +|**threads**|int|Threads specifies the number of threads inside the vmi. Must be a value greater or equal 1.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainCPUFeaturesItems0 + +CPUFeature allows specifying a CPU feature. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|Name of the CPU feature|| +|**policy**|str|Policy is the CPU feature attribute which can have the following attributes: force - The virtual CPU will claim the feature is supported regardless of it being supported by host CPU. require - Guest creation will fail unless the feature is supported by the host CPU or the hypervisor is able to emulate it. optional - The feature will be supported by virtual CPU if and only if it is supported by host CPU. disable - The feature will not be supported by virtual CPU. forbid - Guest creation will fail if the feature is supported by host CPU. Defaults to require|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainCPUNuma + +NUMA allows specifying settings for the guest NUMA topology + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**guestMappingPassthrough**|any|GuestMappingPassthrough will create an efficient guest topology based on host CPUs exclusively assigned to a pod. The created topology ensures that memory and CPUs on the virtual numa nodes never cross boundaries of host numa nodes.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainCPURealtime + +Realtime instructs the virt-launcher to tune the VMI for lower latency, optional for real time workloads + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**mask**|str|Mask defines the vcpu mask expression that defines which vcpus are used for realtime. Format matches libvirt's expressions. Example: "0-3,^1","0,2,3","2-3"|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainChassis + +Chassis specifies the chassis info passed to the domain. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**asset**|str|asset|| +|**manufacturer**|str|manufacturer|| +|**serial**|str|serial|| +|**sku**|str|sku|| +|**version**|str|version|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainClock + +Clock sets the clock and timers of the vmi. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**timer**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimer](#kubevirtiov1virtualmachineinstancespecdomainclocktimer)|timer|| +|**timezone**|str|Timezone sets the guest clock to the specified timezone. Zone name follows the TZ environment variable format (e.g. 'America/New_York').|| +|**utc**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockUtc](#kubevirtiov1virtualmachineinstancespecdomainclockutc)|utc|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimer + +Timer specifies whih timers are attached to the vmi. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**hpet**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerHpet](#kubevirtiov1virtualmachineinstancespecdomainclocktimerhpet)|hpet|| +|**hyperv**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerHyperv](#kubevirtiov1virtualmachineinstancespecdomainclocktimerhyperv)|hyperv|| +|**kvm**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerKvm](#kubevirtiov1virtualmachineinstancespecdomainclocktimerkvm)|kvm|| +|**pit**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerPit](#kubevirtiov1virtualmachineinstancespecdomainclocktimerpit)|pit|| +|**rtc**|[KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerRtc](#kubevirtiov1virtualmachineinstancespecdomainclocktimerrtc)|rtc|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerHpet + +HPET (High Precision Event Timer) - multiple timers with periodic interrupts. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**present**|bool|Enabled set to false makes sure that the machine type or a preset can't add the timer. Defaults to true.|| +|**tickPolicy**|str|TickPolicy determines what happens when QEMU misses a deadline for injecting a tick to the guest. One of "delay", "catchup", "merge", "discard".|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerHyperv + +Hyperv (Hypervclock) - lets guests read the host’s wall clock time (paravirtualized). For windows guests. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**present**|bool|Enabled set to false makes sure that the machine type or a preset can't add the timer. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerKvm + +KVM (KVM clock) - lets guests read the host’s wall clock time (paravirtualized). For linux guests. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**present**|bool|Enabled set to false makes sure that the machine type or a preset can't add the timer. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerPit + +PIT (Programmable Interval Timer) - a timer with periodic interrupts. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**present**|bool|Enabled set to false makes sure that the machine type or a preset can't add the timer. Defaults to true.|| +|**tickPolicy**|str|TickPolicy determines what happens when QEMU misses a deadline for injecting a tick to the guest. One of "delay", "catchup", "discard".|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainClockTimerRtc + +RTC (Real Time Clock) - a continuously running timer with periodic interrupts. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**present**|bool|Enabled set to false makes sure that the machine type or a preset can't add the timer. Defaults to true.|| +|**tickPolicy**|str|TickPolicy determines what happens when QEMU misses a deadline for injecting a tick to the guest. One of "delay", "catchup".|| +|**track**|str|Track the guest or the wall clock.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainClockUtc + +UTC sets the guest clock to UTC on each boot. If an offset is specified, guest changes to the clock will be kept during reboots and are not reset. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**offsetSeconds**|int|OffsetSeconds specifies an offset in seconds, relative to UTC. If set, guest changes to the clock will be kept during reboots and not reset.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevices + +Devices allows adding disks, network interfaces, and others + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**autoattachGraphicsDevice**|bool|Whether to attach the default graphics device or not. VNC will not be available if set to false. Defaults to true.|| +|**autoattachInputDevice**|bool|Whether to attach an Input Device. Defaults to false.|| +|**autoattachMemBalloon**|bool|Whether to attach the Memory balloon device with default period. Period can be adjusted in virt-config. Defaults to true.|| +|**autoattachPodInterface**|bool|Whether to attach a pod network interface. Defaults to true.|| +|**autoattachSerialConsole**|bool|Whether to attach the default serial console or not. Serial console access will not be available if set to false. Defaults to true.|| +|**autoattachVSOCK**|bool|Whether to attach the VSOCK CID to the VM or not. VSOCK access will be available if set to true. Defaults to false.|| +|**blockMultiQueue**|bool|Whether or not to enable virtio multi-queue for block devices. Defaults to false.|| +|**clientPassthrough**|any|To configure and access client devices such as redirecting USB|| +|**disableHotplug**|bool|DisableHotplug disabled the ability to hotplug disks.|| +|**disks**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0)]|Disks describes disks, cdroms and luns which are connected to the vmi.|| +|**filesystems**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesFilesystemsItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesfilesystemsitems0)]|Filesystems describes filesystem which is connected to the vmi.|| +|**gpus**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesgpusitems0)]|Whether to attach a GPU device to the vmi.|| +|**hostDevices**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesHostDevicesItems0](#kubevirtiov1virtualmachineinstancespecdomaindeviceshostdevicesitems0)]|Whether to attach a host device to the vmi.|| +|**inputs**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInputsItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesinputsitems0)]|Inputs describe input devices|| +|**interfaces**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesinterfacesitems0)]|Interfaces describe network interfaces which are added to the vmi.|| +|**networkInterfaceMultiqueue**|bool|If specified, virtual network interfaces configured with a virtio bus will also enable the vhost multiqueue feature for network devices. The number of queues created depends on additional factors of the VirtualMachineInstance, like the number of guest CPUs.|| +|**rng**|any|Whether to have random number generator from host|| +|**sound**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesSound](#kubevirtiov1virtualmachineinstancespecdomaindevicessound)|sound|| +|**tpm**|any|Whether to emulate a TPM device.|| +|**useVirtioTransitional**|bool|Fall back to legacy virtio 0.9 support if virtio bus is selected on devices. This is helpful for old machines like CentOS6 or RHEL6 which do not understand virtio_non_transitional (virtio 1.0).|| +|**watchdog**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesWatchdog](#kubevirtiov1virtualmachineinstancespecdomaindeviceswatchdog)|watchdog|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0 + +kubevirt io v1 virtual machine instance spec domain devices disks items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**blockSize**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSize](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0blocksize)|block size|| +|**bootOrder**|int|BootOrder is an integer value > 0, used to determine ordering of boot devices. Lower values take precedence. Each disk or interface that has a boot order must have a unique value. Disks without a boot order are not tried if a disk with a boot order exists.|| +|**cache**|str|Cache specifies which kvm disk cache mode should be used. Supported values are: CacheNone, CacheWriteThrough.|| +|**cdrom**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Cdrom](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0cdrom)|cdrom|| +|**dedicatedIOThread**|bool|dedicatedIOThread indicates this disk should have an exclusive IO Thread. Enabling this implies useIOThreads = true. Defaults to false.|| +|**disk**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Disk](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0disk)|disk|| +|**io**|str|IO specifies which QEMU disk IO mode should be used. Supported values are: native, default, threads.|| +|**lun**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Lun](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0lun)|lun|| +|**name** `required`|str|Name is the device name|| +|**serial**|str|Serial provides the ability to specify a serial number for the disk device.|| +|**shareable**|bool|If specified the disk is made sharable and multiple write from different VMs are permitted|| +|**tag**|str|If specified, disk address and its tag will be provided to the guest via config drive metadata|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSize + +If specified, the virtual disk will be presented with the given block sizes. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**custom**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSizeCustom](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0blocksizecustom)|custom|| +|**matchVolume**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSizeMatchVolume](#kubevirtiov1virtualmachineinstancespecdomaindevicesdisksitems0blocksizematchvolume)|match volume|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSizeCustom + +CustomBlockSize represents the desired logical and physical block size for a VM disk. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**logical** `required`|int|logical|| +|**physical** `required`|int|physical|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0BlockSizeMatchVolume + +Represents if a feature is enabled or disabled. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Cdrom + +Attach a volume as a cdrom to the vmi. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**bus**|str|Bus indicates the type of disk device to emulate. supported values: virtio, sata, scsi.|| +|**readonly**|bool|ReadOnly. Defaults to true.|| +|**tray**|str|Tray indicates if the tray of the device is open or closed. Allowed values are "open" and "closed". Defaults to closed.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Disk + +Attach a volume as a disk to the vmi. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**bus**|str|Bus indicates the type of disk device to emulate. supported values: virtio, sata, scsi, usb.|| +|**pciAddress**|str|If specified, the virtual disk will be placed on the guests pci address with the specified PCI address. For example: 0000:81:01.10|| +|**readonly**|bool|ReadOnly. Defaults to false.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesDisksItems0Lun + +Attach a volume as a LUN to the vmi. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**bus**|str|Bus indicates the type of disk device to emulate. supported values: virtio, sata, scsi.|| +|**readonly**|bool|ReadOnly. Defaults to false.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesFilesystemsItems0 + +kubevirt io v1 virtual machine instance spec domain devices filesystems items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|Name is the device name|| +|**virtiofs** `required`|any|Virtiofs is supported|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0 + +kubevirt io v1 virtual machine instance spec domain devices gpus items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**deviceName** `required`|str|device name|| +|**name** `required`|str|Name of the GPU device as exposed by a device plugin|| +|**tag**|str|If specified, the virtual network interface address and its tag will be provided to the guest via config drive|| +|**virtualGPUOptions**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptions](#kubevirtiov1virtualmachineinstancespecdomaindevicesgpusitems0virtualgpuoptions)|virtual g p u options|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptions + +kubevirt io v1 virtual machine instance spec domain devices gpus items0 virtual g p u options + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**display**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptionsDisplay](#kubevirtiov1virtualmachineinstancespecdomaindevicesgpusitems0virtualgpuoptionsdisplay)|display|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptionsDisplay + +kubevirt io v1 virtual machine instance spec domain devices gpus items0 virtual g p u options display + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if a display addapter backed by a vGPU should be enabled or disabled on the guest. Defaults to true.|| +|**ramFB**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptionsDisplayRAMFB](#kubevirtiov1virtualmachineinstancespecdomaindevicesgpusitems0virtualgpuoptionsdisplayramfb)|ram f b|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesGpusItems0VirtualGPUOptionsDisplayRAMFB + +Enables a boot framebuffer, until the guest OS loads a real GPU driver Defaults to true. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesHostDevicesItems0 + +kubevirt io v1 virtual machine instance spec domain devices host devices items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**deviceName** `required`|str|DeviceName is the resource name of the host device exposed by a device plugin|| +|**name** `required`|str|name|| +|**tag**|str|If specified, the virtual network interface address and its tag will be provided to the guest via config drive|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInputsItems0 + +kubevirt io v1 virtual machine instance spec domain devices inputs items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**bus**|str|Bus indicates the bus of input device to emulate. Supported values: virtio, usb.|| +|**name** `required`|str|Name is the device name|| +|**type** `required`|str||| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0 + +kubevirt io v1 virtual machine instance spec domain devices interfaces items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**acpiIndex**|int|If specified, the ACPI index is used to provide network interface device naming, that is stable across changes in PCI addresses assigned to the device. This value is required to be unique across all devices and be between 1 and (16*1024-1).|| +|**bootOrder**|int|BootOrder is an integer value > 0, used to determine ordering of boot devices. Lower values take precedence. Each interface or disk that has a boot order must have a unique value. Interfaces without a boot order are not tried.|| +|**bridge**|any|InterfaceBridge connects to a given network via a linux bridge.|| +|**dhcpOptions**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0DhcpOptions](#kubevirtiov1virtualmachineinstancespecdomaindevicesinterfacesitems0dhcpoptions)|dhcp options|| +|**macAddress**|str|Interface MAC address. For example: de:ad:00:00:be:af or DE-AD-00-00-BE-AF.|| +|**macvtap**|any|InterfaceMacvtap connects to a given network by extending the Kubernetes node's L2 networks via a macvtap interface.|| +|**masquerade**|any|InterfaceMasquerade connects to a given network using netfilter rules to nat the traffic.|| +|**model**|str|Interface model. One of: e1000, e1000e, ne2k_pci, pcnet, rtl8139, virtio. Defaults to virtio. TODO:(ihar) switch to enums once opengen-api supports them. See: https://github.com/kubernetes/kube-openapi/issues/51|| +|**name** `required`|str|Logical name of the interface as well as a reference to the associated networks. Must match the Name of a Network.|| +|**passt**|any|InterfacePasst connects to a given network.|| +|**pciAddress**|str|If specified, the virtual network interface will be placed on the guests pci address with the specified PCI address. For example: 0000:81:01.10|| +|**ports**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0PortsItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesinterfacesitems0portsitems0)]|List of ports to be forwarded to the virtual machine.|| +|**slirp**|any|InterfaceSlirp connects to a given network using QEMU user networking mode.|| +|**sriov**|any|InterfaceSRIOV connects to a given network by passing-through an SR-IOV PCI device via vfio.|| +|**tag**|str|If specified, the virtual network interface address and its tag will be provided to the guest via config drive|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0DhcpOptions + +If specified the network interface will pass additional DHCP options to the VMI + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**bootFileName**|str|If specified will pass option 67 to interface's DHCP server|| +|**ntpServers**|[str]|If specified will pass the configured NTP server to the VM via DHCP option 042.|| +|**privateOptions**|[[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0DhcpOptionsPrivateOptionsItems0](#kubevirtiov1virtualmachineinstancespecdomaindevicesinterfacesitems0dhcpoptionsprivateoptionsitems0)]|If specified will pass extra DHCP options for private use, range: 224-254|| +|**tftpServerName**|str|If specified will pass option 66 to interface's DHCP server|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0DhcpOptionsPrivateOptionsItems0 + +DHCPExtraOptions defines Extra DHCP options for a VM. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**option** `required`|int|Option is an Integer value from 224-254 Required.|| +|**value** `required`|str|Value is a String value for the Option provided Required.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesInterfacesItems0PortsItems0 + +Port represents a port to expose from the virtual machine. Default protocol TCP. The port field is mandatory + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.|| +|**port** `required`|int|Number of port to expose for the virtual machine. This must be a valid port number, 0 < x < 65536.|| +|**protocol**|str||| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesSound + +Whether to emulate a sound device. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**model**|str|We only support ich9 or ac97. If SoundDevice is not set: No sound card is emulated. If SoundDevice is set but Model is not: ich9|| +|**name** `required`|str|User's defined name for this sound device|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesWatchdog + +Watchdog describes a watchdog device which can be added to the vmi. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**i6300esb**|[KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesWatchdogI6300esb](#kubevirtiov1virtualmachineinstancespecdomaindeviceswatchdogi6300esb)|i6300esb|| +|**name** `required`|str|Name of the watchdog.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainDevicesWatchdogI6300esb + +i6300esb watchdog device. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**action**|str|The action to take. Valid values are poweroff, reset, shutdown. Defaults to reset.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeatures + +Features like acpi, apic, hyperv, smm. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**acpi**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesAcpi](#kubevirtiov1virtualmachineinstancespecdomainfeaturesacpi)|acpi|| +|**apic**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesApic](#kubevirtiov1virtualmachineinstancespecdomainfeaturesapic)|apic|| +|**hyperv**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHyperv](#kubevirtiov1virtualmachineinstancespecdomainfeatureshyperv)|hyperv|| +|**kvm**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesKvm](#kubevirtiov1virtualmachineinstancespecdomainfeatureskvm)|kvm|| +|**pvspinlock**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesPvspinlock](#kubevirtiov1virtualmachineinstancespecdomainfeaturespvspinlock)|pvspinlock|| +|**smm**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesSmm](#kubevirtiov1virtualmachineinstancespecdomainfeaturessmm)|smm|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesAcpi + +ACPI enables/disables ACPI inside the guest. Defaults to enabled. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesApic + +Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +|**endOfInterrupt**|bool|EndOfInterrupt enables the end of interrupt notification in the guest. Defaults to false.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHyperv + +Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**evmcs**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervEvmcs](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervevmcs)|evmcs|| +|**frequencies**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervFrequencies](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervfrequencies)|frequencies|| +|**ipi**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervIpi](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervipi)|ipi|| +|**reenlightenment**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervReenlightenment](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervreenlightenment)|reenlightenment|| +|**relaxed**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervRelaxed](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervrelaxed)||| +|**reset**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervReset](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervreset)|reset|| +|**runtime**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervRuntime](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervruntime)|runtime|| +|**spinlocks**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSpinlocks](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervspinlocks)|spinlocks|| +|**synic**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynic](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervsynic)|synic|| +|**synictimer**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynictimer](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervsynictimer)|synictimer|| +|**tlbflush**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervTlbflush](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervtlbflush)|tlbflush|| +|**vapic**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVapic](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervvapic)|vapic|| +|**vendorid**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVendorid](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervvendorid)|vendorid|| +|**vpindex**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVpindex](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervvpindex)|vpindex|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervEvmcs + +EVMCS Speeds up L2 vmexits, but disables other virtualization features. Requires vapic. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervFrequencies + +Frequencies improves the TSC clock source handling for Hyper-V on KVM. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervIpi + +IPI improves performances in overcommited environments. Requires vpindex. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervReenlightenment + +Reenlightenment enables the notifications on TSC frequency changes. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervRelaxed + +Relaxed instructs the guest OS to disable watchdog timeouts. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervReset + +Reset enables Hyperv reboot/reset for the vmi. Requires synic. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervRuntime + +Runtime improves the time accounting to improve scheduling in the guest. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSpinlocks + +Spinlocks allows to configure the spinlock retry attempts. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +|**spinlocks**|int|Retries indicates the number of retries. Must be a value greater or equal 4096. Defaults to 4096.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynic + +SyNIC enables the Synthetic Interrupt Controller. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynictimer + +SyNICTimer enables Synthetic Interrupt Controller Timers, reducing CPU load. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**direct**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynictimerDirect](#kubevirtiov1virtualmachineinstancespecdomainfeatureshypervsynictimerdirect)|direct|| +|**enabled**|bool|enabled|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervSynictimerDirect + +Represents if a feature is enabled or disabled. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervTlbflush + +TLBFlush improves performances in overcommited environments. Requires vpindex. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVapic + +VAPIC improves the paravirtualized handling of interrupts. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVendorid + +VendorID allows setting the hypervisor vendor id. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +|**vendorid**|str|VendorID sets the hypervisor vendor id, visible to the vmi. String up to twelve characters.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesHypervVpindex + +VPIndex enables the Virtual Processor Index to help windows identifying virtual processors. Defaults to the machine type setting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesKvm + +Configure how KVM presence is exposed to the guest. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**hidden**|bool|Hide the KVM hypervisor from standard MSR based discovery. Defaults to false|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesPvspinlock + +Notify the guest that the host supports paravirtual spinlocks. For older kernels this feature should be explicitly disabled. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFeaturesSmm + +SMM enables/disables System Management Mode. TSEG not yet implemented. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enabled**|bool|Enabled determines if the feature should be enabled or disabled on the guest. Defaults to true.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmware + +Firmware. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**bootloader**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloader](#kubevirtiov1virtualmachineinstancespecdomainfirmwarebootloader)|bootloader|| +|**kernelBoot**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareKernelBoot](#kubevirtiov1virtualmachineinstancespecdomainfirmwarekernelboot)|kernel boot|| +|**serial**|str|The system-serial-number in SMBIOS|| +|**uuid**|str|UUID reported by the vmi bios. Defaults to a random generated uid.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloader + +Settings to control the bootloader that is used. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**bios**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloaderBios](#kubevirtiov1virtualmachineinstancespecdomainfirmwarebootloaderbios)|bios|| +|**efi**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloaderEfi](#kubevirtiov1virtualmachineinstancespecdomainfirmwarebootloaderefi)|efi|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloaderBios + +If set (default), BIOS will be used. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**useSerial**|bool|If set, the BIOS output will be transmitted over serial|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareBootloaderEfi + +If set, EFI will be used instead of BIOS. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**secureBoot**|bool|If set, SecureBoot will be enabled and the OVMF roms will be swapped for SecureBoot-enabled ones. Requires SMM to be enabled. Defaults to true|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareKernelBoot + +Settings to set the kernel for booting. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**container**|[KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareKernelBootContainer](#kubevirtiov1virtualmachineinstancespecdomainfirmwarekernelbootcontainer)|container|| +|**kernelArgs**|str|Arguments to be passed to the kernel at boot time|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainFirmwareKernelBootContainer + +Container defines the container that containes kernel artifacts + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**image** `required`|str|Image that contains initrd / kernel files.|| +|**imagePullPolicy**|str|Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images|| +|**imagePullSecret**|str|ImagePullSecret is the name of the Docker registry secret required to pull the image. The secret must already exist.|| +|**initrdPath**|str|the fully-qualified path to the ramdisk image in the host OS|| +|**kernelPath**|str|The fully-qualified path to the kernel image in the host OS|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainLaunchSecurity + +Launch Security setting of the vmi. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**sev**|any|AMD Secure Encrypted Virtualization (SEV).|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainMachine + +Machine type. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**type**|str||| +### KubevirtIoV1VirtualMachineInstanceSpecDomainMemory + +Memory allow specifying the VMI memory features. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**guest**|int \| str|Guest allows to specifying the amount of memory which is visible inside the Guest OS. The Guest must lie between Requests and Limits from the resources section. Defaults to the requested memory in the resources section if not specified.|| +|**hugepages**|[KubevirtIoV1VirtualMachineInstanceSpecDomainMemoryHugepages](#kubevirtiov1virtualmachineinstancespecdomainmemoryhugepages)|hugepages|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainMemoryHugepages + +Hugepages allow to use hugepages for the VirtualMachineInstance instead of regular memory. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**pageSize**|str|PageSize specifies the hugepage size, for x86_64 architecture valid values are 1Gi and 2Mi.|| +### KubevirtIoV1VirtualMachineInstanceSpecDomainResources + +Resources describes the Compute Resources required by this vmi. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**limits**|{str:int \| str}|Limits describes the maximum amount of compute resources allowed. Valid resource keys are "memory" and "cpu".|| +|**overcommitGuestOverhead**|bool|Don't ask the scheduler to take the guest-management overhead into account. Instead put the overhead only into the container's memory limit. This can lead to crashes if all memory is in use on a node. Defaults to false.|| +|**requests**|{str:int \| str}|Requests is a description of the initial vmi resources. Valid resource keys are "memory" and "cpu".|| +### KubevirtIoV1VirtualMachineInstanceSpecLivenessProbe + +Periodic probe of VirtualMachineInstance liveness. VirtualmachineInstances will be stopped if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**exec**|[KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeExec](#kubevirtiov1virtualmachineinstancespeclivenessprobeexec)|exec|| +|**failureThreshold**|int|Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.|| +|**guestAgentPing**|any|GuestAgentPing contacts the qemu-guest-agent for availability checks.|| +|**httpGet**|[KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeHTTPGet](#kubevirtiov1virtualmachineinstancespeclivenessprobehttpget)|http get|| +|**initialDelaySeconds**|int|Number of seconds after the VirtualMachineInstance has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes|| +|**periodSeconds**|int|How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.|| +|**successThreshold**|int|Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.|| +|**tcpSocket**|[KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeTCPSocket](#kubevirtiov1virtualmachineinstancespeclivenessprobetcpsocket)|tcp socket|| +|**timeoutSeconds**|int|Number of seconds after which the probe times out. For exec probes the timeout fails the probe but does not terminate the command running on the guest. This means a blocking command can result in an increasing load on the guest. A small buffer will be added to the resulting workload exec probe to compensate for delays caused by the qemu guest exec mechanism. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes|| +### KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeExec + +One and only one of the following should be specified. Exec specifies the action to take, it will be executed on the guest through the qemu-guest-agent. If the guest agent is not available, this probe will fail. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**command**|[str]|Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('\|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.|| +### KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeHTTPGet + +HTTPGet specifies the http request to perform. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**host**|str|Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.|| +|**httpHeaders**|[[KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeHTTPGetHTTPHeadersItems0](#kubevirtiov1virtualmachineinstancespeclivenessprobehttpgethttpheadersitems0)]|Custom headers to set in the request. HTTP allows repeated headers.|| +|**path**|str|Path to access on the HTTP server.|| +|**port** `required`|int \| str|Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.|| +|**scheme**|str|Scheme to use for connecting to the host. Defaults to HTTP.|| +### KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeHTTPGetHTTPHeadersItems0 + +HTTPHeader describes a custom header to be used in HTTP probes + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|The header field name|| +|**value** `required`|str|The header field value|| +### KubevirtIoV1VirtualMachineInstanceSpecLivenessProbeTCPSocket + +TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**host**|str|Optional: Host name to connect to, defaults to the pod IP.|| +|**port** `required`|int \| str|Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.|| +### KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0 + +Network represents a network type and a resource that should be connected to the vm. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**multus**|[KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0Multus](#kubevirtiov1virtualmachineinstancespecnetworksitems0multus)|multus|| +|**name** `required`|str|Network name. Must be a DNS_LABEL and unique within the vm. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names|| +|**pod**|[KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0Pod](#kubevirtiov1virtualmachineinstancespecnetworksitems0pod)|pod|| +### KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0Multus + +Represents the multus cni network. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**default**|bool|Select the default network and add it to the multus-cni.io/default-network annotation.|| +|**networkName** `required`|str|References to a NetworkAttachmentDefinition CRD object. Format: <networkName>, <namespace>/<networkName>. If namespace is not specified, VMI namespace is assumed.|| +### KubevirtIoV1VirtualMachineInstanceSpecNetworksItems0Pod + +Represents the stock pod network interface. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**vmIPv6NetworkCIDR**|str|IPv6 CIDR for the vm network. Defaults to fd10:0:2::/120 if not specified.|| +|**vmNetworkCIDR**|str|CIDR for vm network. Default 10.0.2.0/24 if not specified.|| +### KubevirtIoV1VirtualMachineInstanceSpecReadinessProbe + +Periodic probe of VirtualMachineInstance service readiness. VirtualmachineInstances will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**exec**|[KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeExec](#kubevirtiov1virtualmachineinstancespecreadinessprobeexec)|exec|| +|**failureThreshold**|int|Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.|| +|**guestAgentPing**|any|GuestAgentPing contacts the qemu-guest-agent for availability checks.|| +|**httpGet**|[KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeHTTPGet](#kubevirtiov1virtualmachineinstancespecreadinessprobehttpget)|http get|| +|**initialDelaySeconds**|int|Number of seconds after the VirtualMachineInstance has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes|| +|**periodSeconds**|int|How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.|| +|**successThreshold**|int|Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.|| +|**tcpSocket**|[KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeTCPSocket](#kubevirtiov1virtualmachineinstancespecreadinessprobetcpsocket)|tcp socket|| +|**timeoutSeconds**|int|Number of seconds after which the probe times out. For exec probes the timeout fails the probe but does not terminate the command running on the guest. This means a blocking command can result in an increasing load on the guest. A small buffer will be added to the resulting workload exec probe to compensate for delays caused by the qemu guest exec mechanism. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes|| +### KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeExec + +One and only one of the following should be specified. Exec specifies the action to take, it will be executed on the guest through the qemu-guest-agent. If the guest agent is not available, this probe will fail. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**command**|[str]|Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('\|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.|| +### KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeHTTPGet + +HTTPGet specifies the http request to perform. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**host**|str|Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead.|| +|**httpHeaders**|[[KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeHTTPGetHTTPHeadersItems0](#kubevirtiov1virtualmachineinstancespecreadinessprobehttpgethttpheadersitems0)]|Custom headers to set in the request. HTTP allows repeated headers.|| +|**path**|str|Path to access on the HTTP server.|| +|**port** `required`|int \| str|Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.|| +|**scheme**|str|Scheme to use for connecting to the host. Defaults to HTTP.|| +### KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeHTTPGetHTTPHeadersItems0 + +HTTPHeader describes a custom header to be used in HTTP probes + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|The header field name|| +|**value** `required`|str|The header field value|| +### KubevirtIoV1VirtualMachineInstanceSpecReadinessProbeTCPSocket + +TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported TODO: implement a realistic TCP lifecycle hook + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**host**|str|Optional: Host name to connect to, defaults to the pod IP.|| +|**port** `required`|int \| str|Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.|| +### KubevirtIoV1VirtualMachineInstanceSpecTolerationsItems0 + +The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**effect**|str|Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.|| +|**key**|str|Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.|| +|**operator**|str|Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.|| +|**tolerationSeconds**|int|TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.|| +|**value**|str|Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.|| +### KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0 + +TopologySpreadConstraint specifies how to spread matching pods among the given topology. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**labelSelector**|[KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0LabelSelector](#kubevirtiov1virtualmachineinstancespectopologyspreadconstraintsitems0labelselector)|label selector|| +|**maxSkew** `required`|int|MaxSkew describes the degree to which pods may be unevenly distributed. When 'whenUnsatisfiable=DoNotSchedule', it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 1/1/0: \| zone1 \| zone2 \| zone3 \| \| P \| P \| \| - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 1/1/1; scheduling it onto zone1(zone2) would make the ActualSkew(2-0) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When 'whenUnsatisfiable=ScheduleAnyway', it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed.|| +|**topologyKey** `required`|str|TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each <key, value> as a "bucket", and try to put balanced number of pods into each bucket. It's a required field.|| +|**whenUnsatisfiable** `required`|str|WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered "Unsatisfiable" for an incoming pod if and only if every possible node assignment for that pod would violate "MaxSkew" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: \| zone1 \| zone2 \| zone3 \| \| P P P \| P \| P \| If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field.|| +### KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0LabelSelector + +LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0LabelSelectorMatchExpressionsItems0](#kubevirtiov1virtualmachineinstancespectopologyspreadconstraintsitems0labelselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### KubevirtIoV1VirtualMachineInstanceSpecTopologySpreadConstraintsItems0LabelSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0 + +Volume represents a named volume in a vmi. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**cloudInitConfigDrive**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDrive](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitconfigdrive)|cloud init config drive|| +|**cloudInitNoCloud**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloud](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitnocloud)|cloud init no cloud|| +|**configMap**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ConfigMap](#kubevirtiov1virtualmachineinstancespecvolumesitems0configmap)|config map|| +|**containerDisk**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ContainerDisk](#kubevirtiov1virtualmachineinstancespecvolumesitems0containerdisk)|container disk|| +|**dataVolume**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DataVolume](#kubevirtiov1virtualmachineinstancespecvolumesitems0datavolume)|data volume|| +|**downwardAPI**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPI](#kubevirtiov1virtualmachineinstancespecvolumesitems0downwardapi)|downward API|| +|**downwardMetrics**|any|DownwardMetrics adds a very small disk to VMIs which contains a limited view of host and guest metrics. The disk content is compatible with vhostmd (https://github.com/vhostmd/vhostmd) and vm-dump-metrics.|| +|**emptyDisk**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0EmptyDisk](#kubevirtiov1virtualmachineinstancespecvolumesitems0emptydisk)|empty disk|| +|**ephemeral**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Ephemeral](#kubevirtiov1virtualmachineinstancespecvolumesitems0ephemeral)|ephemeral|| +|**hostDisk**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0HostDisk](#kubevirtiov1virtualmachineinstancespecvolumesitems0hostdisk)|host disk|| +|**memoryDump**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0MemoryDump](#kubevirtiov1virtualmachineinstancespecvolumesitems0memorydump)|memory dump|| +|**name** `required`|str|Volume's name. Must be a DNS_LABEL and unique within the vmi. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names|| +|**persistentVolumeClaim**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0PersistentVolumeClaim](#kubevirtiov1virtualmachineinstancespecvolumesitems0persistentvolumeclaim)|persistent volume claim|| +|**secret**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Secret](#kubevirtiov1virtualmachineinstancespecvolumesitems0secret)|secret|| +|**serviceAccount**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ServiceAccount](#kubevirtiov1virtualmachineinstancespecvolumesitems0serviceaccount)|service account|| +|**sysprep**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Sysprep](#kubevirtiov1virtualmachineinstancespecvolumesitems0sysprep)|sysprep|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDrive + +CloudInitConfigDrive represents a cloud-init Config Drive user-data source. The Config Drive data will be added as a disk to the vmi. A proper cloud-init installation is required inside the guest. More info: https://cloudinit.readthedocs.io/en/latest/topics/datasources/configdrive.html + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**networkData**|str|NetworkData contains config drive inline cloud-init networkdata.|| +|**networkDataBase64**|str|NetworkDataBase64 contains config drive cloud-init networkdata as a base64 encoded string.|| +|**networkDataSecretRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDriveNetworkDataSecretRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitconfigdrivenetworkdatasecretref)|network data secret ref|| +|**secretRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDriveSecretRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitconfigdrivesecretref)|secret ref|| +|**userData**|str|UserData contains config drive inline cloud-init userdata.