数据结构

kind

Yes

String

A string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

The value of this parameter is PodTemplate.

apiVersion

Yes

String

Versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

The value of this parameter is v1.

metadata

Yes

ObjectMeta object

-

template

Yes

PodTemplateSpec object

-

kind

Yes

String

A string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

The value of this parameter is Pod.

apiVersion

Yes

String

Versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

The value of this parameter is v1.

metadata

Yes

ObjectMeta object

-

spec

Yes

podSpec object

-

status

No

PodStatus object

Most recently observed status of the pod.

phase

No

String

Current condition of the pod.

conditions

No

Array of PodConditions objects

Current service state of the pod.

message

No

String

A human readable message indicating details about why the pod is in this condition.

reason

No

String

A brief CamelCase message indicating details about why the pod is in this state. e.g. 'OutOfDisk'

hostIP

No

String

IP address of the host to which the pod is assigned. Empty if not yet scheduled.

podIP

No

String

IP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.

startTime

No

String

RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.

containerStatuses

No

Array of containerStatuses objects

The list has one entry per container in the manifest. Each entry is currently the output of container inspect.

initContainerStatuses

No

Array of containerStatuses objects

The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set.

qosClass

No

String

The Quality of Service (QOS) classification assigned to the pod based on resource requirements. Can be

- Guaranteed

- Burstable

- BestEffort

podNetworks

No

Array of PodNetworkInterface objects

Complete list of Networks attached to this pod

type

No

String

Type of the condition. Currently only Ready.

Resizing - An user trigger resize of pvc has been started

status

No

String

Status of the condition. Can be True, False, or Unknown.

lastProbeTime

No

String

Last time we probed the condition.

lastTransitionTime

No

String

Last time the condition transitioned from one status to another.

reason

No

String

Unique, one-word, CamelCase reason for the condition's last transition.

message

No

String

Human-readable message indicating details about last transition.

name

Yes

String

This must be a DNS_LABEL. Each container in a pod must have a unique name. Cannot be updated.

state

No

ContainerState object

Details about the container's current condition.

lastState

No

ContainerState object

Details about the container's last termination condition.

ready

No

Boolean

Specifies whether the container has passed its readiness probe.

restartCount

No

Integer

The number of times the container has been restarted, currently based on the number of dead containers that have not yet been removed. Note that this is calculated from dead containers. However, those containers are subject to garbage collection. This value will get capped at 5 by GC.

image

Yes

String

The image the container is running.

imageID

No

String

ID of the container's image.

containerID

No

String

Container's ID in the format 'docker://'.

waiting

No

ContainerStateWaiting object

Details about a waiting container

running

No

ContainerStateRunning object

Details about a running container

terminated

No

terminated object

Details about a terminated container

reason

No

String

(Brief) Reason the container is not yet running.

message

No

String

Message regarding why the container is not yet running.

startedAt

No

String

Time at which the container was last (re-)started.

exitCode

No

Integer

Exit status from the last termination of the container.

signal

No

Integer

Signal from the last termination of the container.

reason

No

String

(Brief) reason from the last termination of the container.

message

No

String

Message regarding the last termination of the container.

startedAt

No

String

Time at which previous execution of the container started.

finishedAt

No

String

Time at which the container last terminated.

containerID

No

String

Container's ID in the format 'docker://'

name

Yes

String

Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated.

0 characters < name length ≤ 63 characters.

The name must be a regular expression [a-z0-9]([-a-z0-9]*[a-z0-9])?.

clusterName

No

String

The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request.

initializers

No

initializers object

An initializer is a controller which enforces some system invariant at object creation time. This field is a list of initializers that have not yet acted on this object. If nil or empty, this object has been completely initialized. Otherwise, the object is considered uninitialized and is hidden (in list/watch and get calls) from clients that haven't explicitly asked to observe uninitialized objects. When an object is created, the system will populate this list with the current set of initializers. Only privileged users may set or modify this list. Once it is empty, it may not be modified further by any user.

enable

No

Boolean

Enable identify whether the resource is available.

generateName

No

String

An optional prefix used by the server to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different from the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server.

If this field is specified and the generated name exists, the server will NOT return a 409. Instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header).

Applied only if Name is not specified.

0 characters < generated name length ≤ 253 characters.

The generated name must be a regular expression [a-z0-9]([-a-z0-9]*[a-z0-9])?.

namespace

No

String

Namespace defines the space within each name must be unique. An empty namespace is equivalent to the "default" namespace, but "default" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. Must be a DNS_LABEL. Cannot be updated.

0 characters < namespace length ≤ 63 characters.

The namespace must be a regular expression [a-z0-9]([-a-z0-9]*[a-z0-9])?.

selfLink

No

String

A URL representing this object. Populated by the system. Read-only.

uid

No

String

UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only.

resourceVersion

No

String

An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients.

generation

No

Integer

A sequence number representing a specific generation of the desired state. Currently only implemented by replication controllers. Populated by the system. Read-only.

creationTimestamp

No

String

A timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists.

deletionTimestamp

No

String

RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource will be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field. Once set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. Once the resource is deleted in the API, the Kubelet will send a hard termination signal to the container. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only.

deletionGracePeriodSeconds

No

Integer

Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only.

labels

No

Object

Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services.

annotations

No

annotations object

An unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects.

ownerReferences

No

Array of ownerReferences objects

List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.

finalizers

No

Array of strings

Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed.

obssidecar-injector-webhook/inject

No

Boolean

挂载OBS创建Pod时，需要添加该字段，具体使用限制请参见挂载OBS使用限制。

pod.logcollection.kubernetes.io

No

Array of strings

用于配置需要采集标准输出日志的容器列表。若不配置表示收集所有容器列表。

• 示例1：收集所有containers。

  pod annotation: log.stdoutcollection.kubernetes.io:{"collectionContainers":[]}

• 示例2：采集容器container0，其中container0为容器名。

  pod annotation: log.stdoutcollection.kubernetes.io:{"collectionContainers":["container0"]}

paas.storage.io/cryptKeyId

No

String

加密密钥ID。

存储类型为SFS或EVS且需创建加密卷时，才需配置该参数。

密钥ID可从“安全控制台 > 数据加密服务 > 密钥管理”页面获取。

paas.storage.io/cryptAlias

No

String

加密密钥别名。

存储类型为SFS且需创建加密卷时，才需配置该参数。

密钥名称可从“安全控制台 > 数据加密服务 > 密钥管理”页面获取。

paas.storage.io/cryptDomainId

No

String

租户的DomainId

存储类型为SFS且需创建加密卷时，才需配置该参数。

pending

No

Array of pending objects

Pending is a list of initializers that must execute in order before this object is visible. When the last pending initializer is removed, and no failing result is set, the initializers struct will be set to nil and the object is considered as initialized and visible to all clients.

result

No

status object

If result is set with the Failure field, the object will be persisted to storage and then deleted, ensuring that other clients can observe the deletion.

name

No

String

name of the process that is responsible for initializing this object.

apiVersion

Yes

String

API version of the referent.

blockOwnerDeletion

No

Boolean

If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Default to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned.

kind

Yes

String

Kind of the referent.

name

Yes

String

Name of the referent.

uid

No

String

UID of the referent.

controller

No

Boolean

If true, this reference points to the managing controller.

replicas

No

Integer

The number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified.

Value range: ≥ 0.

