diff --git a/chaoscenter/graphql/server/manifests/cluster/2a_litmus_crds.yaml b/chaoscenter/graphql/server/manifests/cluster/2a_litmus_crds.yaml index 256829fc00a..c3a58a7ad7a 100644 --- a/chaoscenter/graphql/server/manifests/cluster/2a_litmus_crds.yaml +++ b/chaoscenter/graphql/server/manifests/cluster/2a_litmus_crds.yaml @@ -12,114 +12,113 @@ spec: singular: chaosengine scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - x-kubernetes-preserve-unknown-fields: true - type: object - properties: - jobCleanUpPolicy: - type: string - pattern: ^(delete|retain)$ - # alternate ways to do this in case of complex pattern matches - #oneOf: - # - pattern: '^delete$' - # - pattern: '^retain$' - defaultHealthCheck: - type: string - pattern: ^(true|false)$ - appinfo: - type: object - properties: - appkind: - type: string - pattern: ^(^$|deployment|statefulset|daemonset|deploymentconfig|rollout)$ - applabel: - type: string - appns: - type: string - selectors: - type: object - properties: - pods: - items: - properties: - names: - type: string - namespace: - type: string - required: - - names - - namespace - type: object - type: array - workloads: - items: - properties: - kind: - type: string - pattern: ^(^$|deployment|statefulset|daemonset|deploymentconfig|rollout)$ - labels: - type: string - names: - type: string - namespace: - type: string - oneOf: - - required: [ names ] - - required: [ labels ] - required: - - kind - - namespace - type: object - type: array - oneOf: - - required: [ pods ] - - required: [ workloads ] - auxiliaryAppInfo: - type: string - engineState: - type: string - pattern: ^(active|stop)$ - chaosServiceAccount: - type: string - terminationGracePeriodSeconds: - type: integer - components: - type: object - properties: - sidecar: - type: array - items: - type: object - properties: - env: - description: ENV contains ENV passed to the sidecar container - items: - description: EnvVar represents an environment variable - present in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + jobCleanUpPolicy: + type: string + pattern: ^(delete|retain)$ + # alternate ways to do this in case of complex pattern matches + #oneOf: + # - pattern: '^delete$' + # - pattern: '^retain$' + defaultHealthCheck: + type: boolean + appinfo: + type: object + properties: + appkind: + type: string + pattern: ^(^$|deployment|statefulset|daemonset|deploymentconfig|rollout)$ + applabel: + type: string + appns: + type: string + selectors: + type: object + properties: + pods: + items: + properties: + names: + type: string + namespace: + type: string + required: + - names + - namespace + type: object + type: array + workloads: + items: + properties: + kind: + type: string + pattern: ^(^$|deployment|statefulset|daemonset|deploymentconfig|rollout)$ + labels: + type: string + names: + type: string + namespace: + type: string + oneOf: + - required: [ names ] + - required: [ labels ] + required: + - kind + - namespace + type: object + type: array + oneOf: + - required: [ pods ] + - required: [ workloads ] + auxiliaryAppInfo: + type: string + engineState: + type: string + pattern: ^(active|stop)$ + chaosServiceAccount: + type: string + terminationGracePeriodSeconds: + type: integer + components: + type: object + properties: + sidecar: + type: array + items: + type: object + properties: + env: + description: ENV contains ENV passed to the sidecar container + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the @@ -128,293 +127,309 @@ spec: $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the - pod's namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the + pod's namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or - its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: EnvFrom for the sidecar container - items: - description: EnvFromSource represents the source of a - set of ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More info: + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: EnvFrom for the sidecar container + items: + description: EnvFromSource represents the source of a + set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must - be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend to - each key in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More info: + type: string + optional: + description: Specify whether the ConfigMap must + be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to + each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be - defined - type: boolean - type: object - type: object - type: array + type: string + optional: + description: Specify whether the Secret must be + defined + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + secrets: + items: + properties: + mountPath: + type: string + name: + type: string + required: + - mountPath + - name + type: object + type: array + runner: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: image: type: string - imagePullPolicy: + type: type: string - secrets: + pattern: ^(go)$ + runnerAnnotations: + type: object + runnerLabels: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + value: + type: string + minLength: 1 + tolerations: + description: Pod's tolerations. items: + description: The pod with this Toleration tolerates any taint matches the using the matching operator . properties: - mountPath: + effect: + description: Effect to match. Empty means all effects. + type: string + key: + description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. + type: string + operator: + description: Operators are Exists or Equal. Defaults to Equal. type: string - name: + tolerationSeconds: + description: Period of time the toleration tolerates the taint. + format: int64 + type: integer + value: + description: If the operator is Exists, the value should be empty, otherwise just a regular string. type: string - required: - - mountPath - - name type: object type: array - runner: - x-kubernetes-preserve-unknown-fields: true + experiments: + type: array + items: type: object properties: - image: - type: string - type: + name: type: string - pattern: ^(go)$ - runnerAnnotations: + spec: type: object - runnerLabels: - type: object - additionalProperties: - type: string - properties: - key: - type: string - minLength: 1 - value: - type: string - minLength: 1 - tolerations: - description: Pod's tolerations. - items: - description: The pod with this Toleration tolerates any taint matches the using the matching operator . - properties: - effect: - description: Effect to match. Empty means all effects. - type: string - key: - description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. - type: string - operator: - description: Operators are Exists or Equal. Defaults to Equal. - type: string - tolerationSeconds: - description: Period of time the toleration tolerates the taint. - format: int64 - type: integer - value: - description: If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - experiments: - type: array - items: - type: object - properties: - name: - type: string - spec: - type: object - properties: - probe: - type: array - items: - type: object - required: - - runProperties - properties: - name: - type: string - type: - type: string - minLength: 1 - pattern: ^(k8sProbe|httpProbe|cmdProbe|promProbe)$ - k8sProbe/inputs: - type: object - properties: - group: - type: string - version: - type: string - resource: - type: string - namespace: - type: string - resourceNames: - type: string - fieldSelector: - type: string - labelSelector: - type: string - operation: - type: string - pattern: ^(present|absent|create|delete)$ - minLength: 1 - cmdProbe/inputs: - type: object - properties: - command: - type: string - minLength: 1 - comparator: - type: object - properties: - type: - type: string - minLength: 1 - pattern: ^(int|float|string)$ - criteria: - type: string - value: - type: string - source: - description: The external pod where we have to run the - probe commands. It will run the commands inside the experiment pod itself(inline mode) if source contains a nil value - properties: - annotations: - additionalProperties: + properties: + probe: + type: array + items: + type: object + required: + - name + - type + - mode + - runProperties + properties: + name: + type: string + type: + type: string + minLength: 1 + pattern: ^(k8sProbe|httpProbe|cmdProbe|promProbe|sloProbe)$ + k8sProbe/inputs: + type: object + required: + - version + - resource + - operation + properties: + group: + type: string + version: + type: string + resource: + type: string + namespace: + type: string + resourceNames: + type: string + fieldSelector: + type: string + labelSelector: + type: string + operation: + type: string + pattern: ^(present|absent|create|delete)$ + minLength: 1 + cmdProbe/inputs: + type: object + required: + - command + - comparator + properties: + command: + type: string + minLength: 1 + comparator: + type: object + required: + - type + - criteria + - value + properties: + type: type: string - description: Annotations for the source pod - type: object - args: - description: Args for the source pod - items: + minLength: 1 + pattern: ^(int|float|string)$ + criteria: type: string - type: array - command: - description: Command for the source pod - items: + value: type: string - type: array - env: - description: ENVList contains ENV passed to - the source pod - items: - description: EnvVar represents an environment - variable present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) + source: + description: The external pod where we have to run the + probe commands. It will run the commands inside the experiment pod itself(inline mode) if source contains a nil value + required: + - image + properties: + annotations: + additionalProperties: + type: string + description: Annotations for the source pod + type: object + args: + description: Args for the source pod + items: + type: string + type: array + command: + description: Command for the source pod + items: + type: string + type: array + env: + description: ENVList contains ENV passed to + the source pod + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. @@ -425,209 +440,209 @@ spec: Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment - variable's value. Cannot be used if - value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. + type: string + valueFrom: + description: Source for the environment + variable's value. Cannot