|| +|**userDataBase64**|str|UserDataBase64 contains config drive cloud-init userdata as a base64 encoded string.|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDriveNetworkDataSecretRef + +NetworkDataSecretRef references a k8s secret that contains config drive networkdata. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitConfigDriveSecretRef + +UserDataSecretRef references a k8s secret that contains config drive userdata. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloud + +CloudInitNoCloud represents a cloud-init NoCloud user-data source. The NoCloud data will be added as a disk to the vmi. A proper cloud-init installation is required inside the guest. More info: http://cloudinit.readthedocs.io/en/latest/topics/datasources/nocloud.html + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**networkData**|str|NetworkData contains NoCloud inline cloud-init networkdata.|| +|**networkDataBase64**|str|NetworkDataBase64 contains NoCloud cloud-init networkdata as a base64 encoded string.|| +|**networkDataSecretRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloudNetworkDataSecretRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitnocloudnetworkdatasecretref)|network data secret ref|| +|**secretRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloudSecretRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0cloudinitnocloudsecretref)|secret ref|| +|**userData**|str|UserData contains NoCloud inline cloud-init userdata.|| +|**userDataBase64**|str|UserDataBase64 contains NoCloud cloud-init userdata as a base64 encoded string.|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloudNetworkDataSecretRef + +NetworkDataSecretRef references a k8s secret that contains NoCloud networkdata. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0CloudInitNoCloudSecretRef + +UserDataSecretRef references a k8s secret that contains NoCloud userdata. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ConfigMap + +ConfigMapSource represents a reference to a ConfigMap in the same namespace. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/ + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +|**optional**|bool|Specify whether the ConfigMap or it's keys must be defined|| +|**volumeLabel**|str|The volume label of the resulting disk inside the VMI. Different bootstrapping mechanisms require different values. Typical values are "cidata" (cloud-init), "config-2" (cloud-init) or "OEMDRV" (kickstart).|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ContainerDisk + +ContainerDisk references a docker image, embedding a qcow or raw disk. More info: https://kubevirt.gitbooks.io/user-guide/registry-disk.html + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**image** `required`|str|Image is the name of the image with the embedded disk.|| +|**imagePullPolicy**|str|Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images|| +|**imagePullSecret**|str|ImagePullSecret is the name of the Docker registry secret required to pull the image. The secret must already exist.|| +|**path**|str|Path defines the path to disk file in the container|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DataVolume + +DataVolume represents the dynamic creation a PVC for this volume as well as the process of populating that PVC with a disk image. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**hotpluggable**|bool|Hotpluggable indicates whether the volume can be hotplugged and hotunplugged.|| +|**name** `required`|str|Name of both the DataVolume and the PVC in the same namespace. After PVC population the DataVolume is garbage collected by default.|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPI + +DownwardAPI represents downward API about the pod that should populate this volume + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**fields**|[[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0](#kubevirtiov1virtualmachineinstancespecvolumesitems0downwardapifieldsitems0)]|Fields is a list of downward API volume file|| +|**volumeLabel**|str|The volume label of the resulting disk inside the VMI. Different bootstrapping mechanisms require different values. Typical values are "cidata" (cloud-init), "config-2" (cloud-init) or "OEMDRV" (kickstart).|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0 + +DownwardAPIVolumeFile represents information to create the file containing the pod field + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**fieldRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0FieldRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0downwardapifieldsitems0fieldref)|field ref|| +|**mode**|int|Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.|| +|**path** `required`|str|Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'|| +|**resourceFieldRef**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0ResourceFieldRef](#kubevirtiov1virtualmachineinstancespecvolumesitems0downwardapifieldsitems0resourcefieldref)|resource field ref|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0FieldRef + +Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion**|str|Version of the schema the FieldPath is written in terms of, defaults to "v1".|| +|**fieldPath** `required`|str|Path of the field to select in the specified API version.|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0DownwardAPIFieldsItems0ResourceFieldRef + +Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**containerName**|str|Container name: required for volumes, optional for env vars|| +|**divisor**|int \| str|Specifies the output format of the exposed resources, defaults to "1"|| +|**resource** `required`|str|Required: resource to select|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0EmptyDisk + +EmptyDisk represents a temporary disk which shares the vmis lifecycle. More info: https://kubevirt.gitbooks.io/user-guide/disks-and-volumes.html + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**capacity** `required`|int \| str|Capacity of the sparse disk.|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Ephemeral + +Ephemeral is a special volume source that "wraps" specified source and provides copy-on-write image on top of it. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**persistentVolumeClaim**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0EphemeralPersistentVolumeClaim](#kubevirtiov1virtualmachineinstancespecvolumesitems0ephemeralpersistentvolumeclaim)|persistent volume claim|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0EphemeralPersistentVolumeClaim + +PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. Directly attached to the vmi via qemu. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**claimName** `required`|str|ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims|| +|**readOnly**|bool|Will force the ReadOnly setting in VolumeMounts. Default false.|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0HostDisk + +HostDisk represents a disk created on the cluster level + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**capacity**|int \| str|Capacity of the sparse disk|| +|**path** `required`|str|The path to HostDisk image located on the cluster|| +|**shared**|bool|Shared indicate whether the path is shared between nodes|| +|**type** `required`|str||| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0MemoryDump + +MemoryDump is attached to the virt launcher and is populated with a memory dump of the vmi + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**claimName** `required`|str|ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims|| +|**hotpluggable**|bool|Hotpluggable indicates whether the volume can be hotplugged and hotunplugged.|| +|**readOnly**|bool|Will force the ReadOnly setting in VolumeMounts. Default false.|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0PersistentVolumeClaim + +PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. Directly attached to the vmi via qemu. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**claimName** `required`|str|ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims|| +|**hotpluggable**|bool|Hotpluggable indicates whether the volume can be hotplugged and hotunplugged.|| +|**readOnly**|bool|Will force the ReadOnly setting in VolumeMounts. Default false.|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Secret + +SecretVolumeSource represents a reference to a secret data in the same namespace. More info: https://kubernetes.io/docs/concepts/configuration/secret/ + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**optional**|bool|Specify whether the Secret or it's keys must be defined|| +|**secretName**|str|Name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret|| +|**volumeLabel**|str|The volume label of the resulting disk inside the VMI. Different bootstrapping mechanisms require different values. Typical values are "cidata" (cloud-init), "config-2" (cloud-init) or "OEMDRV" (kickstart).|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0ServiceAccount + +ServiceAccountVolumeSource represents a reference to a service account. There can only be one volume of this type! More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**serviceAccountName**|str|Name of the service account in the pod's namespace to use. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0Sysprep + +Represents a Sysprep volume source. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**configMap**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0SysprepConfigMap](#kubevirtiov1virtualmachineinstancespecvolumesitems0sysprepconfigmap)|config map|| +|**secret**|[KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0SysprepSecret](#kubevirtiov1virtualmachineinstancespecvolumesitems0sysprepsecret)|secret|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0SysprepConfigMap + +ConfigMap references a ConfigMap that contains Sysprep answer file named autounattend.xml that should be attached as disk of CDROM type. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +### KubevirtIoV1VirtualMachineInstanceSpecVolumesItems0SysprepSecret + +Secret references a k8s Secret that contains Sysprep answer file named autounattend.xml that should be attached as disk of CDROM type. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +### KubevirtIoV1VirtualMachineInstanceStatus + +Status is the high level overview of how the VirtualMachineInstance is doing. It contains information available to controllers and users. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**VSOCKCID**|int|VSOCKCID is used to track the allocated VSOCK CID in the VM.|| +|**activePods**|{str:str}|ActivePods is a mapping of pod UID to node name. It is possible for multiple pods to be running for a single VMI during migration.|| +|**conditions**|[[KubevirtIoV1VirtualMachineInstanceStatusConditionsItems0](#kubevirtiov1virtualmachineinstancestatusconditionsitems0)]|Conditions are specific points in VirtualMachineInstance's pod runtime.|| +|**evacuationNodeName**|str|EvacuationNodeName is used to track the eviction process of a VMI. It stores the name of the node that we want to evacuate. It is meant to be used by KubeVirt core components only and can't be set or modified by users.|| +|**fsFreezeStatus**|str|FSFreezeStatus is the state of the fs of the guest it can be either frozen or thawed|| +|**guestOSInfo**|[KubevirtIoV1VirtualMachineInstanceStatusGuestOSInfo](#kubevirtiov1virtualmachineinstancestatusguestosinfo)|guest o s info|| +|**interfaces**|[[KubevirtIoV1VirtualMachineInstanceStatusInterfacesItems0](#kubevirtiov1virtualmachineinstancestatusinterfacesitems0)]|Interfaces represent the details of available network interfaces.|| +|**launcherContainerImageVersion**|str|LauncherContainerImageVersion indicates what container image is currently active for the vmi.|| +|**migrationMethod**|str|Represents the method using which the vmi can be migrated: live migration or block migration|| +|**migrationState**|[KubevirtIoV1VirtualMachineInstanceStatusMigrationState](#kubevirtiov1virtualmachineinstancestatusmigrationstate)|migration state|| +|**migrationTransport**|str|This represents the migration transport|| +|**nodeName**|str|NodeName is the name where the VirtualMachineInstance is currently running.|| +|**phase**|str|Phase is the status of the VirtualMachineInstance in kubernetes world. It is not the VirtualMachineInstance status, but partially correlates to it.|| +|**phaseTransitionTimestamps**|[[KubevirtIoV1VirtualMachineInstanceStatusPhaseTransitionTimestampsItems0](#kubevirtiov1virtualmachineinstancestatusphasetransitiontimestampsitems0)]|PhaseTransitionTimestamp is the timestamp of when the last phase change occurred|| |**qosClass**|str|The Quality of Service (QOS) classification assigned to the virtual machine instance based on resource requirements See PodQOSClass type for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md|| -|**reason**|str|A brief CamelCase message indicating details about why the VMI is in this state. e.g. 'NodeUnresponsive'|| +|**reason**|str|A brief CamelCase message indicating details about why the VMI is in this state. e.g. 'NodeUnresponsive'|| |**runtimeUser**|int|RuntimeUser is used to determine what user will be used in launcher|| |**selinuxContext**|str|SELinuxContext is the actual SELinux context of the virt-launcher pod|| |**topologyHints**|[KubevirtIoV1VirtualMachineInstanceStatusTopologyHints](#kubevirtiov1virtualmachineinstancestatustopologyhints)|topology hints|| @@ -1997,167 +5180,1613 @@ Status is the high level overview of how the VirtualMachineInstance is doing. It |**volumeStatus**|[[KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0](#kubevirtiov1virtualmachineinstancestatusvolumestatusitems0)]|VolumeStatus contains the statuses of all the volumes|| ### KubevirtIoV1VirtualMachineInstanceStatusConditionsItems0 -kubevirt io v1 virtual machine instance status conditions items0 +kubevirt io v1 virtual machine instance status conditions items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastProbeTime**|str|last probe time|| +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status** `required`|str|status|| +|**type** `required`|str||| +### KubevirtIoV1VirtualMachineInstanceStatusGuestOSInfo + +Guest OS Information + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**id**|str|Guest OS Id|| +|**kernelRelease**|str|Guest OS Kernel Release|| +|**kernelVersion**|str|Kernel version of the Guest OS|| +|**machine**|str|Machine type of the Guest OS|| +|**name**|str|Name of the Guest OS|| +|**prettyName**|str|Guest OS Pretty Name|| +|**version**|str|Guest OS Version|| +|**versionId**|str|Version ID of the Guest OS|| +### KubevirtIoV1VirtualMachineInstanceStatusInterfacesItems0 + +kubevirt io v1 virtual machine instance status interfaces items0 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**infoSource**|str|Specifies the origin of the interface data collected. values: domain, guest-agent, or both|| +|**interfaceName**|str|The interface name inside the Virtual Machine|| +|**ipAddress**|str|IP address of a Virtual Machine interface. It is always the first item of IPs|| +|**ipAddresses**|[str]|List of all IP addresses of a Virtual Machine interface|| +|**mac**|str|Hardware address of a Virtual Machine interface|| +|**name**|str|Name of the interface, corresponds to name of the network assigned to the interface|| +|**queueCount**|int|Specifies how many queues are allocated by MultiQueue|| +### KubevirtIoV1VirtualMachineInstanceStatusMigrationState + +Represents the status of a live migration + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**abortRequested**|bool|Indicates that the migration has been requested to abort|| +|**abortStatus**|str|Indicates the final status of the live migration abortion|| +|**completed**|bool|Indicates the migration completed|| +|**endTimestamp**|str|The time the migration action ended|| +|**failed**|bool|Indicates that the migration failed|| +|**migrationConfiguration**|[KubevirtIoV1VirtualMachineInstanceStatusMigrationStateMigrationConfiguration](#kubevirtiov1virtualmachineinstancestatusmigrationstatemigrationconfiguration)|migration configuration|| +|**migrationPolicyName**|str|Name of the migration policy. If string is empty, no policy is matched|| +|**migrationUid**|str|The VirtualMachineInstanceMigration object associated with this migration|| +|**mode**|str|Lets us know if the vmi is currently running pre or post copy migration|| +|**sourceNode**|str|The source node that the VMI originated on|| +|**startTimestamp**|str|The time the migration action began|| +|**targetAttachmentPodUID**|str|The UID of the target attachment pod for hotplug volumes|| +|**targetCPUSet**|[int]|If the VMI requires dedicated CPUs, this field will hold the dedicated CPU set on the target node|| +|**targetDirectMigrationNodePorts**|{str:int}|The list of ports opened for live migration on the destination node|| +|**targetNode**|str|The target node that the VMI is moving to|| +|**targetNodeAddress**|str|The address of the target node to use for the migration|| +|**targetNodeDomainDetected**|bool|The Target Node has seen the Domain Start Event|| +|**targetNodeTopology**|str|If the VMI requires dedicated CPUs, this field will hold the numa topology on the target node|| +|**targetPod**|str|The target pod that the VMI is moving to|| +### KubevirtIoV1VirtualMachineInstanceStatusMigrationStateMigrationConfiguration + +Migration configurations to apply + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**allowAutoConverge**|bool|AllowAutoConverge allows the platform to compromise performance/availability of VMIs to guarantee successful VMI live migrations. Defaults to false|| +|**allowPostCopy**|bool|AllowPostCopy enables post-copy live migrations. Such migrations allow even the busiest VMIs to successfully live-migrate. However, events like a network failure can cause a VMI crash. If set to true, migrations will still start in pre-copy, but switch to post-copy when CompletionTimeoutPerGiB triggers. Defaults to false|| +|**bandwidthPerMigration**|int \| str|BandwidthPerMigration limits the amount of network bandwith live migrations are allowed to use. The value is in quantity per second. Defaults to 0 (no limit)|| +|**completionTimeoutPerGiB**|int|CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800|| +|**disableTLS**|bool|When set to true, DisableTLS will disable the additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false|| +|**network**|str|Network is the name of the CNI network to use for live migrations. By default, migrations go through the pod network.|| +|**nodeDrainTaintKey**|str|NodeDrainTaintKey defines the taint key that indicates a node should be drained. Note: this option relies on the deprecated node taint feature. Default: kubevirt.io/drain|| +|**parallelMigrationsPerCluster**|int|ParallelMigrationsPerCluster is the total number of concurrent live migrations allowed cluster-wide. Defaults to 5|| +|**parallelOutboundMigrationsPerNode**|int|ParallelOutboundMigrationsPerNode is the maximum number of concurrent outgoing live migrations allowed per node. Defaults to 2|| +|**progressTimeout**|int|ProgressTimeout is the maximum number of seconds a live migration is allowed to make no progress. Hitting this timeout means a migration transferred 0 data for that many seconds. The migration is then considered stuck and therefore cancelled. Defaults to 150|| +|**unsafeMigrationOverride**|bool|UnsafeMigrationOverride allows live migrations to occur even if the compatibility check indicates the migration will be unsafe to the guest. Defaults to false|| +### KubevirtIoV1VirtualMachineInstanceStatusPhaseTransitionTimestampsItems0 + +VirtualMachineInstancePhaseTransitionTimestamp gives a timestamp in relation to when a phase is set on a vmi + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**phase**|str|Phase is the status of the VirtualMachineInstance in kubernetes world. It is not the VirtualMachineInstance status, but partially correlates to it.|| +|**phaseTransitionTimestamp**|str|PhaseTransitionTimestamp is the timestamp of when the phase change occurred|| +### KubevirtIoV1VirtualMachineInstanceStatusTopologyHints + +kubevirt io v1 virtual machine instance status topology hints + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**tscFrequency**|int|tsc frequency|| +### KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0 + +VolumeStatus represents information about the status of volumes attached to the VirtualMachineInstance. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**hotplugVolume**|[KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0HotplugVolume](#kubevirtiov1virtualmachineinstancestatusvolumestatusitems0hotplugvolume)|hotplug volume|| +|**memoryDumpVolume**|[KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0MemoryDumpVolume](#kubevirtiov1virtualmachineinstancestatusvolumestatusitems0memorydumpvolume)|memory dump volume|| +|**message**|str|Message is a detailed message about the current hotplug volume phase|| +|**name** `required`|str|Name is the name of the volume|| +|**persistentVolumeClaimInfo**|[KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0PersistentVolumeClaimInfo](#kubevirtiov1virtualmachineinstancestatusvolumestatusitems0persistentvolumeclaiminfo)|persistent volume claim info|| +|**phase**|str|Phase is the phase|| +|**reason**|str|Reason is a brief description of why we are in the current hotplug volume phase|| +|**size**|int|Represents the size of the volume|| +|**target** `required`|str|Target is the target name used when adding the volume to the VM, eg: vda|| +### KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0HotplugVolume + +If the volume is hotplug, this will contain the hotplug status. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**attachPodName**|str|AttachPodName is the name of the pod used to attach the volume to the node.|| +|**attachPodUID**|str|AttachPodUID is the UID of the pod used to attach the volume to the node.|| +### KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0MemoryDumpVolume + +If the volume is memorydump volume, this will contain the memorydump info. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**claimName**|str|ClaimName is the name of the pvc the memory was dumped to|| +|**endTimestamp**|str|EndTimestamp is the time when the memory dump completed|| +|**startTimestamp**|str|StartTimestamp is the time when the memory dump started|| +|**targetFileName**|str|TargetFileName is the name of the memory dump output|| +### KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0PersistentVolumeClaimInfo + +PersistentVolumeClaimInfo is information about the PVC that handler requires during start flow + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**accessModes**|[str]|AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1|| +|**capacity**|{str:int \| str}|Capacity represents the capacity set on the corresponding PVC status|| +|**filesystemOverhead**|str|Percentage of filesystem's size to be reserved when resizing the PVC|| +|**preallocated**|bool|Preallocated indicates if the PVC's storage is preallocated or not|| +|**requests**|{str:int \| str}|Requests represents the resources requested by the corresponding PVC spec|| +|**volumeMode**|str|VolumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.|| +### NetworkAttachmentDefinition + +NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing Working Group to express the intent for attaching pods to one or more logical or physical networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"k8s.cni.cncf.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"k8s.cni.cncf.io/v1"| +|**kind** `required` `readOnly`|"NetworkAttachmentDefinition"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"NetworkAttachmentDefinition"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec**|[K8sCniCncfIoV1NetworkAttachmentDefinitionSpec](#k8scnicncfiov1networkattachmentdefinitionspec)|spec|| +### OAuth + +OAuth holds cluster-wide information about OAuth. The canonical name is `cluster`. It is used to configure the integrated OAuth server. This configuration is only honored when the top level Authentication config has type set to IntegratedOAuth. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"OAuth"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"OAuth"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1OAuthSpec](#configopenshiftiov1oauthspec)|spec|| +|**status**|any|OAuthStatus shows current known state of OAuth server in the cluster|| +### OpenShiftAPIServer + +OpenShiftAPIServer provides information to configure an operator to manage openshift-apiserver. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"OpenShiftAPIServer"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"OpenShiftAPIServer"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1OpenShiftAPIServerSpec](#operatoropenshiftiov1openshiftapiserverspec)|spec|| +|**status**|[OperatorOpenshiftIoV1OpenShiftAPIServerStatus](#operatoropenshiftiov1openshiftapiserverstatus)|status|| +### OpenShiftControllerManager + +OpenShiftControllerManager provides information to configure an operator to manage openshift-controller-manager. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"OpenShiftControllerManager"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"OpenShiftControllerManager"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1OpenShiftControllerManagerSpec](#operatoropenshiftiov1openshiftcontrollermanagerspec)|spec|| +|**status**|[OperatorOpenshiftIoV1OpenShiftControllerManagerStatus](#operatoropenshiftiov1openshiftcontrollermanagerstatus)|status|| +### OperatorAuthentication + +Authentication provides information to configure an operator to manage authentication. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"Authentication"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Authentication"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1AuthenticationSpec](#operatoropenshiftiov1authenticationspec)|spec|| +|**status**|[OperatorOpenshiftIoV1AuthenticationStatus](#operatoropenshiftiov1authenticationstatus)|status|| +### OperatorConsole + +Console provides a means to configure an operator to manage the console. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"Console"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Console"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1ConsoleSpec](#operatoropenshiftiov1consolespec)|spec|| +|**status**|[OperatorOpenshiftIoV1ConsoleStatus](#operatoropenshiftiov1consolestatus)|status|| +### OperatorDNS + +DNS manages the CoreDNS component to provide a name resolution service for pods and services in the cluster. This supports the DNS-based service discovery specification: https://github.com/kubernetes/dns/blob/master/docs/specification.md More details: https://kubernetes.io/docs/tasks/administer-cluster/coredns + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"DNS"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"DNS"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec**|[OperatorOpenshiftIoV1DNSSpec](#operatoropenshiftiov1dnsspec)|spec|| +|**status**|[OperatorOpenshiftIoV1DNSStatus](#operatoropenshiftiov1dnsstatus)|status|| +### OperatorHub + +OperatorHub is the Schema for the operatorhubs API. It can be used to change the state of the default hub sources for OperatorHub on the cluster from enabled to disabled and vice versa. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"OperatorHub"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"OperatorHub"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec**|[ConfigOpenshiftIoV1OperatorHubSpec](#configopenshiftiov1operatorhubspec)|spec|| +|**status**|[ConfigOpenshiftIoV1OperatorHubStatus](#configopenshiftiov1operatorhubstatus)|status|| +### OperatorNetwork + +Network describes the cluster's desired network configuration. It is consumed by the cluster-network-operator. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"Network"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Network"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec**|[OperatorOpenshiftIoV1NetworkSpec](#operatoropenshiftiov1networkspec)|spec|| +|**status**|any|NetworkStatus is currently unused. Instead, status is reported in the Network.config.openshift.io object.|| +### OperatorOpenshiftIoV1AuthenticationSpec + +operator openshift io v1 authentication spec + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1AuthenticationStatus + +operator openshift io v1 authentication status + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[OperatorOpenshiftIoV1AuthenticationStatusConditionsItems0](#operatoropenshiftiov1authenticationstatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1AuthenticationStatusGenerationsItems0](#operatoropenshiftiov1authenticationstatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1AuthenticationStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1AuthenticationStatusGenerationsItems0 + +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### OperatorOpenshiftIoV1ConsoleSpec + +ConsoleSpec is the specification of the desired behavior of the Console. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**customization**|[OperatorOpenshiftIoV1ConsoleSpecCustomization](#operatoropenshiftiov1consolespeccustomization)|customization|| +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**providers**|[OperatorOpenshiftIoV1ConsoleSpecProviders](#operatoropenshiftiov1consolespecproviders)|providers|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1ConsoleSpecCustomization + +customization is used to optionally provide a small set of customization options to the web console. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**brand**|str|brand is the default branding of the web console which can be overridden by providing the brand field. There is a limited set of specific brand options. This field controls elements of the console such as the logo. Invalid value will prevent a console rollout.|| +|**customLogoFile**|[OperatorOpenshiftIoV1ConsoleSpecCustomizationCustomLogoFile](#operatoropenshiftiov1consolespeccustomizationcustomlogofile)|custom logo file|| +|**customProductName**|str|customProductName is the name that will be displayed in page titles, logo alt text, and the about dialog instead of the normal OpenShift product name.|| +|**documentationBaseURL**|str|documentationBaseURL links to external documentation are shown in various sections of the web console. Providing documentationBaseURL will override the default documentation URL. Invalid value will prevent a console rollout.|| +### OperatorOpenshiftIoV1ConsoleSpecCustomizationCustomLogoFile + +customLogoFile replaces the default OpenShift logo in the masthead and about dialog. It is a reference to a ConfigMap in the openshift-config namespace. This can be created with a command like 'oc create configmap custom-logo --from-file=/path/to/file -n openshift-config'. Image size must be less than 1 MB due to constraints on the ConfigMap size. The ConfigMap key should include a file extension so that the console serves the file with the correct MIME type. Recommended logo specifications: Dimensions: Max height of 68px and max width of 200px SVG format preferred + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key**|str|Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references.|| +|**name**|str|name|| +### OperatorOpenshiftIoV1ConsoleSpecProviders + +providers contains configuration for using specific service providers. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**statuspage**|[OperatorOpenshiftIoV1ConsoleSpecProvidersStatuspage](#operatoropenshiftiov1consolespecprovidersstatuspage)|statuspage|| +### OperatorOpenshiftIoV1ConsoleSpecProvidersStatuspage + +statuspage contains ID for statuspage.io page that provides status info about. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**pageID**|str|pageID is the unique ID assigned by Statuspage for your page. This must be a public page.|| +### OperatorOpenshiftIoV1ConsoleStatus + +ConsoleStatus defines the observed status of the Console. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[OperatorOpenshiftIoV1ConsoleStatusConditionsItems0](#operatoropenshiftiov1consolestatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1ConsoleStatusGenerationsItems0](#operatoropenshiftiov1consolestatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1ConsoleStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1ConsoleStatusGenerationsItems0 + +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### OperatorOpenshiftIoV1DNSSpec + +spec is the specification of the desired behavior of the DNS. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**servers**|[[OperatorOpenshiftIoV1DNSSpecServersItems0](#operatoropenshiftiov1dnsspecserversitems0)]|servers is a list of DNS resolvers that provide name query delegation for one or more subdomains outside the scope of the cluster domain. If servers consists of more than one Server, longest suffix match will be used to determine the Server.
For example, if there are two Servers, one for "foo.com" and another for "a.foo.com", and the name query is for "www.a.foo.com", it will be routed to the Server with Zone "a.foo.com".
If this field is nil, no servers are created.|| +### OperatorOpenshiftIoV1DNSSpecServersItems0 + +Server defines the schema for a server that runs per instance of CoreDNS. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**forwardPlugin**|[OperatorOpenshiftIoV1DNSSpecServersItems0ForwardPlugin](#operatoropenshiftiov1dnsspecserversitems0forwardplugin)|forward plugin|| +|**name**|str|name is required and specifies a unique name for the server. Name must comply with the Service Name Syntax of rfc6335.|| +|**zones**|[str]|zones is required and specifies the subdomains that Server is authoritative for. Zones must conform to the rfc1123 definition of a subdomain. Specifying the cluster domain (i.e., "cluster.local") is invalid.|| +### OperatorOpenshiftIoV1DNSSpecServersItems0ForwardPlugin + +forwardPlugin defines a schema for configuring CoreDNS to proxy DNS messages to upstream resolvers. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**upstreams**|[str]|upstreams is a list of resolvers to forward name queries for subdomains of Zones. Upstreams are randomized when more than 1 upstream is specified. Each instance of CoreDNS performs health checking of Upstreams. When a healthy upstream returns an error during the exchange, another resolver is tried from Upstreams. Each upstream is represented by an IP address or IP:port if the upstream listens on a port other than 53.
A maximum of 15 upstreams is allowed per ForwardPlugin.|| +### OperatorOpenshiftIoV1DNSStatus + +status is the most recently observed status of the DNS. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**clusterDomain** `required`|str|clusterDomain is the local cluster DNS domain suffix for DNS services. This will be a subdomain as defined in RFC 1034, section 3.5: https://tools.ietf.org/html/rfc1034#section-3.5 Example: "cluster.local"
More info: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service|| +|**clusterIP** `required`|str|clusterIP is the service IP through which this DNS is made available.
In the case of the default DNS, this will be a well known IP that is used as the default nameserver for pods that are using the default ClusterFirst DNS policy.
In general, this IP can be specified in a pod's spec.dnsConfig.nameservers list or used explicitly when performing name resolution from within the cluster. Example: dig foo.com @<service IP>
More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies|| +|**conditions**|[[OperatorOpenshiftIoV1DNSStatusConditionsItems0](#operatoropenshiftiov1dnsstatusconditionsitems0)]|conditions provide information about the state of the DNS on the cluster.
These are the supported DNS conditions:
* Available - True if the following conditions are met: * DNS controller daemonset is available. - False if any of those conditions are unsatisfied.|| +### OperatorOpenshiftIoV1DNSStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1IngressControllerSpec + +spec is the specification of the desired behavior of the IngressController. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**defaultCertificate**|[OperatorOpenshiftIoV1IngressControllerSpecDefaultCertificate](#operatoropenshiftiov1ingresscontrollerspecdefaultcertificate)|default certificate|| +|**domain**|str|domain is a DNS name serviced by the ingress controller and is used to configure multiple features:
* For the LoadBalancerService endpoint publishing strategy, domain is used to configure DNS records. See endpointPublishingStrategy.
* When using a generated default certificate, the certificate will be valid for domain and its subdomains. See defaultCertificate.
* The value is published to individual Route statuses so that end-users know where to target external DNS records.
domain must be unique among all IngressControllers, and cannot be updated.
If empty, defaults to ingress.config.openshift.io/cluster .spec.domain.|| +|**endpointPublishingStrategy**|[OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategy](#operatoropenshiftiov1ingresscontrollerspecendpointpublishingstrategy)|endpoint publishing strategy|| +|**namespaceSelector**|[OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelector](#operatoropenshiftiov1ingresscontrollerspecnamespaceselector)|namespace selector|| +|**nodePlacement**|[OperatorOpenshiftIoV1IngressControllerSpecNodePlacement](#operatoropenshiftiov1ingresscontrollerspecnodeplacement)|node placement|| +|**replicas**|int|replicas is the desired number of ingress controller replicas. If unset, defaults to 2.|| +|**routeSelector**|[OperatorOpenshiftIoV1IngressControllerSpecRouteSelector](#operatoropenshiftiov1ingresscontrollerspecrouteselector)|route selector|| +|**tlsSecurityProfile**|[OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfile](#operatoropenshiftiov1ingresscontrollerspectlssecurityprofile)|tls security profile|| +### OperatorOpenshiftIoV1IngressControllerSpecDefaultCertificate + +defaultCertificate is a reference to a secret containing the default certificate served by the ingress controller. When Routes don't specify their own certificate, defaultCertificate is used. The secret must contain the following keys and data: tls.crt: certificate file contents tls.key: key file contents If unset, a wildcard certificate is automatically generated and used. The certificate is valid for the ingress controller domain (and subdomains) and the generated certificate's CA will be automatically integrated with the cluster's trust store. The in-use certificate (whether generated or user-specified) will be automatically integrated with OpenShift's built-in OAuth server. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?|| +### OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategy + +endpointPublishingStrategy is used to publish the ingress controller endpoints to other networks, enable load balancer integrations, etc. If unset, the default is based on infrastructure.config.openshift.io/cluster .status.platform: AWS: LoadBalancerService (with External scope) Azure: LoadBalancerService (with External scope) GCP: LoadBalancerService (with External scope) Libvirt: HostNetwork Any other platform types (including None) default to HostNetwork. endpointPublishingStrategy cannot be updated. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**hostNetwork**|any|hostNetwork holds parameters for the HostNetwork endpoint publishing strategy. Present only if type is HostNetwork.|| +|**loadBalancer**|[OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategyLoadBalancer](#operatoropenshiftiov1ingresscontrollerspecendpointpublishingstrategyloadbalancer)|load balancer|| +|**private**|any|private holds parameters for the Private endpoint publishing strategy. Present only if type is Private.|| +|**type** `required`|str||| +### OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategyLoadBalancer + +loadBalancer holds parameters for the load balancer. Present only if type is LoadBalancerService. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**scope** `required`|str|scope indicates the scope at which the load balancer is exposed. Possible values are "External" and "Internal".|| +### OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelector + +namespaceSelector is used to filter the set of namespaces serviced by the ingress controller. This is useful for implementing shards. If unset, the default is no filtering. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelectorMatchExpressionsItems0](#operatoropenshiftiov1ingresscontrollerspecnamespaceselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### OperatorOpenshiftIoV1IngressControllerSpecNodePlacement + +nodePlacement enables explicit control over the scheduling of the ingress controller. If unset, defaults are used. See NodePlacement for more details. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**nodeSelector**|[OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelector](#operatoropenshiftiov1ingresscontrollerspecnodeplacementnodeselector)|node selector|| +|**tolerations**|[[OperatorOpenshiftIoV1IngressControllerSpecNodePlacementTolerationsItems0](#operatoropenshiftiov1ingresscontrollerspecnodeplacementtolerationsitems0)]|tolerations is a list of tolerations applied to ingress controller deployments.
The default is an empty list.
See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/|| +### OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelector + +nodeSelector is the node selector applied to ingress controller deployments. If unset, the default is: beta.kubernetes.io/os: linux node-role.kubernetes.io/worker: '' If set, the specified selector is used and replaces the default. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelectorMatchExpressionsItems0](#operatoropenshiftiov1ingresscontrollerspecnodeplacementnodeselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### OperatorOpenshiftIoV1IngressControllerSpecNodePlacementTolerationsItems0 + +The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**effect**|str|Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.|| +|**key**|str|Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.|| +|**operator**|str|Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.|| +|**tolerationSeconds**|int|TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.|| +|**value**|str|Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.|| +### OperatorOpenshiftIoV1IngressControllerSpecRouteSelector + +routeSelector is used to filter the set of Routes serviced by the ingress controller. This is useful for implementing shards. If unset, the default is no filtering. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**matchExpressions**|[[OperatorOpenshiftIoV1IngressControllerSpecRouteSelectorMatchExpressionsItems0](#operatoropenshiftiov1ingresscontrollerspecrouteselectormatchexpressionsitems0)]|matchExpressions is a list of label selector requirements. The requirements are ANDed.|| +|**matchLabels**|{str:str}|matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.|| +### OperatorOpenshiftIoV1IngressControllerSpecRouteSelectorMatchExpressionsItems0 + +A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**key** `required`|str|key is the label key that the selector applies to.|| +|**operator** `required`|str|operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.|| +|**values**|[str]|values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.|| +### OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfile + +tlsSecurityProfile specifies settings for TLS connections for ingresscontrollers. If unset, the default is based on the apiservers.config.openshift.io/cluster resource. Note that when using the Old, Intermediate, and Modern profile types, the effective profile configuration is subject to change between releases. For example, given a specification to use the Intermediate profile deployed on release X.Y.Z, an upgrade to release X.Y.Z+1 may cause a new profile configuration to be applied to the ingress controller, resulting in a rollout. Note that the minimum TLS version for ingress controllers is 1.1, and the maximum TLS version is 1.2. An implication of this restriction is that the Modern TLS profile type cannot be used because it requires TLS 1.3. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**custom**|[OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfileCustom](#operatoropenshiftiov1ingresscontrollerspectlssecurityprofilecustom)|custom|| +|**intermediate**|any|intermediate is a TLS security profile based on:
https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
and looks like this (yaml):
ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2|| +|**modern**|any|modern is a TLS security profile based on:
https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
and looks like this (yaml):
ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3
NOTE: Currently unsupported.|| +|**old**|any|old is a TLS security profile based on:
https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
and looks like this (yaml):
ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0|| +|**type**|str||| +### OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfileCustom + +custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1 + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**ciphers**|[str]|ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml):
ciphers: - DES-CBC3-SHA|| +|**minTLSVersion**|str|minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):
minTLSVersion: TLSv1.1
NOTE: currently the highest minTLSVersion allowed is VersionTLS12|| +### OperatorOpenshiftIoV1IngressControllerStatus + +status is the most recently observed status of the IngressController. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**availableReplicas**|int|availableReplicas is number of observed available replicas according to the ingress controller deployment.|| +|**conditions**|[[OperatorOpenshiftIoV1IngressControllerStatusConditionsItems0](#operatoropenshiftiov1ingresscontrollerstatusconditionsitems0)]|conditions is a list of conditions and their status.
Available means the ingress controller deployment is available and servicing route and ingress resources (i.e, .status.availableReplicas equals .spec.replicas)
There are additional conditions which indicate the status of other ingress controller features and capabilities.
* LoadBalancerManaged - True if the following conditions are met: * The endpoint publishing strategy requires a service load balancer. - False if any of those conditions are unsatisfied.
* LoadBalancerReady - True if the following conditions are met: * A load balancer is managed. * The load balancer is ready. - False if any of those conditions are unsatisfied.
* DNSManaged - True if the following conditions are met: * The endpoint publishing strategy and platform support DNS. * The ingress controller domain is set. * dns.config.openshift.io/cluster configures DNS zones. - False if any of those conditions are unsatisfied.