Default: 1

minReadySeconds

No

Integer

Minimum number of seconds for which a newly created pod should be ready without any of its containers crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)

template

Yes

PodTemplateSpec object

-

selector

Yes

Object

A label query over pods that should match the Replicas count. If Selector is empty, it is defaulted to the labels present on the Pod template. Label keys and values that must match in order to be controlled by this replication controller, if empty defaulted to labels on Pod template.

replicas

No

Integer

The most recently observed number of replicas.

availableReplicas

No

Integer

The number of available replicas (ready for at least minReadySeconds) for this replication controller.

readyReplicas

No

Integer

The number of ready replicas for this replication controller.

conditions

No

condition object

Represents the latest available observations of a replication controller's current state.

observedGeneration

No

Integer

Reflects the generation of the most recently observed replication controller.

FullylabeledReplicas

No

Obeject

-

metadata

No

ObjectMeta object

-

spec

Yes

podSpec object

-

lastTransitionTime

No

String

The last time the condition transitioned from one status to another.

message

No

String

A human readable message indicating details about the transition.

reason

No

String

The reason for the condition's last transition.

status

No

String

Status of the condition, one of True, False, Unknown.

type

No

String

Type of replication controller condition.

volumes

No

Array of volumes objects

List of volumes that can be mounted by containers belonging to the pod.

affinity

No

affinity object

If specified, the pod's scheduling constraints.

containers

Yes

Array of containers objects

List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a pod. Cannot be updated.

restartPolicy

No

String

Restart policy for all containers within the pod.

Value:

• Always
• OnFailure
• Never

Default: Always.

priority

No

Integer

Pod优先级，数值越大优先级越高，默认值为0。

取值范围：[-10, 10]

terminationGracePeriodSeconds

No

Integer

Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. Value must be a non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period will be used instead. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. Defaults to 30 seconds.

activeDeadlineSeconds

No

Integer

Optional duration in seconds the pod may be active on the node relative to StartTime before the system will actively try to mark it failed and kill associated containers. Value must be a positive integer.

Value range of this parameter: > 0.

dnsPolicy

No

String

Set DNS policy for containers within the pod.

Value:

• ClusterFirst
• Default
  说明：

  dnsPolicy不支持设置为Default

Default: ClusterFirst.

hostAliases

No

Array of hostAliases objects

HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts file if specified. This is only valid for non-hostNetwork pods.

serviceAccountName

No

String

Name of the ServiceAccount used to run this pod.

0 characters < service account name length ≤ 253 characters.

The service account name must be a regular expression [a-z0-9]([-a-z0-9]*[a-z0-9])?.

serviceAccount

No

String

DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead.

schedulerName

No

String

If specified, the pod will be dispatched by specified scheduler. If not specified, the pod will be dispatched by default scheduler.

nodeName

No

String

A request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.

0 characters < node name length ≤ 253 characters.

The node name must be a regular expression [a-z0-9]([-a-z0-9]*[a-z0-9])?.

nodeSelector

No

Object

NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node.

automountServiceAccountToken

No

Boolean

AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.

hostNetwork

No

Boolean

Host networking requested for this pod. Use the host's network namespace. If this option is set, the ports that will be used must be specified. Default to false.

(不支持设置)

hostPID

No

Boolean

A flag indicating whether to use the host's pid namespace. Optional: Default to false.

hostIPC

No

Boolean

A flag indicating whether to use the host's ipc namespace. Optional: Default to false.

securityContext

No

PodSecurityContext object

SecurityContext holds pod-level security attributes and common container settings.

Defaults to empty.

imagePullSecrets

No

Array of imagePullSecrets objects

An optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use.

initContainers

No

Array of containers objects

List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, or Liveness probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed.

hostname

No

String

Specifies the hostname of the Pod. If not specified, the pod's hostname will be set to a system-defined value.

subdomain

No

String

If specified, the fully qualified Pod hostname will be"<hostname>.<subdomain>.<pod namespace>.svc<cluster domain>". If not specified, the pod will not have a domainname at all.

tolerations

No

tolerations object

If specified, the pod's tolerations.

priorityClassName

No

String

If specified, indicates the pod's priority. "SYSTEM" is a special keyword which indicates the highest priority. Any other name must be defined by creating a PriorityClass object with that name.

If not specified, the pod priority will be default or zero if there is no default.

name

Yes

String

Volume name. Must be a DNS_LABEL and unique within the pod.

0 characters < volume name length ≤ 63 characters.

The volume name must be a regular expression [a-z0-9]([-a-z0-9]*[a-z0-9])?.

secret

No

SecretVolumeSource object

Secret represents a secret that should populate this volume.

persistentVolumeClaim

No

PersistentVolumeClaimVolumeSource object

PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace.

localDir

No

LocalDirVolumeSource object

LocalDir represents a LocalDir volume that is created by LVM and mounted into the pod

emptyDir

No

emptyDir object

通过LVM方式创建本地卷的Pod实例。

name

Yes

String

Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.

0 characters < container name length ≤ 63 characters.

The container name must be a regular expression [a-z0-9]([-a-z0-9]*[a-z0-9])?.

Cannot be updated.

image

Yes

String

容器镜像地址，具体请参见获取容器镜像地址。

command

No

Array of strings

Entrypoint array. Not executed within a shell. The container image's entrypoint is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, for example, $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.

Cannot be updated.

args

No

Array of strings

Arguments to the entrypoint. The container image's cmd is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, for example, $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not.

Cannot be updated.

workingDir

No

String

Container's working directory. Defaults to Container's default. Defaults to image's default.

Cannot be updated.

ports

No

Array of ContainerPort objects

List of ports to expose from the container. Cannot be updated.

env

No

Array of EnvVar objects

List of environment variables to set in the container.

Cannot be updated.

envFrom

No

Array of EnvFromSource objects

List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence.

Cannot be updated.

resources

No

ResourceRequirements object

Minimum resources the volume should have.

Cannot be updated.

volumeMounts

No

Array of volumeMounts objects

Pod volumes to mount into the container's filesystem.

Cannot be updated.

volumeDevices

No

Array of volumeDevice objects

volumeDevices is the list of block devices to be used by the container.

This is an alpha feature and may change in the future.

livenessProbe

No

Probe object

Periodic probe of container liveness.

Container will be restarted if the probe fails.

Cannot be updated.

readinessProbe

No

Probe object

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails.

Cannot be updated.

lifecycle

No

lifecycle object

Actions that the management system should take in response to container lifecycle events.

Cannot be updated.

terminationMessagePath

No

String

Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Defaults to /dev/termination-log. Cannot be updated.

Cannot be updated.

terminationMessagePolicy

No

String

Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error.

The log output is limited to 2048 bytes or 80 lines, whichever is smaller.

Defaults to File.

Cannot be updated.

imagePullPolicy

No

String

Image pull policy. Defaults to Always if the :latest tag is specified, or IfNotPresent otherwise. Cannot be updated.

Value:

• Always
• Never
• IfNotPresent

  Cannot be updated.

securityContext

No

securityContext object

Security options the pod should run with

stdin

No

Boolean

A flag indicating whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF.

Default is false.

stdinOnce

No

Boolean

A flag indicating whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true, the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container process that reads from stdin will never receive an EOF.

Default is false.

tty

No

Boolean

A flag indicating whether this container should allocate a TTY for itself, also requires 'stdin' to be true.

Default is false.

seLinuxOptions

No

seLinuxOptions object

-

runAsUser

No

Integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.