be used if + value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the - ConfigMap or its key must be - defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the + type: string + optional: + description: Specify whether the + ConfigMap or its key must be + defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP.' - properties: - apiVersion: - description: Version of the schema - the FieldPath is written in - terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field - to select in the specified API - version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in + terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified API + version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' - type: string - divisor: - description: Specifies the output - format of the exposed resources, - defaults to "1" - type: string - resource: - description: 'Required: resource + type: string + divisor: + description: Specifies the output + format of the exposed resources, + defaults to "1" + type: string + resource: + description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret - in the pod's namespace - properties: - key: - description: The key of the secret - to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the - Secret or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - hostNetwork: - description: HostNetwork define the hostNetwork - of the external pod it supports boolean values - and default value is false - type: boolean - inheritInputs: - description: InheritInputs define to inherit experiment - details in probe pod it supports boolean values - and default value is false. - type: boolean - image: - description: Image for the source pod - type: string - imagePullPolicy: - description: ImagePullPolicy for the source pod - type: string - imagePullSecrets: - description: ImagePullSecrets for source pod - items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. - properties: - name: - description: 'Name of the referent' - type: string - type: object - type: array - labels: - additionalProperties: + type: string + optional: + description: Specify whether the + Secret or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + hostNetwork: + description: HostNetwork define the hostNetwork + of the external pod it supports boolean values + and default value is false + type: boolean + inheritInputs: + description: InheritInputs define to inherit experiment + details in probe pod it supports boolean values + and default value is false. + type: boolean + image: + description: Image for the source pod type: string - description: Labels for the source pod - type: object - nodeSelector: - additionalProperties: + imagePullPolicy: + description: ImagePullPolicy for the source pod type: string - description: NodeSelector for the source pod - type: object - privileged: - description: Privileged for the source pod - type: boolean - volumeMount: - description: VolumesMount for the source pod - items: - description: VolumeMount describes a mounting - of a Volume within a container. - properties: - mountPath: - description: Path within the container - at which the volume should be mounted. Must - not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines - how mounts are propagated from the host - to container and the other way around. - When not set, MountPropagationNone is - used. This field is beta in 1.10. - type: string - name: - description: This must match the Name - of a Volume. - type: string - readOnly: - description: Mounted read-only if true, - read-write otherwise (false or unspecified). - Defaults to false. - type: boolean - subPath: - description: Path within the volume from - which the container's volume should - be mounted. Defaults to "" (volume's - root). - type: string - subPathExpr: - description: Expanded path within the - volume from which the container's volume - should be mounted. Behaves similarly - to SubPath but environment variable - references $(VAR_NAME) are expanded - using the container's environment. Defaults - to "" (volume's root). SubPathExpr and - SubPath are mutually exclusive. This - field is beta in 1.15. - type: string - required: - - mountPath - - name + imagePullSecrets: + description: ImagePullSecrets for source pod + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent' + type: string + type: object + type: array + labels: + additionalProperties: + type: string + description: Labels for the source pod type: object - type: array - volumes: - description: Volumes for the source pod - items: - description: Volume represents a named volume - in a pod that may be accessed by any container - in the pod. - properties: - awsElasticBlockStore: - description: 'AWSElasticBlockStore represents + nodeSelector: + additionalProperties: + type: string + description: NodeSelector for the source pod + type: object + privileged: + description: Privileged for the source pod + type: boolean + volumeMount: + description: VolumesMount for the source pod + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: Path within the container + at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines + how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is + used. This field is beta in 1.10. + type: string + name: + description: This must match the Name + of a Volume. + type: string + readOnly: + description: Mounted read-only if true, + read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: Path within the volume from + which the container's volume should + be mounted. Defaults to "" (volume's + root). + type: string + subPathExpr: + description: Expanded path within the + volume from which the container's volume + should be mounted. Behaves similarly + to SubPath but environment variable + references $(VAR_NAME) are expanded + using the container's environment. Defaults + to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. This + field is beta in 1.15. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes for the source pod + items: + description: Volume represents a named volume + in a pod that may be accessed by any container + in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents an AWS Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'Filesystem type of the + properties: + fsType: + description: 'Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating @@ -638,9 +653,9 @@ spec: TODO: how do we prevent errors in the filesystem from compromising the machine' - type: string - partition: - description: 'The partition in the + type: string + partition: + description: 'The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume @@ -648,182 +663,182 @@ spec: as "1". Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty).' - format: int32 - type: integer - readOnly: - description: 'Specify "true" to force + format: int32 + type: integer + readOnly: + description: 'Specify "true" to force and set the ReadOnly property in VolumeMounts to "true". If omitted, the default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'Unique ID of the persistent + type: boolean + volumeID: + description: 'Unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: AzureDisk represents an Azure - Data Disk mount on the host and bind - mount to the pod. - properties: - cachingMode: - description: 'Host Caching mode: None, + type: string + required: + - volumeID + type: object + azureDisk: + description: AzureDisk represents an Azure + Data Disk mount on the host and bind + mount to the pod. + properties: + cachingMode: + description: 'Host Caching mode: None, Read Only, Read Write.' - type: string - diskName: - description: The Name of the data - disk in the blob storage - type: string - diskURI: - description: The URI the data disk - in the blob storage - type: string - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - type: string - kind: - description: 'Expected values Shared: + type: string + diskName: + description: The Name of the data + disk in the blob storage + type: string + diskURI: + description: The URI the data disk + in the blob storage + type: string + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + kind: + description: 'Expected values Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared' - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: AzureFile represents an Azure - File Service mount on the host and bind - mount to the pod. - properties: - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretName: - description: the name of secret that - contains Azure Storage Account Name - and Key - type: string - shareName: - description: Share Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: CephFS represents a Ceph - FS mount on the host that shares a pod's - lifetime - properties: - monitors: - description: 'Required: Monitors is + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: AzureFile represents an Azure + File Service mount on the host and bind + mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that + contains Azure Storage Account Name + and Key + type: string + shareName: + description: Share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: CephFS represents a Ceph + FS mount on the host that shares a pod's + lifetime + properties: + monitors: + description: 'Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: - type: string - type: array - path: - description: 'Optional: Used as the + items: + type: string + type: array + path: + description: 'Optional: Used as the mounted root, rather than the full Ceph tree, default is /' - type: string - readOnly: - description: 'Optional: Defaults to + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'Optional: SecretFile + type: boolean + secretFile: + description: 'Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - secretRef: - description: 'Optional: SecretRef + type: string + secretRef: + description: 'Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'Optional: User is the + type: string + type: object + user: + description: 'Optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - required: - - monitors - type: object - cinder: - description: 'Cinder represents a cinder + type: string + required: + - monitors + type: object + cinder: + description: 'Cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - properties: - fsType: - description: 'Filesystem type to mount. + properties: + fsType: + description: 'Filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - readOnly: - description: 'Optional: Defaults to + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'Optional: points to + type: boolean + secretRef: + description: 'Optional: points to a secret object containing parameters used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - volumeID: - description: 'volume id used to identify + type: string + type: object + volumeID: + description: 'volume id used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - required: - - volumeID - type: object - configMap: - description: ConfigMap represents a configMap - that should populate this volume - properties: - defaultMode: - description: 'Optional: mode bits + type: string + required: + - volumeID + type: object + configMap: + description: ConfigMap represents a configMap + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within @@ -832,33 +847,33 @@ spec: with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - format: int32 - type: integer - items: - description: If unspecified, each - key-value pair in the Data field - of the referenced ConfigMap will - be projected into the volume as - a file whose name is the key and - content is the value. If specified, - the listed keys will be projected - into the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the ConfigMap, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + format: int32 + type: integer items: - description: Maps a string key to - a path within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode + description: If unspecified, each + key-value pair in the Data field + of the referenced ConfigMap will + be projected into the volume as + a file whose name is the key and + content is the value. If specified, + the listed keys will be projected + into the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the ConfigMap, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, @@ -868,95 +883,95 @@ spec: that affect the file mode, like fsGroup, and the result can be other mode bits set.' - format: int32 - type: integer - path: - description: The relative path - of the file to map the key - to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. + format: int32 + type: integer + path: + description: The relative path + of the file to map the key + to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap - or its keys must be defined - type: boolean - type: object - csi: - description: CSI (Container Storage Interface) - represents storage that is handled by - an external CSI driver (Alpha feature). - properties: - driver: - description: Driver is the name of - the CSI driver that handles this - volume. Consult with your admin - for the correct name as registered - in the cluster. - type: string - fsType: - description: Filesystem type to mount. - Ex. "ext4", "xfs", "ntfs". If not - provided, the empty value is passed - to the associated CSI driver which - will determine the default filesystem - to apply. - type: string - nodePublishSecretRef: - description: NodePublishSecretRef - is a reference to the secret object - containing sensitive information - to pass to the CSI driver to complete - the CSI NodePublishVolume and NodeUnpublishVolume - calls. This field is optional, and may - be empty if no secret is required. - If the secret object contains more - than one secret, all secret references - are passed. - properties: - name: - description: 'Name of the referent. + type: string + optional: + description: Specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + csi: + description: CSI (Container Storage Interface) + represents storage that is handled by + an external CSI driver (Alpha feature). + properties: + driver: + description: Driver is the name of + the CSI driver that handles this + volume. Consult with your admin + for the correct name as registered + in the cluster. + type: string + fsType: + description: Filesystem type to mount. + Ex. "ext4", "xfs", "ntfs". If not + provided, the empty value is passed + to the associated CSI driver which + will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef + is a reference to the secret object + containing sensitive information + to pass to the CSI driver to complete + the CSI NodePublishVolume and NodeUnpublishVolume + calls. This field is optional, and may + be empty if no secret is required. + If the secret object contains more + than one secret, all secret references + are passed. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + readOnly: + description: Specifies a read-only + configuration for the volume. Defaults + to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: type: string - type: object - readOnly: - description: Specifies a read-only - configuration for the volume. Defaults - to false (read/write). - type: boolean - volumeAttributes: - additionalProperties: - type: string - description: VolumeAttributes stores - driver-specific properties that - are passed to the CSI driver. Consult - your driver's documentation for - supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: DownwardAPI represents downward - API about the pod that should populate - this volume - properties: - defaultMode: - description: 'Optional: mode bits + description: VolumeAttributes stores + driver-specific properties that + are passed to the CSI driver. Consult + your driver's documentation for + supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward + API about the pod that should populate + this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within @@ -965,38 +980,38 @@ spec: with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - format: int32 - type: integer - items: - description: Items is a list of downward - API volume file + format: int32 + type: integer items: - description: DownwardAPIVolumeFile - represents information to create - the file containing the pod field - properties: - fieldRef: - description: 'Required: Selects + description: Items is a list of downward + API volume file + items: + description: DownwardAPIVolumeFile + represents information to create + the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' - properties: - apiVersion: - description: Version of - the schema the FieldPath - is written in terms of, - defaults to "v1". - type: string - fieldPath: - description: Path of the - field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode + properties: + apiVersion: + description: Version of + the schema the FieldPath + is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the + field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, @@ -1006,10 +1021,10 @@ spec: that affect the file mode, like fsGroup, and the result can be other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path + format: int32 + type: integer + path: + description: 'Required: Path is the relative path name of the file to be created. Must not be absolute or contain @@ -1017,53 +1032,53 @@ spec: encoded. The first item of the relative path must not start with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource + type: string + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.' - properties: - containerName: - description: 'Container + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' - type: string - divisor: - description: Specifies the - output format of the exposed - resources, defaults to - "1" - type: string - resource: - description: 'Required: + type: string + divisor: + description: Specifies the + output format of the exposed + resources, defaults to + "1" + type: string + resource: + description: 'Required: resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - description: 'EmptyDir represents a temporary + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary directory that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'What type of storage + properties: + medium: + description: 'What type of storage medium should back this directory. The default is "" which means to use the node''s default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - description: 'Total amount of local + type: string + sizeLimit: + description: 'Total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage @@ -1074,16 +1089,16 @@ spec: in a pod. The default is nil which means that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - type: string - type: object - fc: - description: FC represents a Fibre Channel - resource that is attached to a kubelet's - host machine and then exposed to the - pod. - properties: - fsType: - description: 'Filesystem type to mount. + type: string + type: object + fc: + description: FC represents a Fibre Channel + resource that is attached to a kubelet's + host machine and then exposed to the + pod. + properties: + fsType: + description: 'Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. "ext4", "xfs", "ntfs". Implicitly @@ -1091,65 +1106,65 @@ spec: TODO: how do we prevent errors in the filesystem from compromising the machine' - type: string - lun: - description: 'Optional: FC target + type: string + lun: + description: 'Optional: FC target lun number' - format: int32 - type: integer - readOnly: - description: 'Optional: Defaults to + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'Optional: FC target + type: boolean + targetWWNs: + description: 'Optional: FC target worldwide names (WWNs)' - items: - type: string - type: array - wwids: - description: 'Optional: FC volume + items: + type: string + type: array + wwids: + description: 'Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously.' - items: + items: + type: string + type: array + type: object + flexVolume: + description: FlexVolume represents a generic + volume resource that is provisioned/attached + using an exec based plugin. + properties: + driver: + description: Driver is the name of + the driver to use for this volume. type: string - type: array - type: object - flexVolume: - description: FlexVolume represents a generic - volume resource that is provisioned/attached - using an exec based plugin. - properties: - driver: - description: Driver is the name of - the driver to use for this volume. - type: string - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - "ext4", "xfs", "ntfs". The default - filesystem depends on FlexVolume - script. - type: string - options: - additionalProperties: - type: string - description: 'Optional: Extra command + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". The default + filesystem depends on FlexVolume + script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command options if any.' - type: object - readOnly: - description: 'Optional: Defaults to + type: object + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'Optional: SecretRef + type: boolean + secretRef: + description: 'Optional: SecretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This @@ -1158,43 +1173,43 @@ spec: contains more than one secret, all secrets are passed to the plugin scripts.' - properties: - name: - description: 'Name of the referent. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - required: - - driver - type: object - flocker: - description: Flocker represents a Flocker - volume attached to a kubelet's host - machine. This depends on the Flocker - control service being running - properties: - datasetName: - description: Name of the dataset stored - as metadata -> name on the dataset - for Flocker should be considered - as deprecated - type: string - datasetUUID: - description: UUID of the dataset. - This is unique identifier of a Flocker - dataset - type: string - type: object - gcePersistentDisk: - description: 'GCEPersistentDisk represents + type: string + type: object + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker + volume attached to a kubelet's host + machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: Name of the dataset stored + as metadata -> name on the dataset + for Flocker should be considered + as deprecated + type: string + datasetUUID: + description: UUID of the dataset. + This is unique identifier of a Flocker + dataset + type: string + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'Filesystem type of the + properties: + fsType: + description: 'Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating @@ -1205,9 +1220,9 @@ spec: TODO: how do we prevent errors in the filesystem from compromising the machine' - type: string - partition: - description: 'The partition in the + type: string + partition: + description: 'The partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume @@ -1216,75 +1231,75 @@ spec: for /dev/sda is "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'Unique name of the PD + format: int32 + type: integer + pdName: + description: 'Unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'ReadOnly here will force + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'GitRepo represents a git + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod''s container.' - properties: - directory: - description: Target directory name. - Must not contain or start with '..'. If - '.' is supplied, the volume directory - will be the git repository. Otherwise, - if specified, the volume will contain - the git repository in the subdirectory - with the given name. - type: string - repository: - description: Repository URL - type: string - revision: - description: Commit hash for the specified - revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'Glusterfs represents a Glusterfs + properties: + directory: + description: Target directory name. + Must not contain or start with '..'. If + '.' is supplied, the volume directory + will be the git repository. Otherwise, + if specified, the volume will contain + the git repository in the subdirectory + with the given name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs mount on the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'EndpointsName is the + properties: + endpoints: + description: 'EndpointsName is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'Path is the Glusterfs + type: string + path: + description: 'Path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'ReadOnly here will force + type: string + readOnly: + description: 'ReadOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'HostPath represents a pre-existing + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents @@ -1292,40 +1307,40 @@ spec: allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - # TODO(jonesdl) We need to restrict + ### TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.' - properties: - path: - description: 'Path of the directory + properties: + path: + description: 'Path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'Type for HostPath Volume + type: string + type: + description: 'Type for HostPath Volume Defaults to "" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'ISCSI represents an ISCSI + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI Disk resource that is attached to a kubelet''s host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: whether support iSCSI - Discovery CHAP authentication - type: boolean - chapAuthSession: - description: whether support iSCSI - Session CHAP authentication - type: boolean - fsType: - description: 'Filesystem type of the + properties: + chapAuthDiscovery: + description: whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: 'Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating @@ -1336,214 +1351,214 @@ spec: TODO: how do we prevent errors in the filesystem from compromising the machine' - type: string - initiatorName: - description: Custom iSCSI Initiator - Name. If initiatorName is specified - with iscsiInterface simultaneously, - new iSCSI interface : will be created for the connection. - type: string - iqn: - description: Target iSCSI Qualified - Name. - type: string - iscsiInterface: - description: iSCSI Interface Name - that uses an iSCSI transport. Defaults - to 'default' (tcp). - type: string - lun: - description: iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: iSCSI Target Portal List. - The portal is either an IP or ip_addr:port - if the port is other than default - (typically TCP ports 860 and 3260). - items: type: string - type: array - readOnly: - description: ReadOnly here will force - the ReadOnly setting in VolumeMounts. - Defaults to false. - type: boolean - secretRef: - description: CHAP Secret for iSCSI - target and initiator authentication - properties: - name: - description: 'Name of the referent. + initiatorName: + description: Custom iSCSI Initiator + Name. If initiatorName is specified + with iscsiInterface simultaneously, + new iSCSI interface : will be created for the connection. + type: string + iqn: + description: Target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: iSCSI Interface Name + that uses an iSCSI transport. Defaults + to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. + The portal is either an IP or ip_addr:port + if the port is other than default + (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: ReadOnly here will force + the ReadOnly setting in VolumeMounts. + Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - targetPortal: - description: iSCSI Target Portal. - The Portal is either an IP or ip_addr:port - if the port is other than default - (typically TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'Volume''s name. Must be + type: string + type: object + targetPortal: + description: iSCSI Target Portal. + The Portal is either an IP or ip_addr:port + if the port is other than default + (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'Volume''s name. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'NFS represents an NFS mount + type: string + nfs: + description: 'NFS represents an NFS mount on the host that shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'Path that is exported + properties: + path: + description: 'Path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'ReadOnly here will force + type: string + readOnly: + description: 'ReadOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'Server is the hostname + type: boolean + server: + description: 'Server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'PersistentVolumeClaimVolumeSource + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'ClaimName is the name + properties: + claimName: + description: 'ClaimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: Will force the ReadOnly - setting in VolumeMounts. Default - false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: PhotonPersistentDisk represents - a PhotonController persistent disk attached - and mounted on kubelets host machine - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - type: string - pdID: - description: ID that identifies Photon - Controller persistent disk - type: string - required: - - pdID - type: object - portworxVolume: - description: PortworxVolume represents - a portworx volume attached and mounted - on kubelets host machine - properties: - fsType: - description: FSType represents the - filesystem type to mount Must be - a filesystem type supported by the - host operating system. Ex. "ext4", - "xfs". Implicitly inferred to be - "ext4" if unspecified. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - volumeID: - description: VolumeID uniquely identifies - a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: Items for all in one resources - secrets, configmaps, and downward API - properties: - defaultMode: - description: Mode bits to use on created - files by default. Must be a value - between 0 and 0777. Directories - within the path are not affected - by this setting. This might be in - conflict with other options that - affect the file mode, like fsGroup, - and the result can be other mode - bits set. - format: int32 - type: integer - sources: - description: list of volume projections - items: - description: Projection that may - be projected along with other - supported volume types - properties: - configMap: - description: information about - the configMap data to project - properties: - items: - description: If unspecified, - each key-value pair in - the Data field of the - referenced ConfigMap will - be projected into the - volume as a file whose - name is the key and content - is the value. If specified, - the listed keys will be - projected into the specified - paths, and unlisted keys - will not be present. If - a key is specified which - is not present in the - ConfigMap, the volume - setup will error unless - it is marked optional. - Paths must be relative - and may not contain the - '..' path or start with - '..'