* DNSReady - True if the following conditions are met: * DNS is managed. * DNS records have been successfully created. - False if any of those conditions are unsatisfied.|| +|**domain**|str|domain is the actual domain in use.|| +|**endpointPublishingStrategy**|[OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategy](#operatoropenshiftiov1ingresscontrollerstatusendpointpublishingstrategy)|endpoint publishing strategy|| +|**observedGeneration**|int|observedGeneration is the most recent generation observed.|| +|**selector**|str|selector is a label selector, in string format, for ingress controller pods corresponding to the IngressController. The number of matching pods should equal the value of availableReplicas.|| +|**tlsProfile**|[OperatorOpenshiftIoV1IngressControllerStatusTLSProfile](#operatoropenshiftiov1ingresscontrollerstatustlsprofile)|tls profile|| +### OperatorOpenshiftIoV1IngressControllerStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategy + +endpointPublishingStrategy is the actual strategy in use. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**hostNetwork**|any|hostNetwork holds parameters for the HostNetwork endpoint publishing strategy. Present only if type is HostNetwork.|| +|**loadBalancer**|[OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategyLoadBalancer](#operatoropenshiftiov1ingresscontrollerstatusendpointpublishingstrategyloadbalancer)|load balancer|| +|**private**|any|private holds parameters for the Private endpoint publishing strategy. Present only if type is Private.|| +|**type** `required`|str||| +### OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategyLoadBalancer + +loadBalancer holds parameters for the load balancer. Present only if type is LoadBalancerService. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**scope** `required`|str|scope indicates the scope at which the load balancer is exposed. Possible values are "External" and "Internal".|| +### OperatorOpenshiftIoV1IngressControllerStatusTLSProfile + +tlsProfile is the TLS connection configuration that is in effect. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**ciphers**|[str]|ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml):
ciphers: - DES-CBC3-SHA|| +|**minTLSVersion**|str|minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):
minTLSVersion: TLSv1.1
NOTE: currently the highest minTLSVersion allowed is VersionTLS12|| +### OperatorOpenshiftIoV1KubeAPIServerSpec + +spec is the specification of the desired behavior of the Kubernetes API Server + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**failedRevisionLimit**|int|failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)|| +|**forceRedeploymentReason**|str|forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work this time instead of failing again on the same config.|| +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**succeededRevisionLimit**|int|succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1KubeAPIServerStatus + +status is the most recently observed status of the Kubernetes API Server + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[OperatorOpenshiftIoV1KubeAPIServerStatusConditionsItems0](#operatoropenshiftiov1kubeapiserverstatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1KubeAPIServerStatusGenerationsItems0](#operatoropenshiftiov1kubeapiserverstatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**latestAvailableRevision**|int|latestAvailableRevision is the deploymentID of the most recent deployment|| +|**latestAvailableRevisionReason**|str|latestAvailableRevisionReason describe the detailed reason for the most recent deployment|| +|**nodeStatuses**|[[OperatorOpenshiftIoV1KubeAPIServerStatusNodeStatusesItems0](#operatoropenshiftiov1kubeapiserverstatusnodestatusesitems0)]|nodeStatuses track the deployment values and errors across individual nodes|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1KubeAPIServerStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1KubeAPIServerStatusGenerationsItems0 + +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### OperatorOpenshiftIoV1KubeAPIServerStatusNodeStatusesItems0 + +NodeStatus provides information about the current state of a particular node managed by this operator. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**currentRevision**|int|currentRevision is the generation of the most recently successful deployment|| +|**lastFailedRevision**|int|lastFailedRevision is the generation of the deployment we tried and failed to deploy.|| +|**lastFailedRevisionErrors**|[str]|lastFailedRevisionErrors is a list of the errors during the failed deployment referenced in lastFailedRevision|| +|**nodeName**|str|nodeName is the name of the node|| +|**targetRevision**|int|targetRevision is the generation of the deployment we're trying to apply|| +### OperatorOpenshiftIoV1KubeControllerManagerSpec + +spec is the specification of the desired behavior of the Kubernetes Controller Manager + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**failedRevisionLimit**|int|failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)|| +|**forceRedeploymentReason**|str|forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work this time instead of failing again on the same config.|| +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**succeededRevisionLimit**|int|succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1KubeControllerManagerStatus + +status is the most recently observed status of the Kubernetes Controller Manager + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[OperatorOpenshiftIoV1KubeControllerManagerStatusConditionsItems0](#operatoropenshiftiov1kubecontrollermanagerstatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1KubeControllerManagerStatusGenerationsItems0](#operatoropenshiftiov1kubecontrollermanagerstatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**latestAvailableRevision**|int|latestAvailableRevision is the deploymentID of the most recent deployment|| +|**latestAvailableRevisionReason**|str|latestAvailableRevisionReason describe the detailed reason for the most recent deployment|| +|**nodeStatuses**|[[OperatorOpenshiftIoV1KubeControllerManagerStatusNodeStatusesItems0](#operatoropenshiftiov1kubecontrollermanagerstatusnodestatusesitems0)]|nodeStatuses track the deployment values and errors across individual nodes|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1KubeControllerManagerStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1KubeControllerManagerStatusGenerationsItems0 + +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### OperatorOpenshiftIoV1KubeControllerManagerStatusNodeStatusesItems0 + +NodeStatus provides information about the current state of a particular node managed by this operator. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**currentRevision**|int|currentRevision is the generation of the most recently successful deployment|| +|**lastFailedRevision**|int|lastFailedRevision is the generation of the deployment we tried and failed to deploy.|| +|**lastFailedRevisionErrors**|[str]|lastFailedRevisionErrors is a list of the errors during the failed deployment referenced in lastFailedRevision|| +|**nodeName**|str|nodeName is the name of the node|| +|**targetRevision**|int|targetRevision is the generation of the deployment we're trying to apply|| +### OperatorOpenshiftIoV1KubeSchedulerSpec + +spec is the specification of the desired behavior of the Kubernetes Scheduler + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**failedRevisionLimit**|int|failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)|| +|**forceRedeploymentReason**|str|forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work this time instead of failing again on the same config.|| +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**succeededRevisionLimit**|int|succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1KubeSchedulerStatus + +status is the most recently observed status of the Kubernetes Scheduler + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[OperatorOpenshiftIoV1KubeSchedulerStatusConditionsItems0](#operatoropenshiftiov1kubeschedulerstatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1KubeSchedulerStatusGenerationsItems0](#operatoropenshiftiov1kubeschedulerstatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**latestAvailableRevision**|int|latestAvailableRevision is the deploymentID of the most recent deployment|| +|**latestAvailableRevisionReason**|str|latestAvailableRevisionReason describe the detailed reason for the most recent deployment|| +|**nodeStatuses**|[[OperatorOpenshiftIoV1KubeSchedulerStatusNodeStatusesItems0](#operatoropenshiftiov1kubeschedulerstatusnodestatusesitems0)]|nodeStatuses track the deployment values and errors across individual nodes|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1KubeSchedulerStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1KubeSchedulerStatusGenerationsItems0 + +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### OperatorOpenshiftIoV1KubeSchedulerStatusNodeStatusesItems0 + +NodeStatus provides information about the current state of a particular node managed by this operator. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**currentRevision**|int|currentRevision is the generation of the most recently successful deployment|| +|**lastFailedRevision**|int|lastFailedRevision is the generation of the deployment we tried and failed to deploy.|| +|**lastFailedRevisionErrors**|[str]|lastFailedRevisionErrors is a list of the errors during the failed deployment referenced in lastFailedRevision|| +|**nodeName**|str|nodeName is the name of the node|| +|**targetRevision**|int|targetRevision is the generation of the deployment we're trying to apply|| +### OperatorOpenshiftIoV1KubeStorageVersionMigratorSpec + +operator openshift io v1 kube storage version migrator spec + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1KubeStorageVersionMigratorStatus + +operator openshift io v1 kube storage version migrator status + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusConditionsItems0](#operatoropenshiftiov1kubestorageversionmigratorstatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusGenerationsItems0](#operatoropenshiftiov1kubestorageversionmigratorstatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusGenerationsItems0 + +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### OperatorOpenshiftIoV1NetworkSpec + +NetworkSpec is the top-level network configuration object. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**additionalNetworks**|[[OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0](#operatoropenshiftiov1networkspecadditionalnetworksitems0)]|additionalNetworks is a list of extra networks to make available to pods when multiple networks are enabled.|| +|**clusterNetwork**|[[OperatorOpenshiftIoV1NetworkSpecClusterNetworkItems0](#operatoropenshiftiov1networkspecclusternetworkitems0)]|clusterNetwork is the IP address pool to use for pod IPs. Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks. Others only support one. This is equivalent to the cluster-cidr.|| +|**defaultNetwork**|[OperatorOpenshiftIoV1NetworkSpecDefaultNetwork](#operatoropenshiftiov1networkspecdefaultnetwork)|default network|| +|**deployKubeProxy**|bool|deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise.|| +|**disableMultiNetwork**|bool|disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled.|| +|**kubeProxyConfig**|[OperatorOpenshiftIoV1NetworkSpecKubeProxyConfig](#operatoropenshiftiov1networkspeckubeproxyconfig)|kube proxy config|| +|**logLevel**|str|logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive logging may affect performance. The default value is "Normal".|| +|**serviceNetwork**|[str]|serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single value here, but this is an array to allow for growth.|| +### OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0 + +AdditionalNetworkDefinition configures an extra network that is available but not created by default. Instead, pods must request them by name. type must be specified, along with exactly one "Config" that matches the type. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name**|str|name is the name of the network. This will be populated in the resulting CRD This must be unique.|| +|**namespace**|str|namespace is the namespace of the network. This will be populated in the resulting CRD If not given the network will be created in the default namespace.|| +|**rawCNIConfig**|str|rawCNIConfig is the raw CNI configuration json to create in the NetworkAttachmentDefinition CRD|| +|**simpleMacvlanConfig**|[OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfig](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfig)|simple macvlan config|| +|**type**|str||| +### OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfig + +SimpleMacvlanConfig configures the macvlan interface in case of type:NetworkTypeSimpleMacvlan + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**ipamConfig**|[OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfig](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfigipamconfig)|ipam config|| +|**master**|str|master is the host interface to create the macvlan interface from. If not specified, it will be default route interface|| +|**mode**|str|mode is the macvlan mode: bridge, private, vepa, passthru. The default is bridge|| +|**mtu**|int|mtu is the mtu to use for the macvlan interface. if unset, host's kernel will select the value.|| +### OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfig + +IPAMConfig configures IPAM module will be used for IP Address Management (IPAM). + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**staticIPAMConfig**|[OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfig](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfigipamconfigstaticipamconfig)|static IP a m config|| +|**type**|str||| +### OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfig + +StaticIPAMConfig configures the static IP address in case of type:IPAMTypeStatic + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**addresses**|[[OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigAddressesItems0](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfigipamconfigstaticipamconfigaddressesitems0)]|Addresses configures IP address for the interface|| +|**dns**|[OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigDNS](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfigipamconfigstaticipamconfigdns)|dns|| +|**routes**|[[OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigRoutesItems0](#operatoropenshiftiov1networkspecadditionalnetworksitems0simplemacvlanconfigipamconfigstaticipamconfigroutesitems0)]|Routes configures IP routes for the interface|| +### OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigAddressesItems0 + +StaticIPAMAddresses provides IP address and Gateway for static IPAM addresses + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**address**|str|Address is the IP address in CIDR format|| +|**gateway**|str|Gateway is IP inside of subnet to designate as the gateway|| +### OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigDNS + +DNS configures DNS for the interface + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**domain**|str|Domain configures the domainname the local domain used for short hostname lookups|| +|**nameservers**|[str]|Nameservers points DNS servers for IP lookup|| +|**search**|[str]|Search configures priority ordered search domains for short hostname lookups|| +### OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigRoutesItems0 + +StaticIPAMRoutes provides Destination/Gateway pairs for static IPAM routes + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**destination**|str|Destination points the IP route destination|| +|**gateway**|str|Gateway is the route's next-hop IP address If unset, a default gateway is assumed (as determined by the CNI plugin).|| +### OperatorOpenshiftIoV1NetworkSpecClusterNetworkItems0 + +ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. Not all network providers support multiple ClusterNetworks + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**cidr**|str|cidr|| +|**hostPrefix**|int|host prefix|| +### OperatorOpenshiftIoV1NetworkSpecDefaultNetwork + +defaultNetwork is the "default" network that all pods will receive + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**kuryrConfig**|[OperatorOpenshiftIoV1NetworkSpecDefaultNetworkKuryrConfig](#operatoropenshiftiov1networkspecdefaultnetworkkuryrconfig)|kuryr config|| +|**openshiftSDNConfig**|[OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOpenshiftSDNConfig](#operatoropenshiftiov1networkspecdefaultnetworkopenshiftsdnconfig)|openshift s d n config|| +|**ovnKubernetesConfig**|[OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfig](#operatoropenshiftiov1networkspecdefaultnetworkovnkubernetesconfig)|ovn kubernetes config|| +|**type**|str||| +### OperatorOpenshiftIoV1NetworkSpecDefaultNetworkKuryrConfig + +KuryrConfig configures the kuryr plugin + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**controllerProbesPort**|int|The port kuryr-controller will listen for readiness and liveness requests.|| +|**daemonProbesPort**|int|The port kuryr-daemon will listen for readiness and liveness requests.|| +|**enablePortPoolsPrepopulation**|bool|enablePortPoolsPrepopulation when true will make Kuryr prepopulate each newly created port pool with a minimum number of ports. Kuryr uses Neutron port pooling to fight the fact that it takes a significant amount of time to create one. Instead of creating it when pod is being deployed, Kuryr keeps a number of ports ready to be attached to pods. By default port prepopulation is disabled.|| +|**openStackServiceNetwork**|str|openStackServiceNetwork contains the CIDR of network from which to allocate IPs for OpenStack Octavia's Amphora VMs. Please note that with Amphora driver Octavia uses two IPs from that network for each loadbalancer - one given by OpenShift and second for VRRP connections. As the first one is managed by OpenShift's and second by Neutron's IPAMs, those need to come from different pools. Therefore `openStackServiceNetwork` needs to be at least twice the size of `serviceNetwork`, and whole `serviceNetwork` must be overlapping with `openStackServiceNetwork`. cluster-network-operator will then make sure VRRP IPs are taken from the ranges inside `openStackServiceNetwork` that are not overlapping with `serviceNetwork`, effectivly preventing conflicts. If not set cluster-network-operator will use `serviceNetwork` expanded by decrementing the prefix size by 1.|| +|**poolBatchPorts**|int|poolBatchPorts sets a number of ports that should be created in a single batch request to extend the port pool. The default is 3. For more information about port pools see enablePortPoolsPrepopulation setting.|| +|**poolMaxPorts**|int|poolMaxPorts sets a maximum number of free ports that are being kept in a port pool. If the number of ports exceeds this setting, free ports will get deleted. Setting 0 will disable this upper bound, effectively preventing pools from shrinking and this is the default value. For more information about port pools see enablePortPoolsPrepopulation setting.|| +|**poolMinPorts**|int|poolMinPorts sets a minimum number of free ports that should be kept in a port pool. If the number of ports is lower than this setting, new ports will get created and added to pool. The default is 1. For more information about port pools see enablePortPoolsPrepopulation setting.|| +### OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOpenshiftSDNConfig + +openShiftSDNConfig configures the openshift-sdn plugin + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**enableUnidling**|bool|enableUnidling controls whether or not the service proxy will support idling and unidling of services. By default, unidling is enabled.|| +|**mode**|str|mode is one of "Multitenant", "Subnet", or "NetworkPolicy"|| +|**mtu**|int|mtu is the mtu to use for the tunnel interface. Defaults to 1450 if unset. This must be 50 bytes smaller than the machine's uplink.|| +|**useExternalOpenvswitch**|bool|useExternalOpenvswitch tells the operator not to install openvswitch, because it will be provided separately. If set, you must provide it yourself.|| +|**vxlanPort**|int|vxlanPort is the port to use for all vxlan packets. The default is 4789.|| +### OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfig + +oVNKubernetesConfig configures the ovn-kubernetes plugin. This is currently not implemented. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**genevePort**|int|geneve port is the UDP port to be used by geneve encapulation. Default is 6081|| +|**hybridOverlayConfig**|[OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfig](#operatoropenshiftiov1networkspecdefaultnetworkovnkubernetesconfighybridoverlayconfig)|hybrid overlay config|| +|**mtu**|int|mtu is the MTU to use for the tunnel interface. This must be 100 bytes smaller than the uplink mtu. Default is 1400|| +### OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfig + +HybridOverlayConfig configures an additional overlay network for peers that are not using OVN. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**hybridClusterNetwork**|[[OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfigHybridClusterNetworkItems0](#operatoropenshiftiov1networkspecdefaultnetworkovnkubernetesconfighybridoverlayconfighybridclusternetworkitems0)]|HybridClusterNetwork defines a network space given to nodes on an additional overlay network.|| +### OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfigHybridClusterNetworkItems0 + +ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. Not all network providers support multiple ClusterNetworks + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**cidr**|str|cidr|| +|**hostPrefix**|int|host prefix|| +### OperatorOpenshiftIoV1NetworkSpecKubeProxyConfig + +kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**bindAddress**|str|The address to "bind" on Defaults to 0.0.0.0|| +|**iptablesSyncPeriod**|str|The period that iptables rules are refreshed. Default: 30s|| +|**proxyArguments**|{str:[str]}|Any additional arguments to pass to the kubeproxy process|| +### OperatorOpenshiftIoV1OpenShiftAPIServerSpec + +spec is the specification of the desired behavior of the OpenShift API Server. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1OpenShiftAPIServerStatus + +status defines the observed status of the OpenShift API Server. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[OperatorOpenshiftIoV1OpenShiftAPIServerStatusConditionsItems0](#operatoropenshiftiov1openshiftapiserverstatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1OpenShiftAPIServerStatusGenerationsItems0](#operatoropenshiftiov1openshiftapiserverstatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**latestAvailableRevision**|int|latestAvailableRevision is the latest revision used as suffix of revisioned secrets like encryption-config. A new revision causes a new deployment of pods.|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1OpenShiftAPIServerStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**lastProbeTime**|str|last probe time|| |**lastTransitionTime**|str|last transition time|| |**message**|str|message|| |**reason**|str|reason|| -|**status** `required`|str|status|| -|**type** `required`|str||| -### KubevirtIoV1VirtualMachineInstanceStatusGuestOSInfo +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1OpenShiftAPIServerStatusGenerationsItems0 -Guest OS Information +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**id**|str|Guest OS Id|| -|**kernelRelease**|str|Guest OS Kernel Release|| -|**kernelVersion**|str|Kernel version of the Guest OS|| -|**machine**|str|Machine type of the Guest OS|| -|**name**|str|Name of the Guest OS|| -|**prettyName**|str|Guest OS Pretty Name|| -|**version**|str|Guest OS Version|| -|**versionId**|str|Version ID of the Guest OS|| -### KubevirtIoV1VirtualMachineInstanceStatusInterfacesItems0 +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### OperatorOpenshiftIoV1OpenShiftControllerManagerSpec -kubevirt io v1 virtual machine instance status interfaces items0 +operator openshift io v1 open shift controller manager spec #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**infoSource**|str|Specifies the origin of the interface data collected. values: domain, guest-agent, or both|| -|**interfaceName**|str|The interface name inside the Virtual Machine|| -|**ipAddress**|str|IP address of a Virtual Machine interface. It is always the first item of IPs|| -|**ipAddresses**|[str]|List of all IP addresses of a Virtual Machine interface|| -|**mac**|str|Hardware address of a Virtual Machine interface|| -|**name**|str|Name of the interface, corresponds to name of the network assigned to the interface|| -|**queueCount**|int|Specifies how many queues are allocated by MultiQueue|| -### KubevirtIoV1VirtualMachineInstanceStatusMigrationState +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1OpenShiftControllerManagerStatus -Represents the status of a live migration +operator openshift io v1 open shift controller manager status #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**abortRequested**|bool|Indicates that the migration has been requested to abort|| -|**abortStatus**|str|Indicates the final status of the live migration abortion|| -|**completed**|bool|Indicates the migration completed|| -|**endTimestamp**|str|The time the migration action ended|| -|**failed**|bool|Indicates that the migration failed|| -|**migrationConfiguration**|[KubevirtIoV1VirtualMachineInstanceStatusMigrationStateMigrationConfiguration](#kubevirtiov1virtualmachineinstancestatusmigrationstatemigrationconfiguration)|migration configuration|| -|**migrationPolicyName**|str|Name of the migration policy. If string is empty, no policy is matched|| -|**migrationUid**|str|The VirtualMachineInstanceMigration object associated with this migration|| -|**mode**|str|Lets us know if the vmi is currently running pre or post copy migration|| -|**sourceNode**|str|The source node that the VMI originated on|| -|**startTimestamp**|str|The time the migration action began|| -|**targetAttachmentPodUID**|str|The UID of the target attachment pod for hotplug volumes|| -|**targetCPUSet**|[int]|If the VMI requires dedicated CPUs, this field will hold the dedicated CPU set on the target node|| -|**targetDirectMigrationNodePorts**|{str:int}|The list of ports opened for live migration on the destination node|| -|**targetNode**|str|The target node that the VMI is moving to|| -|**targetNodeAddress**|str|The address of the target node to use for the migration|| -|**targetNodeDomainDetected**|bool|The Target Node has seen the Domain Start Event|| -|**targetNodeTopology**|str|If the VMI requires dedicated CPUs, this field will hold the numa topology on the target node|| -|**targetPod**|str|The target pod that the VMI is moving to|| -### KubevirtIoV1VirtualMachineInstanceStatusMigrationStateMigrationConfiguration +|**conditions**|[[OperatorOpenshiftIoV1OpenShiftControllerManagerStatusConditionsItems0](#operatoropenshiftiov1openshiftcontrollermanagerstatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1OpenShiftControllerManagerStatusGenerationsItems0](#operatoropenshiftiov1openshiftcontrollermanagerstatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1OpenShiftControllerManagerStatusConditionsItems0 -Migration configurations to apply +OperatorCondition is just the standard condition fields. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**allowAutoConverge**|bool|AllowAutoConverge allows the platform to compromise performance/availability of VMIs to guarantee successful VMI live migrations. Defaults to false|| -|**allowPostCopy**|bool|AllowPostCopy enables post-copy live migrations. Such migrations allow even the busiest VMIs to successfully live-migrate. However, events like a network failure can cause a VMI crash. If set to true, migrations will still start in pre-copy, but switch to post-copy when CompletionTimeoutPerGiB triggers. Defaults to false|| -|**bandwidthPerMigration**|int | str|BandwidthPerMigration limits the amount of network bandwith live migrations are allowed to use. The value is in quantity per second. Defaults to 0 (no limit)|| -|**completionTimeoutPerGiB**|int|CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800|| -|**disableTLS**|bool|When set to true, DisableTLS will disable the additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false|| -|**network**|str|Network is the name of the CNI network to use for live migrations. By default, migrations go through the pod network.|| -|**nodeDrainTaintKey**|str|NodeDrainTaintKey defines the taint key that indicates a node should be drained. Note: this option relies on the deprecated node taint feature. Default: kubevirt.io/drain|| -|**parallelMigrationsPerCluster**|int|ParallelMigrationsPerCluster is the total number of concurrent live migrations allowed cluster-wide. Defaults to 5|| -|**parallelOutboundMigrationsPerNode**|int|ParallelOutboundMigrationsPerNode is the maximum number of concurrent outgoing live migrations allowed per node. Defaults to 2|| -|**progressTimeout**|int|ProgressTimeout is the maximum number of seconds a live migration is allowed to make no progress. Hitting this timeout means a migration transferred 0 data for that many seconds. The migration is then considered stuck and therefore cancelled. Defaults to 150|| -|**unsafeMigrationOverride**|bool|UnsafeMigrationOverride allows live migrations to occur even if the compatibility check indicates the migration will be unsafe to the guest. Defaults to false|| -### KubevirtIoV1VirtualMachineInstanceStatusPhaseTransitionTimestampsItems0 +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1OpenShiftControllerManagerStatusGenerationsItems0 -VirtualMachineInstancePhaseTransitionTimestamp gives a timestamp in relation to when a phase is set on a vmi +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**phase**|str|Phase is the status of the VirtualMachineInstance in kubernetes world. It is not the VirtualMachineInstance status, but partially correlates to it.|| -|**phaseTransitionTimestamp**|str|PhaseTransitionTimestamp is the timestamp of when the phase change occurred|| -### KubevirtIoV1VirtualMachineInstanceStatusTopologyHints +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### OperatorOpenshiftIoV1ServiceCASpec -kubevirt io v1 virtual machine instance status topology hints +spec holds user settable values for configuration #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**tscFrequency**|int|tsc frequency|| -### KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0 +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1ServiceCAStatus -VolumeStatus represents information about the status of volumes attached to the VirtualMachineInstance. +status holds observed values from the cluster. They may not be overridden. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**hotplugVolume**|[KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0HotplugVolume](#kubevirtiov1virtualmachineinstancestatusvolumestatusitems0hotplugvolume)|hotplug volume|| -|**memoryDumpVolume**|[KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0MemoryDumpVolume](#kubevirtiov1virtualmachineinstancestatusvolumestatusitems0memorydumpvolume)|memory dump volume|| -|**message**|str|Message is a detailed message about the current hotplug volume phase|| -|**name** `required`|str|Name is the name of the volume|| -|**persistentVolumeClaimInfo**|[KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0PersistentVolumeClaimInfo](#kubevirtiov1virtualmachineinstancestatusvolumestatusitems0persistentvolumeclaiminfo)|persistent volume claim info|| -|**phase**|str|Phase is the phase|| -|**reason**|str|Reason is a brief description of why we are in the current hotplug volume phase|| -|**size**|int|Represents the size of the volume|| -|**target** `required`|str|Target is the target name used when adding the volume to the VM, eg: vda|| -### KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0HotplugVolume +|**conditions**|[[OperatorOpenshiftIoV1ServiceCAStatusConditionsItems0](#operatoropenshiftiov1servicecastatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1ServiceCAStatusGenerationsItems0](#operatoropenshiftiov1servicecastatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1ServiceCAStatusConditionsItems0 -If the volume is hotplug, this will contain the hotplug status. +OperatorCondition is just the standard condition fields. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**attachPodName**|str|AttachPodName is the name of the pod used to attach the volume to the node.|| -|**attachPodUID**|str|AttachPodUID is the UID of the pod used to attach the volume to the node.|| -### KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0MemoryDumpVolume +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1ServiceCAStatusGenerationsItems0 -If the volume is memorydump volume, this will contain the memorydump info. +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**claimName**|str|ClaimName is the name of the pvc the memory was dumped to|| -|**endTimestamp**|str|EndTimestamp is the time when the memory dump completed|| -|**startTimestamp**|str|StartTimestamp is the time when the memory dump started|| -|**targetFileName**|str|TargetFileName is the name of the memory dump output|| -### KubevirtIoV1VirtualMachineInstanceStatusVolumeStatusItems0PersistentVolumeClaimInfo +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### OperatorOpenshiftIoV1ServiceCatalogAPIServerSpec -PersistentVolumeClaimInfo is information about the PVC that handler requires during start flow +operator openshift io v1 service catalog API server spec #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**accessModes**|[str]|AccessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1|| -|**capacity**|{str:int | str}|Capacity represents the capacity set on the corresponding PVC status|| -|**filesystemOverhead**|str|Percentage of filesystem's size to be reserved when resizing the PVC|| -|**preallocated**|bool|Preallocated indicates if the PVC's storage is preallocated or not|| -|**requests**|{str:int | str}|Requests represents the resources requested by the corresponding PVC spec|| -|**volumeMode**|str|VolumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.|| +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1ServiceCatalogAPIServerStatus + +operator openshift io v1 service catalog API server status + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusConditionsItems0](#operatoropenshiftiov1servicecatalogapiserverstatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusGenerationsItems0](#operatoropenshiftiov1servicecatalogapiserverstatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusGenerationsItems0 + +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### OperatorOpenshiftIoV1ServiceCatalogControllerManagerSpec + +operator openshift io v1 service catalog controller manager spec + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**logLevel**|str|logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands.|| +|**managementState**|str|managementState indicates whether and how the operator should manage the component|| +|**observedConfig**|any|observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator|| +|**operatorLogLevel**|str|operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves.|| +|**unsupportedConfigOverrides**|any|unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides|| +### OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatus + +operator openshift io v1 service catalog controller manager status + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusConditionsItems0](#operatoropenshiftiov1servicecatalogcontrollermanagerstatusconditionsitems0)]|conditions is a list of conditions and their status|| +|**generations**|[[OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusGenerationsItems0](#operatoropenshiftiov1servicecatalogcontrollermanagerstatusgenerationsitems0)]|generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.|| +|**observedGeneration**|int|observedGeneration is the last generation change you've dealt with|| +|**readyReplicas**|int|readyReplicas indicates how many replicas are ready and at the desired state|| +|**version**|str|version is the level this availability applies to|| +### OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusConditionsItems0 + +OperatorCondition is just the standard condition fields. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime**|str|last transition time|| +|**message**|str|message|| +|**reason**|str|reason|| +|**status**|str|status|| +|**type**|str||| +### OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusGenerationsItems0 + +GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**group**|str|group is the group of the thing you're tracking|| +|**hash**|str|hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps|| +|**lastGeneration**|int|lastGeneration is the last generation of the workload controller involved|| +|**name**|str|name is the name of the thing you're tracking|| +|**namespace**|str|namespace is where the thing you're tracking is|| +|**resource**|str|resource is the resource type of the thing you're tracking|| +### Project + +Project holds cluster-wide information about Project. The canonical name is `cluster` + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"Project"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Project"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1ProjectSpec](#configopenshiftiov1projectspec)|spec|| +|**status**|any|status holds observed values from the cluster. They may not be overridden.|| +### Proxy + +Proxy holds cluster-wide information on how to configure default proxies for the cluster. The canonical name is `cluster` + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"Proxy"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Proxy"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1ProxySpec](#configopenshiftiov1proxyspec)|spec|| +|**status**|[ConfigOpenshiftIoV1ProxyStatus](#configopenshiftiov1proxystatus)|status|| +### Scheduler + +Scheduler holds cluster-wide config information to run the Kubernetes Scheduler and influence its placement decisions. The canonical name for this config is `cluster`. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"config.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"config.openshift.io/v1"| +|**kind** `required` `readOnly`|"Scheduler"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Scheduler"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[ConfigOpenshiftIoV1SchedulerSpec](#configopenshiftiov1schedulerspec)|spec|| +|**status**|any|status holds observed values from the cluster. They may not be overridden.|| +### SecurityContextConstraints + +SecurityContextConstraints governs the ability to make requests that affect the SecurityContext that will be applied to a container. For historical reasons SCC was exposed under the core Kubernetes API group. That exposure is deprecated and will be removed in a future release - users should instead use the security.openshift.io group to manage SecurityContextConstraints. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**allowHostDirVolumePlugin** `required`|bool|AllowHostDirVolumePlugin determines if the policy allow containers to use the HostDir volume plugin|| +|**allowHostIPC** `required`|bool|AllowHostIPC determines if the policy allows host ipc in the containers.|| +|**allowHostNetwork** `required`|bool|AllowHostNetwork determines if the policy allows the use of HostNetwork in the pod spec.|| +|**allowHostPID** `required`|bool|AllowHostPID determines if the policy allows host pid in the containers.|| +|**allowHostPorts** `required`|bool|AllowHostPorts determines if the policy allows host ports in the containers.|| +|**allowPrivilegeEscalation**|bool|AllowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true.|| +|**allowPrivilegedContainer** `required`|bool|AllowPrivilegedContainer determines if a container can request to be run as privileged.|| +|**allowedCapabilities** `required`|[str]|AllowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field maybe added at the pod author's discretion. You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. To allow all capabilities you may use '*'.|| +|**allowedFlexVolumes**|[[SecurityOpenshiftIoV1SecurityContextConstraintsAllowedFlexVolumesItems0](#securityopenshiftiov1securitycontextconstraintsallowedflexvolumesitems0)]|AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes is allowed in the "Volumes" field.|| +|**allowedUnsafeSysctls**|[str]|AllowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in "*" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
Examples: e.g. "foo/*" allows "foo/bar", "foo/baz", etc. e.g. "foo.*" allows "foo.bar", "foo.baz", etc.|| +|**apiVersion** `required` `readOnly`|"security.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"security.openshift.io/v1"| +|**defaultAddCapabilities** `required`|[str]|DefaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities.|| +|**defaultAllowPrivilegeEscalation**|bool|DefaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.|| +|**forbiddenSysctls**|[str]|ForbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in "*" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
Examples: e.g. "foo/*" forbids "foo/bar", "foo/baz", etc. e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.|| +|**fsGroup**|[SecurityOpenshiftIoV1SecurityContextConstraintsFsGroup](#securityopenshiftiov1securitycontextconstraintsfsgroup)|fs group|| +|**groups**|[str]|The groups that have permission to use this security context constraints|| +|**kind** `required` `readOnly`|"SecurityContextConstraints"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"SecurityContextConstraints"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**priority** `required`|int|Priority influences the sort order of SCCs when evaluating which SCCs to try first for a given pod request based on access in the Users and Groups fields. The higher the int, the higher priority. An unset value is considered a 0 priority. If scores for multiple SCCs are equal they will be sorted from most restrictive to least restrictive. If both priorities and restrictions are equal the SCCs will be sorted by name.|| +|**readOnlyRootFilesystem** `required`|bool|ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the SCC should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to.|| +|**requiredDropCapabilities** `required`|[str]|RequiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added.|| +|**runAsUser**|[SecurityOpenshiftIoV1SecurityContextConstraintsRunAsUser](#securityopenshiftiov1securitycontextconstraintsrunasuser)|run as user|| +|**seLinuxContext**|[SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContext](#securityopenshiftiov1securitycontextconstraintsselinuxcontext)|se linux context|| +|**seccompProfiles**|[str]|SeccompProfiles lists the allowed profiles that may be set for the pod or container's seccomp annotations. An unset (nil) or empty value means that no profiles may be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When used to generate a value for a pod the first non-wildcard profile will be used as the default.|| +|**supplementalGroups**|[SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroups](#securityopenshiftiov1securitycontextconstraintssupplementalgroups)|supplemental groups|| +|**users**|[str]|The users who have permissions to use this security context constraints|| +|**volumes** `required`|[str]|Volumes is a white list of allowed volume plugins. FSType corresponds directly with the field names of a VolumeSource (azureFile, configMap, emptyDir). To allow all volumes you may use "*". To allow no volumes, set to ["none"].|| +### SecurityOpenshiftIoV1SecurityContextConstraintsAllowedFlexVolumesItems0 + +AllowedFlexVolume represents a single Flexvolume that is allowed to be used. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**driver** `required`|str|Driver is the name of the Flexvolume driver.|| +### SecurityOpenshiftIoV1SecurityContextConstraintsFsGroup + +FSGroup is the strategy that will dictate what fs group is used by the SecurityContext. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**ranges**|[[SecurityOpenshiftIoV1SecurityContextConstraintsFsGroupRangesItems0](#securityopenshiftiov1securitycontextconstraintsfsgrouprangesitems0)]|Ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end.|| +|**type**|str||| +### SecurityOpenshiftIoV1SecurityContextConstraintsFsGroupRangesItems0 + +IDRange provides a min/max of an allowed range of IDs. TODO: this could be reused for UIDs. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**max**|int|Max is the end of the range, inclusive.|| +|**min**|int|Min is the start of the range, inclusive.|| +### SecurityOpenshiftIoV1SecurityContextConstraintsRunAsUser + +RunAsUser is the strategy that will dictate what RunAsUser is used in the SecurityContext. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**type**|str||| +|**uid**|int|UID is the user id that containers must run as. Required for the MustRunAs strategy if not using namespace/service account allocated uids.|| +|**uidRangeMax**|int|UIDRangeMax defines the max value for a strategy that allocates by range.|| +|**uidRangeMin**|int|UIDRangeMin defines the min value for a strategy that allocates by range.|| +### SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContext + +SELinuxContext is the strategy that will dictate what labels will be set in the SecurityContext. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**seLinuxOptions**|[SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContextSeLinuxOptions](#securityopenshiftiov1securitycontextconstraintsselinuxcontextselinuxoptions)|se linux options|| +|**type**|str||| +### SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContextSeLinuxOptions + +seLinuxOptions required to run as; required for MustRunAs + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**level**|str|Level is SELinux level label that applies to the container.|| +|**role**|str|Role is a SELinux role label that applies to the container.|| +|**type**|str||| +|**user**|str|User is a SELinux user label that applies to the container.|| +### SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroups + +SupplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**ranges**|[[SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroupsRangesItems0](#securityopenshiftiov1securitycontextconstraintssupplementalgroupsrangesitems0)]|Ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end.|| +|**type**|str||| +### SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroupsRangesItems0 + +IDRange provides a min/max of an allowed range of IDs. TODO: this could be reused for UIDs. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**max**|int|Max is the end of the range, inclusive.|| +|**min**|int|Min is the start of the range, inclusive.|| +### ServiceCA + +ServiceCA provides information to configure an operator to manage the service cert controllers + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"ServiceCA"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"ServiceCA"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1ServiceCASpec](#operatoropenshiftiov1servicecaspec)|spec|| +|**status**|[OperatorOpenshiftIoV1ServiceCAStatus](#operatoropenshiftiov1servicecastatus)|status|| +### ServiceCatalogAPIServer + +ServiceCatalogAPIServer provides information to configure an operator to manage Service Catalog API Server + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"ServiceCatalogAPIServer"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"ServiceCatalogAPIServer"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1ServiceCatalogAPIServerSpec](#operatoropenshiftiov1servicecatalogapiserverspec)|spec|| +|**status**|[OperatorOpenshiftIoV1ServiceCatalogAPIServerStatus](#operatoropenshiftiov1servicecatalogapiserverstatus)|status|| +### ServiceCatalogControllerManager + +ServiceCatalogControllerManager provides information to configure an operator to manage Service Catalog Controller Manager + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"operator.openshift.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"operator.openshift.io/v1"| +|**kind** `required` `readOnly`|"ServiceCatalogControllerManager"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"ServiceCatalogControllerManager"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[OperatorOpenshiftIoV1ServiceCatalogControllerManagerSpec](#operatoropenshiftiov1servicecatalogcontrollermanagerspec)|spec|| +|**status**|[OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatus](#operatoropenshiftiov1servicecatalogcontrollermanagerstatus)|status|| ### VirtualMachineInstance VirtualMachineInstance is *the* VirtualMachineInstance Definition. It represents a virtual machine in the runtime environment of kubernetes. diff --git a/kubevirt/kcl.mod b/kubevirt/kcl.mod index 89f8e19a..beb1bea8 100644 --- a/kubevirt/kcl.mod +++ b/kubevirt/kcl.mod @@ -1,6 +1,6 @@ [package] name = "kubevirt" -version = "0.2.1" +version = "0.3.0" description = "`kubevirt` module contains definitions for kubevirt" [dependencies] diff --git a/kubevirt/v1/config_openshift_io_v1_api_server.k b/kubevirt/v1/config_openshift_io_v1_api_server.k new file mode 100644 index 00000000..4bcfe772 --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_api_server.k @@ -0,0 +1,209 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema APIServer: + r""" + APIServer holds configuration (like serving certificates, client CA and CORS domains) shared by all API servers in the system, among them especially kube-apiserver and openshift-apiserver. The canonical name of an instance is 'cluster'. + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "APIServer", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1APIServerSpec, default is Undefined, required + spec + status : any, default is Undefined, optional + status + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "APIServer" = "APIServer" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1APIServerSpec + + status?: any + + +schema ConfigOpenshiftIoV1APIServerSpec: + r""" + config openshift io v1 API server spec + + Attributes + ---------- + additionalCORSAllowedOrigins : [str], default is Undefined, optional + additionalCORSAllowedOrigins lists additional, user-defined regular expressions describing hosts for which the API server allows access using the CORS headers. This may be needed to access the API and the integrated OAuth server from JavaScript applications. The values are regular expressions that correspond to the Golang regular expression language. + clientCA : ConfigOpenshiftIoV1APIServerSpecClientCA, default is Undefined, optional + client c a + encryption : ConfigOpenshiftIoV1APIServerSpecEncryption, default is Undefined, optional + encryption + servingCerts : ConfigOpenshiftIoV1APIServerSpecServingCerts, default is Undefined, optional + serving certs + tlsSecurityProfile : ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfile, default is Undefined, optional + tls security profile + """ + + + additionalCORSAllowedOrigins?: [str] + + clientCA?: ConfigOpenshiftIoV1APIServerSpecClientCA + + encryption?: ConfigOpenshiftIoV1APIServerSpecEncryption + + servingCerts?: ConfigOpenshiftIoV1APIServerSpecServingCerts + + tlsSecurityProfile?: ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfile + + +schema ConfigOpenshiftIoV1APIServerSpecClientCA: + r""" + clientCA references a ConfigMap containing a certificate bundle for the signers that will be recognized for incoming client certificates in addition to the operator managed signers. If this is empty, then only operator managed signers are valid. You usually only have to set this if you have your own PKI you wish to honor client certificates from. The ConfigMap must exist in the openshift-config namespace and contain the following required fields: - ConfigMap.Data["ca-bundle.crt"] - CA bundle. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1APIServerSpecEncryption: + r""" + encryption allows the configuration of encryption of resources at the datastore layer. + + Attributes + ---------- + $type : str, default is Undefined, optional + type defines what encryption type should be used to encrypt resources at the datastore layer. When this field is unset (i.e. when it is set to the empty string), identity is implied. The behavior of unset can and will change over time. Even if encryption is enabled by default, the meaning of unset may change to a different encryption type based on changes in best practices. + When encryption is enabled, all sensitive resources shipped with the platform are encrypted. This list of sensitive resources can and will change over time. The current authoritative list is: + 1. secrets 2. configmaps 3. routes.route.openshift.io 4. oauthaccesstokens.oauth.openshift.io 5. oauthauthorizetokens.oauth.openshift.io + """ + + + $type?: "" | "identity" | "aescbc" + + +schema ConfigOpenshiftIoV1APIServerSpecServingCerts: + r""" + servingCert is the TLS cert info for serving secure traffic. If not specified, operator managed certificates will be used for serving secure traffic. + + Attributes + ---------- + namedCertificates : [ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0], default is Undefined, optional + namedCertificates references secrets containing the TLS cert info for serving secure traffic to specific hostnames. If no named certificates are provided, or no named certificates match the server name as understood by a client, the defaultServingCertificate will be used. + """ + + + namedCertificates?: [ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0] + + +schema ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0: + r""" + APIServerNamedServingCert maps a server DNS name, as understood by a client, to a certificate. + + Attributes + ---------- + names : [str], default is Undefined, optional + names is a optional list of explicit DNS names (leading wildcards allowed) that should use this certificate to serve secure traffic. If no names are provided, the implicit names will be extracted from the certificates. Exact names trump over wildcard names. Explicit names defined here trump over extracted implicit names. + servingCertificate : ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0ServingCertificate, default is Undefined, optional + serving certificate + """ + + + names?: [str] + + servingCertificate?: ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0ServingCertificate + + +schema ConfigOpenshiftIoV1APIServerSpecServingCertsNamedCertificatesItems0ServingCertificate: + r""" + servingCertificate references a kubernetes.io/tls type secret containing the TLS cert info for serving secure traffic. The secret must exist in the openshift-config namespace and contain the following required fields: - Secret.Data["tls.key"] - TLS private key. - Secret.Data["tls.crt"] - TLS certificate. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfile: + r""" + tlsSecurityProfile specifies settings for TLS connections for externally exposed servers. + If unset, a default (which may change between releases) is chosen. Note that only Old and Intermediate profiles are currently supported, and the maximum available MinTLSVersions is VersionTLS12. + + Attributes + ---------- + custom : ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfileCustom, default is Undefined, optional + custom + intermediate : any, default is Undefined, optional + intermediate is a TLS security profile based on: + https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 + and looks like this (yaml): + ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2 + modern : any, default is Undefined, optional + modern is a TLS security profile based on: + https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility + and looks like this (yaml): + ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 + NOTE: Currently unsupported. + old : any, default is Undefined, optional + old is a TLS security profile based on: + https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility + and looks like this (yaml): + ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0 + $type : str, default is Undefined, optional + type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on: + https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations + The profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced. + Note that the Modern profile is currently not supported because it is not yet well adopted by common software libraries. + """ + + + custom?: ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfileCustom + + intermediate?: any + + modern?: any + + old?: any + + $type?: str + + +schema ConfigOpenshiftIoV1APIServerSpecTLSSecurityProfileCustom: + r""" + custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: + ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1 + + Attributes + ---------- + ciphers : [str], default is Undefined, optional + ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml): + ciphers: - DES-CBC3-SHA + minTLSVersion : str, default is Undefined, optional + minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): + minTLSVersion: TLSv1.1 + NOTE: currently the highest minTLSVersion allowed is VersionTLS12 + """ + + + ciphers?: [str] + + minTLSVersion?: str + + diff --git a/kubevirt/v1/config_openshift_io_v1_authentication.k b/kubevirt/v1/config_openshift_io_v1_authentication.k new file mode 100644 index 00000000..0f613ddc --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_authentication.k @@ -0,0 +1,129 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema ConfigAuthentication: + r""" + Authentication specifies cluster-wide settings for authentication (like OAuth and webhook token authenticators). The canonical name of an instance is `cluster`. + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Authentication", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1AuthenticationSpec, default is Undefined, required + spec + status : ConfigOpenshiftIoV1AuthenticationStatus, default is Undefined, optional + status + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "Authentication" = "Authentication" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1AuthenticationSpec + + status?: ConfigOpenshiftIoV1AuthenticationStatus + + +schema ConfigOpenshiftIoV1AuthenticationSpec: + r""" + spec holds user settable values for configuration + + Attributes + ---------- + oauthMetadata : ConfigOpenshiftIoV1AuthenticationSpecOauthMetadata, default is Undefined, optional + oauth metadata + $type : str, default is Undefined, optional + type identifies the cluster managed, user facing authentication mode in use. Specifically, it manages the component that responds to login attempts. The default is IntegratedOAuth. + webhookTokenAuthenticators : [ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0], default is Undefined, optional + webhookTokenAuthenticators configures remote token reviewers. These remote authentication webhooks can be used to verify bearer tokens via the tokenreviews.authentication.k8s.io REST API. This is required to honor bearer tokens that are provisioned by an external authentication service. The namespace for these secrets is openshift-config. + """ + + + oauthMetadata?: ConfigOpenshiftIoV1AuthenticationSpecOauthMetadata + + $type?: str + + webhookTokenAuthenticators?: [ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0] + + +schema ConfigOpenshiftIoV1AuthenticationSpecOauthMetadata: + r""" + oauthMetadata contains the discovery endpoint data for OAuth 2.0 Authorization Server Metadata for an external OAuth server. This discovery document can be viewed from its served location: oc get --raw '/.well-known/oauth-authorization-server' For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 If oauthMetadata.name is non-empty, this value has precedence over any metadata reference stored in status. The key "oauthMetadata" is used to locate the data. If specified and the config map or expected key is not found, no metadata is served. If the specified metadata is not valid, no metadata is served. The namespace for this config map is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0: + r""" + webhookTokenAuthenticator holds the necessary configuration options for a remote token authenticator + + Attributes + ---------- + kubeConfig : ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0KubeConfig, default is Undefined, optional + kube config + """ + + + kubeConfig?: ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0KubeConfig + + +schema ConfigOpenshiftIoV1AuthenticationSpecWebhookTokenAuthenticatorsItems0KubeConfig: + r""" + kubeConfig contains kube config file data which describes how to access the remote webhook service. For further details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication The key "kubeConfig" is used to locate the data. If the secret or expected key is not found, the webhook is not honored. If the specified kube config data is not valid, the webhook is not honored. The namespace for this secret is determined by the point of use. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1AuthenticationStatus: + r""" + status holds observed values from the cluster. They may not be overridden. + + Attributes + ---------- + integratedOAuthMetadata : ConfigOpenshiftIoV1AuthenticationStatusIntegratedOAuthMetadata, default is Undefined, optional + integrated o auth metadata + """ + + + integratedOAuthMetadata?: ConfigOpenshiftIoV1AuthenticationStatusIntegratedOAuthMetadata + + +schema ConfigOpenshiftIoV1AuthenticationStatusIntegratedOAuthMetadata: + r""" + integratedOAuthMetadata contains the discovery endpoint data for OAuth 2.0 Authorization Server Metadata for the in-cluster integrated OAuth server. This discovery document can be viewed from its served location: oc get --raw '/.well-known/oauth-authorization-server' For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2 This contains the observed value based on cluster state. An explicitly set value in spec.oauthMetadata has precedence over this field. This field has no meaning if authentication spec.type is not set to IntegratedOAuth. The key "oauthMetadata" is used to locate the data. If the config map or expected key is not found, no metadata is served. If the specified metadata is not valid, no metadata is served. The namespace for this config map is openshift-config-managed. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + diff --git a/kubevirt/v1/config_openshift_io_v1_build.k b/kubevirt/v1/config_openshift_io_v1_build.k new file mode 100644 index 00000000..7b717c6e --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_build.k @@ -0,0 +1,431 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema Build: + r""" + Build configures the behavior of OpenShift builds for the entire cluster. This includes default settings that can be overridden in BuildConfig objects, and overrides which are applied to all builds. + The canonical name is "cluster" + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Build", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1BuildSpec, default is Undefined, required + spec + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "Build" = "Build" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1BuildSpec + + +schema ConfigOpenshiftIoV1BuildSpec: + r""" + Spec holds user-settable values for the build controller configuration + + Attributes + ---------- + additionalTrustedCA : ConfigOpenshiftIoV1BuildSpecAdditionalTrustedCA, default is Undefined, optional + additional trusted c a + buildDefaults : ConfigOpenshiftIoV1BuildSpecBuildDefaults, default is Undefined, optional + build defaults + buildOverrides : ConfigOpenshiftIoV1BuildSpecBuildOverrides, default is Undefined, optional + build overrides + """ + + + additionalTrustedCA?: ConfigOpenshiftIoV1BuildSpecAdditionalTrustedCA + + buildDefaults?: ConfigOpenshiftIoV1BuildSpecBuildDefaults + + buildOverrides?: ConfigOpenshiftIoV1BuildSpecBuildOverrides + + +schema ConfigOpenshiftIoV1BuildSpecAdditionalTrustedCA: + r""" + AdditionalTrustedCA is a reference to a ConfigMap containing additional CAs that should be trusted for image pushes and pulls during builds. The namespace for this config map is openshift-config. + DEPRECATED: Additional CAs for image pull and push should be set on image.config.openshift.io/cluster instead. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaults: + r""" + BuildDefaults controls the default information for Builds + + Attributes + ---------- + defaultProxy : ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxy, default is Undefined, optional + default proxy + env : [ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0], default is Undefined, optional + Env is a set of default environment variables that will be applied to the build if the specified variables do not exist on the build + gitProxy : ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxy, default is Undefined, optional + git proxy + imageLabels : [ConfigOpenshiftIoV1BuildSpecBuildDefaultsImageLabelsItems0], default is Undefined, optional + ImageLabels is a list of docker labels that are applied to the resulting image. User can override a default label by providing a label with the same name in their Build/BuildConfig. + resources : ConfigOpenshiftIoV1BuildSpecBuildDefaultsResources, default is Undefined, optional + resources + """ + + + defaultProxy?: ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxy + + env?: [ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0] + + gitProxy?: ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxy + + imageLabels?: [ConfigOpenshiftIoV1BuildSpecBuildDefaultsImageLabelsItems0] + + resources?: ConfigOpenshiftIoV1BuildSpecBuildDefaultsResources + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxy: + r""" + DefaultProxy contains the default proxy settings for all build operations, including image pull/push and source download. + Values can be overrode by setting the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables in the build config's strategy. + + Attributes + ---------- + httpProxy : str, default is Undefined, optional + httpProxy is the URL of the proxy for HTTP requests. Empty means unset and will not result in an env var. + httpsProxy : str, default is Undefined, optional + httpsProxy is the URL of the proxy for HTTPS requests. Empty means unset and will not result in an env var. + noProxy : str, default is Undefined, optional + noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. Empty means unset and will not result in an env var. + readinessEndpoints : [str], default is Undefined, optional + readinessEndpoints is a list of endpoints used to verify readiness of the proxy. + trustedCA : ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxyTrustedCA, default is Undefined, optional + trusted c a + """ + + + httpProxy?: str + + httpsProxy?: str + + noProxy?: str + + readinessEndpoints?: [str] + + trustedCA?: ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxyTrustedCA + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsDefaultProxyTrustedCA: + r""" + trustedCA is a reference to a ConfigMap containing a CA certificate bundle used for client egress HTTPS connections. The certificate bundle must be from the CA that signed the proxy's certificate and be signed for everything. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from required key "ca-bundle.crt" and copying it to a ConfigMap named "trusted-ca-bundle" in the "openshift-config-managed" namespace. The namespace for the ConfigMap referenced by trustedCA is "openshift-config". Here is an example ConfigMap (in yaml): + apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE----- + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0: + r""" + EnvVar represents an environment variable present in a Container. + + Attributes + ---------- + name : str, default is Undefined, required + Name of the environment variable. Must be a C_IDENTIFIER. + value : str, default is Undefined, optional + Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". + valueFrom : ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFrom, default is Undefined, optional + value from + """ + + + name: str + + value?: str + + valueFrom?: ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFrom + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFrom: + r""" + Source for the environment variable's value. Cannot be used if value is not empty. + + Attributes + ---------- + configMapKeyRef : ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromConfigMapKeyRef, default is Undefined, optional + config map key ref + fieldRef : ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromFieldRef, default is Undefined, optional + field ref + resourceFieldRef : ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromResourceFieldRef, default is Undefined, optional + resource field ref + secretKeyRef : ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromSecretKeyRef, default is Undefined, optional + secret key ref + """ + + + configMapKeyRef?: ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromConfigMapKeyRef + + fieldRef?: ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromFieldRef + + resourceFieldRef?: ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromResourceFieldRef + + secretKeyRef?: ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromSecretKeyRef + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromConfigMapKeyRef: + r""" + Selects a key of a ConfigMap. + + Attributes + ---------- + key : str, default is Undefined, required + The key to select. + name : str, default is Undefined, optional + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + optional : bool, default is Undefined, optional + Specify whether the ConfigMap or its key must be defined + """ + + + key: str + + name?: str + + optional?: bool + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromFieldRef: + r""" + Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP. + + Attributes + ---------- + apiVersion : str, default is Undefined, optional + Version of the schema the FieldPath is written in terms of, defaults to "v1". + fieldPath : str, default is Undefined, required + Path of the field to select in the specified API version. + """ + + + apiVersion?: str + + fieldPath: str + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromResourceFieldRef: + r""" + Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + + Attributes + ---------- + containerName : str, default is Undefined, optional + Container name: required for volumes, optional for env vars + divisor : str, default is Undefined, optional + Specifies the output format of the exposed resources, defaults to "1" + resource : str, default is Undefined, required + Required: resource to select + """ + + + containerName?: str + + divisor?: str + + resource: str + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsEnvItems0ValueFromSecretKeyRef: + r""" + Selects a key of a secret in the pod's namespace + + Attributes + ---------- + key : str, default is Undefined, required + The key of the secret to select from. Must be a valid secret key. + name : str, default is Undefined, optional + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + optional : bool, default is Undefined, optional + Specify whether the Secret or its key must be defined + """ + + + key: str + + name?: str + + optional?: bool + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxy: + r""" + GitProxy contains the proxy settings for git operations only. If set, this will override any Proxy settings for all git commands, such as git clone. + Values that are not set here will be inherited from DefaultProxy. + + Attributes + ---------- + httpProxy : str, default is Undefined, optional + httpProxy is the URL of the proxy for HTTP requests. Empty means unset and will not result in an env var. + httpsProxy : str, default is Undefined, optional + httpsProxy is the URL of the proxy for HTTPS requests. Empty means unset and will not result in an env var. + noProxy : str, default is Undefined, optional + noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. Empty means unset and will not result in an env var. + readinessEndpoints : [str], default is Undefined, optional + readinessEndpoints is a list of endpoints used to verify readiness of the proxy. + trustedCA : ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxyTrustedCA, default is Undefined, optional + trusted c a + """ + + + httpProxy?: str + + httpsProxy?: str + + noProxy?: str + + readinessEndpoints?: [str] + + trustedCA?: ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxyTrustedCA + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsGitProxyTrustedCA: + r""" + trustedCA is a reference to a ConfigMap containing a CA certificate bundle used for client egress HTTPS connections. The certificate bundle must be from the CA that signed the proxy's certificate and be signed for everything. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from required key "ca-bundle.crt" and copying it to a ConfigMap named "trusted-ca-bundle" in the "openshift-config-managed" namespace. The namespace for the ConfigMap referenced by trustedCA is "openshift-config". Here is an example ConfigMap (in yaml): + apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE----- + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsImageLabelsItems0: + r""" + config openshift io v1 build spec build defaults image labels items0 + + Attributes + ---------- + name : str, default is Undefined, optional + Name defines the name of the label. It must have non-zero length. + value : str, default is Undefined, optional + Value defines the literal value of the label. + """ + + + name?: str + + value?: str + + +schema ConfigOpenshiftIoV1BuildSpecBuildDefaultsResources: + r""" + Resources defines resource requirements to execute the build. + + Attributes + ---------- + limits : {str:str}, default is Undefined, optional + Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + requests : {str:str}, default is Undefined, optional + Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + """ + + + limits?: {str:str} + + requests?: {str:str} + + +schema ConfigOpenshiftIoV1BuildSpecBuildOverrides: + r""" + BuildOverrides controls override settings for builds + + Attributes + ---------- + imageLabels : [ConfigOpenshiftIoV1BuildSpecBuildOverridesImageLabelsItems0], default is Undefined, optional + ImageLabels is a list of docker labels that are applied to the resulting image. If user provided a label in their Build/BuildConfig with the same name as one in this list, the user's label will be overwritten. + nodeSelector : {str:str}, default is Undefined, optional + NodeSelector is a selector which must be true for the build pod to fit on a node + tolerations : [ConfigOpenshiftIoV1BuildSpecBuildOverridesTolerationsItems0], default is Undefined, optional + Tolerations is a list of Tolerations that will override any existing tolerations set on a build pod. + """ + + + imageLabels?: [ConfigOpenshiftIoV1BuildSpecBuildOverridesImageLabelsItems0] + + nodeSelector?: {str:str} + + tolerations?: [ConfigOpenshiftIoV1BuildSpecBuildOverridesTolerationsItems0] + + +schema ConfigOpenshiftIoV1BuildSpecBuildOverridesImageLabelsItems0: + r""" + config openshift io v1 build spec build overrides image labels items0 + + Attributes + ---------- + name : str, default is Undefined, optional + Name defines the name of the label. It must have non-zero length. + value : str, default is Undefined, optional + Value defines the literal value of the label. + """ + + + name?: str + + value?: str + + +schema ConfigOpenshiftIoV1BuildSpecBuildOverridesTolerationsItems0: + r""" + The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + + Attributes + ---------- + effect : str, default is Undefined, optional + Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + key : str, default is Undefined, optional + Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + operator : str, default is Undefined, optional + Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + tolerationSeconds : int, default is Undefined, optional + TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + value : str, default is Undefined, optional + Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + """ + + + effect?: str + + key?: str + + operator?: str + + tolerationSeconds?: int + + value?: str + + diff --git a/kubevirt/v1/config_openshift_io_v1_console.k b/kubevirt/v1/config_openshift_io_v1_console.k new file mode 100644 index 00000000..7a04d7ef --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_console.k @@ -0,0 +1,85 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema ConfigConsole: + r""" + Console holds cluster-wide configuration for the web console, including the logout URL, and reports the public URL of the console. The canonical name is `cluster`. + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Console", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1ConsoleSpec, default is Undefined, required + spec + status : ConfigOpenshiftIoV1ConsoleStatus, default is Undefined, optional + status + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "Console" = "Console" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1ConsoleSpec + + status?: ConfigOpenshiftIoV1ConsoleStatus + + +schema ConfigOpenshiftIoV1ConsoleSpec: + r""" + spec holds user settable values for configuration + + Attributes + ---------- + authentication : ConfigOpenshiftIoV1ConsoleSpecAuthentication, default is Undefined, optional + authentication + """ + + + authentication?: ConfigOpenshiftIoV1ConsoleSpecAuthentication + + +schema ConfigOpenshiftIoV1ConsoleSpecAuthentication: + r""" + ConsoleAuthentication defines a list of optional configuration for console authentication. + + Attributes + ---------- + logoutRedirect : str, default is Undefined, optional + An optional, absolute URL to redirect web browsers to after logging out of the console. If not specified, it will redirect to the default login page. This is required when using an identity provider that supports single sign-on (SSO) such as: - OpenID (Keycloak, Azure) - RequestHeader (GSSAPI, SSPI, SAML) - OAuth (GitHub, GitLab, Google) Logging out of the console will destroy the user's token. The logoutRedirect provides the user the option to perform single logout (SLO) through the identity provider to destroy their single sign-on session. + """ + + + logoutRedirect?: str + + + check: + _regex_match(str(logoutRedirect), r"^$|^((https):\/\/?)[^\s()<>]+(?:\([\w\d]+\)|([^[:punct:]\s]|\/?))$") if logoutRedirect + + +schema ConfigOpenshiftIoV1ConsoleStatus: + r""" + status holds observed values from the cluster. They may not be overridden. + + Attributes + ---------- + consoleURL : str, default is Undefined, optional + The URL for the console. This will be derived from the host for the route that is created for the console. + """ + + + consoleURL?: str + + diff --git a/kubevirt/v1/config_openshift_io_v1_dns.k b/kubevirt/v1/config_openshift_io_v1_dns.k new file mode 100644 index 00000000..dad69c03 --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_dns.k @@ -0,0 +1,109 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema ConfigDNS: + r""" + DNS holds cluster-wide information about DNS. The canonical name is `cluster` + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "DNS", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1DNSSpec, default is Undefined, required + spec + status : any, default is Undefined, optional + status holds observed values from the cluster. They may not be overridden. + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "DNS" = "DNS" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1DNSSpec + + status?: any + + +schema ConfigOpenshiftIoV1DNSSpec: + r""" + spec holds user settable values for configuration + + Attributes + ---------- + baseDomain : str, default is Undefined, optional + baseDomain is the base domain of the cluster. All managed DNS records will be sub-domains of this base. + For example, given the base domain `openshift.example.com`, an API server DNS record may be created for `cluster-api.openshift.example.com`. + Once set, this field cannot be changed. + privateZone : ConfigOpenshiftIoV1DNSSpecPrivateZone, default is Undefined, optional + private zone + publicZone : ConfigOpenshiftIoV1DNSSpecPublicZone, default is Undefined, optional + public zone + """ + + + baseDomain?: str + + privateZone?: ConfigOpenshiftIoV1DNSSpecPrivateZone + + publicZone?: ConfigOpenshiftIoV1DNSSpecPublicZone + + +schema ConfigOpenshiftIoV1DNSSpecPrivateZone: + r""" + privateZone is the location where all the DNS records that are only available internally to the cluster exist. + If this field is nil, no private records should be created. + Once set, this field cannot be changed. + + Attributes + ---------- + id : str, default is Undefined, optional + id is the identifier that can be used to find the DNS hosted zone. + on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3]. + [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get + tags : {str:str}, default is Undefined, optional + tags can be used to query the DNS hosted zone. + on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, + [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options + """ + + + id?: str + + tags?: {str:str} + + +schema ConfigOpenshiftIoV1DNSSpecPublicZone: + r""" + publicZone is the location where all the DNS records that are publicly accessible to the internet exist. + If this field is nil, no public records should be created. + Once set, this field cannot be changed. + + Attributes + ---------- + id : str, default is Undefined, optional + id is the identifier that can be used to find the DNS hosted zone. + on AWS zone can be fetched using `ID` as id in [1] on Azure zone can be fetched using `ID` as a pre-determined name in [2], on GCP zone can be fetched using `ID` as a pre-determined name in [3]. + [1]: https://docs.aws.amazon.com/cli/latest/reference/route53/get-hosted-zone.html#options [2]: https://docs.microsoft.com/en-us/cli/azure/network/dns/zone?view=azure-cli-latest#az-network-dns-zone-show [3]: https://cloud.google.com/dns/docs/reference/v1/managedZones/get + tags : {str:str}, default is Undefined, optional + tags can be used to query the DNS hosted zone. + on AWS, resourcegroupstaggingapi [1] can be used to fetch a zone using `Tags` as tag-filters, + [1]: https://docs.aws.amazon.com/cli/latest/reference/resourcegroupstaggingapi/get-resources.html#options + """ + + + id?: str + + tags?: {str:str} + + diff --git a/kubevirt/v1/config_openshift_io_v1_feature_gate.k b/kubevirt/v1/config_openshift_io_v1_feature_gate.k new file mode 100644 index 00000000..c52be802 --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_feature_gate.k @@ -0,0 +1,73 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema FeatureGate: + r""" + Feature holds cluster-wide information about feature gates. The canonical name is `cluster` + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "FeatureGate", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1FeatureGateSpec, default is Undefined, required + spec + status : any, default is Undefined, optional + status holds observed values from the cluster. They may not be overridden. + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "FeatureGate" = "FeatureGate" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1FeatureGateSpec + + status?: any + + +schema ConfigOpenshiftIoV1FeatureGateSpec: + r""" + spec holds user settable values for configuration + + Attributes + ---------- + customNoUpgrade : ConfigOpenshiftIoV1FeatureGateSpecCustomNoUpgrade, default is Undefined, optional + custom no upgrade + featureSet : str, default is Undefined, optional + featureSet changes the list of features in the cluster. The default is empty. Be very careful adjusting this setting. Turning on or off features may cause irreversible changes in your cluster which cannot be undone. + """ + + + customNoUpgrade?: ConfigOpenshiftIoV1FeatureGateSpecCustomNoUpgrade + + featureSet?: str + + +schema ConfigOpenshiftIoV1FeatureGateSpecCustomNoUpgrade: + r""" + customNoUpgrade allows the enabling or disabling of any feature. Turning this feature set on IS NOT SUPPORTED, CANNOT BE UNDONE, and PREVENTS UPGRADES. Because of its nature, this setting cannot be validated. If you have any typos or accidentally apply invalid combinations your cluster may fail in an unrecoverable way. featureSet must equal "CustomNoUpgrade" must be set to use this field. + + Attributes + ---------- + disabled : [str], default is Undefined, optional + disabled is a list of all feature gates that you want to force off + enabled : [str], default is Undefined, optional + enabled is a list of all feature gates that you want to force on + """ + + + disabled?: [str] + + enabled?: [str] + + diff --git a/kubevirt/v1/config_openshift_io_v1_image.k b/kubevirt/v1/config_openshift_io_v1_image.k new file mode 100644 index 00000000..6137263d --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_image.k @@ -0,0 +1,137 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema Image: + r""" + Image governs policies related to imagestream imports and runtime configuration for external registries. It allows cluster admins to configure which registries OpenShift is allowed to import images from, extra CA trust bundles for external registries, and policies to blacklist/whitelist registry hostnames. When exposing OpenShift's image registry to the public, this also lets cluster admins specify the external hostname. + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Image", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1ImageSpec, default is Undefined, required + spec + status : ConfigOpenshiftIoV1ImageStatus, default is Undefined, optional + status + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "Image" = "Image" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1ImageSpec + + status?: ConfigOpenshiftIoV1ImageStatus + + +schema ConfigOpenshiftIoV1ImageSpec: + r""" + spec holds user settable values for configuration + + Attributes + ---------- + additionalTrustedCA : ConfigOpenshiftIoV1ImageSpecAdditionalTrustedCA, default is Undefined, optional + additional trusted c a + allowedRegistriesForImport : [ConfigOpenshiftIoV1ImageSpecAllowedRegistriesForImportItems0], default is Undefined, optional + allowedRegistriesForImport limits the container image registries that normal users may import images from. Set this list to the registries that you trust to contain valid Docker images and that you want applications to be able to import from. Users with permission to create Images or ImageStreamMappings via the API are not affected by this policy - typically only administrators or system integrations will have those permissions. + externalRegistryHostnames : [str], default is Undefined, optional + externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in "hostname[:port]" format. + registrySources : ConfigOpenshiftIoV1ImageSpecRegistrySources, default is Undefined, optional + registry sources + """ + + + additionalTrustedCA?: ConfigOpenshiftIoV1ImageSpecAdditionalTrustedCA + + allowedRegistriesForImport?: [ConfigOpenshiftIoV1ImageSpecAllowedRegistriesForImportItems0] + + externalRegistryHostnames?: [str] + + registrySources?: ConfigOpenshiftIoV1ImageSpecRegistrySources + + +schema ConfigOpenshiftIoV1ImageSpecAdditionalTrustedCA: + r""" + additionalTrustedCA is a reference to a ConfigMap containing additional CAs that should be trusted during imagestream import, pod image pull, build image pull, and imageregistry pullthrough. The namespace for this config map is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1ImageSpecAllowedRegistriesForImportItems0: + r""" + RegistryLocation contains a location of the registry specified by the registry domain name. The domain name might include wildcards, like '*' or '??'. + + Attributes + ---------- + domainName : str, default is Undefined, optional + domainName specifies a domain name for the registry In case the registry use non-standard (80 or 443) port, the port should be included in the domain name as well. + insecure : bool, default is Undefined, optional + insecure indicates whether the registry is secure (https) or insecure (http) By default (if not specified) the registry is assumed as secure. + """ + + + domainName?: str + + insecure?: bool + + +schema ConfigOpenshiftIoV1ImageSpecRegistrySources: + r""" + registrySources contains configuration that determines how the container runtime should treat individual registries when accessing images for builds+pods. (e.g. whether or not to allow insecure access). It does not contain configuration for the internal cluster registry. + + Attributes + ---------- + allowedRegistries : [str], default is Undefined, optional + allowedRegistries are whitelisted for image pull/push. All other registries are blocked. + Only one of BlockedRegistries or AllowedRegistries may be set. + blockedRegistries : [str], default is Undefined, optional + blockedRegistries are blacklisted from image pull/push. All other registries are allowed. + Only one of BlockedRegistries or AllowedRegistries may be set. + insecureRegistries : [str], default is Undefined, optional + insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections. + """ + + + allowedRegistries?: [str] + + blockedRegistries?: [str] + + insecureRegistries?: [str] + + +schema ConfigOpenshiftIoV1ImageStatus: + r""" + status holds observed values from the cluster. They may not be overridden. + + Attributes + ---------- + externalRegistryHostnames : [str], default is Undefined, optional + externalRegistryHostnames provides the hostnames for the default external image registry. The external hostname should be set only when the image registry is exposed externally. The first value is used in 'publicDockerImageRepository' field in ImageStreams. The value must be in "hostname[:port]" format. + internalRegistryHostname : str, default is Undefined, optional + internalRegistryHostname sets the hostname for the default internal image registry. The value must be in "hostname[:port]" format. This value is set by the image registry operator which controls the internal registry hostname. For backward compatibility, users can still use OPENSHIFT_DEFAULT_REGISTRY environment variable but this setting overrides the environment variable. + """ + + + externalRegistryHostnames?: [str] + + internalRegistryHostname?: str + + diff --git a/kubevirt/v1/config_openshift_io_v1_infrastructure.k b/kubevirt/v1/config_openshift_io_v1_infrastructure.k new file mode 100644 index 00000000..25bb1200 --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_infrastructure.k @@ -0,0 +1,262 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema Infrastructure: + r""" + Infrastructure holds cluster-wide information about Infrastructure. The canonical name is `cluster` + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Infrastructure", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1InfrastructureSpec, default is Undefined, required + spec + status : ConfigOpenshiftIoV1InfrastructureStatus, default is Undefined, optional + status + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "Infrastructure" = "Infrastructure" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1InfrastructureSpec + + status?: ConfigOpenshiftIoV1InfrastructureStatus + + +schema ConfigOpenshiftIoV1InfrastructureSpec: + r""" + spec holds user settable values for configuration + + Attributes + ---------- + cloudConfig : ConfigOpenshiftIoV1InfrastructureSpecCloudConfig, default is Undefined, optional + cloud config + """ + + + cloudConfig?: ConfigOpenshiftIoV1InfrastructureSpecCloudConfig + + +schema ConfigOpenshiftIoV1InfrastructureSpecCloudConfig: + r""" + cloudConfig is a reference to a ConfigMap containing the cloud provider configuration file. This configuration file is used to configure the Kubernetes cloud provider integration when using the built-in cloud provider integration or the external cloud controller manager. The namespace for this config map is openshift-config. + + Attributes + ---------- + key : str, default is Undefined, optional + Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. + name : str, default is Undefined, optional + name + """ + + + key?: str + + name?: str + + +schema ConfigOpenshiftIoV1InfrastructureStatus: + r""" + status holds observed values from the cluster. They may not be overridden. + + Attributes + ---------- + apiServerInternalURI : str, default is Undefined, optional + apiServerInternalURL is a valid URI with scheme(http/https), address and port. apiServerInternalURL can be used by components like kubelets, to contact the Kubernetes API server using the infrastructure provider rather than Kubernetes networking. + apiServerURL : str, default is Undefined, optional + apiServerURL is a valid URI with scheme(http/https), address and port. apiServerURL can be used by components like the web console to tell users where to find the Kubernetes API. + etcdDiscoveryDomain : str, default is Undefined, optional + etcdDiscoveryDomain is the domain used to fetch the SRV records for discovering etcd servers and clients. For more info: https://github.com/etcd-io/etcd/blob/329be66e8b3f9e2e6af83c123ff89297e49ebd15/Documentation/op-guide/clustering.md#dns-discovery + infrastructureName : str, default is Undefined, optional + infrastructureName uniquely identifies a cluster with a human friendly name. Once set it should not be changed. Must be of max length 27 and must have only alphanumeric or hyphen characters. + platform : str, default is Undefined, optional + platform is the underlying infrastructure provider for the cluster. + Deprecated: Use platformStatus.type instead. + platformStatus : ConfigOpenshiftIoV1InfrastructureStatusPlatformStatus, default is Undefined, optional + platform status + """ + + + apiServerInternalURI?: str + + apiServerURL?: str + + etcdDiscoveryDomain?: str + + infrastructureName?: str + + platform?: str + + platformStatus?: ConfigOpenshiftIoV1InfrastructureStatusPlatformStatus + + +schema ConfigOpenshiftIoV1InfrastructureStatusPlatformStatus: + r""" + platformStatus holds status information specific to the underlying infrastructure provider. + + Attributes + ---------- + aws : ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAws, default is Undefined, optional + aws + azure : ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAzure, default is Undefined, optional + azure + baremetal : ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusBaremetal, default is Undefined, optional + baremetal + gcp : ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusGcp, default is Undefined, optional + gcp + openstack : ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOpenstack, default is Undefined, optional + openstack + ovirt : ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOvirt, default is Undefined, optional + ovirt + $type : str, default is Undefined, optional + type is the underlying infrastructure provider for the cluster. This value controls whether infrastructure automation such as service load balancers, dynamic volume provisioning, machine creation and deletion, and other integrations are enabled. If None, no infrastructure automation is enabled. Allowed values are "AWS", "Azure", "BareMetal", "GCP", "Libvirt", "OpenStack", "VSphere", "oVirt", and "None". Individual components may not support all platforms, and must handle unrecognized platforms as None if they do not support that platform. + """ + + + aws?: ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAws + + azure?: ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAzure + + baremetal?: ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusBaremetal + + gcp?: ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusGcp + + openstack?: ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOpenstack + + ovirt?: ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOvirt + + $type?: str + + +schema ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAws: + r""" + AWS contains settings specific to the Amazon Web Services infrastructure provider. + + Attributes + ---------- + region : str, default is Undefined, optional + region holds the default AWS region for new AWS resources created by the cluster. + """ + + + region?: str + + +schema ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusAzure: + r""" + Azure contains settings specific to the Azure infrastructure provider. + + Attributes + ---------- + networkResourceGroupName : str, default is Undefined, optional + networkResourceGroupName is the Resource Group for network resources like the Virtual Network and Subnets used by the cluster. If empty, the value is same as ResourceGroupName. + resourceGroupName : str, default is Undefined, optional + resourceGroupName is the Resource Group for new Azure resources created for the cluster. + """ + + + networkResourceGroupName?: str + + resourceGroupName?: str + + +schema ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusBaremetal: + r""" + BareMetal contains settings specific to the BareMetal platform. + + Attributes + ---------- + apiServerInternalIP : str, default is Undefined, optional + apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + ingressIP : str, default is Undefined, optional + ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + nodeDNSIP : str, default is Undefined, optional + nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for BareMetal deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + """ + + + apiServerInternalIP?: str + + ingressIP?: str + + nodeDNSIP?: str + + +schema ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusGcp: + r""" + GCP contains settings specific to the Google Cloud Platform infrastructure provider. + + Attributes + ---------- + projectID : str, default is Undefined, optional + resourceGroupName is the Project ID for new GCP resources created for the cluster. + region : str, default is Undefined, optional + region holds the region for new GCP resources created for the cluster. + """ + + + projectID?: str + + region?: str + + +schema ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOpenstack: + r""" + OpenStack contains settings specific to the OpenStack infrastructure provider. + + Attributes + ---------- + apiServerInternalIP : str, default is Undefined, optional + apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + cloudName : str, default is Undefined, optional + cloudName is the name of the desired OpenStack cloud in the client configuration file (`clouds.yaml`). + ingressIP : str, default is Undefined, optional + ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + nodeDNSIP : str, default is Undefined, optional + nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for OpenStack deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + """ + + + apiServerInternalIP?: str + + cloudName?: str + + ingressIP?: str + + nodeDNSIP?: str + + +schema ConfigOpenshiftIoV1InfrastructureStatusPlatformStatusOvirt: + r""" + Ovirt contains settings specific to the oVirt infrastructure provider. + + Attributes + ---------- + apiServerInternalIP : str, default is Undefined, optional + apiServerInternalIP is an IP address to contact the Kubernetes API server that can be used by components inside the cluster, like kubelets using the infrastructure rather than Kubernetes networking. It is the IP that the Infrastructure.status.apiServerInternalURI points to. It is the IP for a self-hosted load balancer in front of the API servers. + ingressIP : str, default is Undefined, optional + ingressIP is an external IP which routes to the default ingress controller. The IP is a suitable target of a wildcard DNS record used to resolve default route host names. + nodeDNSIP : str, default is Undefined, optional + nodeDNSIP is the IP address for the internal DNS used by the nodes. Unlike the one managed by the DNS operator, `NodeDNSIP` provides name resolution for the nodes themselves. There is no DNS-as-a-service for oVirt deployments. In order to minimize necessary changes to the datacenter DNS, a DNS service is hosted as a static pod to serve those hostnames to the nodes in the cluster. + """ + + + apiServerInternalIP?: str + + ingressIP?: str + + nodeDNSIP?: str + + diff --git a/kubevirt/v1/config_openshift_io_v1_ingress.k b/kubevirt/v1/config_openshift_io_v1_ingress.k new file mode 100644 index 00000000..34c0d0d2 --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_ingress.k @@ -0,0 +1,53 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema Ingress: + r""" + Ingress holds cluster-wide information about ingress, including the default ingress domain used for routes. The canonical name is `cluster`. + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Ingress", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1IngressSpec, default is Undefined, required + spec + status : any, default is Undefined, optional + status holds observed values from the cluster. They may not be overridden. + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "Ingress" = "Ingress" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1IngressSpec + + status?: any + + +schema ConfigOpenshiftIoV1IngressSpec: + r""" + spec holds user settable values for configuration + + Attributes + ---------- + domain : str, default is Undefined, optional + domain is used to generate a default host name for a route when the route's host name is empty. The generated host name will follow this pattern: "..". + It is also used as the default wildcard domain suffix for ingress. The default ingresscontroller domain will follow this pattern: "*.". + Once set, changing domain is not currently supported. + """ + + + domain?: str + + diff --git a/kubevirt/v1/config_openshift_io_v1_network.k b/kubevirt/v1/config_openshift_io_v1_network.k new file mode 100644 index 00000000..125d0de2 --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_network.k @@ -0,0 +1,169 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema ConfigNetwork: + r""" + Network holds cluster-wide information about Network. The canonical name is `cluster`. It is used to configure the desired network configuration, such as: IP address pools for services/pod IPs, network plugin, etc. Please view network.spec for an explanation on what applies when configuring this resource. + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Network", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1NetworkSpec, default is Undefined, required + spec + status : ConfigOpenshiftIoV1NetworkStatus, default is Undefined, optional + status + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "Network" = "Network" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1NetworkSpec + + status?: ConfigOpenshiftIoV1NetworkStatus + + +schema ConfigOpenshiftIoV1NetworkSpec: + r""" + spec holds user settable values for configuration. As a general rule, this SHOULD NOT be read directly. Instead, you should consume the NetworkStatus, as it indicates the currently deployed configuration. Currently, most spec fields are immutable after installation. Please view the individual ones for further details on each. + + Attributes + ---------- + clusterNetwork : [ConfigOpenshiftIoV1NetworkSpecClusterNetworkItems0], default is Undefined, optional + IP address pool to use for pod IPs. This field is immutable after installation. + externalIP : ConfigOpenshiftIoV1NetworkSpecExternalIP, default is Undefined, optional + external IP + networkType : str, default is Undefined, optional + NetworkType is the plugin that is to be deployed (e.g. OpenShiftSDN). This should match a value that the cluster-network-operator understands, or else no networking will be installed. Currently supported values are: - OpenShiftSDN This field is immutable after installation. + serviceNetwork : [str], default is Undefined, optional + IP address pool for services. Currently, we only support a single entry here. This field is immutable after installation. + """ + + + clusterNetwork?: [ConfigOpenshiftIoV1NetworkSpecClusterNetworkItems0] + + externalIP?: ConfigOpenshiftIoV1NetworkSpecExternalIP + + networkType?: str + + serviceNetwork?: [str] + + +schema ConfigOpenshiftIoV1NetworkSpecClusterNetworkItems0: + r""" + ClusterNetworkEntry is a contiguous block of IP addresses from which pod IPs are allocated. + + Attributes + ---------- + cidr : str, default is Undefined, optional + The complete block for pod IPs. + hostPrefix : int, default is Undefined, optional + The size (prefix) of block to allocate to each node. + """ + + + cidr?: str + + hostPrefix?: int + + + check: + hostPrefix >= 0 if hostPrefix not in [None, Undefined] + + +schema ConfigOpenshiftIoV1NetworkSpecExternalIP: + r""" + externalIP defines configuration for controllers that affect Service.ExternalIP. If nil, then ExternalIP is not allowed to be set. + + Attributes + ---------- + autoAssignCIDRs : [str], default is Undefined, optional + autoAssignCIDRs is a list of CIDRs from which to automatically assign Service.ExternalIP. These are assigned when the service is of type LoadBalancer. In general, this is only useful for bare-metal clusters. In Openshift 3.x, this was misleadingly called "IngressIPs". Automatically assigned External IPs are not affected by any ExternalIPPolicy rules. Currently, only one entry may be provided. + policy : ConfigOpenshiftIoV1NetworkSpecExternalIPPolicy, default is Undefined, optional + policy + """ + + + autoAssignCIDRs?: [str] + + policy?: ConfigOpenshiftIoV1NetworkSpecExternalIPPolicy + + +schema ConfigOpenshiftIoV1NetworkSpecExternalIPPolicy: + r""" + policy is a set of restrictions applied to the ExternalIP field. If nil or empty, then ExternalIP is not allowed to be set. + + Attributes + ---------- + allowedCIDRs : [str], default is Undefined, optional + allowedCIDRs is the list of allowed CIDRs. + rejectedCIDRs : [str], default is Undefined, optional + rejectedCIDRs is the list of disallowed CIDRs. These take precedence over allowedCIDRs. + """ + + + allowedCIDRs?: [str] + + rejectedCIDRs?: [str] + + +schema ConfigOpenshiftIoV1NetworkStatus: + r""" + status holds observed values from the cluster. They may not be overridden. + + Attributes + ---------- + clusterNetwork : [ConfigOpenshiftIoV1NetworkStatusClusterNetworkItems0], default is Undefined, optional + IP address pool to use for pod IPs. + clusterNetworkMTU : int, default is Undefined, optional + ClusterNetworkMTU is the MTU for inter-pod networking. + networkType : str, default is Undefined, optional + NetworkType is the plugin that is deployed (e.g. OpenShiftSDN). + serviceNetwork : [str], default is Undefined, optional + IP address pool for services. Currently, we only support a single entry here. + """ + + + clusterNetwork?: [ConfigOpenshiftIoV1NetworkStatusClusterNetworkItems0] + + clusterNetworkMTU?: int + + networkType?: str + + serviceNetwork?: [str] + + +schema ConfigOpenshiftIoV1NetworkStatusClusterNetworkItems0: + r""" + ClusterNetworkEntry is a contiguous block of IP addresses from which pod IPs are allocated. + + Attributes + ---------- + cidr : str, default is Undefined, optional + The complete block for pod IPs. + hostPrefix : int, default is Undefined, optional + The size (prefix) of block to allocate to each node. + """ + + + cidr?: str + + hostPrefix?: int + + + check: + hostPrefix >= 0 if hostPrefix not in [None, Undefined] + + diff --git a/kubevirt/v1/config_openshift_io_v1_o_auth.k b/kubevirt/v1/config_openshift_io_v1_o_auth.k new file mode 100644 index 00000000..36508740 --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_o_auth.k @@ -0,0 +1,751 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema OAuth: + r""" + OAuth holds cluster-wide information about OAuth. The canonical name is `cluster`. It is used to configure the integrated OAuth server. This configuration is only honored when the top level Authentication config has type set to IntegratedOAuth. + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "OAuth", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1OAuthSpec, default is Undefined, required + spec + status : any, default is Undefined, optional + OAuthStatus shows current known state of OAuth server in the cluster + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "OAuth" = "OAuth" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1OAuthSpec + + status?: any + + +schema ConfigOpenshiftIoV1OAuthSpec: + r""" + OAuthSpec contains desired cluster auth configuration + + Attributes + ---------- + identityProviders : [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0], default is Undefined, optional + identityProviders is an ordered list of ways for a user to identify themselves. When this list is empty, no identities are provisioned for users. + templates : ConfigOpenshiftIoV1OAuthSpecTemplates, default is Undefined, optional + templates + tokenConfig : ConfigOpenshiftIoV1OAuthSpecTokenConfig, default is Undefined, optional + token config + """ + + + identityProviders?: [ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0] + + templates?: ConfigOpenshiftIoV1OAuthSpecTemplates + + tokenConfig?: ConfigOpenshiftIoV1OAuthSpecTokenConfig + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0: + r""" + IdentityProvider provides identities for users authenticating using credentials + + Attributes + ---------- + basicAuth : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuth, default is Undefined, optional + basic auth + github : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Github, default is Undefined, optional + github + gitlab : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Gitlab, default is Undefined, optional + gitlab + google : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Google, default is Undefined, optional + google + htpasswd : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Htpasswd, default is Undefined, optional + htpasswd + keystone : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Keystone, default is Undefined, optional + keystone + ldap : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Ldap, default is Undefined, optional + ldap + mappingMethod : str, default is Undefined, optional + mappingMethod determines how identities from this provider are mapped to users Defaults to "claim" + name : str, default is Undefined, optional + name is used to qualify the identities returned by this provider. - It MUST be unique and not shared by any other identity provider used - It MUST be a valid path segment: name cannot equal "." or ".." or contain "/" or "%" or ":" Ref: https://godoc.org/github.com/openshift/origin/pkg/user/apis/user/validation#ValidateIdentityProviderName + openID : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenID, default is Undefined, optional + open ID + requestHeader : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeader, default is Undefined, optional + request header + $type : str, default is Undefined, optional + type identifies the identity provider type for this entry. + """ + + + basicAuth?