Value length: > 0 characters.

runAsNonRoot

No

Boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

supplementalGroups

No

Array of integers

A list of groups applied to the first process run in each container, in addition to the container's primary GID. If unspecified, no groups will be added to any container.

fsGroup

No

Integer

A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw.

fsOwner

No

Integer

A special supplemental owner that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:

1. The owning UID will be the FSOwner

2. The setgid bit is set (new files created in the volume will be owned by FSOwner)

3. The permission bits are OR'd with rw-------

If unset, the Kubelet will not modify the ownership and permissions of any volume.

name

No

String

Name of the referent.

secretName

No

String

Name of a secret in the pod's namespace.

items

No

items(KeyToPath) object

If unspecified, each key-value pair in the Data field of the referenced. Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error. Paths must be relative and may not contain the '..' path or start with '..'.

defaultMode

否

Integer

Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file

mode, like fsGroup, and the result can be other mode bits set.

optional

否

Boolean

Specify whether the Secret or it is keys must be defined

claimName

No

String

Name of a PersistentVolumeClaim in the same namespace as the pod using this volume.

readOnly

No

Boolean

readOnly here will force the ReadOnly setting in VolumeMounts.

Value:

• true
• false

Default: false.

key

No

String

The key to project.

path

No

String

The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'.

mode

No

Integer

mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

name

No

String

If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.

0 characters < name length ≤ 15 characters.

The name must be a regular expression [a-z0-9]([-a-z0-9]*[a-z0-9])?.

hostPort

No

Integer

Number of the port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this.

Value range: [1, 65535].

containerPort

No

Integer

Number of the port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536.

Value range: [1, 65535].

protocol

No

String

Protocol for port.

Value:

• TCP
• UDP

Default: TCP.

hostIP

No

String

What host IP to bind the external port to.

name

Yes

String

Name of the environment variable. Must be a C_IDENTIFIER.

value

No

String

Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, for example, $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".

valueFrom

No

EnvVarSource object

Source for the environment variable's value. Cannot be used if value is not empty.

limits

No

Array of ResouceName objects

Maximum amount of compute resources allowed.

requests

No

Array of ResouceName objects

Minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value.

云容器实例中Pod规格有限制，具体的限制请参见约束限制页面的“Pod规格”部分。

storage

No

String

Volume size, in bytes (e,g. 5Gi = 5GiB = 5 * 1024 * 1024 * 1024)

cpu

No

String

CPU size, in cores. (500m = .5 cores)

memory

No

String

Memory size, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)

localdir

No

String

Local Storage for LocalDir, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)

nvidia.com/gpu-tesla-v100-16GB

No

String

NVIDIA GPU resource, the type may change in diffrent environments, in production environment is

nvidia.com/gpu-tesla-v100-16GB now. The value must be an integer and not less than 1.

name

Yes

String

This must match the Name of a Volume.

0 character < name length ≤ 253 characters.

The name must be a regular expression [a-z0-9]([-a-z0-9]*[a-z0-9])?.

readOnly

No

Boolean

Mounted read-only if true, read-write otherwise (false or unspecified).

Value:

• true
• false

Default: false.

mountPath

No

String

Path within the container at which the volume should be mounted.

Value length: > 0 characters.

subPath

No

String

Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root).

mountPropagation

No

String

mountPropagation determines how mounts are propagated from the host

to container and the other way around.

When not set, MountPropagationHostToContainer is used。This field is alpha in 1.8 and can be reworked or removed in a future release.

extendPathMode

No

String

Extend the volume path by appending the pod metadata to the path according to specified pattern, which provides a way of directory isolation and helps prevent the writing conflict between different pods.

name

String

name must match the name of a persistentVolumeClaim in the pod

devicePath

String

devicePath is the path inside of the container that the device will be mapped to.

exec

No

exec object

Only one option should be specified.

Exec specifies the action to take.

initialDelaySeconds

No

Integer

Number of seconds after the container has started before liveness probes are initiated.

Value range: ≥ 0.

timeoutSeconds

No

Integer

Number of seconds after which the probe times out.

Value range: ≥ 0.

Default: 1.

periodSeconds

No

Integer

How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.

Value range: ≥ 0.

Default: 10.

successThreshold

No

Integer

Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1.

Value range: ≥ 0.

Default: 1.

failureThreshold

No

Integer

Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

Value range: ≥ 0.

Default: 3.

postStart

No

Handler object

PostStart is called immediately after a container is created. If the handler fails,

the container is terminated and restarted according to its restart policy.

Other management of the container blocks until the hook completes.

preStop

No

Handler object

PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler.

Regardless of the outcome of the handler, the container is eventually terminated.

Other management of the container blocks until the hook completes.

capabilities

No

capabilities object

The capabilities to add/drop when running containers.

Defaults to the default set of capabilities granted by the container runtime.

privileged

No

Boolean

Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host.

Value:

• true
• false

Default: false.

seLinuxOptions

No

seLinuxOptions object

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

runAsUser

No

Integer

The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

runAsNonRoot

No

Boolean

Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

Value:

• true
• false

readOnlyRootFilesystem

No

Boolean

Whether this container has a read-only root filesystem.

Default is false.

allowPrivilegeEscalation

No

Boolean

AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process.

AllowPrivilegeEscalation is true always when the container is:

1) run as Privileged

2) has CAP_SYS_ADMIN

user

No

String

SELinux user label that applies to the container.

role

No

String

SELinux role label that applies to the container.

type

No

String

SELinux type label that applies to the container.

level

No

String

SELinux level label that applies to the container.

path

No

String

Relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'

fieldRef

No

ObjectFieldSelector object

-

resourceFieldRef

No

ResourceFieldSelector object

Selects a resource of the container: only resources limits and requests. (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

fieldRef

No

ObjectFieldSelector object

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations,spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP.

resourceFieldRef

No

ResourceFieldSelector object

Selects a resource of the container: only resources limits and requests. (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

configMapKeyRef

No

ConfigMapKeySelector object

Selects a key of a ConfigMap.

secretKeyRef

No

SecretKeySelector object

Selects a key of a secret in the pod's namespace

processResourceFieldRef

No

ProcessResourceFieldSelector object

Selects a resource of the process: only resources limits and requests

(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

command

No

Array of strings

Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply executed, it is not run inside a shell, so traditional shell instructions ('|', etc) do not work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

exec

No

exec object

Only one option should be specified.

Exec specifies the action to take.

add

No

Array of strings

Added capabilities.

drop

No

Array of strings

Removed capabilities.

apiVersion

No

String

Version of the schema the FieldPath is written in terms of. Defaults to "v1".

fieldPath

No

String

Path of the field to select in the specified API version.

containerName

No

String

Container name: required for volumes, optional for env vars.

resource

Yes

String

Required: resource to select.

divisor

No

String

Specifies the output format of the exposed resources, defaults to "1".

name

No

String

The ConfigMap name to select from

key

No

String

The key to select

optional

No

String

Specify whether the ConfigMap or it is key must be defined

name

No

String

The secret name to select from

key

No

String

The key to select

optional

No

String

Specify whether the Secret or it is key must be defined

processName

No

String

Process name: required for volumes, optional for env vars

resource

Yes

String

Required: resource to select.

divisor

No

Integer

Specifies the output format of the exposed resources, defaults to "1".

prefix

No

String

An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.

configMapRef

No

ConfigMapEnvSource object

The ConfigMap to select from

secretRef

No

SecretEnvSource object

The Secret to select from

name

No

String

The ConfigMap to select from

optional

No

String

Specify whether the ConfigMap must be defined

name

No

String

The Secret name to select from

optional

No

String

Specify whether the Secret must be defined

name

Yes

String

Name of the resource.

namespaced

No

Boolean

A flag indicating whether a resource is namespaced or not.