. + type: string + readOnly: + description: Will force the ReadOnly + setting in VolumeMounts. Default + false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: PhotonPersistentDisk represents + a PhotonController persistent disk attached + and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + pdID: + description: ID that identifies Photon + Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents + a portworx volume attached and mounted + on kubelets host machine + properties: + fsType: + description: FSType represents the + filesystem type to mount Must be + a filesystem type supported by the + host operating system. Ex. "ext4", + "xfs". Implicitly inferred to be + "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies + a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: Mode bits to use on created + files by default. Must be a value + between 0 and 0777. Directories + within the path are not affected + by this setting. This might be in + conflict with other options that + affect the file mode, like fsGroup, + and the result can be other mode + bits set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may + be projected along with other + supported volume types + properties: + configMap: + description: information about + the configMap data to project + properties: items: - description: Maps a string - key to a path within - a volume. - properties: - key: - description: The key - to project. - type: string - mode: - description: 'Optional: + description: If unspecified, + each key-value pair in + the Data field of the + referenced ConfigMap will + be projected into the + volume as a file whose + name is the key and content + is the value. If specified, + the listed keys will be + projected into the specified + paths, and unlisted keys + will not be present. If + a key is specified which + is not present in the + ConfigMap, the volume + setup will error unless + it is marked optional. + Paths must be relative + and may not contain the + '..' path or start with + '..'. + items: + description: Maps a string + key to a path within + a volume. + properties: + key: + description: The key + to project. + type: string + mode: + description: 'Optional: mode bits to use on this file, must be a value between @@ -1558,79 +1573,79 @@ spec: and the result can be other mode bits set.' - format: int32 - type: integer - path: - description: The relative - path of the file - to map the key to. - May not be an absolute - path. May not contain - the path element - '..'. May not start - with the string - '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the + format: int32 + type: integer + path: + description: The relative + path of the file + to map the key to. + May not be an absolute + path. May not contain + the path element + '..'. May not start + with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether - the ConfigMap or its keys - must be defined - type: boolean - type: object - downwardAPI: - description: information about - the downwardAPI data to project - properties: - items: - description: Items is a - list of DownwardAPIVolume - file + type: string + optional: + description: Specify whether + the ConfigMap or its keys + must be defined + type: boolean + type: object + downwardAPI: + description: information about + the downwardAPI data to project + properties: items: - description: DownwardAPIVolumeFile - represents information - to create the file containing - the pod field - properties: - fieldRef: - description: 'Required: + description: Items is a + list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile + represents information + to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.' - properties: - apiVersion: - description: Version - of the schema - the FieldPath - is written in - terms of, defaults - to "v1". - type: string - fieldPath: - description: Path - of the field - to select in - the specified - API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: + properties: + apiVersion: + description: Version + of the schema + the FieldPath + is written in + terms of, defaults + to "v1". + type: string + fieldPath: + description: Path + of the field + to select in + the specified + API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits to use on this file, must be a value between @@ -1645,10 +1660,10 @@ spec: and the result can be other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: + format: int32 + type: integer + path: + description: 'Required: Path is the relative path name of the file to be created. @@ -1659,9 +1674,9 @@ spec: item of the relative path must not start with ''..''' - type: string - resourceFieldRef: - description: 'Selects + type: string + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits @@ -1669,70 +1684,70 @@ spec: limits.memory, requests.cpu and requests.memory) are currently supported.' - properties: - containerName: - description: 'Container + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' - type: string - divisor: - description: Specifies - the output format - of the exposed - resources, defaults - to "1" - type: string - resource: - description: 'Required: + type: string + divisor: + description: Specifies + the output format + of the exposed + resources, defaults + to "1" + type: string + resource: + description: 'Required: resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: information about - the secret data to project - properties: - items: - description: If unspecified, - each key-value pair in - the Data field of the - referenced Secret will - be projected into the - volume as a file whose - name is the key and content - is the value. If specified, - the listed keys will be - projected into the specified - paths, and unlisted keys - will not be present. If - a key is specified which - is not present in the - Secret, the volume setup - will error unless it is - marked optional. Paths - must be relative and may - not contain the '..' path - or start with '..'. + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about + the secret data to project + properties: items: - description: Maps a string - key to a path within - a volume. - properties: - key: - description: The key - to project. - type: string - mode: - description: 'Optional: + description: If unspecified, + each key-value pair in + the Data field of the + referenced Secret will + be projected into the + volume as a file whose + name is the key and content + is the value. If specified, + the listed keys will be + projected into the specified + paths, and unlisted keys + will not be present. If + a key is specified which + is not present in the + Secret, the volume setup + will error unless it is + marked optional. Paths + must be relative and may + not contain the '..' path + or start with '..'. + items: + description: Maps a string + key to a path within + a volume. + properties: + key: + description: The key + to project. + type: string + mode: + description: 'Optional: mode bits to use on this file, must be a value between @@ -1747,139 +1762,139 @@ spec: and the result can be other mode bits set.' - format: int32 - type: integer - path: - description: The relative - path of the file - to map the key to. - May not be an absolute - path. May not contain - the path element - '..'. May not start - with the string - '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the + format: int32 + type: integer + path: + description: The relative + path of the file + to map the key to. + May not be an absolute + path. May not contain + the path element + '..'. May not start + with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether - the Secret or its key - must be defined - type: boolean - type: object - serviceAccountToken: - description: information about - the serviceAccountToken data - to project - properties: - audience: - description: Audience is - the intended audience - of the token. A recipient - of a token must identify - itself with an identifier - specified in the audience - of the token, and otherwise - should reject the token. - The audience defaults - to the identifier of the - apiserver. - type: string - expirationSeconds: - description: ExpirationSeconds - is the requested duration - of validity of the service - account token. As the - token approaches expiration, - the kubelet volume plugin - will proactively rotate - the service account token. - The kubelet will start - trying to rotate the token - if the token is older - than 80 percent of its - time to live or if the - token is older than 24 - hours.Defaults to 1 hour - and must be at least 10 - minutes. - format: int64 - type: integer - path: - description: Path is the - path relative to the mount - point of the file to project - the token into. - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - description: Quobyte represents a Quobyte - mount on the host that shares a pod's - lifetime - properties: - group: - description: Group to map volume access - to Default is no group - type: string - readOnly: - description: ReadOnly here will force - the Quobyte volume to be mounted - with read-only permissions. Defaults - to false. - type: boolean - registry: - description: Registry represents a - single or multiple Quobyte Registry - services specified as a string as - host:port pair (multiple entries - are separated with commas) which - acts as the central registry for - volumes - type: string - tenant: - description: Tenant owning the given - Quobyte volume in the Backend Used - with dynamically provisioned Quobyte - volumes, value is set by the plugin - type: string - user: - description: User to map volume access - to Defaults to serivceaccount user - type: string - volume: - description: Volume is a string that - references an already created Quobyte - volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'RBD represents a Rados Block + type: string + optional: + description: Specify whether + the Secret or its key + must be defined + type: boolean + type: object + serviceAccountToken: + description: information about + the serviceAccountToken data + to project + properties: + audience: + description: Audience is + the intended audience + of the token. A recipient + of a token must identify + itself with an identifier + specified in the audience + of the token, and otherwise + should reject the token. + The audience defaults + to the identifier of the + apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds + is the requested duration + of validity