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuth + + github?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Github + + gitlab?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Gitlab + + google?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Google + + htpasswd?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Htpasswd + + keystone?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Keystone + + ldap?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Ldap + + mappingMethod?: str + + name?: str + + openID?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenID + + requestHeader?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeader + + $type?: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuth: + r""" + basicAuth contains configuration options for the BasicAuth IdP + + Attributes + ---------- + ca : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthCa, default is Undefined, optional + ca + tlsClientCert : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientCert, default is Undefined, optional + tls client cert + tlsClientKey : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientKey, default is Undefined, optional + tls client key + url : str, default is Undefined, optional + url is the remote URL to connect to + """ + + + ca?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthCa + + tlsClientCert?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientCert + + tlsClientKey?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientKey + + url?: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthCa: + r""" + ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. The namespace for this config map is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientCert: + r""" + tlsClientCert is an optional reference to a secret by name that contains the PEM-encoded TLS client certificate to present when connecting to the server. The key "tls.crt" is used to locate the data. If specified and the secret or expected key is not found, the identity provider is not honored. If the specified certificate data is not valid, the identity provider is not honored. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0BasicAuthTLSClientKey: + r""" + tlsClientKey is an optional reference to a secret by name that contains the PEM-encoded TLS private key for the client certificate referenced in tlsClientCert. The key "tls.key" is used to locate the data. If specified and the secret or expected key is not found, the identity provider is not honored. If the specified certificate data is not valid, the identity provider is not honored. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Github: + r""" + github enables user authentication using GitHub credentials + + Attributes + ---------- + ca : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubCa, default is Undefined, optional + ca + clientID : str, default is Undefined, optional + clientID is the oauth client ID + clientSecret : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubClientSecret, default is Undefined, optional + client secret + hostname : str, default is Undefined, optional + hostname is the optional domain (e.g. "mycompany.com") for use with a hosted instance of GitHub Enterprise. It must match the GitHub Enterprise settings value configured at /setup/settings#hostname. + organizations : [str], default is Undefined, optional + organizations optionally restricts which organizations are allowed to log in + teams : [str], default is Undefined, optional + teams optionally restricts which teams are allowed to log in. Format is /. + """ + + + ca?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubCa + + clientID?: str + + clientSecret?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubClientSecret + + hostname?: str + + organizations?: [str] + + teams?: [str] + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubCa: + r""" + ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. This can only be configured when hostname is set to a non-empty value. The namespace for this config map is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GithubClientSecret: + r""" + clientSecret is a required reference to the secret by name containing the oauth client secret. The key "clientSecret" is used to locate the data. If the secret or expected key is not found, the identity provider is not honored. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Gitlab: + r""" + gitlab enables user authentication using GitLab credentials + + Attributes + ---------- + ca : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabCa, default is Undefined, optional + ca + clientID : str, default is Undefined, optional + clientID is the oauth client ID + clientSecret : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabClientSecret, default is Undefined, optional + client secret + url : str, default is Undefined, optional + url is the oauth server base URL + """ + + + ca?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabCa + + clientID?: str + + clientSecret?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabClientSecret + + url?: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabCa: + r""" + ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. The namespace for this config map is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GitlabClientSecret: + r""" + clientSecret is a required reference to the secret by name containing the oauth client secret. The key "clientSecret" is used to locate the data. If the secret or expected key is not found, the identity provider is not honored. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Google: + r""" + google enables user authentication using Google credentials + + Attributes + ---------- + clientID : str, default is Undefined, optional + clientID is the oauth client ID + clientSecret : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GoogleClientSecret, default is Undefined, optional + client secret + hostedDomain : str, default is Undefined, optional + hostedDomain is the optional Google App domain (e.g. "mycompany.com") to restrict logins to + """ + + + clientID?: str + + clientSecret?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GoogleClientSecret + + hostedDomain?: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0GoogleClientSecret: + r""" + clientSecret is a required reference to the secret by name containing the oauth client secret. The key "clientSecret" is used to locate the data. If the secret or expected key is not found, the identity provider is not honored. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Htpasswd: + r""" + htpasswd enables user authentication using an HTPasswd file to validate credentials + + Attributes + ---------- + fileData : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0HtpasswdFileData, default is Undefined, optional + file data + """ + + + fileData?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0HtpasswdFileData + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0HtpasswdFileData: + r""" + fileData is a required reference to a secret by name containing the data to use as the htpasswd file. The key "htpasswd" is used to locate the data. If the secret or expected key is not found, the identity provider is not honored. If the specified htpasswd data is not valid, the identity provider is not honored. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Keystone: + r""" + keystone enables user authentication using keystone password credentials + + Attributes + ---------- + ca : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneCa, default is Undefined, optional + ca + domainName : str, default is Undefined, optional + domainName is required for keystone v3 + tlsClientCert : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientCert, default is Undefined, optional + tls client cert + tlsClientKey : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientKey, default is Undefined, optional + tls client key + url : str, default is Undefined, optional + url is the remote URL to connect to + """ + + + ca?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneCa + + domainName?: str + + tlsClientCert?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientCert + + tlsClientKey?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientKey + + url?: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneCa: + r""" + ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. The namespace for this config map is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientCert: + r""" + tlsClientCert is an optional reference to a secret by name that contains the PEM-encoded TLS client certificate to present when connecting to the server. The key "tls.crt" is used to locate the data. If specified and the secret or expected key is not found, the identity provider is not honored. If the specified certificate data is not valid, the identity provider is not honored. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0KeystoneTLSClientKey: + r""" + tlsClientKey is an optional reference to a secret by name that contains the PEM-encoded TLS private key for the client certificate referenced in tlsClientCert. The key "tls.key" is used to locate the data. If specified and the secret or expected key is not found, the identity provider is not honored. If the specified certificate data is not valid, the identity provider is not honored. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0Ldap: + r""" + ldap enables user authentication using LDAP credentials + + Attributes + ---------- + attributes : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapAttributes, default is Undefined, optional + attributes + bindDN : str, default is Undefined, optional + bindDN is an optional DN to bind with during the search phase. + bindPassword : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapBindPassword, default is Undefined, optional + bind password + ca : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapCa, default is Undefined, optional + ca + insecure : bool, default is Undefined, optional + insecure, if true, indicates the connection should not use TLS WARNING: Should not be set to `true` with the URL scheme "ldaps://" as "ldaps://" URLs always attempt to connect using TLS, even when `insecure` is set to `true` When `true`, "ldap://" URLS connect insecurely. When `false`, "ldap://" URLs are upgraded to a TLS connection using StartTLS as specified in https://tools.ietf.org/html/rfc2830. + url : str, default is Undefined, optional + url is an RFC 2255 URL which specifies the LDAP search parameters to use. The syntax of the URL is: ldap://host:port/basedn?attribute?scope?filter + """ + + + attributes?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapAttributes + + bindDN?: str + + bindPassword?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapBindPassword + + ca?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapCa + + insecure?: bool + + url?: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapAttributes: + r""" + attributes maps LDAP attributes to identities + + Attributes + ---------- + email : [str], default is Undefined, optional + email is the list of attributes whose values should be used as the email address. Optional. If unspecified, no email is set for the identity + id : [str], default is Undefined, optional + id is the list of attributes whose values should be used as the user ID. Required. First non-empty attribute is used. At least one attribute is required. If none of the listed attribute have a value, authentication fails. LDAP standard identity attribute is "dn" + name : [str], default is Undefined, optional + name is the list of attributes whose values should be used as the display name. Optional. If unspecified, no display name is set for the identity LDAP standard display name attribute is "cn" + preferredUsername : [str], default is Undefined, optional + preferredUsername is the list of attributes whose values should be used as the preferred username. LDAP standard login attribute is "uid" + """ + + + email?: [str] + + id?: [str] + + name?: [str] + + preferredUsername?: [str] + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapBindPassword: + r""" + bindPassword is an optional reference to a secret by name containing a password to bind with during the search phase. The key "bindPassword" is used to locate the data. If specified and the secret or expected key is not found, the identity provider is not honored. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0LdapCa: + r""" + ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. The namespace for this config map is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenID: + r""" + openID enables user authentication using OpenID credentials + + Attributes + ---------- + ca : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDCa, default is Undefined, optional + ca + claims : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClaims, default is Undefined, optional + claims + clientID : str, default is Undefined, optional + clientID is the oauth client ID + clientSecret : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClientSecret, default is Undefined, optional + client secret + extraAuthorizeParameters : {str:str}, default is Undefined, optional + extraAuthorizeParameters are any custom parameters to add to the authorize request. + extraScopes : [str], default is Undefined, optional + extraScopes are any scopes to request in addition to the standard "openid" scope. + issuer : str, default is Undefined, optional + issuer is the URL that the OpenID Provider asserts as its Issuer Identifier. It must use the https scheme with no query or fragment component. + """ + + + ca?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDCa + + claims?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClaims + + clientID?: str + + clientSecret?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClientSecret + + extraAuthorizeParameters?: {str:str} + + extraScopes?: [str] + + issuer?: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDCa: + r""" + ca is an optional reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. The key "ca.crt" is used to locate the data. If specified and the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. If empty, the default system roots are used. The namespace for this config map is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClaims: + r""" + claims mappings + + Attributes + ---------- + email : [str], default is Undefined, optional + email is the list of claims whose values should be used as the email address. Optional. If unspecified, no email is set for the identity + name : [str], default is Undefined, optional + name is the list of claims whose values should be used as the display name. Optional. If unspecified, no display name is set for the identity + preferredUsername : [str], default is Undefined, optional + preferredUsername is the list of claims whose values should be used as the preferred username. If unspecified, the preferred username is determined from the value of the sub claim + """ + + + email?: [str] + + name?: [str] + + preferredUsername?: [str] + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0OpenIDClientSecret: + r""" + clientSecret is a required reference to the secret by name containing the oauth client secret. The key "clientSecret" is used to locate the data. If the secret or expected key is not found, the identity provider is not honored. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeader: + r""" + requestHeader enables user authentication using request header credentials + + Attributes + ---------- + ca : ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeaderCa, default is Undefined, optional + ca + challengeURL : str, default is Undefined, optional + challengeURL is a URL to redirect unauthenticated /authorize requests to Unauthenticated requests from OAuth clients which expect WWW-Authenticate challenges will be redirected here. ${url} is replaced with the current URL, escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} Required when challenge is set to true. + clientCommonNames : [str], default is Undefined, optional + clientCommonNames is an optional list of common names to require a match from. If empty, any client certificate validated against the clientCA bundle is considered authoritative. + emailHeaders : [str], default is Undefined, optional + emailHeaders is the set of headers to check for the email address + headers : [str], default is Undefined, optional + headers is the set of headers to check for identity information + loginURL : str, default is Undefined, optional + loginURL is a URL to redirect unauthenticated /authorize requests to Unauthenticated requests from OAuth clients which expect interactive logins will be redirected here ${url} is replaced with the current URL, escaped to be safe in a query parameter https://www.example.com/sso-login?then=${url} ${query} is replaced with the current query string https://www.example.com/auth-proxy/oauth/authorize?${query} Required when login is set to true. + nameHeaders : [str], default is Undefined, optional + nameHeaders is the set of headers to check for the display name + preferredUsernameHeaders : [str], default is Undefined, optional + preferredUsernameHeaders is the set of headers to check for the preferred username + """ + + + ca?: ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeaderCa + + challengeURL?: str + + clientCommonNames?: [str] + + emailHeaders?: [str] + + headers?: [str] + + loginURL?: str + + nameHeaders?: [str] + + preferredUsernameHeaders?: [str] + + +schema ConfigOpenshiftIoV1OAuthSpecIdentityProvidersItems0RequestHeaderCa: + r""" + ca is a required reference to a config map by name containing the PEM-encoded CA bundle. It is used as a trust anchor to validate the TLS certificate presented by the remote server. Specifically, it allows verification of incoming requests to prevent header spoofing. The key "ca.crt" is used to locate the data. If the config map or expected key is not found, the identity provider is not honored. If the specified ca data is not valid, the identity provider is not honored. The namespace for this config map is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecTemplates: + r""" + templates allow you to customize pages like the login page. + + Attributes + ---------- + error : ConfigOpenshiftIoV1OAuthSpecTemplatesError, default is Undefined, optional + error + login : ConfigOpenshiftIoV1OAuthSpecTemplatesLogin, default is Undefined, optional + login + providerSelection : ConfigOpenshiftIoV1OAuthSpecTemplatesProviderSelection, default is Undefined, optional + provider selection + """ + + + error?: ConfigOpenshiftIoV1OAuthSpecTemplatesError + + login?: ConfigOpenshiftIoV1OAuthSpecTemplatesLogin + + providerSelection?: ConfigOpenshiftIoV1OAuthSpecTemplatesProviderSelection + + +schema ConfigOpenshiftIoV1OAuthSpecTemplatesError: + r""" + error is the name of a secret that specifies a go template to use to render error pages during the authentication or grant flow. The key "errors.html" is used to locate the template data. If specified and the secret or expected key is not found, the default error page is used. If the specified template is not valid, the default error page is used. If unspecified, the default error page is used. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecTemplatesLogin: + r""" + login is the name of a secret that specifies a go template to use to render the login page. The key "login.html" is used to locate the template data. If specified and the secret or expected key is not found, the default login page is used. If the specified template is not valid, the default login page is used. If unspecified, the default login page is used. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecTemplatesProviderSelection: + r""" + providerSelection is the name of a secret that specifies a go template to use to render the provider selection page. The key "providers.html" is used to locate the template data. If specified and the secret or expected key is not found, the default provider selection page is used. If the specified template is not valid, the default provider selection page is used. If unspecified, the default provider selection page is used. The namespace for this secret is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced secret + """ + + + name: str + + +schema ConfigOpenshiftIoV1OAuthSpecTokenConfig: + r""" + tokenConfig contains options for authorization and access tokens + + Attributes + ---------- + accessTokenInactivityTimeoutSeconds : int, default is Undefined, optional + accessTokenInactivityTimeoutSeconds defines the default token inactivity timeout for tokens granted by any client. The value represents the maximum amount of time that can occur between consecutive uses of the token. Tokens become invalid if they are not used within this temporal window. The user will need to acquire a new token to regain access once a token times out. Valid values are integer values: x < 0 Tokens time out is enabled but tokens never timeout unless configured per client (e.g. `-1`) x = 0 Tokens time out is disabled (default) x > 0 Tokens time out if there is no activity for x seconds The current minimum allowed value for X is 300 (5 minutes) + accessTokenMaxAgeSeconds : int, default is Undefined, optional + accessTokenMaxAgeSeconds defines the maximum age of access tokens + """ + + + accessTokenInactivityTimeoutSeconds?: int + + accessTokenMaxAgeSeconds?: int + + diff --git a/kubevirt/v1/config_openshift_io_v1_operator_hub.k b/kubevirt/v1/config_openshift_io_v1_operator_hub.k new file mode 100644 index 00000000..ec7bdf87 --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_operator_hub.k @@ -0,0 +1,123 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema OperatorHub: + r""" + OperatorHub is the Schema for the operatorhubs API. It can be used to change the state of the default hub sources for OperatorHub on the cluster from enabled to disabled and vice versa. + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "OperatorHub", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1OperatorHubSpec, default is Undefined, optional + spec + status : ConfigOpenshiftIoV1OperatorHubStatus, default is Undefined, optional + status + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "OperatorHub" = "OperatorHub" + + metadata?: v1.ObjectMeta + + spec?: ConfigOpenshiftIoV1OperatorHubSpec + + status?: ConfigOpenshiftIoV1OperatorHubStatus + + +schema ConfigOpenshiftIoV1OperatorHubSpec: + r""" + OperatorHubSpec defines the desired state of OperatorHub + + Attributes + ---------- + disableAllDefaultSources : bool, default is Undefined, optional + disableAllDefaultSources allows you to disable all the default hub sources. If this is true, a specific entry in sources can be used to enable a default source. If this is false, a specific entry in sources can be used to disable or enable a default source. + sources : [ConfigOpenshiftIoV1OperatorHubSpecSourcesItems0], default is Undefined, optional + sources is the list of default hub sources and their configuration. If the list is empty, it implies that the default hub sources are enabled on the cluster unless disableAllDefaultSources is true. If disableAllDefaultSources is true and sources is not empty, the configuration present in sources will take precedence. The list of default hub sources and their current state will always be reflected in the status block. + """ + + + disableAllDefaultSources?: bool + + sources?: [ConfigOpenshiftIoV1OperatorHubSpecSourcesItems0] + + +schema ConfigOpenshiftIoV1OperatorHubSpecSourcesItems0: + r""" + HubSource is used to specify the hub source and its configuration + + Attributes + ---------- + disabled : bool, default is Undefined, optional + disabled is used to disable a default hub source on cluster + name : str, default is Undefined, optional + name is the name of one of the default hub sources + """ + + + disabled?: bool + + name?: str + + + check: + len(name) <= 253 if name + len(name) >= 1 if name + + +schema ConfigOpenshiftIoV1OperatorHubStatus: + r""" + OperatorHubStatus defines the observed state of OperatorHub. The current state of the default hub sources will always be reflected here. + + Attributes + ---------- + sources : [ConfigOpenshiftIoV1OperatorHubStatusSourcesItems0], default is Undefined, optional + sources encapsulates the result of applying the configuration for each hub source + """ + + + sources?: [ConfigOpenshiftIoV1OperatorHubStatusSourcesItems0] + + +schema ConfigOpenshiftIoV1OperatorHubStatusSourcesItems0: + r""" + HubSourceStatus is used to reflect the current state of applying the configuration to a default source + + Attributes + ---------- + disabled : bool, default is Undefined, optional + disabled is used to disable a default hub source on cluster + message : str, default is Undefined, optional + message provides more information regarding failures + name : str, default is Undefined, optional + name is the name of one of the default hub sources + status : str, default is Undefined, optional + status indicates success or failure in applying the configuration + """ + + + disabled?: bool + + message?: str + + name?: str + + status?: str + + + check: + len(name) <= 253 if name + len(name) >= 1 if name + + diff --git a/kubevirt/v1/config_openshift_io_v1_project.k b/kubevirt/v1/config_openshift_io_v1_project.k new file mode 100644 index 00000000..509c121f --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_project.k @@ -0,0 +1,69 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema Project: + r""" + Project holds cluster-wide information about Project. The canonical name is `cluster` + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Project", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1ProjectSpec, default is Undefined, required + spec + status : any, default is Undefined, optional + status holds observed values from the cluster. They may not be overridden. + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "Project" = "Project" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1ProjectSpec + + status?: any + + +schema ConfigOpenshiftIoV1ProjectSpec: + r""" + spec holds user settable values for configuration + + Attributes + ---------- + projectRequestMessage : str, default is Undefined, optional + projectRequestMessage is the string presented to a user if they are unable to request a project via the projectrequest api endpoint + projectRequestTemplate : ConfigOpenshiftIoV1ProjectSpecProjectRequestTemplate, default is Undefined, optional + project request template + """ + + + projectRequestMessage?: str + + projectRequestTemplate?: ConfigOpenshiftIoV1ProjectSpecProjectRequestTemplate + + +schema ConfigOpenshiftIoV1ProjectSpecProjectRequestTemplate: + r""" + projectRequestTemplate is the template to use for creating projects in response to projectrequest. This must point to a template in 'openshift-config' namespace. It is optional. If it is not specified, a default template is used. + + Attributes + ---------- + name : str, default is Undefined, optional + name is the metadata.name of the referenced project request template + """ + + + name?: str + + diff --git a/kubevirt/v1/config_openshift_io_v1_proxy.k b/kubevirt/v1/config_openshift_io_v1_proxy.k new file mode 100644 index 00000000..0df79598 --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_proxy.k @@ -0,0 +1,104 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema Proxy: + r""" + Proxy holds cluster-wide information on how to configure default proxies for the cluster. The canonical name is `cluster` + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Proxy", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1ProxySpec, default is Undefined, required + spec + status : ConfigOpenshiftIoV1ProxyStatus, default is Undefined, optional + status + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "Proxy" = "Proxy" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1ProxySpec + + status?: ConfigOpenshiftIoV1ProxyStatus + + +schema ConfigOpenshiftIoV1ProxySpec: + r""" + Spec holds user-settable values for the proxy configuration + + Attributes + ---------- + httpProxy : str, default is Undefined, optional + httpProxy is the URL of the proxy for HTTP requests. Empty means unset and will not result in an env var. + httpsProxy : str, default is Undefined, optional + httpsProxy is the URL of the proxy for HTTPS requests. Empty means unset and will not result in an env var. + noProxy : str, default is Undefined, optional + noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. Empty means unset and will not result in an env var. + readinessEndpoints : [str], default is Undefined, optional + readinessEndpoints is a list of endpoints used to verify readiness of the proxy. + trustedCA : ConfigOpenshiftIoV1ProxySpecTrustedCA, default is Undefined, optional + trusted c a + """ + + + httpProxy?: str + + httpsProxy?: str + + noProxy?: str + + readinessEndpoints?: [str] + + trustedCA?: ConfigOpenshiftIoV1ProxySpecTrustedCA + + +schema ConfigOpenshiftIoV1ProxySpecTrustedCA: + r""" + trustedCA is a reference to a ConfigMap containing a CA certificate bundle used for client egress HTTPS connections. The certificate bundle must be from the CA that signed the proxy's certificate and be signed for everything. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from required key "ca-bundle.crt" and copying it to a ConfigMap named "trusted-ca-bundle" in the "openshift-config-managed" namespace. The namespace for the ConfigMap referenced by trustedCA is "openshift-config". Here is an example ConfigMap (in yaml): + apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN CERTIFICATE----- Custom CA certificate bundle. -----END CERTIFICATE----- + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + +schema ConfigOpenshiftIoV1ProxyStatus: + r""" + status holds observed values from the cluster. They may not be overridden. + + Attributes + ---------- + httpProxy : str, default is Undefined, optional + httpProxy is the URL of the proxy for HTTP requests. + httpsProxy : str, default is Undefined, optional + httpsProxy is the URL of the proxy for HTTPS requests. + noProxy : str, default is Undefined, optional + noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. + """ + + + httpProxy?: str + + httpsProxy?: str + + noProxy?: str + + diff --git a/kubevirt/v1/config_openshift_io_v1_scheduler.k b/kubevirt/v1/config_openshift_io_v1_scheduler.k new file mode 100644 index 00000000..7c0fd66a --- /dev/null +++ b/kubevirt/v1/config_openshift_io_v1_scheduler.k @@ -0,0 +1,73 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema Scheduler: + r""" + Scheduler holds cluster-wide config information to run the Kubernetes Scheduler and influence its placement decisions. The canonical name for this config is `cluster`. + + Attributes + ---------- + apiVersion : str, default is "config.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Scheduler", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : ConfigOpenshiftIoV1SchedulerSpec, default is Undefined, required + spec + status : any, default is Undefined, optional + status holds observed values from the cluster. They may not be overridden. + """ + + + apiVersion: "config.openshift.io/v1" = "config.openshift.io/v1" + + kind: "Scheduler" = "Scheduler" + + metadata?: v1.ObjectMeta + + spec: ConfigOpenshiftIoV1SchedulerSpec + + status?: any + + +schema ConfigOpenshiftIoV1SchedulerSpec: + r""" + spec holds user settable values for configuration + + Attributes + ---------- + defaultNodeSelector : str, default is Undefined, optional + defaultNodeSelector helps set the cluster-wide default node selector to restrict pod placement to specific nodes. This is applied to the pods created in all namespaces without a specified nodeSelector value. For example, defaultNodeSelector: "type=user-node,region=east" would set nodeSelector field in pod spec to "type=user-node,region=east" to all pods created in all namespaces. Namespaces having project-wide node selectors won't be impacted even if this field is set. This adds an annotation section to the namespace. For example, if a new namespace is created with node-selector='type=user-node,region=east', the annotation openshift.io/node-selector: type=user-node,region=east gets added to the project. When the openshift.io/node-selector annotation is set on the project the value is used in preference to the value we are setting for defaultNodeSelector field. For instance, openshift.io/node-selector: "type=user-node,region=west" means that the default of "type=user-node,region=east" set in defaultNodeSelector would not be applied. + mastersSchedulable : bool, default is Undefined, optional + MastersSchedulable allows masters nodes to be schedulable. When this flag is turned on, all the master nodes in the cluster will be made schedulable, so that workload pods can run on them. The default value for this field is false, meaning none of the master nodes are schedulable. Important Note: Once the workload pods start running on the master nodes, extreme care must be taken to ensure that cluster-critical control plane components are not impacted. Please turn on this field after doing due diligence. + policy : ConfigOpenshiftIoV1SchedulerSpecPolicy, default is Undefined, optional + policy + """ + + + defaultNodeSelector?: str + + mastersSchedulable?: bool + + policy?: ConfigOpenshiftIoV1SchedulerSpecPolicy + + +schema ConfigOpenshiftIoV1SchedulerSpecPolicy: + r""" + policy is a reference to a ConfigMap containing scheduler policy which has user specified predicates and priorities. If this ConfigMap is not available scheduler will default to use DefaultAlgorithmProvider. The namespace for this configmap is openshift-config. + + Attributes + ---------- + name : str, default is Undefined, required + name is the metadata.name of the referenced config map + """ + + + name: str + + diff --git a/kubevirt/v1/k8s_cni_cncf_io_v1_network_attachment_definition.k b/kubevirt/v1/k8s_cni_cncf_io_v1_network_attachment_definition.k new file mode 100644 index 00000000..ac0b3f19 --- /dev/null +++ b/kubevirt/v1/k8s_cni_cncf_io_v1_network_attachment_definition.k @@ -0,0 +1,47 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema NetworkAttachmentDefinition: + r""" + NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing Working Group to express the intent for attaching pods to one or more logical or physical networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec + + Attributes + ---------- + apiVersion : str, default is "k8s.cni.cncf.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "NetworkAttachmentDefinition", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : K8sCniCncfIoV1NetworkAttachmentDefinitionSpec, default is Undefined, optional + spec + """ + + + apiVersion: "k8s.cni.cncf.io/v1" = "k8s.cni.cncf.io/v1" + + kind: "NetworkAttachmentDefinition" = "NetworkAttachmentDefinition" + + metadata?: v1.ObjectMeta + + spec?: K8sCniCncfIoV1NetworkAttachmentDefinitionSpec + + +schema K8sCniCncfIoV1NetworkAttachmentDefinitionSpec: + r""" + NetworkAttachmentDefinition spec defines the desired state of a network attachment + + Attributes + ---------- + config : str, default is Undefined, optional + NetworkAttachmentDefinition config is a JSON-formatted CNI configuration + """ + + + config?: str + + diff --git a/kubevirt/v1/kubevirt_io_v1_kube_virt.k b/kubevirt/v1/kubevirt_io_v1_kube_virt.k new file mode 100644 index 00000000..e7d5642c --- /dev/null +++ b/kubevirt/v1/kubevirt_io_v1_kube_virt.k @@ -0,0 +1,3130 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema KubeVirt: + r""" + KubeVirt represents the object deploying all KubeVirt resources + + Attributes + ---------- + apiVersion : str, default is "kubevirt.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "KubeVirt", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : KubevirtIoV1KubeVirtSpec, default is Undefined, required + spec + status : KubevirtIoV1KubeVirtStatus, default is Undefined, optional + status + """ + + + apiVersion: "kubevirt.io/v1" = "kubevirt.io/v1" + + kind: "KubeVirt" = "KubeVirt" + + metadata?: v1.ObjectMeta + + spec: KubevirtIoV1KubeVirtSpec + + status?: KubevirtIoV1KubeVirtStatus + + +schema KubevirtIoV1KubeVirtSpec: + r""" + kubevirt io v1 kube virt spec + + Attributes + ---------- + certificateRotateStrategy : KubevirtIoV1KubeVirtSpecCertificateRotateStrategy, default is Undefined, optional + certificate rotate strategy + configuration : KubevirtIoV1KubeVirtSpecConfiguration, default is Undefined, optional + configuration + customizeComponents : KubevirtIoV1KubeVirtSpecCustomizeComponents, default is Undefined, optional + customize components + imagePullPolicy : str, default is Undefined, optional + The ImagePullPolicy to use. + imagePullSecrets : [KubevirtIoV1KubeVirtSpecImagePullSecretsItems0], default is Undefined, optional + The imagePullSecrets to pull the container images from Defaults to none + imageRegistry : str, default is Undefined, optional + The image registry to pull the container images from Defaults to the same registry the operator's container image is pulled from. + imageTag : str, default is Undefined, optional + The image tag to use for the continer images installed. Defaults to the same tag as the operator's container image. + infra : KubevirtIoV1KubeVirtSpecInfra, default is Undefined, optional + infra + monitorAccount : str, default is Undefined, optional + The name of the Prometheus service account that needs read-access to KubeVirt endpoints Defaults to prometheus-k8s + monitorNamespace : str, default is Undefined, optional + The namespace Prometheus is deployed in Defaults to openshift-monitor + productComponent : str, default is Undefined, optional + Designate the apps.kubevirt.io/component label for KubeVirt components. Useful if KubeVirt is included as part of a product. If ProductComponent is not specified, the component label default value is kubevirt. + productName : str, default is Undefined, optional + Designate the apps.kubevirt.io/part-of label for KubeVirt components. Useful if KubeVirt is included as part of a product. If ProductName is not specified, the part-of label will be omitted. + productVersion : str, default is Undefined, optional + Designate the apps.kubevirt.io/version label for KubeVirt components. Useful if KubeVirt is included as part of a product. If ProductVersion is not specified, KubeVirt's version will be used. + serviceMonitorNamespace : str, default is Undefined, optional + The namespace the service monitor will be deployed When ServiceMonitorNamespace is set, then we'll install the service monitor object in that namespace otherwise we will use the monitoring namespace. + uninstallStrategy : str, default is Undefined, optional + Specifies if kubevirt can be deleted if workloads are still present. This is mainly a precaution to avoid accidental data loss + workloadUpdateStrategy : KubevirtIoV1KubeVirtSpecWorkloadUpdateStrategy, default is Undefined, optional + workload update strategy + workloads : KubevirtIoV1KubeVirtSpecWorkloads, default is Undefined, optional + workloads + """ + + + certificateRotateStrategy?: KubevirtIoV1KubeVirtSpecCertificateRotateStrategy + + configuration?: KubevirtIoV1KubeVirtSpecConfiguration + + customizeComponents?: KubevirtIoV1KubeVirtSpecCustomizeComponents + + imagePullPolicy?: str + + imagePullSecrets?: [KubevirtIoV1KubeVirtSpecImagePullSecretsItems0] + + imageRegistry?: str + + imageTag?: str + + infra?: KubevirtIoV1KubeVirtSpecInfra + + monitorAccount?: str + + monitorNamespace?: str + + productComponent?: str + + productName?: str + + productVersion?: str + + serviceMonitorNamespace?: str + + uninstallStrategy?: str + + workloadUpdateStrategy?: KubevirtIoV1KubeVirtSpecWorkloadUpdateStrategy + + workloads?: KubevirtIoV1KubeVirtSpecWorkloads + + +schema KubevirtIoV1KubeVirtSpecCertificateRotateStrategy: + r""" + kubevirt io v1 kube virt spec certificate rotate strategy + + Attributes + ---------- + selfSigned : KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSigned, default is Undefined, optional + self signed + """ + + + selfSigned?: KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSigned + + +schema KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSigned: + r""" + kubevirt io v1 kube virt spec certificate rotate strategy self signed + + Attributes + ---------- + ca : KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedCa, default is Undefined, optional + ca + caOverlapInterval : str, default is Undefined, optional + Deprecated. Use CA.Duration and CA.RenewBefore instead + caRotateInterval : str, default is Undefined, optional + Deprecated. Use CA.Duration instead + certRotateInterval : str, default is Undefined, optional + Deprecated. Use Server.Duration instead + server : KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedServer, default is Undefined, optional + server + """ + + + ca?: KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedCa + + caOverlapInterval?: str + + caRotateInterval?: str + + certRotateInterval?: str + + server?: KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedServer + + +schema KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedCa: + r""" + CA configuration CA certs are kept in the CA bundle as long as they are valid + + Attributes + ---------- + duration : str, default is Undefined, optional + The requested 'duration' (i.e. lifetime) of the Certificate. + renewBefore : str, default is Undefined, optional + The amount of time before the currently issued certificate's "notAfter" time that we will begin to attempt to renew the certificate. + """ + + + duration?: str + + renewBefore?: str + + +schema KubevirtIoV1KubeVirtSpecCertificateRotateStrategySelfSignedServer: + r""" + Server configuration Certs are rotated and discarded + + Attributes + ---------- + duration : str, default is Undefined, optional + The requested 'duration' (i.e. lifetime) of the Certificate. + renewBefore : str, default is Undefined, optional + The amount of time before the currently issued certificate's "notAfter" time that we will begin to attempt to renew the certificate. + """ + + + duration?: str + + renewBefore?: str + + +schema KubevirtIoV1KubeVirtSpecConfiguration: + r""" + holds kubevirt configurations. same as the virt-configMap + + Attributes + ---------- + additionalGuestMemoryOverheadRatio : str, default is Undefined, optional + AdditionalGuestMemoryOverheadRatio can be used to increase the virtualization infrastructure overhead. This is useful, since the calculation of this overhead is not accurate and cannot be entirely known in advance. The ratio that is being set determines by which factor to increase the overhead calculated by Kubevirt. A higher ratio means that the VMs would be less compromised by node pressures, but would mean that fewer VMs could be scheduled to a node. If not set, the default is 1. + apiConfiguration : KubevirtIoV1KubeVirtSpecConfigurationAPIConfiguration, default is Undefined, optional + api configuration + architectureConfiguration : KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfiguration, default is Undefined, optional + architecture configuration + autoCPULimitNamespaceLabelSelector : KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelector, default is Undefined, optional + auto CPU limit namespace label selector + controllerConfiguration : KubevirtIoV1KubeVirtSpecConfigurationControllerConfiguration, default is Undefined, optional + controller configuration + cpuModel : str, default is Undefined, optional + cpu model + cpuRequest : int | str, default is Undefined, optional + cpu request + defaultRuntimeClass : str, default is Undefined, optional + default runtime class + developerConfiguration : KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfiguration, default is Undefined, optional + developer configuration + emulatedMachines : [str], default is Undefined, optional + emulated machines + evictionStrategy : str, default is Undefined, optional + EvictionStrategy defines at the cluster level if the VirtualMachineInstance should be migrated instead of shut-off in case of a node drain. If the VirtualMachineInstance specific field is set it overrides the cluster level one. + handlerConfiguration : KubevirtIoV1KubeVirtSpecConfigurationHandlerConfiguration, default is Undefined, optional + handler configuration + imagePullPolicy : str, default is Undefined, optional + PullPolicy describes a policy for if/when to pull a container image + ksmConfiguration : KubevirtIoV1KubeVirtSpecConfigurationKsmConfiguration, default is Undefined, optional + ksm configuration + liveUpdateConfiguration : KubevirtIoV1KubeVirtSpecConfigurationLiveUpdateConfiguration, default is Undefined, optional + live update configuration + machineType : str, default is Undefined, optional + Deprecated. Use architectureConfiguration instead. + mediatedDevicesConfiguration : KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfiguration, default is Undefined, optional + mediated devices configuration + memBalloonStatsPeriod : int, default is Undefined, optional + mem balloon stats period + migrations : KubevirtIoV1KubeVirtSpecConfigurationMigrations, default is Undefined, optional + migrations + minCPUModel : str, default is Undefined, optional + min CPU model + network : KubevirtIoV1KubeVirtSpecConfigurationNetwork, default is Undefined, optional + network + obsoleteCPUModels : {str:bool}, default is Undefined, optional + obsolete CPU models + ovmfPath : str, default is Undefined, optional + ovmf path + permittedHostDevices : KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevices, default is Undefined, optional + permitted host devices + seccompConfiguration : KubevirtIoV1KubeVirtSpecConfigurationSeccompConfiguration, default is Undefined, optional + seccomp configuration + selinuxLauncherType : str, default is Undefined, optional + selinux launcher type + smbios : KubevirtIoV1KubeVirtSpecConfigurationSmbios, default is Undefined, optional + smbios + supportContainerResources : [KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0], default is Undefined, optional + SupportContainerResources specifies the resource requirements for various types of supporting containers such as container disks/virtiofs/sidecars and hotplug attachment pods. If omitted a sensible default will be supplied. + supportedGuestAgentVersions : [str], default is Undefined, optional + deprecated + tlsConfiguration : KubevirtIoV1KubeVirtSpecConfigurationTLSConfiguration, default is Undefined, optional + tls configuration + virtualMachineInstancesPerNode : int, default is Undefined, optional + virtual machine instances per node + virtualMachineOptions : KubevirtIoV1KubeVirtSpecConfigurationVirtualMachineOptions, default is Undefined, optional + virtual machine options + vmRolloutStrategy : str, default is Undefined, optional + VMRolloutStrategy defines how changes to a VM object propagate to its VMI + vmStateStorageClass : str, default is Undefined, optional + VMStateStorageClass is the name of the storage class to use for the PVCs created to preserve VM state, like TPM. The storage class must support RWX in filesystem mode. + webhookConfiguration : KubevirtIoV1KubeVirtSpecConfigurationWebhookConfiguration, default is Undefined, optional + webhook configuration + """ + + + additionalGuestMemoryOverheadRatio?: str + + apiConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationAPIConfiguration + + architectureConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfiguration + + autoCPULimitNamespaceLabelSelector?: KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelector + + controllerConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationControllerConfiguration + + cpuModel?: str + + cpuRequest?: int | str + + defaultRuntimeClass?: str + + developerConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfiguration + + emulatedMachines?: [str] + + evictionStrategy?: str + + handlerConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationHandlerConfiguration + + imagePullPolicy?: str + + ksmConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationKsmConfiguration + + liveUpdateConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationLiveUpdateConfiguration + + machineType?: str + + mediatedDevicesConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfiguration + + memBalloonStatsPeriod?: int + + migrations?: KubevirtIoV1KubeVirtSpecConfigurationMigrations + + minCPUModel?: str + + network?: KubevirtIoV1KubeVirtSpecConfigurationNetwork + + obsoleteCPUModels?: {str:bool} + + ovmfPath?: str + + permittedHostDevices?: KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevices + + seccompConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationSeccompConfiguration + + selinuxLauncherType?: str + + smbios?: KubevirtIoV1KubeVirtSpecConfigurationSmbios + + supportContainerResources?: [KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0] + + supportedGuestAgentVersions?: [str] + + tlsConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationTLSConfiguration + + virtualMachineInstancesPerNode?: int + + virtualMachineOptions?: KubevirtIoV1KubeVirtSpecConfigurationVirtualMachineOptions + + vmRolloutStrategy?: "Stage" | "LiveUpdate" + + vmStateStorageClass?: str + + webhookConfiguration?: KubevirtIoV1KubeVirtSpecConfigurationWebhookConfiguration + + + check: + _regex_match(str(cpuRequest), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if cpuRequest + + +schema KubevirtIoV1KubeVirtSpecConfigurationAPIConfiguration: + r""" + ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components without requiring a restart. + + Attributes + ---------- + restClient : KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClient, default is Undefined, optional + rest client + """ + + + restClient?: KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClient + + +schema KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClient: + r""" + RestClient can be used to tune certain aspects of the k8s client in use. + + Attributes + ---------- + rateLimiter : KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiter, default is Undefined, optional + rate limiter + """ + + + rateLimiter?: KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiter + + +schema KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiter: + r""" + RateLimiter allows selecting and configuring different rate limiters for the k8s client. + + Attributes + ---------- + tokenBucketRateLimiter : KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiterTokenBucketRateLimiter, default is Undefined, optional + token bucket rate limiter + """ + + + tokenBucketRateLimiter?: KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiterTokenBucketRateLimiter + + +schema KubevirtIoV1KubeVirtSpecConfigurationAPIConfigurationRestClientRateLimiterTokenBucketRateLimiter: + r""" + kubevirt io v1 kube virt spec configuration API configuration rest client rate limiter token bucket rate limiter + + Attributes + ---------- + burst : int, default is Undefined, required + Maximum burst for throttle. If it's zero, the component default will be used + qps : float, default is Undefined, required + QPS indicates the maximum QPS to the apiserver from this client. If it's zero, the component default will be used + """ + + + burst: int + + qps: float + + +schema KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfiguration: + r""" + kubevirt io v1 kube virt spec configuration architecture configuration + + Attributes + ---------- + amd64 : KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationAmd64, default is Undefined, optional + amd64 + arm64 : KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationArm64, default is Undefined, optional + arm64 + defaultArchitecture : str, default is Undefined, optional + default architecture + ppc64le : KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationPpc64le, default is Undefined, optional + ppc64le + """ + + + amd64?: KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationAmd64 + + arm64?: KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationArm64 + + defaultArchitecture?: str + + ppc64le?: KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationPpc64le + + +schema KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationAmd64: + r""" + kubevirt io v1 kube virt spec configuration architecture configuration amd64 + + Attributes + ---------- + emulatedMachines : [str], default is Undefined, optional + emulated machines + machineType : str, default is Undefined, optional + machine type + ovmfPath : str, default is Undefined, optional + ovmf path + """ + + + emulatedMachines?: [str] + + machineType?: str + + ovmfPath?: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationArm64: + r""" + kubevirt io v1 kube virt spec configuration architecture configuration arm64 + + Attributes + ---------- + emulatedMachines : [str], default is Undefined, optional + emulated machines + machineType : str, default is Undefined, optional + machine type + ovmfPath : str, default is Undefined, optional + ovmf path + """ + + + emulatedMachines?: [str] + + machineType?: str + + ovmfPath?: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationArchitectureConfigurationPpc64le: + r""" + kubevirt io v1 kube virt spec configuration architecture configuration ppc64le + + Attributes + ---------- + emulatedMachines : [str], default is Undefined, optional + emulated machines + machineType : str, default is Undefined, optional + machine type + ovmfPath : str, default is Undefined, optional + ovmf path + """ + + + emulatedMachines?: [str] + + machineType?: str + + ovmfPath?: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelector: + r""" + When set, AutoCPULimitNamespaceLabelSelector will set a CPU limit on virt-launcher for VMIs running inside namespaces that match the label selector. The CPU limit will equal the number of requested vCPUs. This setting does not apply to VMIs with dedicated CPUs. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecConfigurationAutoCPULimitNamespaceLabelSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecConfigurationControllerConfiguration: + r""" + ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components without requiring a restart. + + Attributes + ---------- + restClient : KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClient, default is Undefined, optional + rest client + """ + + + restClient?: KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClient + + +schema KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClient: + r""" + RestClient can be used to tune certain aspects of the k8s client in use. + + Attributes + ---------- + rateLimiter : KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiter, default is Undefined, optional + rate limiter + """ + + + rateLimiter?: KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiter + + +schema KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiter: + r""" + RateLimiter allows selecting and configuring different rate limiters for the k8s client. + + Attributes + ---------- + tokenBucketRateLimiter : KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiterTokenBucketRateLimiter, default is Undefined, optional + token bucket rate limiter + """ + + + tokenBucketRateLimiter?: KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiterTokenBucketRateLimiter + + +schema KubevirtIoV1KubeVirtSpecConfigurationControllerConfigurationRestClientRateLimiterTokenBucketRateLimiter: + r""" + kubevirt io v1 kube virt spec configuration controller configuration rest client rate limiter token bucket rate limiter + + Attributes + ---------- + burst : int, default is Undefined, required + Maximum burst for throttle. If it's zero, the component default will be used + qps : float, default is Undefined, required + QPS indicates the maximum QPS to the apiserver from this client. If it's zero, the component default will be used + """ + + + burst: int + + qps: float + + +schema KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfiguration: + r""" + DeveloperConfiguration holds developer options + + Attributes + ---------- + cpuAllocationRatio : int, default is Undefined, optional + For each requested virtual CPU, CPUAllocationRatio defines how much physical CPU to request per VMI from the hosting node. The value is in fraction of a CPU thread (or core on non-hyperthreaded nodes). For example, a value of 1 means 1 physical CPU thread per VMI CPU thread. A value of 100 would be 1% of a physical thread allocated for each requested VMI thread. This option has no effect on VMIs that request dedicated CPUs. More information at: https://kubevirt.io/user-guide/operations/node_overcommit/#node-cpu-allocation-ratio Defaults to 10 + diskVerification : KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationDiskVerification, default is Undefined, optional + disk verification + featureGates : [str], default is Undefined, optional + FeatureGates is the list of experimental features to enable. Defaults to none + logVerbosity : KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationLogVerbosity, default is Undefined, optional + log verbosity + memoryOvercommit : int, default is Undefined, optional + MemoryOvercommit is the percentage of memory we want to give VMIs compared to the amount given to its parent pod (virt-launcher). For example, a value of 102 means the VMI will "see" 2% more memory than its parent pod. Values under 100 are effectively "undercommits". Overcommits can lead to memory exhaustion, which in turn can lead to crashes. Use carefully. Defaults to 100 + minimumClusterTSCFrequency : int, default is Undefined, optional + Allow overriding the automatically determined minimum TSC frequency of the cluster and fixate the minimum to this frequency. + minimumReservePVCBytes : int, default is Undefined, optional + MinimumReservePVCBytes is the amount of space, in bytes, to leave unused on disks. Defaults to 131072 (128KiB) + nodeSelectors : {str:str}, default is Undefined, optional + NodeSelectors allows restricting VMI creation to nodes that match a set of labels. Defaults to none + pvcTolerateLessSpaceUpToPercent : int, default is Undefined, optional + LessPVCSpaceToleration determines how much smaller, in percentage, disk PVCs are allowed to be compared to the requested size (to account for various overheads). Defaults to 10 + useEmulation : bool, default is Undefined, optional + UseEmulation can be set to true to allow fallback to software emulation in case hardware-assisted emulation is not available. Defaults to false + """ + + + cpuAllocationRatio?: int + + diskVerification?: KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationDiskVerification + + featureGates?: [str] + + logVerbosity?: KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationLogVerbosity + + memoryOvercommit?: int + + minimumClusterTSCFrequency?: int + + minimumReservePVCBytes?: int + + nodeSelectors?: {str:str} + + pvcTolerateLessSpaceUpToPercent?: int + + useEmulation?: bool + + +schema KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationDiskVerification: + r""" + DiskVerification holds container disks verification limits + + Attributes + ---------- + memoryLimit : int | str, default is Undefined, required + memory limit + """ + + + memoryLimit: int | str + + + check: + _regex_match(str(memoryLimit), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") + + +schema KubevirtIoV1KubeVirtSpecConfigurationDeveloperConfigurationLogVerbosity: + r""" + LogVerbosity sets log verbosity level of various components + + Attributes + ---------- + nodeVerbosity : {str:int}, default is Undefined, optional + NodeVerbosity represents a map of nodes with a specific verbosity level + virtAPI : int, default is Undefined, optional + virt API + virtController : int, default is Undefined, optional + virt controller + virtHandler : int, default is Undefined, optional + virt handler + virtLauncher : int, default is Undefined, optional + virt launcher + virtOperator : int, default is Undefined, optional + virt operator + """ + + + nodeVerbosity?: {str:int} + + virtAPI?: int + + virtController?: int + + virtHandler?: int + + virtLauncher?: int + + virtOperator?: int + + +schema KubevirtIoV1KubeVirtSpecConfigurationHandlerConfiguration: + r""" + ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components without requiring a restart. + + Attributes + ---------- + restClient : KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClient, default is Undefined, optional + rest client + """ + + + restClient?: KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClient + + +schema KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClient: + r""" + RestClient can be used to tune certain aspects of the k8s client in use. + + Attributes + ---------- + rateLimiter : KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiter, default is Undefined, optional + rate limiter + """ + + + rateLimiter?: KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiter + + +schema KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiter: + r""" + RateLimiter allows selecting and configuring different rate limiters for the k8s client. + + Attributes + ---------- + tokenBucketRateLimiter : KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiterTokenBucketRateLimiter, default is Undefined, optional + token bucket rate limiter + """ + + + tokenBucketRateLimiter?: KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiterTokenBucketRateLimiter + + +schema KubevirtIoV1KubeVirtSpecConfigurationHandlerConfigurationRestClientRateLimiterTokenBucketRateLimiter: + r""" + kubevirt io v1 kube virt spec configuration handler configuration rest client rate limiter token bucket rate limiter + + Attributes + ---------- + burst : int, default is Undefined, required + Maximum burst for throttle. If it's zero, the component default will be used + qps : float, default is Undefined, required + QPS indicates the maximum QPS to the apiserver from this client. If it's zero, the component default will be used + """ + + + burst: int + + qps: float + + +schema KubevirtIoV1KubeVirtSpecConfigurationKsmConfiguration: + r""" + KSMConfiguration holds the information regarding the enabling the KSM in the nodes (if available). + + Attributes + ---------- + nodeLabelSelector : KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelector, default is Undefined, optional + node label selector + """ + + + nodeLabelSelector?: KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelector + + +schema KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelector: + r""" + NodeLabelSelector is a selector that filters in which nodes the KSM will be enabled. Empty NodeLabelSelector will enable ksm for every node. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecConfigurationKsmConfigurationNodeLabelSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecConfigurationLiveUpdateConfiguration: + r""" + LiveUpdateConfiguration holds defaults for live update features + + Attributes + ---------- + maxCpuSockets : int, default is Undefined, optional + MaxCpuSockets holds the maximum amount of sockets that can be hotplugged + maxGuest : int | str, default is Undefined, optional + MaxGuest defines the maximum amount memory that can be allocated to the guest using hotplug. + maxHotplugRatio : int, default is Undefined, optional + MaxHotplugRatio is the ratio used to define the max amount of a hotplug resource that can be made available to a VM when the specific Max* setting is not defined (MaxCpuSockets, MaxGuest) Example: VM is configured with 512Mi of guest memory, if MaxGuest is not defined and MaxHotplugRatio is 2 then MaxGuest = 1Gi defaults to 4 + """ + + + maxCpuSockets?: int + + maxGuest?: int | str + + maxHotplugRatio?: int + + + check: + _regex_match(str(maxGuest), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if maxGuest + + +schema KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfiguration: + r""" + MediatedDevicesConfiguration holds information about MDEV types to be defined, if available + + Attributes + ---------- + mediatedDeviceTypes : [str], default is Undefined, optional + mediated device types + mediatedDevicesTypes : [str], default is Undefined, optional + Deprecated. Use mediatedDeviceTypes instead. + nodeMediatedDeviceTypes : [KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfigurationNodeMediatedDeviceTypesItems0], default is Undefined, optional + node mediated device types + """ + + + mediatedDeviceTypes?: [str] + + mediatedDevicesTypes?: [str] + + nodeMediatedDeviceTypes?: [KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfigurationNodeMediatedDeviceTypesItems0] + + +schema KubevirtIoV1KubeVirtSpecConfigurationMediatedDevicesConfigurationNodeMediatedDeviceTypesItems0: + r""" + NodeMediatedDeviceTypesConfig holds information about MDEV types to be defined in a specific node that matches the NodeSelector field. + + Attributes + ---------- + mediatedDeviceTypes : [str], default is Undefined, optional + mediated device types + mediatedDevicesTypes : [str], default is Undefined, optional + Deprecated. Use mediatedDeviceTypes instead. + nodeSelector : {str:str}, default is Undefined, required + NodeSelector is a selector which must be true for the vmi to fit on a node. Selector which must match a node's labels for the vmi to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + """ + + + mediatedDeviceTypes?: [str] + + mediatedDevicesTypes?: [str] + + nodeSelector: {str:str} + + +schema KubevirtIoV1KubeVirtSpecConfigurationMigrations: + r""" + MigrationConfiguration holds migration options. Can be overridden for specific groups of VMs though migration policies. Visit https://kubevirt.io/user-guide/operations/migration_policies/ for more information. + + Attributes + ---------- + allowAutoConverge : bool, default is Undefined, optional + AllowAutoConverge allows the platform to compromise performance/availability of VMIs to guarantee successful VMI live migrations. Defaults to false + allowPostCopy : bool, default is Undefined, optional + AllowPostCopy enables post-copy live migrations. Such migrations allow even the busiest VMIs to successfully live-migrate. However, events like a network failure can cause a VMI crash. If set to true, migrations will still start in pre-copy, but switch to post-copy when CompletionTimeoutPerGiB triggers. Defaults to false + bandwidthPerMigration : int | str, default is Undefined, optional + BandwidthPerMigration limits the amount of network bandwidth live migrations are allowed to use. The value is in quantity per second. Defaults to 0 (no limit) + completionTimeoutPerGiB : int, default is Undefined, optional + CompletionTimeoutPerGiB is the maximum number of seconds per GiB a migration is allowed to take. If a live-migration takes longer to migrate than this value multiplied by the size of the VMI, the migration will be cancelled, unless AllowPostCopy is true. Defaults to 800 + disableTLS : bool, default is Undefined, optional + When set to true, DisableTLS will disable the additional layer of live migration encryption provided by KubeVirt. This is usually a bad idea. Defaults to false + matchSELinuxLevelOnMigration : bool, default is Undefined, optional + By default, the SELinux level of target virt-launcher pods is forced to the level of the source virt-launcher. When set to true, MatchSELinuxLevelOnMigration lets the CRI auto-assign a random level to the target. That will ensure the target virt-launcher doesn't share categories with another pod on the node. However, migrations will fail when using RWX volumes that don't automatically deal with SELinux levels. + network : str, default is Undefined, optional + Network is the name of the CNI network to use for live migrations. By default, migrations go through the pod network. + nodeDrainTaintKey : str, default is Undefined, optional + NodeDrainTaintKey defines the taint key that indicates a node should be drained. Note: this option relies on the deprecated node taint feature. Default: kubevirt.io/drain + parallelMigrationsPerCluster : int, default is Undefined, optional + ParallelMigrationsPerCluster is the total number of concurrent live migrations allowed cluster-wide. Defaults to 5 + parallelOutboundMigrationsPerNode : int, default is Undefined, optional + ParallelOutboundMigrationsPerNode is the maximum number of concurrent outgoing live migrations allowed per node. Defaults to 2 + progressTimeout : int, default is Undefined, optional + ProgressTimeout is the maximum number of seconds a live migration is allowed to make no progress. Hitting this timeout means a migration transferred 0 data for that many seconds. The migration is then considered stuck and therefore cancelled. Defaults to 150 + unsafeMigrationOverride : bool, default is Undefined, optional + UnsafeMigrationOverride allows live migrations to occur even if the compatibility check indicates the migration will be unsafe to the guest. Defaults to false + """ + + + allowAutoConverge?: bool + + allowPostCopy?: bool + + bandwidthPerMigration?: int | str + + completionTimeoutPerGiB?: int + + disableTLS?: bool + + matchSELinuxLevelOnMigration?: bool + + network?: str + + nodeDrainTaintKey?: str + + parallelMigrationsPerCluster?: int + + parallelOutboundMigrationsPerNode?: int + + progressTimeout?: int + + unsafeMigrationOverride?: bool + + + check: + _regex_match(str(bandwidthPerMigration), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if bandwidthPerMigration + + +schema KubevirtIoV1KubeVirtSpecConfigurationNetwork: + r""" + NetworkConfiguration holds network options + + Attributes + ---------- + binding : {str:KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnon}, default is Undefined, optional + binding + defaultNetworkInterface : str, default is Undefined, optional + default network interface + permitBridgeInterfaceOnPodNetwork : bool, default is Undefined, optional + permit bridge interface on pod network + permitSlirpInterface : bool, default is Undefined, optional + permit slirp interface + """ + + + binding?: {str:KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnon} + + defaultNetworkInterface?: str + + permitBridgeInterfaceOnPodNetwork?: bool + + permitSlirpInterface?: bool + + +schema KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnon: + r""" + kubevirt io v1 kube virt spec configuration network binding anon + + Attributes + ---------- + domainAttachmentType : str, default is Undefined, optional + DomainAttachmentType is a standard domain network attachment method kubevirt supports. Supported values: "tap". The standard domain attachment can be used instead or in addition to the sidecarImage. version: 1alphav1 + migration : KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnonMigration, default is Undefined, optional + migration + networkAttachmentDefinition : str, default is Undefined, optional + NetworkAttachmentDefinition references to a NetworkAttachmentDefinition CR object. Format: , /. If namespace is not specified, VMI namespace is assumed. version: 1alphav1 + sidecarImage : str, default is Undefined, optional + SidecarImage references a container image that runs in the virt-launcher pod. The sidecar handles (libvirt) domain configuration and optional services. version: 1alphav1 + """ + + + domainAttachmentType?: str + + migration?: KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnonMigration + + networkAttachmentDefinition?: str + + sidecarImage?: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationNetworkBindingAnonMigration: + r""" + Migration means the VM using the plugin can be safely migrated version: 1alphav1 + + Attributes + ---------- + method : str, default is Undefined, optional + Method defines a pre-defined migration methodology version: 1alphav1 + """ + + + method?: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevices: + r""" + PermittedHostDevices holds information about devices allowed for passthrough + + Attributes + ---------- + mediatedDevices : [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesMediatedDevicesItems0], default is Undefined, optional + mediated devices + pciHostDevices : [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesPciHostDevicesItems0], default is Undefined, optional + pci host devices + usb : [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0], default is Undefined, optional + usb + """ + + + mediatedDevices?: [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesMediatedDevicesItems0] + + pciHostDevices?: [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesPciHostDevicesItems0] + + usb?: [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0] + + +schema KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesMediatedDevicesItems0: + r""" + MediatedHostDevice represents a host mediated device allowed for passthrough + + Attributes + ---------- + externalResourceProvider : bool, default is Undefined, optional + external resource provider + mdevNameSelector : str, default is Undefined, required + mdev name selector + resourceName : str, default is Undefined, required + resource name + """ + + + externalResourceProvider?: bool + + mdevNameSelector: str + + resourceName: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesPciHostDevicesItems0: + r""" + PciHostDevice represents a host PCI device allowed for passthrough + + Attributes + ---------- + externalResourceProvider : bool, default is Undefined, optional + If true, KubeVirt will leave the allocation and monitoring to an external device plugin + pciVendorSelector : str, default is Undefined, required + The vendor_id:product_id tuple of the PCI device + resourceName : str, default is Undefined, required + The name of the resource that is representing the device. Exposed by a device plugin and requested by VMs. Typically of the form vendor.com/product_name + """ + + + externalResourceProvider?: bool + + pciVendorSelector: str + + resourceName: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0: + r""" + kubevirt io v1 kube virt spec configuration permitted host devices usb items0 + + Attributes + ---------- + externalResourceProvider : bool, default is Undefined, optional + If true, KubeVirt will leave the allocation and monitoring to an external device plugin + resourceName : str, default is Undefined, required + Identifies the list of USB host devices. e.g: kubevirt.io/storage, kubevirt.io/bootable-usb, etc + selectors : [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0SelectorsItems0], default is Undefined, optional + selectors + """ + + + externalResourceProvider?: bool + + resourceName: str + + selectors?: [KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0SelectorsItems0] + + +schema KubevirtIoV1KubeVirtSpecConfigurationPermittedHostDevicesUsbItems0SelectorsItems0: + r""" + kubevirt io v1 kube virt spec configuration permitted host devices usb items0 selectors items0 + + Attributes + ---------- + product : str, default is Undefined, required + product + vendor : str, default is Undefined, required + vendor + """ + + + product: str + + vendor: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationSeccompConfiguration: + r""" + SeccompConfiguration holds Seccomp configuration for Kubevirt components + + Attributes + ---------- + virtualMachineInstanceProfile : KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfile, default is Undefined, optional + virtual machine instance profile + """ + + + virtualMachineInstanceProfile?: KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfile + + +schema KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfile: + r""" + VirtualMachineInstanceProfile defines what profile should be used with virt-launcher. Defaults to none + + Attributes + ---------- + customProfile : KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfileCustomProfile, default is Undefined, optional + custom profile + """ + + + customProfile?: KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfileCustomProfile + + +schema KubevirtIoV1KubeVirtSpecConfigurationSeccompConfigurationVirtualMachineInstanceProfileCustomProfile: + r""" + CustomProfile allows to request arbitrary profile for virt-launcher + + Attributes + ---------- + localhostProfile : str, default is Undefined, optional + localhost profile + runtimeDefaultProfile : bool, default is Undefined, optional + runtime default profile + """ + + + localhostProfile?: str + + runtimeDefaultProfile?: bool + + +schema KubevirtIoV1KubeVirtSpecConfigurationSmbios: + r""" + kubevirt io v1 kube virt spec configuration smbios + + Attributes + ---------- + family : str, default is Undefined, optional + family + manufacturer : str, default is Undefined, optional + manufacturer + product : str, default is Undefined, optional + product + sku : str, default is Undefined, optional + sku + version : str, default is Undefined, optional + version + """ + + + family?: str + + manufacturer?: str + + product?: str + + sku?: str + + version?: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0: + r""" + SupportContainerResources are used to specify the cpu/memory request and limits for the containers that support various features of Virtual Machines. These containers are usually idle and don't require a lot of memory or cpu. + + Attributes + ---------- + resources : KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0Resources, default is Undefined, required + resources + $type : str, default is Undefined, required + type + """ + + + resources: KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0Resources + + $type: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0Resources: + r""" + ResourceRequirements describes the compute resource requirements. + + Attributes + ---------- + claims : [KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0ResourcesClaimsItems0], default is Undefined, optional + Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. + This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. + This field is immutable. It can only be set for containers. + limits : {str:int | str}, default is Undefined, optional + Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + requests : {str:int | str}, default is Undefined, optional + Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + """ + + + claims?: [KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0ResourcesClaimsItems0] + + limits?: {str:int | str} + + requests?: {str:int | str} + + + check: + all _, limits in limits { _regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits + all _, requests in requests { _regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests + + +schema KubevirtIoV1KubeVirtSpecConfigurationSupportContainerResourcesItems0ResourcesClaimsItems0: + r""" + ResourceClaim references one entry in PodSpec.ResourceClaims. + + Attributes + ---------- + name : str, default is Undefined, required + Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. + """ + + + name: str + + +schema KubevirtIoV1KubeVirtSpecConfigurationTLSConfiguration: + r""" + TLSConfiguration holds TLS options + + Attributes + ---------- + ciphers : [str], default is Undefined, optional + ciphers + minTLSVersion : str, default is Undefined, optional + MinTLSVersion is a way to specify the minimum protocol version that is acceptable for TLS connections. Protocol versions are based on the following most common TLS configurations: + https://ssl-config.mozilla.org/ + Note that SSLv3.0 is not a supported protocol version due to well known vulnerabilities such as POODLE: https://en.wikipedia.org/wiki/POODLE + """ + + + ciphers?: [str] + + minTLSVersion?: "VersionTLS10" | "VersionTLS11" | "VersionTLS12" | "VersionTLS13" + + +schema KubevirtIoV1KubeVirtSpecConfigurationVirtualMachineOptions: + r""" + VirtualMachineOptions holds the cluster level information regarding the virtual machine. + + Attributes + ---------- + disableFreePageReporting : any, default is Undefined, optional + DisableFreePageReporting disable the free page reporting of memory balloon device https://libvirt.org/formatdomain.html#memory-balloon-device. This will have effect only if AutoattachMemBalloon is not false and the vmi is not requesting any high performance feature (dedicatedCPU/realtime/hugePages), in which free page reporting is always disabled. + disableSerialConsoleLog : any, default is Undefined, optional + DisableSerialConsoleLog disables logging the auto-attached default serial console. If not set, serial console logs will be written to a file and then streamed from a container named 'guest-console-log'. The value can be individually overridden for each VM, not relevant if AutoattachSerialConsole is disabled. + """ + + + disableFreePageReporting?: any + + disableSerialConsoleLog?: any + + +schema KubevirtIoV1KubeVirtSpecConfigurationWebhookConfiguration: + r""" + ReloadableComponentConfiguration holds all generic k8s configuration options which can be reloaded by components without requiring a restart. + + Attributes + ---------- + restClient : KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClient, default is Undefined, optional + rest client + """ + + + restClient?: KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClient + + +schema KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClient: + r""" + RestClient can be used to tune certain aspects of the k8s client in use. + + Attributes + ---------- + rateLimiter : KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiter, default is Undefined, optional + rate limiter + """ + + + rateLimiter?: KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiter + + +schema KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiter: + r""" + RateLimiter allows selecting and configuring different rate limiters for the k8s client. + + Attributes + ---------- + tokenBucketRateLimiter : KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiterTokenBucketRateLimiter, default is Undefined, optional + token bucket rate limiter + """ + + + tokenBucketRateLimiter?: KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiterTokenBucketRateLimiter + + +schema KubevirtIoV1KubeVirtSpecConfigurationWebhookConfigurationRestClientRateLimiterTokenBucketRateLimiter: + r""" + kubevirt io v1 kube virt spec configuration webhook configuration rest client rate limiter token bucket rate limiter + + Attributes + ---------- + burst : int, default is Undefined, required + Maximum burst for throttle. If it's zero, the component default will be used + qps : float, default is Undefined, required + QPS indicates the maximum QPS to the apiserver from this client. If it's zero, the component default will be used + """ + + + burst: int + + qps: float + + +schema KubevirtIoV1KubeVirtSpecCustomizeComponents: + r""" + kubevirt io v1 kube virt spec customize components + + Attributes + ---------- + flags : KubevirtIoV1KubeVirtSpecCustomizeComponentsFlags, default is Undefined, optional + flags + patches : [KubevirtIoV1KubeVirtSpecCustomizeComponentsPatchesItems0], default is Undefined, optional + patches + """ + + + flags?: KubevirtIoV1KubeVirtSpecCustomizeComponentsFlags + + patches?: [KubevirtIoV1KubeVirtSpecCustomizeComponentsPatchesItems0] + + +schema KubevirtIoV1KubeVirtSpecCustomizeComponentsFlags: + r""" + Configure the value used for deployment and daemonset resources + + Attributes + ---------- + api : {str:str}, default is Undefined, optional + api + controller : {str:str}, default is Undefined, optional + controller + handler : {str:str}, default is Undefined, optional + handler + """ + + + api?: {str:str} + + controller?: {str:str} + + handler?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecCustomizeComponentsPatchesItems0: + r""" + kubevirt io v1 kube virt spec customize components patches items0 + + Attributes + ---------- + patch : str, default is Undefined, required + patch + resourceName : str, default is Undefined, required + resource name + resourceType : str, default is Undefined, required + resource type + $type : str, default is Undefined, required + type + """ + + + patch: str + + resourceName: str + + resourceType: str + + $type: str + + + check: + len(resourceName) >= 1 + len(resourceType) >= 1 + + +schema KubevirtIoV1KubeVirtSpecImagePullSecretsItems0: + r""" + LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + + Attributes + ---------- + name : str, default is Undefined, optional + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + """ + + + name?: str + + +schema KubevirtIoV1KubeVirtSpecInfra: + r""" + selectors and tolerations that should apply to KubeVirt infrastructure components + + Attributes + ---------- + nodePlacement : KubevirtIoV1KubeVirtSpecInfraNodePlacement, default is Undefined, optional + node placement + replicas : int, default is Undefined, optional + replicas indicates how many replicas should be created for each KubeVirt infrastructure component (like virt-api or virt-controller). Defaults to 2. WARNING: this is an advanced feature that prevents auto-scaling for core kubevirt components. Please use with caution! + """ + + + nodePlacement?: KubevirtIoV1KubeVirtSpecInfraNodePlacement + + replicas?: int + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacement: + r""" + nodePlacement describes scheduling configuration for specific KubeVirt components + + Attributes + ---------- + affinity : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinity, default is Undefined, optional + affinity + nodeSelector : {str:str}, default is Undefined, optional + nodeSelector is the node selector applied to the relevant kind of pods It specifies a map of key-value pairs: for the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels (it can have additional labels as well). See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector + tolerations : [KubevirtIoV1KubeVirtSpecInfraNodePlacementTolerationsItems0], default is Undefined, optional + tolerations is a list of tolerations applied to the relevant kind of pods See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. These are additional tolerations other than default ones. + """ + + + affinity?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinity + + nodeSelector?: {str:str} + + tolerations?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementTolerationsItems0] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinity: + r""" + affinity enables pod affinity/anti-affinity placement expanding the types of constraints that can be expressed with nodeSelector. affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity + + Attributes + ---------- + nodeAffinity : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinity, default is Undefined, optional + node affinity + podAffinity : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinity, default is Undefined, optional + pod affinity + podAntiAffinity : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinity, default is Undefined, optional + pod anti affinity + """ + + + nodeAffinity?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinity + + podAffinity?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinity + + podAntiAffinity?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinity + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinity: + r""" + Describes node affinity scheduling rules for the pod. + + Attributes + ---------- + preferredDuringSchedulingIgnoredDuringExecution : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0], default is Undefined, optional + The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + requiredDuringSchedulingIgnoredDuringExecution : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution, default is Undefined, optional + required during scheduling ignored during execution + """ + + + preferredDuringSchedulingIgnoredDuringExecution?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0] + + requiredDuringSchedulingIgnoredDuringExecution?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0: + r""" + An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + + Attributes + ---------- + preference : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference, default is Undefined, required + preference + weight : int, default is Undefined, required + Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + """ + + + preference: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference + + weight: int + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference: + r""" + A node selector term, associated with the corresponding weight. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0], default is Undefined, optional + A list of node selector requirements by node's labels. + matchFields : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0], default is Undefined, optional + A list of node selector requirements by node's fields. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0] + + matchFields?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0: + r""" + A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + The label key that the selector applies to. + operator : str, default is Undefined, required + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + values : [str], default is Undefined, optional + An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0: + r""" + A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + The label key that the selector applies to. + operator : str, default is Undefined, required + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + values : [str], default is Undefined, optional + An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution: + r""" + If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + + Attributes + ---------- + nodeSelectorTerms : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0], default is Undefined, required + Required. A list of node selector terms. The terms are ORed. + """ + + + nodeSelectorTerms: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0: + r""" + A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0], default is Undefined, optional + A list of node selector requirements by node's labels. + matchFields : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0], default is Undefined, optional + A list of node selector requirements by node's fields. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0] + + matchFields?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0: + r""" + A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + The label key that the selector applies to. + operator : str, default is Undefined, required + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + values : [str], default is Undefined, optional + An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0: + r""" + A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + The label key that the selector applies to. + operator : str, default is Undefined, required + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + values : [str], default is Undefined, optional + An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinity: + r""" + Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + + Attributes + ---------- + preferredDuringSchedulingIgnoredDuringExecution : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0], default is Undefined, optional + The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + requiredDuringSchedulingIgnoredDuringExecution : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0], default is Undefined, optional + If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + """ + + + preferredDuringSchedulingIgnoredDuringExecution?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0] + + requiredDuringSchedulingIgnoredDuringExecution?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0: + r""" + The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + + Attributes + ---------- + podAffinityTerm : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm, default is Undefined, required + pod affinity term + weight : int, default is Undefined, required + weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + """ + + + podAffinityTerm: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm + + weight: int + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm: + r""" + Required. A pod affinity term, associated with the corresponding weight. + + Attributes + ---------- + labelSelector : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector, default is Undefined, optional + label selector + namespaceSelector : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector, default is Undefined, optional + namespace selector + namespaces : [str], default is Undefined, optional + namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + topologyKey : str, default is Undefined, required + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + """ + + + labelSelector?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector + + namespaceSelector?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector + + namespaces?: [str] + + topologyKey: str + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector: + r""" + A label query over a set of resources, in this case pods. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector: + r""" + A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0: + r""" + Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + + Attributes + ---------- + labelSelector : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector, default is Undefined, optional + label selector + namespaceSelector : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector, default is Undefined, optional + namespace selector + namespaces : [str], default is Undefined, optional + namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + topologyKey : str, default is Undefined, required + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + """ + + + labelSelector?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector + + namespaceSelector?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector + + namespaces?: [str] + + topologyKey: str + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector: + r""" + A label query over a set of resources, in this case pods. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector: + r""" + A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinity: + r""" + Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + + Attributes + ---------- + preferredDuringSchedulingIgnoredDuringExecution : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0], default is Undefined, optional + The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + requiredDuringSchedulingIgnoredDuringExecution : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0], default is Undefined, optional + If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + """ + + + preferredDuringSchedulingIgnoredDuringExecution?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0] + + requiredDuringSchedulingIgnoredDuringExecution?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0: + r""" + The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + + Attributes + ---------- + podAffinityTerm : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm, default is Undefined, required + pod affinity term + weight : int, default is Undefined, required + weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + """ + + + podAffinityTerm: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm + + weight: int + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm: + r""" + Required. A pod affinity term, associated with the corresponding weight. + + Attributes + ---------- + labelSelector : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector, default is Undefined, optional + label selector + namespaceSelector : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector, default is Undefined, optional + namespace selector + namespaces : [str], default is Undefined, optional + namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + topologyKey : str, default is Undefined, required + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + """ + + + labelSelector?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector + + namespaceSelector?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector + + namespaces?: [str] + + topologyKey: str + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector: + r""" + A label query over a set of resources, in this case pods. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector: + r""" + A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0: + r""" + Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + + Attributes + ---------- + labelSelector : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector, default is Undefined, optional + label selector + namespaceSelector : KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector, default is Undefined, optional + namespace selector + namespaces : [str], default is Undefined, optional + namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + topologyKey : str, default is Undefined, required + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + """ + + + labelSelector?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector + + namespaceSelector?: KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector + + namespaces?: [str] + + topologyKey: str + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector: + r""" + A label query over a set of resources, in this case pods. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector: + r""" + A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecInfraNodePlacementTolerationsItems0: + r""" + The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + + Attributes + ---------- + effect : str, default is Undefined, optional + Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + key : str, default is Undefined, optional + Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + operator : str, default is Undefined, optional + Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + tolerationSeconds : int, default is Undefined, optional + TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + value : str, default is Undefined, optional + Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + """ + + + effect?: str + + key?: str + + operator?: str + + tolerationSeconds?: int + + value?: str + + +schema KubevirtIoV1KubeVirtSpecWorkloadUpdateStrategy: + r""" + WorkloadUpdateStrategy defines at the cluster level how to handle automated workload updates + + Attributes + ---------- + batchEvictionInterval : str, default is Undefined, optional + BatchEvictionInterval Represents the interval to wait before issuing the next batch of shutdowns + Defaults to 1 minute + batchEvictionSize : int, default is Undefined, optional + BatchEvictionSize Represents the number of VMIs that can be forced updated per the BatchShutdownInteral interval + Defaults to 10 + workloadUpdateMethods : [str], default is Undefined, optional + WorkloadUpdateMethods defines the methods that can be used to disrupt workloads during automated workload updates. When multiple methods are present, the least disruptive method takes precedence over more disruptive methods. For example if both LiveMigrate and Shutdown methods are listed, only VMs which are not live migratable will be restarted/shutdown + An empty list defaults to no automated workload updating + """ + + + batchEvictionInterval?: str + + batchEvictionSize?: int + + workloadUpdateMethods?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloads: + r""" + selectors and tolerations that should apply to KubeVirt workloads + + Attributes + ---------- + nodePlacement : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacement, default is Undefined, optional + node placement + replicas : int, default is Undefined, optional + replicas indicates how many replicas should be created for each KubeVirt infrastructure component (like virt-api or virt-controller). Defaults to 2. WARNING: this is an advanced feature that prevents auto-scaling for core kubevirt components. Please use with caution! + """ + + + nodePlacement?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacement + + replicas?: int + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacement: + r""" + nodePlacement describes scheduling configuration for specific KubeVirt components + + Attributes + ---------- + affinity : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinity, default is Undefined, optional + affinity + nodeSelector : {str:str}, default is Undefined, optional + nodeSelector is the node selector applied to the relevant kind of pods It specifies a map of key-value pairs: for the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels (it can have additional labels as well). See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector + tolerations : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementTolerationsItems0], default is Undefined, optional + tolerations is a list of tolerations applied to the relevant kind of pods See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ for more info. These are additional tolerations other than default ones. + """ + + + affinity?