Default: false.

kind

No

String

kind of the resource.

nodeAffinity

No

nodeAffinity object

Describes node affinity scheduling rules for the pod.

podAffinity

No

podAffinity object

Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).

podAntiAffinity

No

podAffinity object

Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).

preferredDuringSchedulingIgnoredDuringExecution

No

preferredDuringSchedulingIgnoredDuringExecution object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.

requiredDuringSchedulingIgnoredDuringExecution

No

requiredDuringSchedulingIgnoredDuringExecution object

If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.

preferredDuringSchedulingIgnoredDuringExecution

No

preferredDuringSchedulingIgnoredDuringExecution object

The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which match the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.

requiredDuringSchedulingIgnoredDuringExecution

No

podAffinityTerm object

NOT YET IMPLEMENTED. TODO: Uncomment field once it is implemented. If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system will try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. RequiredDuringSchedulingRequiredDuringExecution []PodAffinityTerm json:"requiredDuringSchedulingRequiredDuringExecution,omitempty" If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.

preference

No

preference object

A node selector term, associated with the corresponding weight.

weight

No

Integer

Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.

nodeSelectorTerms

No

preference object

Required. A list of node selector terms. The terms are ORed.

matchExpressions

No

matchExpressions object

Required. A list of node selector requirements. The requirements are ANDed.

key

No

String

The label key that the selector applies to.

operator

No

String

Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.

values

No

String

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.

podAffinityTerm

No

podAffinityTerm object

Required. A pod affinity term, associated with the corresponding weight.

weight

No

Integer

weight associated with matching the corresponding podAffinityTerm, in the range 1-100.

labelSelector

No

labelSelector object

A label query over a set of resources, in this case pods.

namespaces

No

Array of strings

namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace"

topologyKey

No

String

This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. For PreferredDuringScheduling pod anti-affinity, empty topologyKey is interpreted as "all topologies" ("all topologies" here means all the topologyKeys indicated by scheduler command-line argument --failure-domains); for affinity and for RequiredDuringScheduling pod anti-affinity, empty topologyKey is not allowed.

matchExpressions

No

Array of LabelSelectorRequirement objects

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchLabels

No

Object

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

key

No

String

key is the label key that the selector applies to.

operator

No

String

operator represents a key's relationship to a set of values.

Valid operators are In, NotIn, Exists and DoesNotExist.

values

No

Array of strings

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

hostnames

No

Array of strings

Hostnames for the above IP address.

ip

No

String

IP address of the host file entry.

effect

No

String

Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.

key

No

String

Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.

operator

No

String

Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.

tolerationSeconds

No

Integer

TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.

value

No

String

Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.

kind

Yes

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

The value of this parameter is Namespace.

apiVersion

Yes

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

The value of this parameter is v1.

gracePeriodSeconds

No

Integer

The duration in seconds before the object should be deleted. Value must be a non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

Value range of this parameter: > 0.

preconditions

No

preconditions object

Must be fulfilled before a deletion is carried out. If not possible, a 409 Conflict status will be returned.

orphanDependents

No

Boolean

Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list.

propagationPolicy

No

String

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy.

uid

No

String

Specifies the target UID.

name

String

Name of the interface inside the pod

network

String

Name of the attached network

iP

Array of strings

IP address(both v4 and v6) of this interface

kind

String

A string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

apiVersion

String

Versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

metadataString

ListMeta object

-

items

Array of Pod objects

List of pods.

kind

String

A string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

apiVersion

String

Versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

metadata

ListMeta object

-

items

Array of PodTemplate objects

List of pod templates.

phase

String

Current condition of the pod.

conditions

PodConditions object

Current service state of the pod.

message

String

A human readable message indicating details about why the pod is in this condition.

reason

String

A brief CamelCase message indicating details about why the pod is in this state. e.g. 'OutOfDisk'

hostIP

String

IP address of the host to which the pod is assigned. Empty if not yet scheduled.

podIP

String

IP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.

startTime

String

RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.

containerStatuses

containerStatuses object

The list has one entry per container in the manifest. Each entry is currently the output of container inspect.

selfLink

String

SelfLink is a URL representing this object. Populated by the system. Read-only.

resourceVersion

String

String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only.

kind

String

Kind of the referent.

namespace

String

Namespace of the referent.

name

String

Name of the referent.

uid

String

UID of the referent.

apiVersion

String

API version of the referent.

resourceVersion

String

Specific resourceVersion to which this reference is made, if any.

fieldPath

String

Path of the field to select in the specified API version.

kind

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated.

apiVersion

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

metadata

ListMeta object

Standard list metadata.

status

String

Status of the operation. One of: "Success" or "Failure".

message

String

A human-readable description of the status of this operation.

reason

reason object

A machine-readable description of why this operation is in the "Failure" status. If this value is empty there is no information available. A Reason clarifies an HTTP status code but does not override it.

details

StatusDetails object

Extended data associated with the reason. Each reason may define its own extended details. This field is optional and the data returned is not guaranteed to conform to any schema except that defined by the reason type.

code

Integer

Suggested HTTP return code for this status, 0 if not set.

causes

Array of StatusCause objects

The Causes array includes more details associated with the StatusReason failure. Not all StatusReasons may provide detailed causes.

group

String

The group attribute of the resource associated with the status StatusReason.

kind

String

The kind attribute of the resource associated with the status StatusReason. On some operations may differ from the requested resource Kind

name

String

The name attribute of the resource associated with the status StatusReason (when there is a single name which can be described).

retryAfterSeconds

Integer

If specified, the time in seconds before the operation should be retried. Some errors may indicate the client must take an alternate action - for those errors this field may indicate how long to wait before taking the alternate action.

uid

String

UID of the resource. (when there is a single resource which can be described)

field

String

The field of the resource that has caused this error, as named by its JSON serialization. May include dot and postfix notation for nested attributes. Arrays are zero-indexed. Fields may appear more than once in an array of causes due to fields having multiple errors. Optional. Examples: "name" - the field "name" on the current resource "items[0].name" - the field "name" on the first array entry in "items"

message

String

A human-readable description of the cause of the error. This field may be presented as-is to a reader.

reason

StatusCause reason object

A machine-readable description of the cause of the error. If this value is empty there is no information available.

FieldValueNotFound

CauseTypeFieldValueNotFound is used to report failure to find a requested value.(e.g. looking up an ID)

FieldValueRequired

CauseTypeFieldValueRequired is used to report required values that are not

provided (e.g. empty strings, null values, or empty arrays).

FieldValueDuplicate

CauseTypeFieldValueDuplicate is used to report collisions of values that must be unique (e.g. unique IDs).

FieldValueInvalid

CauseTypeFieldValueInvalid is used to report malformed values (e.g. failed regex match).

FieldValueNotSupported

CauseTypeFieldValueNotSupported is used to report valid (as per formatting rules) values that cannot be handled (e.g. an enumerated string).

UnexpectedServerResponse

CauseTypeUnexpectedServerResponse is used to report when the server responded to the client without the expected return type. The presence of this cause indicates the error may be due to an intervening proxy or the server software malfunctioning.

continue

String

continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response

resourceVersion

String

String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only

selfLink

String

SelfLink is a URL representing this object. Populated by the system. Read-only

StatusReasonUnknown

“”

StatusReasonUnknown means the server has declined to indicate a specific reason. The details field may contain other information about this error.

Status code 500

StatusReasonUnauthorized

Unauthorized

StatusReasonUnauthorized means the server can be reached and understood the request, but requires the user to present appropriate authorization credentials (identified by the WWW-Authenticate header) in order for the action to be completed. If the user has specified credentials on the request, the server considers them insufficient.

Status code 401

StatusReasonForbidden

Forbidden

StatusReasonForbidden means the server can be reached and understood the request, but refuses to take any further action. It is the result of the server being configured to deny access for some reason to the requested resource by the client.

Details (optional):

"kind" string - the kind attribute of the forbidden resource on some operations may differ from the requested

resource. "id" string - the identifier of the forbidden resource

Status code 403

StatusReasonNotFound

NotFound

StatusReasonNotFound means one or more resources required for this operation could not be found.

Details (optional):

"kind" string - the kind attribute of the missing resource on some operations may differ from the requested resource.

"id" string - the identifier of the missing resource

Status code 404

StatusReasonAlreadyExists

AlreadyExists

StatusReasonAlreadyExists means the resource you are creating already exists.

Details (optional):

"kind" string - the kind attribute of the conflicting resource

"id" string - the identifier of the conflicting resource

Status code 409

StatusReasonConflict

Conflict

StatusReasonConflict means the requested operation cannot be completed due to a conflict in the operation. The client may need to alter the request. Each resource may define custom details that indicate the nature of the conflict.

Status code 409

StatusReasonGone

Gone

StatusReasonGone means the item is no longer available at the server and no forwarding address is known.

Status code 410

StatusReasonInvalid

Invalid

StatusReasonInvalid means the requested create or update operation cannot be completed due to invalid data provided as part of the request. The client may need to alter the request. When set, the client may use the StatusDetailsmessage field as a summary of the issues encountered.

Details (optional):

"kind" string - the kind attribute of the invalid resource

"id" string - the identifier of the invalid resource

"causes" - one or more StatusCause entries indicating the data in the provided resource that was invalid. The code, message, and field attributes will be set.

Status code 422

StatusReasonServerTimeout

ServerTimeout

StatusReasonServerTimeout means the server can be reached and understood the request, but cannot complete the action in a reasonable time. The client should retry the request. This is probably due to temporary server load or a transient communication issue with another server. Status code 500 is used because the HTTP spec provides no suitableserver-requested client retry and the 5xx class represents actionable errors.

Details (optional):

"kind" string - the kind attribute of the resource being acted on.

"id" string - the operation that is being attempted.

"retryAfterSeconds" Integer - the number of seconds before the operation should be retried

Status code 500

StatusReasonTimeout

Timeout

StatusReasonTimeout means that the request could not be completed within the given time. Clients can get this response only when they specified a timeout param in the request, or if the server cannot complete the operation within a reasonable amount of time. The request might succeed with an increased value of timeout param. The client *should*wait at least the number of seconds specified by the retryAfterSeconds field. Details (optional):"retryAfterSeconds" int32 - the number of seconds before the operation should be retried

Status code 504

StatusReasonTooManyRequests

TooManyRequests

StatusReasonTooManyRequests means the server experienced too many requests within a given window and that the client must wait to perform the action again. A client may always retry the request that led to this error, although the client should wait at least the number of seconds specified by the retryAfterSeconds field.

Details (optional):

"retryAfterSeconds" int32 - the number of seconds before the operation should be retried

Status code 429

StatusReasonBadRequest

BadRequest

StatusReasonBadRequest means that the request itself was invalid, because the request does not make any sense, for example deleting a read-only object. This is different from StatusReasonInvalid above which indicates that the API call could possibly succeed, but the data was invalid. API calls that return BadRequest can never succeed.

StatusReasonMethodNotAllowed

MethodNotAllowed

StatusReasonMethodNotAllowed means that the action the client attempted to perform on the resource was not supported by the code - for instance, attempting to delete a resource that can only be created. API calls that return MethodNotAllowed can never succeed.

StatusReasonInternalError

InternalError

StatusReasonInternalError indicates that an internal error occurred, it is unexpected and the outcome of the call is unknown.

Details (optional):

"causes" - The original error

Status code 500

StatusReasonExpired

Expired

StatusReasonExpired indicates that the request is invalid because the content you are requesting has expired and is no longer available. It is typically associated with watches that cannot be serviced.

Status code 410 (gone)

StatusReasonServiceUnavailable

ServiceUnavailable

StatusReasonServiceUnavailable means that the request itself was valid, but the requested service is unavailable at this time. Retrying the request after some time might succeed.

Status code 503

type

String

Type of Event. Can be

- Added

- Modified

- Deleted

- Error

Object

String

Object is:

- If Type is Added or Modified: the new state of the object.

- If Type is Deleted: the state of the object immediately before deletion.

- If Type is Error: Status is recommended;

- other types may make sense depending on context.

apiVersion

Yes

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

kind

Yes

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

metadata

Yes

ObjectMeta object

Standard object metadata.

spec

Yes

DeploymentSpec object

Specification of the desired behavior of the Deployment.

status

No

DeploymentStatus object

Most recently observed status of the Deployment.

minReadySeconds

No

Integer

Minimum number of seconds for which a newly created pod should be ready without any of its containers crashing, for it to be considered available. Defaults to 0 (pod will be considered available as soon as it is ready)

paused

No

Boolean

Indicates that the deployment is paused.

progressDeadlineSeconds

No

Integer

The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Once autoRollback is implemented, the deployment controller will automatically rollback failed deployments. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s.

replicas

No

Integer

Number of desired pods. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1.

replicas为1表示单个Pod，没有高可用能力，建议设置为多个。

priority

No

Integer

负载优先级，数值越大优先级越高，默认值为0。

取值范围：[-10, 10]

revisionHistoryLimit

No

Integer

The number of old ReplicaSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 2.

selector

No

labelSelector object

Label selector for pods. Existing ReplicaSets whose pods are selected by this will be the ones affected by this deployment.

strategy

No

DeploymentStrategy object

The deployment strategy to use to replace existing pods with new ones.

template

Yes

PodTemplateSpec object

Template describes the pods that will be created.

availableReplicas

No

Integer

Total number of available pods (ready for at least minReadySeconds) targeted by this deployment.

collisionCount

No

Integer

Count of hash collisions for the Deployment. The Deployment controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ReplicaSet.

conditions

No

Array of DeploymentCondition objects

Represents the latest available observations of a deployment's current state.

observedGeneration

No

Integer

The generation observed by the deployment controller

readyReplicas

No

Integer

Total number of ready pods targeted by this deployment

replicas

No

Integer

Total number of non-terminated pods targeted by this deployment (their labels match the selector).

unavailableReplicas

No

Integer

Total number of unavailable pods targeted by this deployment.

updatedReplicas

No

Integer

Total number of non-terminated pods targeted by this deployment that have the desired template spec.

rollingUpdate

Yes

RollingUpateDeployment object

Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.

type

No

String

Type of deployment.

Can be "Recreate" or "RollingUpdate".