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinity + + nodeSelector?: {str:str} + + tolerations?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementTolerationsItems0] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinity: + r""" + affinity enables pod affinity/anti-affinity placement expanding the types of constraints that can be expressed with nodeSelector. affinity is going to be applied to the relevant kind of pods in parallel with nodeSelector See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity + + Attributes + ---------- + nodeAffinity : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinity, default is Undefined, optional + node affinity + podAffinity : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinity, default is Undefined, optional + pod affinity + podAntiAffinity : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinity, default is Undefined, optional + pod anti affinity + """ + + + nodeAffinity?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinity + + podAffinity?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinity + + podAntiAffinity?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinity + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinity: + r""" + Describes node affinity scheduling rules for the pod. + + Attributes + ---------- + preferredDuringSchedulingIgnoredDuringExecution : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0], default is Undefined, optional + The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + requiredDuringSchedulingIgnoredDuringExecution : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution, default is Undefined, optional + required during scheduling ignored during execution + """ + + + preferredDuringSchedulingIgnoredDuringExecution?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0] + + requiredDuringSchedulingIgnoredDuringExecution?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0: + r""" + An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + + Attributes + ---------- + preference : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference, default is Undefined, required + preference + weight : int, default is Undefined, required + Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + """ + + + preference: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference + + weight: int + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0Preference: + r""" + A node selector term, associated with the corresponding weight. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0], default is Undefined, optional + A list of node selector requirements by node's labels. + matchFields : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0], default is Undefined, optional + A list of node selector requirements by node's fields. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0] + + matchFields?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchExpressionsItems0: + r""" + A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + The label key that the selector applies to. + operator : str, default is Undefined, required + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + values : [str], default is Undefined, optional + An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PreferenceMatchFieldsItems0: + r""" + A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + The label key that the selector applies to. + operator : str, default is Undefined, required + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + values : [str], default is Undefined, optional + An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution: + r""" + If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + + Attributes + ---------- + nodeSelectorTerms : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0], default is Undefined, required + Required. A list of node selector terms. The terms are ORed. + """ + + + nodeSelectorTerms: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0: + r""" + A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0], default is Undefined, optional + A list of node selector requirements by node's labels. + matchFields : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0], default is Undefined, optional + A list of node selector requirements by node's fields. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0] + + matchFields?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchExpressionsItems0: + r""" + A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + The label key that the selector applies to. + operator : str, default is Undefined, required + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + values : [str], default is Undefined, optional + An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsItems0MatchFieldsItems0: + r""" + A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + The label key that the selector applies to. + operator : str, default is Undefined, required + Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + values : [str], default is Undefined, optional + An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinity: + r""" + Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + + Attributes + ---------- + preferredDuringSchedulingIgnoredDuringExecution : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0], default is Undefined, optional + The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + requiredDuringSchedulingIgnoredDuringExecution : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0], default is Undefined, optional + If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + """ + + + preferredDuringSchedulingIgnoredDuringExecution?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0] + + requiredDuringSchedulingIgnoredDuringExecution?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0: + r""" + The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + + Attributes + ---------- + podAffinityTerm : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm, default is Undefined, required + pod affinity term + weight : int, default is Undefined, required + weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + """ + + + podAffinityTerm: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm + + weight: int + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm: + r""" + Required. A pod affinity term, associated with the corresponding weight. + + Attributes + ---------- + labelSelector : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector, default is Undefined, optional + label selector + namespaceSelector : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector, default is Undefined, optional + namespace selector + namespaces : [str], default is Undefined, optional + namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + topologyKey : str, default is Undefined, required + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + """ + + + labelSelector?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector + + namespaceSelector?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector + + namespaces?: [str] + + topologyKey: str + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector: + r""" + A label query over a set of resources, in this case pods. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector: + r""" + A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0: + r""" + Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + + Attributes + ---------- + labelSelector : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector, default is Undefined, optional + label selector + namespaceSelector : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector, default is Undefined, optional + namespace selector + namespaces : [str], default is Undefined, optional + namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + topologyKey : str, default is Undefined, required + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + """ + + + labelSelector?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector + + namespaceSelector?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector + + namespaces?: [str] + + topologyKey: str + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector: + r""" + A label query over a set of resources, in this case pods. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector: + r""" + A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinity: + r""" + Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + + Attributes + ---------- + preferredDuringSchedulingIgnoredDuringExecution : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0], default is Undefined, optional + The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + requiredDuringSchedulingIgnoredDuringExecution : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0], default is Undefined, optional + If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + """ + + + preferredDuringSchedulingIgnoredDuringExecution?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0] + + requiredDuringSchedulingIgnoredDuringExecution?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0: + r""" + The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + + Attributes + ---------- + podAffinityTerm : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm, default is Undefined, required + pod affinity term + weight : int, default is Undefined, required + weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + """ + + + podAffinityTerm: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm + + weight: int + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTerm: + r""" + Required. A pod affinity term, associated with the corresponding weight. + + Attributes + ---------- + labelSelector : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector, default is Undefined, optional + label selector + namespaceSelector : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector, default is Undefined, optional + namespace selector + namespaces : [str], default is Undefined, optional + namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + topologyKey : str, default is Undefined, required + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + """ + + + labelSelector?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector + + namespaceSelector?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector + + namespaces?: [str] + + topologyKey: str + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector: + r""" + A label query over a set of resources, in this case pods. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector: + r""" + A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0: + r""" + Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + + Attributes + ---------- + labelSelector : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector, default is Undefined, optional + label selector + namespaceSelector : KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector, default is Undefined, optional + namespace selector + namespaces : [str], default is Undefined, optional + namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + topologyKey : str, default is Undefined, required + This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + """ + + + labelSelector?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector + + namespaceSelector?: KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector + + namespaces?: [str] + + topologyKey: str + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector: + r""" + A label query over a set of resources, in this case pods. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector: + r""" + A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + + Attributes + ---------- + matchExpressions : [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema KubevirtIoV1KubeVirtSpecWorkloadsNodePlacementTolerationsItems0: + r""" + The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + + Attributes + ---------- + effect : str, default is Undefined, optional + Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + key : str, default is Undefined, optional + Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + operator : str, default is Undefined, optional + Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + tolerationSeconds : int, default is Undefined, optional + TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + value : str, default is Undefined, optional + Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + """ + + + effect?: str + + key?: str + + operator?: str + + tolerationSeconds?: int + + value?: str + + +schema KubevirtIoV1KubeVirtStatus: + r""" + KubeVirtStatus represents information pertaining to a KubeVirt deployment. + + Attributes + ---------- + conditions : [KubevirtIoV1KubeVirtStatusConditionsItems0], default is Undefined, optional + conditions + defaultArchitecture : str, default is Undefined, optional + default architecture + generations : [KubevirtIoV1KubeVirtStatusGenerationsItems0], default is Undefined, optional + generations + observedDeploymentConfig : str, default is Undefined, optional + observed deployment config + observedDeploymentID : str, default is Undefined, optional + observed deployment ID + observedGeneration : int, default is Undefined, optional + observed generation + observedKubeVirtRegistry : str, default is Undefined, optional + observed kube virt registry + observedKubeVirtVersion : str, default is Undefined, optional + observed kube virt version + operatorVersion : str, default is Undefined, optional + operator version + outdatedVirtualMachineInstanceWorkloads : int, default is Undefined, optional + outdated virtual machine instance workloads + phase : str, default is Undefined, optional + KubeVirtPhase is a label for the phase of a KubeVirt deployment at the current time. + targetDeploymentConfig : str, default is Undefined, optional + target deployment config + targetDeploymentID : str, default is Undefined, optional + target deployment ID + targetKubeVirtRegistry : str, default is Undefined, optional + target kube virt registry + targetKubeVirtVersion : str, default is Undefined, optional + target kube virt version + """ + + + conditions?: [KubevirtIoV1KubeVirtStatusConditionsItems0] + + defaultArchitecture?: str + + generations?: [KubevirtIoV1KubeVirtStatusGenerationsItems0] + + observedDeploymentConfig?: str + + observedDeploymentID?: str + + observedGeneration?: int + + observedKubeVirtRegistry?: str + + observedKubeVirtVersion?: str + + operatorVersion?: str + + outdatedVirtualMachineInstanceWorkloads?: int + + phase?: str + + targetDeploymentConfig?: str + + targetDeploymentID?: str + + targetKubeVirtRegistry?: str + + targetKubeVirtVersion?: str + + +schema KubevirtIoV1KubeVirtStatusConditionsItems0: + r""" + KubeVirtCondition represents a condition of a KubeVirt deployment + + Attributes + ---------- + lastProbeTime : str, default is Undefined, optional + last probe time + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, required + status + $type : str, default is Undefined, required + type + """ + + + lastProbeTime?: str + + lastTransitionTime?: str + + message?: str + + reason?: str + + status: str + + $type: str + + +schema KubevirtIoV1KubeVirtStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, required + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, required + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, required + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, required + resource is the resource type of the thing you're tracking + """ + + + group: str + + hash?: str + + lastGeneration: int + + name: str + + namespace?: str + + resource: str + + diff --git a/kubevirt/v1/operator_openshift_io_v1_authentication.k b/kubevirt/v1/operator_openshift_io_v1_authentication.k new file mode 100644 index 00000000..f72ed609 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_authentication.k @@ -0,0 +1,167 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema OperatorAuthentication: + r""" + Authentication provides information to configure an operator to manage authentication. + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Authentication", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1AuthenticationSpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1AuthenticationStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "Authentication" = "Authentication" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1AuthenticationSpec + + status?: OperatorOpenshiftIoV1AuthenticationStatus + + +schema OperatorOpenshiftIoV1AuthenticationSpec: + r""" + operator openshift io v1 authentication spec + + Attributes + ---------- + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Unmanaged|Force|Removed)$") if managementState + + +schema OperatorOpenshiftIoV1AuthenticationStatus: + r""" + operator openshift io v1 authentication status + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1AuthenticationStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1AuthenticationStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1AuthenticationStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1AuthenticationStatusGenerationsItems0] + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + +schema OperatorOpenshiftIoV1AuthenticationStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1AuthenticationStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + diff --git a/kubevirt/v1/operator_openshift_io_v1_console.k b/kubevirt/v1/operator_openshift_io_v1_console.k new file mode 100644 index 00000000..f79504a3 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_console.k @@ -0,0 +1,252 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema OperatorConsole: + r""" + Console provides a means to configure an operator to manage the console. + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Console", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1ConsoleSpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1ConsoleStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "Console" = "Console" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1ConsoleSpec + + status?: OperatorOpenshiftIoV1ConsoleStatus + + +schema OperatorOpenshiftIoV1ConsoleSpec: + r""" + ConsoleSpec is the specification of the desired behavior of the Console. + + Attributes + ---------- + customization : OperatorOpenshiftIoV1ConsoleSpecCustomization, default is Undefined, optional + customization + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + providers : OperatorOpenshiftIoV1ConsoleSpecProviders, default is Undefined, optional + providers + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + customization?: OperatorOpenshiftIoV1ConsoleSpecCustomization + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + providers?: OperatorOpenshiftIoV1ConsoleSpecProviders + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Unmanaged|Force|Removed)$") if managementState + + +schema OperatorOpenshiftIoV1ConsoleSpecCustomization: + r""" + customization is used to optionally provide a small set of customization options to the web console. + + Attributes + ---------- + brand : str, default is Undefined, optional + brand is the default branding of the web console which can be overridden by providing the brand field. There is a limited set of specific brand options. This field controls elements of the console such as the logo. Invalid value will prevent a console rollout. + customLogoFile : OperatorOpenshiftIoV1ConsoleSpecCustomizationCustomLogoFile, default is Undefined, optional + custom logo file + customProductName : str, default is Undefined, optional + customProductName is the name that will be displayed in page titles, logo alt text, and the about dialog instead of the normal OpenShift product name. + documentationBaseURL : str, default is Undefined, optional + documentationBaseURL links to external documentation are shown in various sections of the web console. Providing documentationBaseURL will override the default documentation URL. Invalid value will prevent a console rollout. + """ + + + brand?: str + + customLogoFile?: OperatorOpenshiftIoV1ConsoleSpecCustomizationCustomLogoFile + + customProductName?: str + + documentationBaseURL?: str + + + check: + _regex_match(str(brand), r"^$|^(ocp|origin|okd|dedicated|online|azure)$") if brand + _regex_match(str(documentationBaseURL), r"^$|^((https):\/\/?)[^\s()<>]+(?:\([\w\d]+\)|([^[:punct:]\s]|\/?))\/$") if documentationBaseURL + + +schema OperatorOpenshiftIoV1ConsoleSpecCustomizationCustomLogoFile: + r""" + customLogoFile replaces the default OpenShift logo in the masthead and about dialog. It is a reference to a ConfigMap in the openshift-config namespace. This can be created with a command like 'oc create configmap custom-logo --from-file=/path/to/file -n openshift-config'. Image size must be less than 1 MB due to constraints on the ConfigMap size. The ConfigMap key should include a file extension so that the console serves the file with the correct MIME type. Recommended logo specifications: Dimensions: Max height of 68px and max width of 200px SVG format preferred + + Attributes + ---------- + key : str, default is Undefined, optional + Key allows pointing to a specific key/value inside of the configmap. This is useful for logical file references. + name : str, default is Undefined, optional + name + """ + + + key?: str + + name?: str + + +schema OperatorOpenshiftIoV1ConsoleSpecProviders: + r""" + providers contains configuration for using specific service providers. + + Attributes + ---------- + statuspage : OperatorOpenshiftIoV1ConsoleSpecProvidersStatuspage, default is Undefined, optional + statuspage + """ + + + statuspage?: OperatorOpenshiftIoV1ConsoleSpecProvidersStatuspage + + +schema OperatorOpenshiftIoV1ConsoleSpecProvidersStatuspage: + r""" + statuspage contains ID for statuspage.io page that provides status info about. + + Attributes + ---------- + pageID : str, default is Undefined, optional + pageID is the unique ID assigned by Statuspage for your page. This must be a public page. + """ + + + pageID?: str + + +schema OperatorOpenshiftIoV1ConsoleStatus: + r""" + ConsoleStatus defines the observed status of the Console. + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1ConsoleStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1ConsoleStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1ConsoleStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1ConsoleStatusGenerationsItems0] + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + +schema OperatorOpenshiftIoV1ConsoleStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1ConsoleStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + diff --git a/kubevirt/v1/operator_openshift_io_v1_dns.k b/kubevirt/v1/operator_openshift_io_v1_dns.k new file mode 100644 index 00000000..bcb061b0 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_dns.k @@ -0,0 +1,154 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema OperatorDNS: + r""" + DNS manages the CoreDNS component to provide a name resolution service for pods and services in the cluster. + This supports the DNS-based service discovery specification: https://github.com/kubernetes/dns/blob/master/docs/specification.md + More details: https://kubernetes.io/docs/tasks/administer-cluster/coredns + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "DNS", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1DNSSpec, default is Undefined, optional + spec + status : OperatorOpenshiftIoV1DNSStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "DNS" = "DNS" + + metadata?: v1.ObjectMeta + + spec?: OperatorOpenshiftIoV1DNSSpec + + status?: OperatorOpenshiftIoV1DNSStatus + + +schema OperatorOpenshiftIoV1DNSSpec: + r""" + spec is the specification of the desired behavior of the DNS. + + Attributes + ---------- + servers : [OperatorOpenshiftIoV1DNSSpecServersItems0], default is Undefined, optional + servers is a list of DNS resolvers that provide name query delegation for one or more subdomains outside the scope of the cluster domain. If servers consists of more than one Server, longest suffix match will be used to determine the Server. + For example, if there are two Servers, one for "foo.com" and another for "a.foo.com", and the name query is for "www.a.foo.com", it will be routed to the Server with Zone "a.foo.com". + If this field is nil, no servers are created. + """ + + + servers?: [OperatorOpenshiftIoV1DNSSpecServersItems0] + + +schema OperatorOpenshiftIoV1DNSSpecServersItems0: + r""" + Server defines the schema for a server that runs per instance of CoreDNS. + + Attributes + ---------- + forwardPlugin : OperatorOpenshiftIoV1DNSSpecServersItems0ForwardPlugin, default is Undefined, optional + forward plugin + name : str, default is Undefined, optional + name is required and specifies a unique name for the server. Name must comply with the Service Name Syntax of rfc6335. + zones : [str], default is Undefined, optional + zones is required and specifies the subdomains that Server is authoritative for. Zones must conform to the rfc1123 definition of a subdomain. Specifying the cluster domain (i.e., "cluster.local") is invalid. + """ + + + forwardPlugin?: OperatorOpenshiftIoV1DNSSpecServersItems0ForwardPlugin + + name?: str + + zones?: [str] + + +schema OperatorOpenshiftIoV1DNSSpecServersItems0ForwardPlugin: + r""" + forwardPlugin defines a schema for configuring CoreDNS to proxy DNS messages to upstream resolvers. + + Attributes + ---------- + upstreams : [str], default is Undefined, optional + upstreams is a list of resolvers to forward name queries for subdomains of Zones. Upstreams are randomized when more than 1 upstream is specified. Each instance of CoreDNS performs health checking of Upstreams. When a healthy upstream returns an error during the exchange, another resolver is tried from Upstreams. Each upstream is represented by an IP address or IP:port if the upstream listens on a port other than 53. + A maximum of 15 upstreams is allowed per ForwardPlugin. + """ + + + upstreams?: [str] + + + check: + len(upstreams) <= 15 if upstreams + + +schema OperatorOpenshiftIoV1DNSStatus: + r""" + status is the most recently observed status of the DNS. + + Attributes + ---------- + clusterDomain : str, default is Undefined, required + clusterDomain is the local cluster DNS domain suffix for DNS services. This will be a subdomain as defined in RFC 1034, section 3.5: https://tools.ietf.org/html/rfc1034#section-3.5 Example: "cluster.local" + More info: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service + clusterIP : str, default is Undefined, required + clusterIP is the service IP through which this DNS is made available. + In the case of the default DNS, this will be a well known IP that is used as the default nameserver for pods that are using the default ClusterFirst DNS policy. + In general, this IP can be specified in a pod's spec.dnsConfig.nameservers list or used explicitly when performing name resolution from within the cluster. Example: dig foo.com @ + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + conditions : [OperatorOpenshiftIoV1DNSStatusConditionsItems0], default is Undefined, optional + conditions provide information about the state of the DNS on the cluster. + These are the supported DNS conditions: + * Available - True if the following conditions are met: * DNS controller daemonset is available. - False if any of those conditions are unsatisfied. + """ + + + clusterDomain: str + + clusterIP: str + + conditions?: [OperatorOpenshiftIoV1DNSStatusConditionsItems0] + + +schema OperatorOpenshiftIoV1DNSStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + diff --git a/kubevirt/v1/operator_openshift_io_v1_ingress_controller.k b/kubevirt/v1/operator_openshift_io_v1_ingress_controller.k new file mode 100644 index 00000000..391ca63e --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_ingress_controller.k @@ -0,0 +1,552 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema IngressController: + r""" + IngressController describes a managed ingress controller for the cluster. The controller can service OpenShift Route and Kubernetes Ingress resources. + When an IngressController is created, a new ingress controller deployment is created to allow external traffic to reach the services that expose Ingress or Route resources. Updating this resource may lead to disruption for public facing network connections as a new ingress controller revision may be rolled out. + https://kubernetes.io/docs/concepts/services-networking/ingress-controllers + Whenever possible, sensible defaults for the platform are used. See each field for more details. + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "IngressController", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1IngressControllerSpec, default is Undefined, optional + spec + status : OperatorOpenshiftIoV1IngressControllerStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "IngressController" = "IngressController" + + metadata?: v1.ObjectMeta + + spec?: OperatorOpenshiftIoV1IngressControllerSpec + + status?: OperatorOpenshiftIoV1IngressControllerStatus + + +schema OperatorOpenshiftIoV1IngressControllerSpec: + r""" + spec is the specification of the desired behavior of the IngressController. + + Attributes + ---------- + defaultCertificate : OperatorOpenshiftIoV1IngressControllerSpecDefaultCertificate, default is Undefined, optional + default certificate + domain : str, default is Undefined, optional + domain is a DNS name serviced by the ingress controller and is used to configure multiple features: + * For the LoadBalancerService endpoint publishing strategy, domain is used to configure DNS records. See endpointPublishingStrategy. + * When using a generated default certificate, the certificate will be valid for domain and its subdomains. See defaultCertificate. + * The value is published to individual Route statuses so that end-users know where to target external DNS records. + domain must be unique among all IngressControllers, and cannot be updated. + If empty, defaults to ingress.config.openshift.io/cluster .spec.domain. + endpointPublishingStrategy : OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategy, default is Undefined, optional + endpoint publishing strategy + namespaceSelector : OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelector, default is Undefined, optional + namespace selector + nodePlacement : OperatorOpenshiftIoV1IngressControllerSpecNodePlacement, default is Undefined, optional + node placement + replicas : int, default is Undefined, optional + replicas is the desired number of ingress controller replicas. If unset, defaults to 2. + routeSelector : OperatorOpenshiftIoV1IngressControllerSpecRouteSelector, default is Undefined, optional + route selector + tlsSecurityProfile : OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfile, default is Undefined, optional + tls security profile + """ + + + defaultCertificate?: OperatorOpenshiftIoV1IngressControllerSpecDefaultCertificate + + domain?: str + + endpointPublishingStrategy?: OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategy + + namespaceSelector?: OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelector + + nodePlacement?: OperatorOpenshiftIoV1IngressControllerSpecNodePlacement + + replicas?: int + + routeSelector?: OperatorOpenshiftIoV1IngressControllerSpecRouteSelector + + tlsSecurityProfile?: OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfile + + +schema OperatorOpenshiftIoV1IngressControllerSpecDefaultCertificate: + r""" + defaultCertificate is a reference to a secret containing the default certificate served by the ingress controller. When Routes don't specify their own certificate, defaultCertificate is used. + The secret must contain the following keys and data: + tls.crt: certificate file contents tls.key: key file contents + If unset, a wildcard certificate is automatically generated and used. The certificate is valid for the ingress controller domain (and subdomains) and the generated certificate's CA will be automatically integrated with the cluster's trust store. + The in-use certificate (whether generated or user-specified) will be automatically integrated with OpenShift's built-in OAuth server. + + Attributes + ---------- + name : str, default is Undefined, optional + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + """ + + + name?: str + + +schema OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategy: + r""" + endpointPublishingStrategy is used to publish the ingress controller endpoints to other networks, enable load balancer integrations, etc. + If unset, the default is based on infrastructure.config.openshift.io/cluster .status.platform: + AWS: LoadBalancerService (with External scope) Azure: LoadBalancerService (with External scope) GCP: LoadBalancerService (with External scope) Libvirt: HostNetwork + Any other platform types (including None) default to HostNetwork. + endpointPublishingStrategy cannot be updated. + + Attributes + ---------- + hostNetwork : any, default is Undefined, optional + hostNetwork holds parameters for the HostNetwork endpoint publishing strategy. Present only if type is HostNetwork. + loadBalancer : OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategyLoadBalancer, default is Undefined, optional + load balancer + private : any, default is Undefined, optional + private holds parameters for the Private endpoint publishing strategy. Present only if type is Private. + $type : str, default is Undefined, required + type is the publishing strategy to use. Valid values are: + * LoadBalancerService + Publishes the ingress controller using a Kubernetes LoadBalancer Service. + In this configuration, the ingress controller deployment uses container networking. A LoadBalancer Service is created to publish the deployment. + See: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer + If domain is set, a wildcard DNS record will be managed to point at the LoadBalancer Service's external name. DNS records are managed only in DNS zones defined by dns.config.openshift.io/cluster .spec.publicZone and .spec.privateZone. + Wildcard DNS management is currently supported only on the AWS, Azure, and GCP platforms. + * HostNetwork + Publishes the ingress controller on node ports where the ingress controller is deployed. + In this configuration, the ingress controller deployment uses host networking, bound to node ports 80 and 443. The user is responsible for configuring an external load balancer to publish the ingress controller via the node ports. + * Private + Does not publish the ingress controller. + In this configuration, the ingress controller deployment uses container networking, and is not explicitly published. The user must manually publish the ingress controller. + """ + + + hostNetwork?: any + + loadBalancer?: OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategyLoadBalancer + + private?: any + + $type: str + + +schema OperatorOpenshiftIoV1IngressControllerSpecEndpointPublishingStrategyLoadBalancer: + r""" + loadBalancer holds parameters for the load balancer. Present only if type is LoadBalancerService. + + Attributes + ---------- + scope : str, default is Undefined, required + scope indicates the scope at which the load balancer is exposed. Possible values are "External" and "Internal". + """ + + + scope: str + + +schema OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelector: + r""" + namespaceSelector is used to filter the set of namespaces serviced by the ingress controller. This is useful for implementing shards. + If unset, the default is no filtering. + + Attributes + ---------- + matchExpressions : [OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema OperatorOpenshiftIoV1IngressControllerSpecNamespaceSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema OperatorOpenshiftIoV1IngressControllerSpecNodePlacement: + r""" + nodePlacement enables explicit control over the scheduling of the ingress controller. + If unset, defaults are used. See NodePlacement for more details. + + Attributes + ---------- + nodeSelector : OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelector, default is Undefined, optional + node selector + tolerations : [OperatorOpenshiftIoV1IngressControllerSpecNodePlacementTolerationsItems0], default is Undefined, optional + tolerations is a list of tolerations applied to ingress controller deployments. + The default is an empty list. + See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + """ + + + nodeSelector?: OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelector + + tolerations?: [OperatorOpenshiftIoV1IngressControllerSpecNodePlacementTolerationsItems0] + + +schema OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelector: + r""" + nodeSelector is the node selector applied to ingress controller deployments. + If unset, the default is: + beta.kubernetes.io/os: linux node-role.kubernetes.io/worker: '' + If set, the specified selector is used and replaces the default. + + Attributes + ---------- + matchExpressions : [OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema OperatorOpenshiftIoV1IngressControllerSpecNodePlacementNodeSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema OperatorOpenshiftIoV1IngressControllerSpecNodePlacementTolerationsItems0: + r""" + The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + + Attributes + ---------- + effect : str, default is Undefined, optional + Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + key : str, default is Undefined, optional + Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + operator : str, default is Undefined, optional + Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + tolerationSeconds : int, default is Undefined, optional + TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + value : str, default is Undefined, optional + Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + """ + + + effect?: str + + key?: str + + operator?: str + + tolerationSeconds?: int + + value?: str + + +schema OperatorOpenshiftIoV1IngressControllerSpecRouteSelector: + r""" + routeSelector is used to filter the set of Routes serviced by the ingress controller. This is useful for implementing shards. + If unset, the default is no filtering. + + Attributes + ---------- + matchExpressions : [OperatorOpenshiftIoV1IngressControllerSpecRouteSelectorMatchExpressionsItems0], default is Undefined, optional + matchExpressions is a list of label selector requirements. The requirements are ANDed. + matchLabels : {str:str}, default is Undefined, optional + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + """ + + + matchExpressions?: [OperatorOpenshiftIoV1IngressControllerSpecRouteSelectorMatchExpressionsItems0] + + matchLabels?: {str:str} + + +schema OperatorOpenshiftIoV1IngressControllerSpecRouteSelectorMatchExpressionsItems0: + r""" + A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + + Attributes + ---------- + key : str, default is Undefined, required + key is the label key that the selector applies to. + operator : str, default is Undefined, required + operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + values : [str], default is Undefined, optional + values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + """ + + + key: str + + operator: str + + values?: [str] + + +schema OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfile: + r""" + tlsSecurityProfile specifies settings for TLS connections for ingresscontrollers. + If unset, the default is based on the apiservers.config.openshift.io/cluster resource. + Note that when using the Old, Intermediate, and Modern profile types, the effective profile configuration is subject to change between releases. For example, given a specification to use the Intermediate profile deployed on release X.Y.Z, an upgrade to release X.Y.Z+1 may cause a new profile configuration to be applied to the ingress controller, resulting in a rollout. + Note that the minimum TLS version for ingress controllers is 1.1, and the maximum TLS version is 1.2. An implication of this restriction is that the Modern TLS profile type cannot be used because it requires TLS 1.3. + + Attributes + ---------- + custom : OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfileCustom, default is Undefined, optional + custom + intermediate : any, default is Undefined, optional + intermediate is a TLS security profile based on: + https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29 + and looks like this (yaml): + ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 minTLSVersion: TLSv1.2 + modern : any, default is Undefined, optional + modern is a TLS security profile based on: + https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility + and looks like this (yaml): + ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 minTLSVersion: TLSv1.3 + NOTE: Currently unsupported. + old : any, default is Undefined, optional + old is a TLS security profile based on: + https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility + and looks like this (yaml): + ciphers: - TLS_AES_128_GCM_SHA256 - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES256-GCM-SHA384 - ECDHE-RSA-AES256-GCM-SHA384 - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - DHE-RSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA384 - DHE-RSA-CHACHA20-POLY1305 - ECDHE-ECDSA-AES128-SHA256 - ECDHE-RSA-AES128-SHA256 - ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES128-SHA - ECDHE-ECDSA-AES256-SHA384 - ECDHE-RSA-AES256-SHA384 - ECDHE-ECDSA-AES256-SHA - ECDHE-RSA-AES256-SHA - DHE-RSA-AES128-SHA256 - DHE-RSA-AES256-SHA256 - AES128-GCM-SHA256 - AES256-GCM-SHA384 - AES128-SHA256 - AES256-SHA256 - AES128-SHA - AES256-SHA - DES-CBC3-SHA minTLSVersion: TLSv1.0 + $type : str, default is Undefined, optional + type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on: + https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations + The profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure. Depending on precisely which ciphers are available to a process, the list may be reduced. + Note that the Modern profile is currently not supported because it is not yet well adopted by common software libraries. + """ + + + custom?: OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfileCustom + + intermediate?: any + + modern?: any + + old?: any + + $type?: str + + +schema OperatorOpenshiftIoV1IngressControllerSpecTLSSecurityProfileCustom: + r""" + custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this: + ciphers: - ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-CHACHA20-POLY1305 - ECDHE-RSA-AES128-GCM-SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 minTLSVersion: TLSv1.1 + + Attributes + ---------- + ciphers : [str], default is Undefined, optional + ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml): + ciphers: - DES-CBC3-SHA + minTLSVersion : str, default is Undefined, optional + minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): + minTLSVersion: TLSv1.1 + NOTE: currently the highest minTLSVersion allowed is VersionTLS12 + """ + + + ciphers?: [str] + + minTLSVersion?: str + + +schema OperatorOpenshiftIoV1IngressControllerStatus: + r""" + status is the most recently observed status of the IngressController. + + Attributes + ---------- + availableReplicas : int, default is Undefined, optional + availableReplicas is number of observed available replicas according to the ingress controller deployment. + conditions : [OperatorOpenshiftIoV1IngressControllerStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status. + Available means the ingress controller deployment is available and servicing route and ingress resources (i.e, .status.availableReplicas equals .spec.replicas) + There are additional conditions which indicate the status of other ingress controller features and capabilities. + * LoadBalancerManaged - True if the following conditions are met: * The endpoint publishing strategy requires a service load balancer. - False if any of those conditions are unsatisfied. + * LoadBalancerReady - True if the following conditions are met: * A load balancer is managed. * The load balancer is ready. - False if any of those conditions are unsatisfied. + * DNSManaged - True if the following conditions are met: * The endpoint publishing strategy and platform support DNS. * The ingress controller domain is set. * dns.config.openshift.io/cluster configures DNS zones. - False if any of those conditions are unsatisfied. + * DNSReady - True if the following conditions are met: * DNS is managed. * DNS records have been successfully created. - False if any of those conditions are unsatisfied. + domain : str, default is Undefined, optional + domain is the actual domain in use. + endpointPublishingStrategy : OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategy, default is Undefined, optional + endpoint publishing strategy + observedGeneration : int, default is Undefined, optional + observedGeneration is the most recent generation observed. + selector : str, default is Undefined, optional + selector is a label selector, in string format, for ingress controller pods corresponding to the IngressController. The number of matching pods should equal the value of availableReplicas. + tlsProfile : OperatorOpenshiftIoV1IngressControllerStatusTLSProfile, default is Undefined, optional + tls profile + """ + + + availableReplicas?: int + + conditions?: [OperatorOpenshiftIoV1IngressControllerStatusConditionsItems0] + + domain?: str + + endpointPublishingStrategy?: OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategy + + observedGeneration?: int + + selector?: str + + tlsProfile?: OperatorOpenshiftIoV1IngressControllerStatusTLSProfile + + +schema OperatorOpenshiftIoV1IngressControllerStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategy: + r""" + endpointPublishingStrategy is the actual strategy in use. + + Attributes + ---------- + hostNetwork : any, default is Undefined, optional + hostNetwork holds parameters for the HostNetwork endpoint publishing strategy. Present only if type is HostNetwork. + loadBalancer : OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategyLoadBalancer, default is Undefined, optional + load balancer + private : any, default is Undefined, optional + private holds parameters for the Private endpoint publishing strategy. Present only if type is Private. + $type : str, default is Undefined, required + type is the publishing strategy to use. Valid values are: + * LoadBalancerService + Publishes the ingress controller using a Kubernetes LoadBalancer Service. + In this configuration, the ingress controller deployment uses container networking. A LoadBalancer Service is created to publish the deployment. + See: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer + If domain is set, a wildcard DNS record will be managed to point at the LoadBalancer Service's external name. DNS records are managed only in DNS zones defined by dns.config.openshift.io/cluster .spec.publicZone and .spec.privateZone. + Wildcard DNS management is currently supported only on the AWS, Azure, and GCP platforms. + * HostNetwork + Publishes the ingress controller on node ports where the ingress controller is deployed. + In this configuration, the ingress controller deployment uses host networking, bound to node ports 80 and 443. The user is responsible for configuring an external load balancer to publish the ingress controller via the node ports. + * Private + Does not publish the ingress controller. + In this configuration, the ingress controller deployment uses container networking, and is not explicitly published. The user must manually publish the ingress controller. + """ + + + hostNetwork?: any + + loadBalancer?: OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategyLoadBalancer + + private?: any + + $type: str + + +schema OperatorOpenshiftIoV1IngressControllerStatusEndpointPublishingStrategyLoadBalancer: + r""" + loadBalancer holds parameters for the load balancer. Present only if type is LoadBalancerService. + + Attributes + ---------- + scope : str, default is Undefined, required + scope indicates the scope at which the load balancer is exposed. Possible values are "External" and "Internal". + """ + + + scope: str + + +schema OperatorOpenshiftIoV1IngressControllerStatusTLSProfile: + r""" + tlsProfile is the TLS connection configuration that is in effect. + + Attributes + ---------- + ciphers : [str], default is Undefined, optional + ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake. Operators may remove entries their operands do not support. For example, to use DES-CBC3-SHA (yaml): + ciphers: - DES-CBC3-SHA + minTLSVersion : str, default is Undefined, optional + minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml): + minTLSVersion: TLSv1.1 + NOTE: currently the highest minTLSVersion allowed is VersionTLS12 + """ + + + ciphers?: [str] + + minTLSVersion?: str + + diff --git a/kubevirt/v1/operator_openshift_io_v1_kube_api_server.k b/kubevirt/v1/operator_openshift_io_v1_kube_api_server.k new file mode 100644 index 00000000..bfaf1a29 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_kube_api_server.k @@ -0,0 +1,221 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema KubeAPIServer: + r""" + KubeAPIServer provides information to configure an operator to manage kube-apiserver. + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "KubeAPIServer", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1KubeAPIServerSpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1KubeAPIServerStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "KubeAPIServer" = "KubeAPIServer" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1KubeAPIServerSpec + + status?: OperatorOpenshiftIoV1KubeAPIServerStatus + + +schema OperatorOpenshiftIoV1KubeAPIServerSpec: + r""" + spec is the specification of the desired behavior of the Kubernetes API Server + + Attributes + ---------- + failedRevisionLimit : int, default is Undefined, optional + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default) + forceRedeploymentReason : str, default is Undefined, optional + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work this time instead of failing again on the same config. + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + succeededRevisionLimit : int, default is Undefined, optional + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default) + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + failedRevisionLimit?: int + + forceRedeploymentReason?: str + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + succeededRevisionLimit?: int + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Force)$") if managementState + + +schema OperatorOpenshiftIoV1KubeAPIServerStatus: + r""" + status is the most recently observed status of the Kubernetes API Server + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1KubeAPIServerStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1KubeAPIServerStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + latestAvailableRevision : int, default is Undefined, optional + latestAvailableRevision is the deploymentID of the most recent deployment + latestAvailableRevisionReason : str, default is Undefined, optional + latestAvailableRevisionReason describe the detailed reason for the most recent deployment + nodeStatuses : [OperatorOpenshiftIoV1KubeAPIServerStatusNodeStatusesItems0], default is Undefined, optional + nodeStatuses track the deployment values and errors across individual nodes + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1KubeAPIServerStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1KubeAPIServerStatusGenerationsItems0] + + latestAvailableRevision?: int + + latestAvailableRevisionReason?: str + + nodeStatuses?: [OperatorOpenshiftIoV1KubeAPIServerStatusNodeStatusesItems0] + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + +schema OperatorOpenshiftIoV1KubeAPIServerStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1KubeAPIServerStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + +schema OperatorOpenshiftIoV1KubeAPIServerStatusNodeStatusesItems0: + r""" + NodeStatus provides information about the current state of a particular node managed by this operator. + + Attributes + ---------- + currentRevision : int, default is Undefined, optional + currentRevision is the generation of the most recently successful deployment + lastFailedRevision : int, default is Undefined, optional + lastFailedRevision is the generation of the deployment we tried and failed to deploy. + lastFailedRevisionErrors : [str], default is Undefined, optional + lastFailedRevisionErrors is a list of the errors during the failed deployment referenced in lastFailedRevision + nodeName : str, default is Undefined, optional + nodeName is the name of the node + targetRevision : int, default is Undefined, optional + targetRevision is the generation of the deployment we're trying to apply + """ + + + currentRevision?: int + + lastFailedRevision?: int + + lastFailedRevisionErrors?: [str] + + nodeName?: str + + targetRevision?: int + + diff --git a/kubevirt/v1/operator_openshift_io_v1_kube_controller_manager.k