Default is RollingUpdate.

lastTransitionTime

No

String

Last time the condition transitioned from one status to another.

lastUpdateTime

No

String

The last time this condition was updated.

message

No

String

A human readable message indicating details about the transition.

reason

No

String

The reason for the condition's last transition.

status

No

String

Status of the condition, one of True, False, Unknown.

type

No

String

Type of deployment condition.

Can be "Available", "Progressing", "ReplicaFailure"

maxSurge

No

Integer

The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This cannot be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new RC can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new RC can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.

maxUnavailable

No

Integer

The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This cannot be 0 if MaxSurge is 0. Defaults to 25%. Example: when this is set to 30%, the old RC can be scaled down to 70% of desired pods immediately when the rolling update starts. Once new pods are ready, old RC can be scaled down further, followed by scaling up the new RC, ensuring that the total number of pods available at all times during the update is at least 70% of desired pods.

apiVersion

Yes

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

kind

Yes

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

metadata

No

ListMeta object

Standard object metadata.

items

Yes

Array of Deployment objects

Items is the list of Deployments

apiVersion

Yes

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

kind

Yes

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated.

metadata

Yes

ObjectMeta object

Standard list metadata.

spec

Yes

StatefulSetSpec object

Spec defines the desired identities of pods in this set.

status

No

StatefulSetStatus object

Status is the current status of Pods in this StatefulSet. This data may be out of date by some window of time.

observedGeneration

No

Integer

Most recent generation observed by this autoscaler.

replicas

No

Integer

Replicas is the number of actual replicas.

currentReplicas

No

Integer

currentReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by currentRevision.

currentRevision

No

String

currentRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [0,currentReplicas).

readyReplicas

No

Integer

readyReplicas is the number of Pods created by the StatefulSet controller that have a Ready Condition.

updateRevision

No

String

updateRevision, if not empty, indicates the version of the StatefulSet used to generate Pods in the sequence [replicas-updatedReplicas,replicas)

updatedReplicas

No

Integer

updatedReplicas is the number of Pods created by the StatefulSet controller from the StatefulSet version indicated by updateRevision.

collisionCount

No

Integer

collisionCount is the count of hash collisions for the StatefulSet. The StatefulSet controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision

conditions

No

Array of

StatefulSetCondition objects

Represents the latest available observations of a statefulset's current state.

replicas

No

Integer

Replicas is the desired number of replicas of the given Template. These are replicas in the sense that they are instantiations of the same Template, but individual replicas also have a consistent identity. If unspecified, defaults to 1.

replicas为1表示单个Pod，没有高可用能力，建议设置为多个。

priority

No

Integer

负载优先级，数值越大优先级越高，默认值为0。

取值范围：[-10, 10]

podManagementPolicy

No

String

podManagementPolicy controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down.

can be: OrderedReady, Parallel

The default policy is OrderedReady, where pods are created in increasing order (pod-0, then pod-1, etc) and the controller will wait until each pod is ready before continuing. When scaling down, the pods are removed in the opposite order.

The alternative policy is Parallel which will create pods in parallel to match the desired scale without waiting, and on scale down will delete all pods at once.

revisionHistoryLimit

No

Integer

revisionHistoryLimit is the maximum number of revisions that will be maintained in the StatefulSet's revision history. The revision history consists of all revisions not represented by a currently applied StatefulSetSpec version. The default value is 10.

updateStrategy

No

StatefulSetUpdateStrategy object

updateStrategy indicates the StatefulSetUpdateStrategy that will be employed to update Pods in the StatefulSet when a revision is made to Template.

serviceName

Yes

String

ServiceName is the name of the service that governs this StatefulSet. This service must exist before the StatefulSet, and is responsible for the network identity of the set. Pods get DNS/hostnames that follow the pattern: pod-specific-string.serviceName.default.svc.cluster.local where "pod-specific-string" is managed by the StatefulSet controller.

volumeClaimTemplates

No

PersistentVolumeClaim object

VolumeClaimTemplates is a list of claims that pods are allowed to reference. The StatefulSet controller is responsible for mapping network identities to claims in a way that maintains the identity of a pod. Every claim in this list must have at least one matching (by name) volumeMount in one container in the template. A claim in this list takes precedence over any volumes in the template, with the same name.

注意：当前仅支持挂载evs云硬盘卷

selector

Yes

labelSelector object

Selector is a label query over pods that should match the replica count. If empty, defaulted to labels on the pod template.

template

Yes

PodTemplateSpec object

Template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet.

rollingUpdate

No

RollingUpdateStatefulSetStrategy object

RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType.

type

No

String

Type indicates the type of the StatefulSetUpdateStrategy.

can be:

- RollingUpdate: indicates that update will be applied to all Pods in the StatefulSet with respect to the StatefulSet ordering constraints. When a scale operation is performed with this strategy, new Pods will be created from the specification version indicated by the StatefulSet's updateRevision.

- OnDelete: triggers the legacy behavior. Version tracking and ordered rolling restarts are disabled. Pods are recreated from the StatefulSetSpec when they are manually deleted. When a scale operation is performed with this strategy, specification version indicated by the StatefulSet's currentRevision.

partition

No

Integer

Partition indicates the ordinal at which the StatefulSet should be partitioned.

type

No

String

Type of the condition. Currently only Ready.

status

No

String

Status of the condition. Can be True, False, or Unknown.

lastTransitionTime

No

String

Last time the condition transitioned from one status to another.

reason

No

String

Unique, one-word, CamelCase reason for the condition's last transition.

message

No

String

Human-readable message indicating details about last transition.

apiVersion

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

kind

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated.

metadata

ObjectMeta object

Standard object's metadata.

spec

PersistentVolumeClaimSpec object

Spec defines the desired characteristics of a volume requested by a pod author.

status

PersistentVolumeClaimStatus object

Status represents the current information/status of a persistent volume claim. Read-only.

accessModes

No

Array of strings

AccessModes contains the actual access modes the volume backing the PVC has.

ReadWriteOnce - can be mounted read/write mode to exactly 1 host

ReadOnlyMany - can be mounted in read-only mode to many hosts

ReadWriteMany - can be mounted in read/write mode to many hosts

capacity

No

Array of ResouceName objects

Represents the actual resources of the underlying volume.

phase

No

String

Phase represents the current phase of PersistentVolumeClaim.

pending - used for PersistentVolumeClaims that are not yet bound

Bound - used for PersistentVolumeClaims that are bound

Lost - used for PersistentVolumeClaims that lost their underlying.PersistentVolume. The claim was bound to a PersistentVolume and this volume does not exist any longer and all data on it was lost.

conditions

No

Array of PersistentVolumeClaimCondition objects

Current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to ResizeStarted.

type

No

String

Type of the condition. Currently only Ready.

Resizing - An user trigger resize of pvc has been started

status

No

String

Status of the condition. Can be True, False, or Unknown.

lastProbeTime

No

String

Last time we probed the condition.

lastTransitionTime

No

String

Last time the condition transitioned from one status to another.

reason

No

String

Unique, one-word, CamelCase reason for the condition's last transition.

message

No

String

Human-readable message indicating details about last transition.

volumeName

No

String

VolumeName is the binding reference to the PersistentVolume backing this claim.

accessModes

Yes

Array of strings

AccessModes contains the desired access modes the volume should have.

ReadWriteOnce – the volume can be mounted as read-write by a single node

ReadOnlyMany – the volume can be mounted read-only by many nodes

ReadWriteMany – the volume can be mounted as read-write by many nodes

resources

Yes

ResourceRequirements object

Resources represents the minimum resources the volume should have.

selector

No

labelSelector object

A label query over volumes to consider for binding.

storageClassName

Yes

String

Name of the StorageClass required by the claim.

支持如下字段：

• 云硬盘存储卷（EVS）

  当前支持高I/O（sas）、超高I/O（ssd）和普通I/O（sata）

• 文件存储卷（SFS）

  当前支持标准文件协议类型（nfs-rw）

volumeMode

No

String

volumeMode defines what type of volume is required by the claim.

Can be:

- Block: the volume will not be formatted with a filesystem and will remain a raw block device

- Filesystem: the volume will be or is formatted with a filesystem

apiVersion

Yes

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

kind

Yes

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

-

No

ListMeta object

-

items

Yes

Array of StatefulSet objects

Items is the list of Statefulsets

apiVersion

Yes

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

kind

Yes

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated.

metadata

Yes

ObjectMeta object

Standard list metadata.

spec

Yes

JobSpec object

Specification of the desired behavior of a job

status

No

JobStatus object

Current status of a job

active

No

Integer

The number of actively running pods.

completionTime

No

Time

Replicas is the number of actual replicas.

conditions

No

Array of JobCondition objects

The latest available observations of an object's current state. More info:

failed

No

Integer

The number of pods which reached phase Failed.

startTime

No

Time

Represents time when the job was acknowledged by the job controller. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC.

succeeded

No

Integer

The number of pods which reached phase Succeeded.

activeDeadlineSeconds

No

Integer

Specifies the duration in seconds relative to the startTime that the job may be active before the system tries to terminate it; value must be positive integer

backoffLimit

No

Integer

Specifies the number of retries before marking this job failed. Defaults to 6.

priority

No

Integer

任务优先级，数值越大优先级越高，默认值为0。

取值范围：[-10, 10]

completions

No

Integer

Specifies the desired number of successfully finished pods the job should be run with. Setting to nil means that the success of any pod signals the success of all pods, and allows parallelism to have any positive value. Setting to 1 means that parallelism is limited to 1 and the success of that pod signals the success of the job.

manualSelector

No

Boolean

manualSelector controls generation of pod labels and pod selectors. Leave manualSelector unset unless you are certain what you are doing. When false or unset, the system picks labels unique to this job and appends those labels to the pod template. When true, the user is responsible for picking unique labels and specifying the selector. Failure to pick a unique label may cause this and other jobs to not function correctly. However, You may see manualSelector=true in jobs that were created with the old extensions/v1beta1 API.

parallelism

No

Integer

Specifies the maximum desired number of pods the job should run at any given time. The actual number of pods running in steady state will be less than this number when ((.spec.completions - .status.successful) < .spec.parallelism), i.e. when the work left to do is less than max parallelism.

selector

Yes

labelSelector object

Selector is a label query over pods that should match the replica count. If empty, defaulted to labels on the pod template.

template

Yes

PodTemplateSpec object

Template is the object that describes the pod that will be created if insufficient replicas are detected. Each pod stamped out by the StatefulSet will fulfill this Template, but have a unique identity from the rest of the StatefulSet.

lastProbeTime

No

String

Last time the condition was checked.

lastTransitionTime

No

String

Last time the condition transitioned from one status to another.

message

No

String

Human readable message indicating details about last transition

reason

No

String

(brief) reason for the condition's last transition.

status

No

String

Status of the condition, one of True, False, Unknown.

type

No

String

Type of job condition, Complete or Failed.

kind

Yes

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

The value of this parameter is Service.

apiVersion

Yes

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

The value of this parameter is v1.

metadata

Yes

ObjectMeta object

-

spec

Yes

ServiceSpec object

-

status

No

ServiceStatus object

-

ports

Yes

Array of ServicePort objects

The list of ports that are exposed by this service.

selector

No

Object

This service will route traffic to pods having labels matching this selector. Label keys and values that must match in order to receive traffic for this service. If empty, all pods are selected, if not specified, endpoints must be manually specified.

clusterIP

No

String

clusterIP is the IP address of the service and is usually assigned randomly by the master. If an address is specified manually and is not in use by others, it will be allocated to the service; otherwise, creation of the service will fail. This field cannot be changed through updates. Valid values are "None", empty string (""), or a valid IP address.

"None" can be specified for headless services when proxying is not required. Only applies to types ClusterIP, NodePort, and LoadBalancer. Ignored if type is ExternalName.

type

No

String

type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP and LoadBalancer. "ExternalName" maps to the specified externalName.

"ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by the selector or if that is not specified, by manual construction of an Endpoints object. If clusterIP is "None", no virtual IP is allocated and the endpoints are published as a set of endpoints rather than a stable IP.

"LoadBalancer" builds on NodePort and creates an external load-balancer (if supported in the current cloud) which routes to the clusterIP.

externalIPs

No

Array of strings

externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service. These IPs are not managed by Kubernetes. The user is responsible for ensuring that traffic arrives at a node with this IP. A common example is external load-balancers that are not part of the Kubernetes system.

externalTrafficPolicy

No

String

externalTrafficPolicy denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints.

valid values are "Local" and "Cluster"

- "Local" preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading.

- "Cluster" obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading.

healthCheckNodePort

No

Integer

healthCheckNodePort specifies the healthcheck nodePort for the service. If not specified, HealthCheckNodePort is created by the service api backend with the allocated nodePort. Will use user-specified nodePort value if specified by the client. Only effects when Type is set to LoadBalancer and ExternalTrafficPolicy is set to Local.

externalName

No

String

externalName is the external reference that kubedns or equivalent will return as a CNAME record for this service. No proxying will be involved.

Must be a valid DNS name and requires Type to be ExternalName.

sessionAffinity

No

String

Used to maintain session affinity. Enable client IP based session affinity.

Must be ClientIP or None.

Defaults to None.

loadBalancerIP

No

String

Only applies to Service Type: LoadBalancer

LoadBalancer will get created with the IP specified in this field. This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. This field will be ignored if the cloud-provider does not support the feature.

loadBalancerSourceRanges

No

Array of strings

Optional: If specified and supported by the platform, this will restrict traffic through the cloud-provide.load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature.

publishNotReadyAddresses

No

Boolean

publishNotReadyAddresses, when set to true, indicates that DNS implementations must publish the notReadyAddresses of subsets for the Endpoints associated with the Service. The default value is false. The primary use case for setting this field is to use a StatefulSet's Headless Service to propagate SRV records for its Pods without respect to their readiness for purpose of peer discovery. This field will replace the service.alpha.kubernetes.io/tolerate-unready-endpoints when that annotation is deprecated and all clients have been converted to use this field.

sessionAffinityConfig

No

SessionAffinityConfig object

sessionAffinityConfig contains the configurations of session affinity.

loadBalancer

No

loadBalancerStatus object

LoadBalancer contains the current status of the load-balancer, if one is present

name

No

String

The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. This maps to the 'Name' field in EndpointPort objects. Optional if only one ServicePort is defined on this service.

Value length: 0 character < String length ≤ 63 characters.

The string must comply with regular expression [a-z0-9]([-a-z0-9]*[a-z0-9])?.

protocol

No

String

The IP protocol for this port. Supports "TCP" and "UDP".

This parameter can be set to:

• TCP
• UDP

port

Yes

Integer

The port that will be exposed by this service.