b/kubevirt/v1/operator_openshift_io_v1_kube_controller_manager.k new file mode 100644 index 00000000..8c9b51e7 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_kube_controller_manager.k @@ -0,0 +1,221 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema KubeControllerManager: + r""" + KubeControllerManager provides information to configure an operator to manage kube-controller-manager. + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "KubeControllerManager", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1KubeControllerManagerSpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1KubeControllerManagerStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "KubeControllerManager" = "KubeControllerManager" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1KubeControllerManagerSpec + + status?: OperatorOpenshiftIoV1KubeControllerManagerStatus + + +schema OperatorOpenshiftIoV1KubeControllerManagerSpec: + r""" + spec is the specification of the desired behavior of the Kubernetes Controller Manager + + Attributes + ---------- + failedRevisionLimit : int, default is Undefined, optional + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default) + forceRedeploymentReason : str, default is Undefined, optional + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work this time instead of failing again on the same config. + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + succeededRevisionLimit : int, default is Undefined, optional + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default) + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + failedRevisionLimit?: int + + forceRedeploymentReason?: str + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + succeededRevisionLimit?: int + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Force)$") if managementState + + +schema OperatorOpenshiftIoV1KubeControllerManagerStatus: + r""" + status is the most recently observed status of the Kubernetes Controller Manager + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1KubeControllerManagerStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1KubeControllerManagerStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + latestAvailableRevision : int, default is Undefined, optional + latestAvailableRevision is the deploymentID of the most recent deployment + latestAvailableRevisionReason : str, default is Undefined, optional + latestAvailableRevisionReason describe the detailed reason for the most recent deployment + nodeStatuses : [OperatorOpenshiftIoV1KubeControllerManagerStatusNodeStatusesItems0], default is Undefined, optional + nodeStatuses track the deployment values and errors across individual nodes + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1KubeControllerManagerStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1KubeControllerManagerStatusGenerationsItems0] + + latestAvailableRevision?: int + + latestAvailableRevisionReason?: str + + nodeStatuses?: [OperatorOpenshiftIoV1KubeControllerManagerStatusNodeStatusesItems0] + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + +schema OperatorOpenshiftIoV1KubeControllerManagerStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1KubeControllerManagerStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + +schema OperatorOpenshiftIoV1KubeControllerManagerStatusNodeStatusesItems0: + r""" + NodeStatus provides information about the current state of a particular node managed by this operator. + + Attributes + ---------- + currentRevision : int, default is Undefined, optional + currentRevision is the generation of the most recently successful deployment + lastFailedRevision : int, default is Undefined, optional + lastFailedRevision is the generation of the deployment we tried and failed to deploy. + lastFailedRevisionErrors : [str], default is Undefined, optional + lastFailedRevisionErrors is a list of the errors during the failed deployment referenced in lastFailedRevision + nodeName : str, default is Undefined, optional + nodeName is the name of the node + targetRevision : int, default is Undefined, optional + targetRevision is the generation of the deployment we're trying to apply + """ + + + currentRevision?: int + + lastFailedRevision?: int + + lastFailedRevisionErrors?: [str] + + nodeName?: str + + targetRevision?: int + + diff --git a/kubevirt/v1/operator_openshift_io_v1_kube_scheduler.k b/kubevirt/v1/operator_openshift_io_v1_kube_scheduler.k new file mode 100644 index 00000000..a41a4226 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_kube_scheduler.k @@ -0,0 +1,221 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema KubeScheduler: + r""" + KubeScheduler provides information to configure an operator to manage scheduler. + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "KubeScheduler", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1KubeSchedulerSpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1KubeSchedulerStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "KubeScheduler" = "KubeScheduler" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1KubeSchedulerSpec + + status?: OperatorOpenshiftIoV1KubeSchedulerStatus + + +schema OperatorOpenshiftIoV1KubeSchedulerSpec: + r""" + spec is the specification of the desired behavior of the Kubernetes Scheduler + + Attributes + ---------- + failedRevisionLimit : int, default is Undefined, optional + failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default) + forceRedeploymentReason : str, default is Undefined, optional + forceRedeploymentReason can be used to force the redeployment of the operand by providing a unique string. This provides a mechanism to kick a previously failed deployment and provide a reason why you think it will work this time instead of failing again on the same config. + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + succeededRevisionLimit : int, default is Undefined, optional + succeededRevisionLimit is the number of successful static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default) + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + failedRevisionLimit?: int + + forceRedeploymentReason?: str + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + succeededRevisionLimit?: int + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Force)$") if managementState + + +schema OperatorOpenshiftIoV1KubeSchedulerStatus: + r""" + status is the most recently observed status of the Kubernetes Scheduler + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1KubeSchedulerStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1KubeSchedulerStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + latestAvailableRevision : int, default is Undefined, optional + latestAvailableRevision is the deploymentID of the most recent deployment + latestAvailableRevisionReason : str, default is Undefined, optional + latestAvailableRevisionReason describe the detailed reason for the most recent deployment + nodeStatuses : [OperatorOpenshiftIoV1KubeSchedulerStatusNodeStatusesItems0], default is Undefined, optional + nodeStatuses track the deployment values and errors across individual nodes + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1KubeSchedulerStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1KubeSchedulerStatusGenerationsItems0] + + latestAvailableRevision?: int + + latestAvailableRevisionReason?: str + + nodeStatuses?: [OperatorOpenshiftIoV1KubeSchedulerStatusNodeStatusesItems0] + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + +schema OperatorOpenshiftIoV1KubeSchedulerStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1KubeSchedulerStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + +schema OperatorOpenshiftIoV1KubeSchedulerStatusNodeStatusesItems0: + r""" + NodeStatus provides information about the current state of a particular node managed by this operator. + + Attributes + ---------- + currentRevision : int, default is Undefined, optional + currentRevision is the generation of the most recently successful deployment + lastFailedRevision : int, default is Undefined, optional + lastFailedRevision is the generation of the deployment we tried and failed to deploy. + lastFailedRevisionErrors : [str], default is Undefined, optional + lastFailedRevisionErrors is a list of the errors during the failed deployment referenced in lastFailedRevision + nodeName : str, default is Undefined, optional + nodeName is the name of the node + targetRevision : int, default is Undefined, optional + targetRevision is the generation of the deployment we're trying to apply + """ + + + currentRevision?: int + + lastFailedRevision?: int + + lastFailedRevisionErrors?: [str] + + nodeName?: str + + targetRevision?: int + + diff --git a/kubevirt/v1/operator_openshift_io_v1_kube_storage_version_migrator.k b/kubevirt/v1/operator_openshift_io_v1_kube_storage_version_migrator.k new file mode 100644 index 00000000..48d11d1b --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_kube_storage_version_migrator.k @@ -0,0 +1,167 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema KubeStorageVersionMigrator: + r""" + KubeStorageVersionMigrator provides information to configure an operator to manage kube-storage-version-migrator. + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "KubeStorageVersionMigrator", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1KubeStorageVersionMigratorSpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1KubeStorageVersionMigratorStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "KubeStorageVersionMigrator" = "KubeStorageVersionMigrator" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1KubeStorageVersionMigratorSpec + + status?: OperatorOpenshiftIoV1KubeStorageVersionMigratorStatus + + +schema OperatorOpenshiftIoV1KubeStorageVersionMigratorSpec: + r""" + operator openshift io v1 kube storage version migrator spec + + Attributes + ---------- + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Unmanaged|Force|Removed)$") if managementState + + +schema OperatorOpenshiftIoV1KubeStorageVersionMigratorStatus: + r""" + operator openshift io v1 kube storage version migrator status + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusGenerationsItems0] + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + +schema OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1KubeStorageVersionMigratorStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + diff --git a/kubevirt/v1/operator_openshift_io_v1_network.k b/kubevirt/v1/operator_openshift_io_v1_network.k new file mode 100644 index 00000000..d6b5fb75 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_network.k @@ -0,0 +1,451 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema OperatorNetwork: + r""" + Network describes the cluster's desired network configuration. It is consumed by the cluster-network-operator. + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "Network", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1NetworkSpec, default is Undefined, optional + spec + status : any, default is Undefined, optional + NetworkStatus is currently unused. Instead, status is reported in the Network.config.openshift.io object. + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "Network" = "Network" + + metadata?: v1.ObjectMeta + + spec?: OperatorOpenshiftIoV1NetworkSpec + + status?: any + + +schema OperatorOpenshiftIoV1NetworkSpec: + r""" + NetworkSpec is the top-level network configuration object. + + Attributes + ---------- + additionalNetworks : [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0], default is Undefined, optional + additionalNetworks is a list of extra networks to make available to pods when multiple networks are enabled. + clusterNetwork : [OperatorOpenshiftIoV1NetworkSpecClusterNetworkItems0], default is Undefined, optional + clusterNetwork is the IP address pool to use for pod IPs. Some network providers, e.g. OpenShift SDN, support multiple ClusterNetworks. Others only support one. This is equivalent to the cluster-cidr. + defaultNetwork : OperatorOpenshiftIoV1NetworkSpecDefaultNetwork, default is Undefined, optional + default network + deployKubeProxy : bool, default is Undefined, optional + deployKubeProxy specifies whether or not a standalone kube-proxy should be deployed by the operator. Some network providers include kube-proxy or similar functionality. If unset, the plugin will attempt to select the correct value, which is false when OpenShift SDN and ovn-kubernetes are used and true otherwise. + disableMultiNetwork : bool, default is Undefined, optional + disableMultiNetwork specifies whether or not multiple pod network support should be disabled. If unset, this property defaults to 'false' and multiple network support is enabled. + kubeProxyConfig : OperatorOpenshiftIoV1NetworkSpecKubeProxyConfig, default is Undefined, optional + kube proxy config + logLevel : str, default is Undefined, optional + logLevel allows configuring the logging level of the components deployed by the operator. Currently only Kuryr SDN is affected by this setting. Please note that turning on extensive logging may affect performance. The default value is "Normal". + serviceNetwork : [str], default is Undefined, optional + serviceNetwork is the ip address pool to use for Service IPs Currently, all existing network providers only support a single value here, but this is an array to allow for growth. + """ + + + additionalNetworks?: [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0] + + clusterNetwork?: [OperatorOpenshiftIoV1NetworkSpecClusterNetworkItems0] + + defaultNetwork?: OperatorOpenshiftIoV1NetworkSpecDefaultNetwork + + deployKubeProxy?: bool + + disableMultiNetwork?: bool + + kubeProxyConfig?: OperatorOpenshiftIoV1NetworkSpecKubeProxyConfig + + logLevel?: str + + serviceNetwork?: [str] + + +schema OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0: + r""" + AdditionalNetworkDefinition configures an extra network that is available but not created by default. Instead, pods must request them by name. type must be specified, along with exactly one "Config" that matches the type. + + Attributes + ---------- + name : str, default is Undefined, optional + name is the name of the network. This will be populated in the resulting CRD This must be unique. + namespace : str, default is Undefined, optional + namespace is the namespace of the network. This will be populated in the resulting CRD If not given the network will be created in the default namespace. + rawCNIConfig : str, default is Undefined, optional + rawCNIConfig is the raw CNI configuration json to create in the NetworkAttachmentDefinition CRD + simpleMacvlanConfig : OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfig, default is Undefined, optional + simple macvlan config + $type : str, default is Undefined, optional + type is the type of network The supported values are NetworkTypeRaw, NetworkTypeSimpleMacvlan + """ + + + name?: str + + namespace?: str + + rawCNIConfig?: str + + simpleMacvlanConfig?: OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfig + + $type?: str + + +schema OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfig: + r""" + SimpleMacvlanConfig configures the macvlan interface in case of type:NetworkTypeSimpleMacvlan + + Attributes + ---------- + ipamConfig : OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfig, default is Undefined, optional + ipam config + master : str, default is Undefined, optional + master is the host interface to create the macvlan interface from. If not specified, it will be default route interface + mode : str, default is Undefined, optional + mode is the macvlan mode: bridge, private, vepa, passthru. The default is bridge + mtu : int, default is Undefined, optional + mtu is the mtu to use for the macvlan interface. if unset, host's kernel will select the value. + """ + + + ipamConfig?: OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfig + + master?: str + + mode?: str + + mtu?: int + + + check: + mtu >= 0 if mtu not in [None, Undefined] + + +schema OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfig: + r""" + IPAMConfig configures IPAM module will be used for IP Address Management (IPAM). + + Attributes + ---------- + staticIPAMConfig : OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfig, default is Undefined, optional + static IP a m config + $type : str, default is Undefined, optional + Type is the type of IPAM module will be used for IP Address Management(IPAM). The supported values are IPAMTypeDHCP, IPAMTypeStatic + """ + + + staticIPAMConfig?: OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfig + + $type?: str + + +schema OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfig: + r""" + StaticIPAMConfig configures the static IP address in case of type:IPAMTypeStatic + + Attributes + ---------- + addresses : [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigAddressesItems0], default is Undefined, optional + Addresses configures IP address for the interface + dns : OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigDNS, default is Undefined, optional + dns + routes : [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigRoutesItems0], default is Undefined, optional + Routes configures IP routes for the interface + """ + + + addresses?: [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigAddressesItems0] + + dns?: OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigDNS + + routes?: [OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigRoutesItems0] + + +schema OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigAddressesItems0: + r""" + StaticIPAMAddresses provides IP address and Gateway for static IPAM addresses + + Attributes + ---------- + address : str, default is Undefined, optional + Address is the IP address in CIDR format + gateway : str, default is Undefined, optional + Gateway is IP inside of subnet to designate as the gateway + """ + + + address?: str + + gateway?: str + + +schema OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigDNS: + r""" + DNS configures DNS for the interface + + Attributes + ---------- + domain : str, default is Undefined, optional + Domain configures the domainname the local domain used for short hostname lookups + nameservers : [str], default is Undefined, optional + Nameservers points DNS servers for IP lookup + search : [str], default is Undefined, optional + Search configures priority ordered search domains for short hostname lookups + """ + + + domain?: str + + nameservers?: [str] + + search?: [str] + + +schema OperatorOpenshiftIoV1NetworkSpecAdditionalNetworksItems0SimpleMacvlanConfigIpamConfigStaticIPAMConfigRoutesItems0: + r""" + StaticIPAMRoutes provides Destination/Gateway pairs for static IPAM routes + + Attributes + ---------- + destination : str, default is Undefined, optional + Destination points the IP route destination + gateway : str, default is Undefined, optional + Gateway is the route's next-hop IP address If unset, a default gateway is assumed (as determined by the CNI plugin). + """ + + + destination?: str + + gateway?: str + + +schema OperatorOpenshiftIoV1NetworkSpecClusterNetworkItems0: + r""" + ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. Not all network providers support multiple ClusterNetworks + + Attributes + ---------- + cidr : str, default is Undefined, optional + cidr + hostPrefix : int, default is Undefined, optional + host prefix + """ + + + cidr?: str + + hostPrefix?: int + + + check: + hostPrefix >= 0 if hostPrefix not in [None, Undefined] + + +schema OperatorOpenshiftIoV1NetworkSpecDefaultNetwork: + r""" + defaultNetwork is the "default" network that all pods will receive + + Attributes + ---------- + kuryrConfig : OperatorOpenshiftIoV1NetworkSpecDefaultNetworkKuryrConfig, default is Undefined, optional + kuryr config + openshiftSDNConfig : OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOpenshiftSDNConfig, default is Undefined, optional + openshift s d n config + ovnKubernetesConfig : OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfig, default is Undefined, optional + ovn kubernetes config + $type : str, default is Undefined, optional + type is the type of network All NetworkTypes are supported except for NetworkTypeRaw + """ + + + kuryrConfig?: OperatorOpenshiftIoV1NetworkSpecDefaultNetworkKuryrConfig + + openshiftSDNConfig?: OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOpenshiftSDNConfig + + ovnKubernetesConfig?: OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfig + + $type?: str + + +schema OperatorOpenshiftIoV1NetworkSpecDefaultNetworkKuryrConfig: + r""" + KuryrConfig configures the kuryr plugin + + Attributes + ---------- + controllerProbesPort : int, default is Undefined, optional + The port kuryr-controller will listen for readiness and liveness requests. + daemonProbesPort : int, default is Undefined, optional + The port kuryr-daemon will listen for readiness and liveness requests. + enablePortPoolsPrepopulation : bool, default is Undefined, optional + enablePortPoolsPrepopulation when true will make Kuryr prepopulate each newly created port pool with a minimum number of ports. Kuryr uses Neutron port pooling to fight the fact that it takes a significant amount of time to create one. Instead of creating it when pod is being deployed, Kuryr keeps a number of ports ready to be attached to pods. By default port prepopulation is disabled. + openStackServiceNetwork : str, default is Undefined, optional + openStackServiceNetwork contains the CIDR of network from which to allocate IPs for OpenStack Octavia's Amphora VMs. Please note that with Amphora driver Octavia uses two IPs from that network for each loadbalancer - one given by OpenShift and second for VRRP connections. As the first one is managed by OpenShift's and second by Neutron's IPAMs, those need to come from different pools. Therefore `openStackServiceNetwork` needs to be at least twice the size of `serviceNetwork`, and whole `serviceNetwork` must be overlapping with `openStackServiceNetwork`. cluster-network-operator will then make sure VRRP IPs are taken from the ranges inside `openStackServiceNetwork` that are not overlapping with `serviceNetwork`, effectivly preventing conflicts. If not set cluster-network-operator will use `serviceNetwork` expanded by decrementing the prefix size by 1. + poolBatchPorts : int, default is Undefined, optional + poolBatchPorts sets a number of ports that should be created in a single batch request to extend the port pool. The default is 3. For more information about port pools see enablePortPoolsPrepopulation setting. + poolMaxPorts : int, default is Undefined, optional + poolMaxPorts sets a maximum number of free ports that are being kept in a port pool. If the number of ports exceeds this setting, free ports will get deleted. Setting 0 will disable this upper bound, effectively preventing pools from shrinking and this is the default value. For more information about port pools see enablePortPoolsPrepopulation setting. + poolMinPorts : int, default is Undefined, optional + poolMinPorts sets a minimum number of free ports that should be kept in a port pool. If the number of ports is lower than this setting, new ports will get created and added to pool. The default is 1. For more information about port pools see enablePortPoolsPrepopulation setting. + """ + + + controllerProbesPort?: int + + daemonProbesPort?: int + + enablePortPoolsPrepopulation?: bool + + openStackServiceNetwork?: str + + poolBatchPorts?: int + + poolMaxPorts?: int + + poolMinPorts?: int + + + check: + controllerProbesPort >= 0 if controllerProbesPort not in [None, Undefined] + daemonProbesPort >= 0 if daemonProbesPort not in [None, Undefined] + poolBatchPorts >= 0 if poolBatchPorts not in [None, Undefined] + poolMaxPorts >= 0 if poolMaxPorts not in [None, Undefined] + poolMinPorts >= 1 if poolMinPorts not in [None, Undefined] + + +schema OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOpenshiftSDNConfig: + r""" + openShiftSDNConfig configures the openshift-sdn plugin + + Attributes + ---------- + enableUnidling : bool, default is Undefined, optional + enableUnidling controls whether or not the service proxy will support idling and unidling of services. By default, unidling is enabled. + mode : str, default is Undefined, optional + mode is one of "Multitenant", "Subnet", or "NetworkPolicy" + mtu : int, default is Undefined, optional + mtu is the mtu to use for the tunnel interface. Defaults to 1450 if unset. This must be 50 bytes smaller than the machine's uplink. + useExternalOpenvswitch : bool, default is Undefined, optional + useExternalOpenvswitch tells the operator not to install openvswitch, because it will be provided separately. If set, you must provide it yourself. + vxlanPort : int, default is Undefined, optional + vxlanPort is the port to use for all vxlan packets. The default is 4789. + """ + + + enableUnidling?: bool + + mode?: str + + mtu?: int + + useExternalOpenvswitch?: bool + + vxlanPort?: int + + + check: + mtu >= 0 if mtu not in [None, Undefined] + vxlanPort >= 0 if vxlanPort not in [None, Undefined] + + +schema OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfig: + r""" + oVNKubernetesConfig configures the ovn-kubernetes plugin. This is currently not implemented. + + Attributes + ---------- + genevePort : int, default is Undefined, optional + geneve port is the UDP port to be used by geneve encapulation. Default is 6081 + hybridOverlayConfig : OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfig, default is Undefined, optional + hybrid overlay config + mtu : int, default is Undefined, optional + mtu is the MTU to use for the tunnel interface. This must be 100 bytes smaller than the uplink mtu. Default is 1400 + """ + + + genevePort?: int + + hybridOverlayConfig?: OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfig + + mtu?: int + + + check: + genevePort >= 1 if genevePort not in [None, Undefined] + mtu >= 0 if mtu not in [None, Undefined] + + +schema OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfig: + r""" + HybridOverlayConfig configures an additional overlay network for peers that are not using OVN. + + Attributes + ---------- + hybridClusterNetwork : [OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfigHybridClusterNetworkItems0], default is Undefined, optional + HybridClusterNetwork defines a network space given to nodes on an additional overlay network. + """ + + + hybridClusterNetwork?: [OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfigHybridClusterNetworkItems0] + + +schema OperatorOpenshiftIoV1NetworkSpecDefaultNetworkOvnKubernetesConfigHybridOverlayConfigHybridClusterNetworkItems0: + r""" + ClusterNetworkEntry is a subnet from which to allocate PodIPs. A network of size HostPrefix (in CIDR notation) will be allocated when nodes join the cluster. Not all network providers support multiple ClusterNetworks + + Attributes + ---------- + cidr : str, default is Undefined, optional + cidr + hostPrefix : int, default is Undefined, optional + host prefix + """ + + + cidr?: str + + hostPrefix?: int + + + check: + hostPrefix >= 0 if hostPrefix not in [None, Undefined] + + +schema OperatorOpenshiftIoV1NetworkSpecKubeProxyConfig: + r""" + kubeProxyConfig lets us configure desired proxy configuration. If not specified, sensible defaults will be chosen by OpenShift directly. Not consumed by all network providers - currently only openshift-sdn. + + Attributes + ---------- + bindAddress : str, default is Undefined, optional + The address to "bind" on Defaults to 0.0.0.0 + iptablesSyncPeriod : str, default is Undefined, optional + The period that iptables rules are refreshed. Default: 30s + proxyArguments : {str:[str]}, default is Undefined, optional + Any additional arguments to pass to the kubeproxy process + """ + + + bindAddress?: str + + iptablesSyncPeriod?: str + + proxyArguments?: {str:[str]} + + diff --git a/kubevirt/v1/operator_openshift_io_v1_open_shift_api_server.k b/kubevirt/v1/operator_openshift_io_v1_open_shift_api_server.k new file mode 100644 index 00000000..d9d0242a --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_open_shift_api_server.k @@ -0,0 +1,175 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema OpenShiftAPIServer: + r""" + OpenShiftAPIServer provides information to configure an operator to manage openshift-apiserver. + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "OpenShiftAPIServer", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1OpenShiftAPIServerSpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1OpenShiftAPIServerStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "OpenShiftAPIServer" = "OpenShiftAPIServer" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1OpenShiftAPIServerSpec + + status?: OperatorOpenshiftIoV1OpenShiftAPIServerStatus + + +schema OperatorOpenshiftIoV1OpenShiftAPIServerSpec: + r""" + spec is the specification of the desired behavior of the OpenShift API Server. + + Attributes + ---------- + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Unmanaged|Force|Removed)$") if managementState + + +schema OperatorOpenshiftIoV1OpenShiftAPIServerStatus: + r""" + status defines the observed status of the OpenShift API Server. + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1OpenShiftAPIServerStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1OpenShiftAPIServerStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + latestAvailableRevision : int, default is Undefined, optional + latestAvailableRevision is the latest revision used as suffix of revisioned secrets like encryption-config. A new revision causes a new deployment of pods. + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1OpenShiftAPIServerStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1OpenShiftAPIServerStatusGenerationsItems0] + + latestAvailableRevision?: int + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + + check: + latestAvailableRevision >= 0 if latestAvailableRevision not in [None, Undefined] + + +schema OperatorOpenshiftIoV1OpenShiftAPIServerStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1OpenShiftAPIServerStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + diff --git a/kubevirt/v1/operator_openshift_io_v1_open_shift_controller_manager.k b/kubevirt/v1/operator_openshift_io_v1_open_shift_controller_manager.k new file mode 100644 index 00000000..67cc0fb2 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_open_shift_controller_manager.k @@ -0,0 +1,167 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema OpenShiftControllerManager: + r""" + OpenShiftControllerManager provides information to configure an operator to manage openshift-controller-manager. + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "OpenShiftControllerManager", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1OpenShiftControllerManagerSpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1OpenShiftControllerManagerStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "OpenShiftControllerManager" = "OpenShiftControllerManager" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1OpenShiftControllerManagerSpec + + status?: OperatorOpenshiftIoV1OpenShiftControllerManagerStatus + + +schema OperatorOpenshiftIoV1OpenShiftControllerManagerSpec: + r""" + operator openshift io v1 open shift controller manager spec + + Attributes + ---------- + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Unmanaged|Force|Removed)$") if managementState + + +schema OperatorOpenshiftIoV1OpenShiftControllerManagerStatus: + r""" + operator openshift io v1 open shift controller manager status + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1OpenShiftControllerManagerStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1OpenShiftControllerManagerStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1OpenShiftControllerManagerStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1OpenShiftControllerManagerStatusGenerationsItems0] + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + +schema OperatorOpenshiftIoV1OpenShiftControllerManagerStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1OpenShiftControllerManagerStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + diff --git a/kubevirt/v1/operator_openshift_io_v1_service_c_a.k b/kubevirt/v1/operator_openshift_io_v1_service_c_a.k new file mode 100644 index 00000000..48ea9598 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_service_c_a.k @@ -0,0 +1,167 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema ServiceCA: + r""" + ServiceCA provides information to configure an operator to manage the service cert controllers + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "ServiceCA", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1ServiceCASpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1ServiceCAStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "ServiceCA" = "ServiceCA" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1ServiceCASpec + + status?: OperatorOpenshiftIoV1ServiceCAStatus + + +schema OperatorOpenshiftIoV1ServiceCASpec: + r""" + spec holds user settable values for configuration + + Attributes + ---------- + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Unmanaged|Force|Removed)$") if managementState + + +schema OperatorOpenshiftIoV1ServiceCAStatus: + r""" + status holds observed values from the cluster. They may not be overridden. + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1ServiceCAStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1ServiceCAStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1ServiceCAStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1ServiceCAStatusGenerationsItems0] + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + +schema OperatorOpenshiftIoV1ServiceCAStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1ServiceCAStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + diff --git a/kubevirt/v1/operator_openshift_io_v1_service_catalog_api_server.k b/kubevirt/v1/operator_openshift_io_v1_service_catalog_api_server.k new file mode 100644 index 00000000..253a1ad0 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_service_catalog_api_server.k @@ -0,0 +1,167 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema ServiceCatalogAPIServer: + r""" + ServiceCatalogAPIServer provides information to configure an operator to manage Service Catalog API Server + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "ServiceCatalogAPIServer", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1ServiceCatalogAPIServerSpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1ServiceCatalogAPIServerStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "ServiceCatalogAPIServer" = "ServiceCatalogAPIServer" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1ServiceCatalogAPIServerSpec + + status?: OperatorOpenshiftIoV1ServiceCatalogAPIServerStatus + + +schema OperatorOpenshiftIoV1ServiceCatalogAPIServerSpec: + r""" + operator openshift io v1 service catalog API server spec + + Attributes + ---------- + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Unmanaged|Force|Removed)$") if managementState + + +schema OperatorOpenshiftIoV1ServiceCatalogAPIServerStatus: + r""" + operator openshift io v1 service catalog API server status + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusGenerationsItems0] + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + +schema OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1ServiceCatalogAPIServerStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + diff --git a/kubevirt/v1/operator_openshift_io_v1_service_catalog_controller_manager.k b/kubevirt/v1/operator_openshift_io_v1_service_catalog_controller_manager.k new file mode 100644 index 00000000..d038abf8 --- /dev/null +++ b/kubevirt/v1/operator_openshift_io_v1_service_catalog_controller_manager.k @@ -0,0 +1,167 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import regex +import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match + + +schema ServiceCatalogControllerManager: + r""" + ServiceCatalogControllerManager provides information to configure an operator to manage Service Catalog Controller Manager + + Attributes + ---------- + apiVersion : str, default is "operator.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + kind : str, default is "ServiceCatalogControllerManager", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + spec : OperatorOpenshiftIoV1ServiceCatalogControllerManagerSpec, default is Undefined, required + spec + status : OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatus, default is Undefined, optional + status + """ + + + apiVersion: "operator.openshift.io/v1" = "operator.openshift.io/v1" + + kind: "ServiceCatalogControllerManager" = "ServiceCatalogControllerManager" + + metadata?: v1.ObjectMeta + + spec: OperatorOpenshiftIoV1ServiceCatalogControllerManagerSpec + + status?: OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatus + + +schema OperatorOpenshiftIoV1ServiceCatalogControllerManagerSpec: + r""" + operator openshift io v1 service catalog controller manager spec + + Attributes + ---------- + logLevel : str, default is Undefined, optional + logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. + managementState : str, default is Undefined, optional + managementState indicates whether and how the operator should manage the component + observedConfig : any, default is Undefined, optional + observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator + operatorLogLevel : str, default is Undefined, optional + operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. + unsupportedConfigOverrides : any, default is Undefined, optional + unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides + """ + + + logLevel?: str + + managementState?: str + + observedConfig?: any + + operatorLogLevel?: str + + unsupportedConfigOverrides?: any + + + check: + _regex_match(str(managementState), r"^(Managed|Unmanaged|Force|Removed)$") if managementState + + +schema OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatus: + r""" + operator openshift io v1 service catalog controller manager status + + Attributes + ---------- + conditions : [OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusConditionsItems0], default is Undefined, optional + conditions is a list of conditions and their status + generations : [OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusGenerationsItems0], default is Undefined, optional + generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. + observedGeneration : int, default is Undefined, optional + observedGeneration is the last generation change you've dealt with + readyReplicas : int, default is Undefined, optional + readyReplicas indicates how many replicas are ready and at the desired state + version : str, default is Undefined, optional + version is the level this availability applies to + """ + + + conditions?: [OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusConditionsItems0] + + generations?: [OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusGenerationsItems0] + + observedGeneration?: int + + readyReplicas?: int + + version?: str + + +schema OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusConditionsItems0: + r""" + OperatorCondition is just the standard condition fields. + + Attributes + ---------- + lastTransitionTime : str, default is Undefined, optional + last transition time + message : str, default is Undefined, optional + message + reason : str, default is Undefined, optional + reason + status : str, default is Undefined, optional + status + $type : str, default is Undefined, optional + type + """ + + + lastTransitionTime?: str + + message?: str + + reason?: str + + status?: str + + $type?: str + + +schema OperatorOpenshiftIoV1ServiceCatalogControllerManagerStatusGenerationsItems0: + r""" + GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. + + Attributes + ---------- + group : str, default is Undefined, optional + group is the group of the thing you're tracking + hash : str, default is Undefined, optional + hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps + lastGeneration : int, default is Undefined, optional + lastGeneration is the last generation of the workload controller involved + name : str, default is Undefined, optional + name is the name of the thing you're tracking + namespace : str, default is Undefined, optional + namespace is where the thing you're tracking is + resource : str, default is Undefined, optional + resource is the resource type of the thing you're tracking + """ + + + group?: str + + hash?: str + + lastGeneration?: int + + name?: str + + namespace?: str + + resource?: str + + diff --git a/kubevirt/v1/security_openshift_io_v1_security_context_constraints.k b/kubevirt/v1/security_openshift_io_v1_security_context_constraints.k new file mode 100644 index 00000000..bec66969 --- /dev/null +++ b/kubevirt/v1/security_openshift_io_v1_security_context_constraints.k @@ -0,0 +1,283 @@ +""" +This file was generated by the KCL auto-gen tool. DO NOT EDIT. +Editing this file might prove futile when you re-run the KCL auto-gen generate command. +""" +import k8s.apimachinery.pkg.apis.meta.v1 + + +schema SecurityContextConstraints: + r""" + SecurityContextConstraints governs the ability to make requests that affect the SecurityContext that will be applied to a container. For historical reasons SCC was exposed under the core Kubernetes API group. That exposure is deprecated and will be removed in a future release - users should instead use the security.openshift.io group to manage SecurityContextConstraints. + + Attributes + ---------- + allowHostDirVolumePlugin : bool, default is Undefined, required + AllowHostDirVolumePlugin determines if the policy allow containers to use the HostDir volume plugin + allowHostIPC : bool, default is Undefined, required + AllowHostIPC determines if the policy allows host ipc in the containers. + allowHostNetwork : bool, default is Undefined, required + AllowHostNetwork determines if the policy allows the use of HostNetwork in the pod spec. + allowHostPID : bool, default is Undefined, required + AllowHostPID determines if the policy allows host pid in the containers. + allowHostPorts : bool, default is Undefined, required + AllowHostPorts determines if the policy allows host ports in the containers. + allowPrivilegeEscalation : bool, default is Undefined, optional + AllowPrivilegeEscalation determines if a pod can request to allow privilege escalation. If unspecified, defaults to true. + allowPrivilegedContainer : bool, default is Undefined, required + AllowPrivilegedContainer determines if a container can request to be run as privileged. + allowedCapabilities : [str], default is Undefined, required + AllowedCapabilities is a list of capabilities that can be requested to add to the container. Capabilities in this field maybe added at the pod author's discretion. You must not list a capability in both AllowedCapabilities and RequiredDropCapabilities. To allow all capabilities you may use '*'. + allowedFlexVolumes : [SecurityOpenshiftIoV1SecurityContextConstraintsAllowedFlexVolumesItems0], default is Undefined, optional + AllowedFlexVolumes is a whitelist of allowed Flexvolumes. Empty or nil indicates that all Flexvolumes may be used. This parameter is effective only when the usage of the Flexvolumes is allowed in the "Volumes" field. + allowedUnsafeSysctls : [str], default is Undefined, optional + AllowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none. Each entry is either a plain sysctl name or ends in "*" in which case it is considered as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed. Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection. + Examples: e.g. "foo/*" allows "foo/bar", "foo/baz", etc. e.g. "foo.*" allows "foo.bar", "foo.baz", etc. + apiVersion : str, default is "security.openshift.io/v1", required + APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + defaultAddCapabilities : [str], default is Undefined, required + DefaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability. You may not list a capabiility in both DefaultAddCapabilities and RequiredDropCapabilities. + defaultAllowPrivilegeEscalation : bool, default is Undefined, optional + DefaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process. + forbiddenSysctls : [str], default is Undefined, optional + ForbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none. Each entry is either a plain sysctl name or ends in "*" in which case it is considered as a prefix of forbidden sysctls. Single * means all sysctls are forbidden. + Examples: e.g. "foo/*" forbids "foo/bar", "foo/baz", etc. e.g. "foo.*" forbids "foo.bar", "foo.baz", etc. + fsGroup : SecurityOpenshiftIoV1SecurityContextConstraintsFsGroup, default is Undefined, optional + fs group + groups : [str], default is Undefined, optional + The groups that have permission to use this security context constraints + kind : str, default is "SecurityContextConstraints", required + Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + metadata : v1.ObjectMeta, default is Undefined, optional + metadata + priority : int, default is Undefined, required + Priority influences the sort order of SCCs when evaluating which SCCs to try first for a given pod request based on access in the Users and Groups fields. The higher the int, the higher priority. An unset value is considered a 0 priority. If scores for multiple SCCs are equal they will be sorted from most restrictive to least restrictive. If both priorities and restrictions are equal the SCCs will be sorted by name. + readOnlyRootFilesystem : bool, default is Undefined, required + ReadOnlyRootFilesystem when set to true will force containers to run with a read only root file system. If the container specifically requests to run with a non-read only root file system the SCC should deny the pod. If set to false the container may run with a read only root file system if it wishes but it will not be forced to. + requiredDropCapabilities : [str], default is Undefined, required + RequiredDropCapabilities are the capabilities that will be dropped from the container. These are required to be dropped and cannot be added. + runAsUser : SecurityOpenshiftIoV1SecurityContextConstraintsRunAsUser, default is Undefined, optional + run as user + seLinuxContext : SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContext, default is Undefined, optional + se linux context + seccompProfiles : [str], default is Undefined, optional + SeccompProfiles lists the allowed profiles that may be set for the pod or container's seccomp annotations. An unset (nil) or empty value means that no profiles may be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When used to generate a value for a pod the first non-wildcard profile will be used as the default. + supplementalGroups : SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroups, default is Undefined, optional + supplemental groups + users : [str], default is Undefined, optional + The users who have permissions to use this security context constraints + volumes : [str], default is Undefined, required + Volumes is a white list of allowed volume plugins. FSType corresponds directly with the field names of a VolumeSource (azureFile, configMap, emptyDir). To allow all volumes you may use "*". To allow no volumes, set to ["none"]. + """ + + + allowHostDirVolumePlugin: bool + + allowHostIPC: bool + + allowHostNetwork: bool + + allowHostPID: bool + + allowHostPorts: bool + + allowPrivilegeEscalation?: bool + + allowPrivilegedContainer: bool + + allowedCapabilities: [str] + + allowedFlexVolumes?: [SecurityOpenshiftIoV1SecurityContextConstraintsAllowedFlexVolumesItems0] + + allowedUnsafeSysctls?: [str] + + apiVersion: "security.openshift.io/v1" = "security.openshift.io/v1" + + defaultAddCapabilities: [str] + + defaultAllowPrivilegeEscalation?: bool + + forbiddenSysctls?: [str] + + fsGroup?: SecurityOpenshiftIoV1SecurityContextConstraintsFsGroup + + groups?: [str] + + kind: "SecurityContextConstraints" = "SecurityContextConstraints" + + metadata?: v1.ObjectMeta + + priority: int + + readOnlyRootFilesystem: bool + + requiredDropCapabilities: [str] + + runAsUser?: SecurityOpenshiftIoV1SecurityContextConstraintsRunAsUser + + seLinuxContext?: SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContext + + seccompProfiles?: [str] + + supplementalGroups?: SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroups + + users?: [str] + + volumes: [str] + + +schema SecurityOpenshiftIoV1SecurityContextConstraintsAllowedFlexVolumesItems0: + r""" + AllowedFlexVolume represents a single Flexvolume that is allowed to be used. + + Attributes + ---------- + driver : str, default is Undefined, required + Driver is the name of the Flexvolume driver. + """ + + + driver: str + + +schema SecurityOpenshiftIoV1SecurityContextConstraintsFsGroup: + r""" + FSGroup is the strategy that will dictate what fs group is used by the SecurityContext. + + Attributes + ---------- + ranges : [SecurityOpenshiftIoV1SecurityContextConstraintsFsGroupRangesItems0], default is Undefined, optional + Ranges are the allowed ranges of fs groups. If you would like to force a single fs group then supply a single range with the same start and end. + $type : str, default is Undefined, optional + Type is the strategy that will dictate what FSGroup is used in the SecurityContext. + """ + + + ranges?: [SecurityOpenshiftIoV1SecurityContextConstraintsFsGroupRangesItems0] + + $type?: str + + +schema SecurityOpenshiftIoV1SecurityContextConstraintsFsGroupRangesItems0: + r""" + IDRange provides a min/max of an allowed range of IDs. TODO: this could be reused for UIDs. + + Attributes + ---------- + max : int, default is Undefined, optional + Max is the end of the range, inclusive. + min : int, default is Undefined, optional + Min is the start of the range, inclusive. + """ + + + max?: int + + min?: int + + +schema SecurityOpenshiftIoV1SecurityContextConstraintsRunAsUser: + r""" + RunAsUser is the strategy that will dictate what RunAsUser is used in the SecurityContext. + + Attributes + ---------- + $type : str, default is Undefined, optional + Type is the strategy that will dictate what RunAsUser is used in the SecurityContext. + uid : int, default is Undefined, optional + UID is the user id that containers must run as. Required for the MustRunAs strategy if not using namespace/service account allocated uids. + uidRangeMax : int, default is Undefined, optional + UIDRangeMax defines the max value for a strategy that allocates by range. + uidRangeMin : int, default is Undefined, optional + UIDRangeMin defines the min value for a strategy that allocates by range. + """ + + + $type?: str + + uid?: int + + uidRangeMax?: int + + uidRangeMin?: int + + +schema SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContext: + r""" + SELinuxContext is the strategy that will dictate what labels will be set in the SecurityContext. + + Attributes + ---------- + seLinuxOptions : SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContextSeLinuxOptions, default is Undefined, optional + se linux options + $type : str, default is Undefined, optional + Type is the strategy that will dictate what SELinux context is used in the SecurityContext. + """ + + + seLinuxOptions?: SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContextSeLinuxOptions + + $type?: str + + +schema SecurityOpenshiftIoV1SecurityContextConstraintsSeLinuxContextSeLinuxOptions: + r""" + seLinuxOptions required to run as; required for MustRunAs + + Attributes + ---------- + level : str, default is Undefined, optional + Level is SELinux level label that applies to the container. + role : str, default is Undefined, optional + Role is a SELinux role label that applies to the container. + $type : str, default is Undefined, optional + Type is a SELinux type label that applies to the container. + user : str, default is Undefined, optional + User is a SELinux user label that applies to the container. + """ + + + level?: str + + role?: str + + $type?: str + + user?: str + + +schema SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroups: + r""" + SupplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext. + + Attributes + ---------- + ranges : [SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroupsRangesItems0], default is Undefined, optional + Ranges are the allowed ranges of supplemental groups. If you would like to force a single supplemental group then supply a single range with the same start and end. + $type : str, default is Undefined, optional + Type is the strategy that will dictate what supplemental groups is used in the SecurityContext. + """ + + + ranges?: [SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroupsRangesItems0] + + $type?: str + + +schema SecurityOpenshiftIoV1SecurityContextConstraintsSupplementalGroupsRangesItems0: + r""" + IDRange provides a min/max of an allowed range of IDs. TODO: this could be reused for UIDs. + + Attributes + ---------- + max : int, default is Undefined, optional + Max is the end of the range, inclusive. + min : int, default is Undefined, optional + Min is the start of the range, inclusive. + """ + + + max?: int + + min?: int + +