Value range: (0,65535].

targetPort

No

String

Number or name of the port to access on the pods targeted by the service. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. If this is a string, it will be looked up as a named port in the target Pod's container ports. If this is not specified, the value of Port is used (an identity map). Defaults to the service port.

Value range: (0,65535].

nodePort

No

Integer

The port on each node on which this service is exposed when type=NodePort or LoadBalancer. Usually assigned by the system. If specified, it will be allocated to the service if unused or else creation of the service will fail. Default is to auto-allocate a port if the ServiceType of this Service requires one.

Value range: [30000,32767].

ingress

No

Array of LoadBalancerIngress objects

Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.

ip

No

String

IP is set for load-balancer ingress points that are IP based.

hostname

No

String

Hostname is set for load-balancer ingress points that are DNS based.

clientIP

No

ClientIPConfig object

clientIP contains the configurations of Client IP based session affinity.

timeoutSeconds

No

Integer

timeoutSeconds specifies the seconds of ClientIP type session sticky time. The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". Default value is 10800(for 3 hours).

kind

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

apiVersion

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

metadata

ListMeta object

Standard list metadata.

items

Array of Service objects

List of services.

apiVersion

No

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

kind

No

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated.

metadata

No

ObjectMeta object

Standard object's metadata.

spec

No

IngressSpec object

Spec is the desired state of the Ingress.

status

No

IngressStatus

Status is the current state of the Ingress.

backend

No

IngressBackend object

A default backend capable of servicing requests that do not match any rule. At least one of backend or rules must be specified. This field is optional to allow the loadbalancer controller or defaulting logic to specify a global default.

rules

No

Array of IngressRule objects

A list of host rules used to configure the Ingress. If unspecified, or no rule matches, all traffic is sent to the default backend.

tls

No

Array of

IngressTLS objects

TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.

loadBalancer

No

loadBalancerStatus object

LoadBalancer contains the current status of the load-balancer.

serviceName

No

String

Specifies the name of the referenced service.

servicePort

No

String

Specifies the port of the referenced service.

hosts

No

Array of strings

Hosts are a list of hosts included in the TLS certificate. The values in this list must match the name/s used in the tlsSecret. Defaults to the wildcard host setting for the loadbalancer controller fulfilling this Ingress, if left unspecified.

secretName

No

String

SecretName is the name of the secret used to terminate SSL traffic on 443. Field is left optional to allow SSL routing based on SNI hostname alone. If the SNI host in a listener conflicts with the "Host" header field used by an IngressRule, the SNI host is used for termination and value of the Host header is used for routing

host

No

String

ost is the fully qualified domain name of a network host, as defined by RFC 3986. Note the following deviations from the "host" part of the URI as defined in the RFC: 1. IPs are not allowed. Currently an IngressRuleValue can only apply to the IP in the Spec of the parent Ingress. 2. The : delimiter is not respected because ports are not allowed. Currently the port of an Ingress is implicitly :80 for http and :443 for https. Both these may change in the future. Incoming requests are matched against the host before the IngressRuleValue. If the host is unspecified, the Ingress routes all traffic based on the specified IngressRuleValue

http

No

IngressRuleValue object

IngressRuleValue represents a rule to route requests for this IngressRule.If unspecified, the rule defaults to an http catch-all. Whether that sends just traffic matching the host to the default backend or all traffic to the default backend, is left to the controller fulfilling the Ingress. Http is currently the only supported IngressRuleValue.

http

No

HTTPIngressRuleValue object

HTTP ingress rule.

paths

No

Array of HTTPIngressPath objects

A collection of paths that map requests to backends.

path

No

String

Path is an extended POSIX regex as defined by IEEE Std 1003.1, (i.e this follows the egrep/unix syntax, not the perl syntax) matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/'. If unspecified, the path defaults to a catch all sending traffic to the backend

backend

Yes

IngressBackend object

Backend defines the referenced service endpoint to which the traffic will be forwarded to

property

Yes

Object

Extension property on the path

ingress

No

Array of LoadBalancerIngress objects

Ingress is a list containing ingress points for the load-balancer. Traffic intended for the service should be sent to these ingress points.

kind

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

apiVersion

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

metadata

ListMeta object

Standard list metadata.

items

Array of Ingress v1beta1 extensions objects

List of Ingress.

apiVersion

Yes

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

kind

Yes

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated.

metadata

Yes

ObjectMeta object

Standard list metadata.

data

Yes

Object

Data contains the configuration data. Each key must consist of alphanumeric characters, '-', '_' or '.'.

value值最大长度为512.

kind

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

apiVersion

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

metadata

ListMeta object

Standard list metadata.

items

Array of Configmap v1 core objects

List of Configmap.

kind

Yes

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

The value of this parameter is Secret.

apiVersion

Yes

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

The value of this parameter is v1.

metadata

Yes

ObjectMeta object

-

data

No

Object

Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here

stringData

No

Object

stringData allows specifying non-binary secret data in string form. It is provided as a write-only convenience method. All keys and values are merged into the data field on write, overwriting any existing values. It is never output when reading from the API

type

No

String

Used to facilitate programmatic handling of secret data.

The primitive k8s supports the following secret types, for details, see 表124.

• Opaque

• kubernetes.io/dockercfg
• kubernetes.io/dockerconfigjson
• kubernetes.io/tls

Opaque

无

secret type Opaque is the default; arbitrary user-defined data

kubernetes.io/dockercfg

.dockercfg

secret type kubernetes.io/dockercfg contains a dockercfg file that follows the same format rules as ~/.dockercfg

kubernetes.io/tls

tls.key

tls.crt

secret type kubernetes.io/tls contains information about a TLS client or server secret. It is primarily used with TLS termination of the Ingress resource, but may be used in other types.

kubernetes.io/dockerconfigjson

.dockerconfigjson

SecretTypeDockerConfigJson contains a dockercfg file that follows the same format rules as ~/.docker/config.json

apiVersion

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

kind

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated.

metadata

ListMeta object

Standard list metadata.

items

Array of Secret v1 core objects

List of Secrets.

kind

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

apiVersion

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

metadata

ListMeta object

Standard list metadata.

items

Array of PersistentVolumeClaim object

A list of persistent volume claims.

apiVersion

String

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values.

kind

String

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase.

count

integer

The number of times this event has occurred.

firstTimestamp

Time

The time at which the event was first recorded. (Time of server receipt is in TypeMeta.)

involvedObject

involvedObject object

The object that this event is about.

lastTimestamp

Time

The time at which the most recent occurrence of this event was recorded.

message

String

A human-readable description of the status of this operation.

metadata

metadata object

Standard object's metadata.

reason

String

This should be a short, machine understandable string that gives the reason for the transition into the object's current status.

source

EventSource object

The component reporting this event. Should be a short machine understandable string.

type

String

Type of this event (Normal, Warning), new types could be added in the future

eventTime

time.Time

Time when this Event was first observed.

Series

EventSerie object

Data about the Event series this event represents or nil if it is a singleton Event.

action

String

What action was taken/failed regarding to the Regarding object.

related

ObjectReference object

Optional secondary object for more complex actions.

reportingComponent

String

Name of the controller that emitted this Event, e.g. `kubernetes.io/kubelet`

reportingInstance

String

ID of the controller instance, e.g. `kubelet-xyzf`.

kind

String

Kind of the referent.

namespace

String

Namespace of the referent.

name

String

Name of the referent.

uid

String

UID of the referent.

apiVersion

String

API version of the referent.

resourceVersion

String

Specific resourceVersion to which this reference is made.