of the service + account token. As the + token approaches expiration, + the kubelet volume plugin + will proactively rotate + the service account token. + The kubelet will start + trying to rotate the token + if the token is older + than 80 percent of its + time to live or if the + token is older than 24 + hours.Defaults to 1 hour + and must be at least 10 + minutes. + format: int64 + type: integer + path: + description: Path is the + path relative to the mount + point of the file to project + the token into. + type: string + required: + - path + type: object + type: object + type: array + required: + - sources + type: object + quobyte: + description: Quobyte represents a Quobyte + mount on the host that shares a pod's + lifetime + properties: + group: + description: Group to map volume access + to Default is no group + type: string + readOnly: + description: ReadOnly here will force + the Quobyte volume to be mounted + with read-only permissions. Defaults + to false. + type: boolean + registry: + description: Registry represents a + single or multiple Quobyte Registry + services specified as a string as + host:port pair (multiple entries + are separated with commas) which + acts as the central registry for + volumes + type: string + tenant: + description: Tenant owning the given + Quobyte volume in the Backend Used + with dynamically provisioned Quobyte + volumes, value is set by the plugin + type: string + user: + description: User to map volume access + to Defaults to serivceaccount user + type: string + volume: + description: Volume is a string that + references an already created Quobyte + volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block Device mount on the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'Filesystem type of the + properties: + fsType: + description: 'Filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating @@ -1890,129 +1905,129 @@ spec: TODO: how do we prevent errors in the filesystem from compromising the machine' - type: string - image: - description: 'The rados image name. + type: string + image: + description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'Keyring is the path + type: string + keyring: + description: 'Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'A collection of Ceph - monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - items: type: string - type: array - pool: - description: 'The rados pool name. + monitors: + description: 'A collection of Ceph + monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'The rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'ReadOnly here will force + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'SecretRef is name of + type: boolean + secretRef: + description: 'SecretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'The rados user name. + type: string + type: object + user: + description: 'The rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: ScaleIO represents a ScaleIO - persistent volume attached and mounted - on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - "ext4", "xfs", "ntfs". Default is - "xfs". - type: string - gateway: - description: The host address of the - ScaleIO API Gateway. - type: string - protectionDomain: - description: The name of the ScaleIO - Protection Domain for the configured - storage. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef references - to the secret for ScaleIO user and - other sensitive information. If - this is not provided, Login operation - will fail. - properties: - name: - description: 'Name of the referent. + type: string + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO + persistent volume attached and mounted + on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Default is + "xfs". + type: string + gateway: + description: The host address of the + ScaleIO API Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO + Protection Domain for the configured + storage. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references + to the secret for ScaleIO user and + other sensitive information. If + this is not provided, Login operation + will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - sslEnabled: - description: Flag to enable/disable - SSL communication with Gateway, - default false - type: boolean - storageMode: - description: Indicates whether the - storage for a volume should be ThickProvisioned - or ThinProvisioned. Default is ThinProvisioned. - type: string - storagePool: - description: The ScaleIO Storage Pool - associated with the protection domain. - type: string - system: - description: The name of the storage - system as configured in ScaleIO. - type: string - volumeName: - description: The name of a volume - already created in the ScaleIO system - that is associated with this volume - source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'Secret represents a secret + type: string + type: object + sslEnabled: + description: Flag to enable/disable + SSL communication with Gateway, + default false + type: boolean + storageMode: + description: Indicates whether the + storage for a volume should be ThickProvisioned + or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: The ScaleIO Storage Pool + associated with the protection domain. + type: string + system: + description: The name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: The name of a volume + already created in the ScaleIO system + that is associated with this volume + source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'Optional: mode bits + properties: + defaultMode: + description: 'Optional: mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within @@ -2021,33 +2036,33 @@ spec: with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.' - format: int32 - type: integer - items: - description: If unspecified, each - key-value pair in the Data field - of the referenced Secret will be - projected into the volume as a file - whose name is the key and content - is the value. If specified, the - listed keys will be projected into - the specified paths, and unlisted - keys will not be present. If a key - is specified which is not present - in the Secret, the volume setup - will error unless it is marked optional. - Paths must be relative and may not - contain the '..' path or start with - '..'. + format: int32 + type: integer items: - description: Maps a string key to - a path within a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode + description: If unspecified, each + key-value pair in the Data field + of the referenced Secret will be + projected into the volume as a file + whose name is the key and content + is the value. If specified, the + listed keys will be projected into + the specified paths, and unlisted + keys will not be present. If a key + is specified which is not present + in the Secret, the volume setup + will error unless it is marked optional. + Paths must be relative and may not + contain the '..' path or start with + '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on this file, must be a value between 0 and 0777. If not specified, @@ -2057,232 +2072,339 @@ spec: that affect the file mode, like fsGroup, and the result can be other mode bits set.' - format: int32 - type: integer - path: - description: The relative path - of the file to map the key - to. May not be an absolute - path. May not contain the - path element '..'. May not - start with the string '..'. - type: string - required: - - key - - path - type: object - type: array - optional: - description: Specify whether the Secret - or its keys must be defined - type: boolean - secretName: - description: 'Name of the secret in + format: int32 + type: integer + path: + description: The relative path + of the file to map the key + to. May not be an absolute + path. May not contain the + path element '..'. May not + start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret + or its keys must be defined + type: boolean + secretName: + description: 'Name of the secret in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: StorageOS represents a StorageOS - volume attached and mounted on Kubernetes - nodes. - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - type: string - readOnly: - description: Defaults to false (read/write). - ReadOnly here will force the ReadOnly - setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef specifies the - secret to use for obtaining the - StorageOS API credentials. If not - specified, default values will be - attempted. - properties: - name: - description: 'Name of the referent. + type: string + type: object + storageos: + description: StorageOS represents a StorageOS + volume attached and mounted on Kubernetes + nodes. + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). + ReadOnly here will force the ReadOnly + setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the + secret to use for obtaining the + StorageOS API credentials. If not + specified, default values will be + attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - volumeName: - description: VolumeName is the human-readable - name of the StorageOS volume. Volume - names are only unique within a namespace. - type: string - volumeNamespace: - description: VolumeNamespace specifies - the scope of the volume within StorageOS. If - no namespace is specified then the - Pod's namespace will be used. This - allows the Kubernetes name scoping - to be mirrored within StorageOS - for tighter integration. Set VolumeName - to any name to override the default - behaviour. Set to "default" if you - are not using namespaces within - StorageOS. Namespaces that do not - pre-exist within StorageOS will - be created. - type: string - type: object - vsphereVolume: - description: VsphereVolume represents - a vSphere volume attached and mounted - on kubelets host machine - properties: - fsType: - description: Filesystem type to mount. - Must be a filesystem type supported - by the host operating system. Ex. - "ext4", "xfs", "ntfs". Implicitly - inferred to be "ext4" if unspecified. - type: string - storagePolicyID: - description: Storage Policy Based - Management (SPBM) profile ID associated - with the StoragePolicyName. - type: string - storagePolicyName: - description: Storage Policy Based - Management (SPBM) profile name. - type: string - volumePath: - description: Path that identifies - vSphere volume vmdk - type: string - required: - - volumePath - type: object + type: string + type: object + volumeName: + description: VolumeName is the human-readable + name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies + the scope of the volume within StorageOS. If + no namespace is specified then the + Pod's namespace will be used. This + allows the Kubernetes name scoping + to be mirrored within StorageOS + for tighter integration. Set VolumeName + to any name to override the default + behaviour. Set to "default" if you + are not using namespaces within + StorageOS. Namespaces that do not + pre-exist within StorageOS will + be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents + a vSphere volume attached and mounted + on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. + Must be a filesystem type supported + by the host operating system. Ex. + "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based + Management (SPBM) profile ID associated + with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: Path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + httpProbe/inputs: + type: object + required: + - url + - method + properties: + url: + type: string + minLength: 1 + insecureSkipVerify: + type: boolean + method: + type: object + minProperties: 1 + properties: + get: + type: object required: - - name + - criteria + - responseCode + properties: + criteria: + type: string + minLength: 1 + responseCode: + type: string + minLength: 1 + post: type: object - type: array - type: object - httpProbe/inputs: - type: object - properties: - url: - type: string - minLength: 1 - insecureSkipVerify: - type: boolean - method: - type: object - minProperties: 1 - properties: - get: - type: object - properties: - criteria: - type: string - minLength: 1 - responseCode: - type: string - minLength: 1 - post: - type: object - properties: - contentType: - type: string - minLength: 1 - body: - type: string - bodyPath: - type: string - criteria: - type: string - minLength: 1 - responseCode: - type: string - minLength: 1 - promProbe/inputs: - type: object - properties: - endpoint: - type: string - query: - type: string - queryPath: - type: string - comparator: - type: object - properties: - criteria: - type: string - value: - type: string - runProperties: + required: + - criteria + - responseCode + properties: + contentType: + type: string + minLength: 1 + body: + type: string + bodyPath: + type: string + criteria: + type: string + minLength: 1 + responseCode: + type: string + minLength: 1 + promProbe/inputs: + type: object + required: + - endpoint + - comparator + properties: + endpoint: + type: string + query: + type: string + queryPath: + type: string + comparator: + type: object + required: + - criteria + - value + properties: + criteria: + type: string + value: + type: string + runProperties: + type: object + minProperties: 2 + required: + - probeTimeout + - interval + properties: + evaluationTimeout: + type: string + probeTimeout: + type: string + interval: + type: string + retry: + type: integer + attempt: + type: integer + probePollingInterval: + type: string + initialDelaySeconds: + type: integer + initialDelay: + type: string + stopOnFailure: + type: boolean + sloProbe/inputs: + description: inputs needed for the SLO probe + required: + - platformEndpoint + - sloIdentifier + - sloSourceMetadata + - comparator + properties: + comparator: + description: Comparator check for the correctness + of the probe output + required: + - criteria + - value + properties: + criteria: + description: Criteria for matching data it + supports >=, <=, ==, >, <, != for int and + float it supports equal, notEqual, contains + for string + type: string + type: + description: Type of data it can be int, float, + string + type: string + value: + description: Value contains relative value + for criteria + type: string + type: object + evaluationWindow: + description: EvaluationWindow is the time period + for which the metrics will be evaluated + properties: + evaluationEndTime: + description: End time of evaluation + type: integer + evaluationStartTime: + description: Start time of evaluation + type: integer + type: object + platformEndpoint: + description: PlatformEndpoint for the monitoring + service endpoint + type: string + insecureSkipVerify: + description: InsecureSkipVerify flag to skip certificate + checks + type: boolean + sloIdentifier: + description: SLOIdentifier for fetching the details + of the SLO + type: string + sloSourceMetadata: + description: SLOSourceMetadata consists of required + metadata details to fetch metric data + required: + - apiTokenSecret + - scope + properties: + apiTokenSecret: + description: APITokenSecret for authenticating + with the platform service + type: string + scope: + description: Scope required for fetching details + required: + - accountIdentifier + - orgIdentifier + - projectIdentifier + properties: + accountIdentifier: + description: AccountIdentifier for account + ID + type: string + orgIdentifier: + description: OrgIdentifier for organization + ID + type: string + projectIdentifier: + description: ProjectIdentifier for project + ID + type: string + type: object + type: object + type: object + mode: + type: string + pattern: ^(SOT|EOT|Edge|Continuous|OnChaos)$ + minLength: 1 + data: + type: string + components: + x-kubernetes-preserve-unknown-fields: true + type: object + properties: + statusCheckTimeouts: type: object - minProperties: 2 - required: - - probeTimeout - - interval properties: - probeTimeout: - type: integer - interval: - type: integer - retry: - type: integer - probePollingInterval: + delay: type: integer - initialDelaySeconds: + timeout: type: integer - stopOnFailure: - type: boolean - mode: - type: string - pattern: ^(SOT|EOT|Edge|Continuous|OnChaos)$ - minLength: 1 - data: - type: string - components: - x-kubernetes-preserve-unknown-fields: true - type: object - properties: - statusCheckTimeouts: - type: object - properties: - delay: - type: integer - timeout: - type: integer - nodeSelector: - type: object - additionalProperties: + nodeSelector: + type: object + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + allowEmptyValue: false + value: + type: string + minLength: 1 + allowEmptyValue: false + experimentImage: type: string - properties: - key: - type: string - minLength: 1 - allowEmptyValue: false - value: - type: string - minLength: 1 - allowEmptyValue: false - experimentImage: - type: string - env: - type: array - items: - description: EnvVar represents an environment variable - present in a Container. - properties: - name: - description: Name of the environment variable. - Must be a C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) + env: + type: array + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, @@ -2291,162 +2413,162 @@ spec: double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP.' - properties: - apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". - type: string - fieldPath: - description: Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required + properties: + containerName: + description: 'Container name: required for volumes, optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in - the pod's namespace - properties: - key: - description: The key of the secret to - select from. Must be a valid secret - key. - type: string - name: - description: 'Name of the referent. More + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - configMaps: - type: array - items: - type: object - properties: - name: - type: string - mountPath: - type: string - secrets: - type: array - items: - type: object - properties: - name: - type: string - mountPath: - type: string - experimentAnnotations: - type: object - additionalProperties: - type: string - properties: - key: - type: string - minLength: 1 - allowEmptyValue: false - value: - type: string - minLength: 1 - allowEmptyValue: false - tolerations: - description: Pod's tolerations. - items: - description: The pod with this Toleration tolerates any taint matches the using the matching operator . - properties: - effect: - description: Effect to match. Empty means all effects. - type: string - key: - description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. - type: string - operator: - description: Operators are Exists or Equal. Defaults to Equal. - type: string - tolerationSeconds: - description: Period of time the toleration tolerates the taint. - format: int64 - type: integer - value: - description: If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + configMaps: + type: array + items: + type: object + properties: + name: + type: string + mountPath: + type: string + secrets: + type: array + items: + type: object + properties: + name: + type: string + mountPath: + type: string + experimentAnnotations: type: object - type: array + additionalProperties: + type: string + properties: + key: + type: string + minLength: 1 + allowEmptyValue: false + value: + type: string + minLength: 1 + allowEmptyValue: false + tolerations: + description: Pod's tolerations. + items: + description: The pod with this Toleration tolerates any taint matches the using the matching operator . + properties: + effect: + description: Effect to match. Empty means all effects. + type: string + key: + description: Taint key the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists. + type: string + operator: + description: Operators are Exists or Equal. Defaults to Equal. + type: string + tolerationSeconds: + description: Period of time the toleration tolerates the taint. + format: int64 + type: integer + value: + description: If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array - status: - x-kubernetes-preserve-unknown-fields: true - type: object - served: true - storage: true - subresources: {} + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: {} conversion: strategy: None --- diff --git a/chaoscenter/graphql/server/pkg/chaos_experiment/handler/handler.go b/chaoscenter/graphql/server/pkg/chaos_experiment/handler/handler.go index f7243344469..f6e3b2c1f6f 100644 --- a/chaoscenter/graphql/server/pkg/chaos_experiment/handler/handler.go +++ b/chaoscenter/graphql/server/pkg/chaos_experiment/handler/handler.go @@ -106,18 +106,10 @@ func (c *ChaosExperimentHandler) SaveChaosExperiment(ctx context.Context, reques if wfDetails.ExperimentID == request.ID { logrus.WithFields(logFields).Info("request received to update k8s chaos experiment") if wfDetails.Name != request.Name { - filterQuery := bson.D{ - {"project_id", request.ID}, - {"name", request.Name}, - {"is_removed", false}, - } - experimentCount, err := c.chaosExperimentOperator.CountChaosExperiments(ctx, filterQuery) + err = c.validateDuplicateExperimentName(ctx, projectID, request.Name) if err != nil { return "", err } - if experimentCount > 0 { - return "", errors.New("experiment name should be unique, duplicate experiment found with name: " + request.Name) - } } err = c.chaosExperimentService.ProcessExperimentUpdate(newRequest, username, wfType, revID, false, projectID, nil) @@ -128,10 +120,15 @@ func (c *ChaosExperimentHandler) SaveChaosExperiment(ctx context.Context, reques return "experiment updated successfully", nil } + err = c.validateDuplicateExperimentName(ctx, projectID, request.Name) + if err != nil { + return "", err + } + // Saving chaos experiment in the DB logrus.WithFields(logFields).Info("request received to save k8s chaos experiment") - err = c.chaosExperimentService.ProcessExperimentCreation(context.TODO(), newRequest, username, projectID, wfType, revID, nil) + err = c.chaosExperimentService.ProcessExperimentCreation(ctx, newRequest, username, projectID, wfType, revID, nil) if err != nil { return "", err } @@ -144,18 +141,10 @@ func (c *ChaosExperimentHandler) CreateChaosExperiment(ctx context.Context, requ var revID = uuid.New().String() // Check if the experiment_name exists under same project - filterQuery := bson.D{ - {"project_id", projectID}, - {"name", request.ExperimentName}, - {"is_removed", false}, - } - experimentCount, err := c.chaosExperimentOperator.CountChaosExperiments(ctx, filterQuery) + err := c.validateDuplicateExperimentName(ctx, projectID, request.ExperimentName) if err != nil { return nil, err } - if experimentCount > 0 { - return nil, errors.New("experiment name should be unique, duplicate experiment found with name: " + request.ExperimentName) - } newRequest, wfType, err := c.chaosExperimentService.ProcessExperiment(request, projectID, revID) if err != nil { @@ -240,18 +229,10 @@ func (c *ChaosExperimentHandler) UpdateChaosExperiment(ctx context.Context, requ ) // Check if the experiment_name exists under same project - filterQuery := bson.D{ - {"project_id", projectID}, - {"name", request.ExperimentName}, - {"is_removed", false}, - } - experimentCount, err := c.chaosExperimentOperator.CountChaosExperiments(ctx, filterQuery) + err := c.validateDuplicateExperimentName(ctx, projectID, request.ExperimentName) if err != nil { return nil, err } - if experimentCount > 0 { - return nil, errors.New("experiment name should be unique, duplicate experiment found with name: " + request.ExperimentName) - } newRequest, wfType, err := c.chaosExperimentService.ProcessExperiment(request, projectID, revID) if err != nil { @@ -1317,3 +1298,21 @@ func (c *ChaosExperimentHandler) GetProbesInExperimentRun(ctx context.Context, p return probeDetails, nil } + +// validateDuplicateExperimentName validates if the name of experiment is duplicate +func (c *ChaosExperimentHandler) validateDuplicateExperimentName(ctx context.Context, projectID, name string) error { + filterQuery := bson.D{ + {"project_id", projectID}, + {"name", name}, + {"is_removed", false}, + } + experimentCount, err := c.chaosExperimentOperator.CountChaosExperiments(ctx, filterQuery) + if err != nil { + return err + } + if experimentCount > 0 { + return errors.New("experiment name should be unique, duplicate experiment found with name: " + name) + } + + return nil +} diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go index 8d0cf13934c..d28acc65ac9 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go @@ -59,23 +59,19 @@ func GetK8sInfraYaml(infra dbChaosInfra.ChaosInfra) ([]byte, error) { config.TLSCert = utils.Config.TlsCertB64 } - if !infra.IsRegistered { - var respData []byte - if infra.InfraScope == ClusterScope { - respData, err = ManifestParser(infra, "manifests/cluster", &config) - } else if infra.InfraScope == NamespaceScope { - respData, err = ManifestParser(infra, "manifests/namespace", &config) - } else { - logrus.Error("INFRA_SCOPE env is empty!") - } - if err != nil { - return nil, err - } - - return respData, nil + var respData []byte + if infra.InfraScope == ClusterScope { + respData, err = ManifestParser(infra, "manifests/cluster", &config) + } else if infra.InfraScope == NamespaceScope { + respData, err = ManifestParser(infra, "manifests/namespace", &config) } else { - return []byte("Infra is already registered"), nil + logrus.Error("INFRA_SCOPE env is empty!") } + if err != nil { + return nil, err + } + + return respData, nil } // ManifestParser parses manifests yaml and generates dynamic manifest with specified keys diff --git a/chaoscenter/manifests/litmus-cluster-scope.yaml b/chaoscenter/manifests/litmus-cluster-scope.yaml index e908e704ca9..a5529adf2ef 100644 --- a/chaoscenter/manifests/litmus-cluster-scope.yaml +++ b/chaoscenter/manifests/litmus-cluster-scope.yaml @@ -440,9 +440,7 @@ metadata: name: litmus-portal-admin-config namespace: litmus data: - DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless.litmus.svc.cluster.local:27017,my-release-mongodb-1.my-release-mongodb-headless.litmus.svc.cluster.local:27017,my-release-mongodb-2.my-release-mongodb-headless.litmus.svc.cluster.local:27017/admin - INFRA_SCOPE: cluster - INFRA_NAMESPACE: litmus + DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin VERSION: "ci" SKIP_SSL_VERIFY: "false" # Configurations if you are using dex for OAuth @@ -665,11 +663,11 @@ spec: - name: ARGO_WORKFLOW_EXECUTOR_IMAGE value: "litmuschaos/argoexec:v3.3.1" - name: LITMUS_CHAOS_OPERATOR_IMAGE - value: "litmuschaos/chaos-operator:3.0.0-beta11" + value: "litmuschaos/chaos-operator:3.0.0" - name: LITMUS_CHAOS_RUNNER_IMAGE - value: "litmuschaos/chaos-runner:3.0.0-beta11" + value: "litmuschaos/chaos-runner:3.0.0" - name: LITMUS_CHAOS_EXPORTER_IMAGE - value: "litmuschaos/chaos-exporter:3.0.0-beta11" + value: "litmuschaos/chaos-exporter:3.0.0" - name: SERVER_SERVICE_NAME value: "litmusportal-server-service" - name: INFRA_DEPLOYMENTS @@ -689,11 +687,11 @@ spec: - name: DEFAULT_HUB_BRANCH_NAME value: "master" - name: LITMUS_AUTH_GRPC_ENDPOINT - value: "litmusportal-auth-server-service.litmus.svc.cluster.local" + value: "litmusportal-auth-server-service" - name: LITMUS_AUTH_GRPC_PORT value: ":3030" - name: WORKFLOW_HELPER_IMAGE_VERSION - value: "3.0.0-beta9" + value: "3.0.0" - name: REMOTE_HUB_MAX_SIZE value: "5000000" - name: INFRA_COMPATIBLE_VERSIONS @@ -769,7 +767,7 @@ spec: - name: ADMIN_PASSWORD value: "litmus" - name: LITMUS_GQL_GRPC_ENDPOINT - value: "litmusportal-server-service.litmus.svc.cluster.local" + value: "litmusportal-server-service" - name: LITMUS_GQL_GRPC_PORT value: ":8000" resources: diff --git a/chaoscenter/manifests/litmus-namespaced-scope.yaml b/chaoscenter/manifests/litmus-namespaced-scope.yaml index f60de369161..a9b1a811ddb 100644 --- a/chaoscenter/manifests/litmus-namespaced-scope.yaml +++ b/chaoscenter/manifests/litmus-namespaced-scope.yaml @@ -415,7 +415,6 @@ kind: ConfigMap metadata: name: litmus-portal-admin-config data: - INFRA_SCOPE: namespace DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin VERSION: "ci" SKIP_SSL_VERIFY: "false" @@ -638,11 +637,11 @@ spec: - name: ARGO_WORKFLOW_EXECUTOR_IMAGE value: "litmuschaos/argoexec:v3.3.1" - name: LITMUS_CHAOS_OPERATOR_IMAGE - value: "litmuschaos/chaos-operator:3.0.0-beta11" + value: "litmuschaos/chaos-operator:3.0.0" - name: LITMUS_CHAOS_RUNNER_IMAGE - value: "litmuschaos/chaos-runner:3.0.0-beta11" + value: "litmuschaos/chaos-runner:3.0.0" - name: LITMUS_CHAOS_EXPORTER_IMAGE - value: "litmuschaos/chaos-exporter:3.0.0-beta11" + value: "litmuschaos/chaos-exporter:3.0.0" - name: CONTAINER_RUNTIME_EXECUTOR value: "k8sapi" - name: DEFAULT_HUB_BRANCH_NAME @@ -652,7 +651,7 @@ spec: - name: LITMUS_AUTH_GRPC_PORT value: ":3030" - name: WORKFLOW_HELPER_IMAGE_VERSION - value: "3.0.0-beta9" + value: "3.0.0" - name: REMOTE_HUB_MAX_SIZE value: "5000000" - name: INGRESS diff --git a/chaoscenter/manifests/litmus-without-resources.yaml b/chaoscenter/manifests/litmus-without-resources.yaml index 66047e36d94..a2146da87bb 100644 --- a/chaoscenter/manifests/litmus-without-resources.yaml +++ b/chaoscenter/manifests/litmus-without-resources.yaml @@ -1,6 +1,6 @@ ### RBAC Manifests ## If SELF_AGENT="true" then these permissions are required to apply -## https://github.com/litmuschaos/litmus/blob/master/litmus-portal/graphql-server/manifests/cluster/1b_argo_rbac.yaml +## https://github.com/litmuschaos/litmus/blob/master/chaoscenter/graphql/server/manifests/cluster/1b_argo_rbac.yaml --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -440,9 +440,7 @@ metadata: name: litmus-portal-admin-config namespace: litmus data: - DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless.litmus.svc.cluster.local:27017,my-release-mongodb-1.my-release-mongodb-headless.litmus.svc.cluster.local:27017,my-release-mongodb-2.my-release-mongodb-headless.litmus.svc.cluster.local:27017/admin - AGENT_SCOPE: cluster - AGENT_NAMESPACE: litmus + DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin VERSION: "ci" SKIP_SSL_VERIFY: "false" # Configurations if you are using dex for OAuth @@ -459,7 +457,7 @@ metadata: name: litmusportal-frontend-nginx-configuration namespace: litmus data: - default.conf: | + nginx.conf: | pid /tmp/nginx.pid; events { @@ -638,8 +636,6 @@ spec: - secretRef: name: litmus-portal-admin-secret env: - - name: SELF_AGENT - value: "true" # if self-signed certificate are used pass the k8s tls secret name created in portal ns, to allow agents to use tls for communication - name: TLS_SECRET_NAME value: "" @@ -658,23 +654,19 @@ spec: - name: ARGO_WORKFLOW_EXECUTOR_IMAGE value: "litmuschaos/argoexec:v3.3.1" - name: LITMUS_CHAOS_OPERATOR_IMAGE - value: "litmuschaos/chaos-operator:3.0.0-beta3" + value: "litmuschaos/chaos-operator:3.0.0" - name: LITMUS_CHAOS_RUNNER_IMAGE - value: "litmuschaos/chaos-runner:3.0.0-beta3" + value: "litmuschaos/chaos-runner:3.0.0" - name: LITMUS_CHAOS_EXPORTER_IMAGE - value: "litmuschaos/chaos-exporter:3.0.0-beta3" + value: "litmuschaos/chaos-exporter:3.0.0" - name: SERVER_SERVICE_NAME value: "litmusportal-server-service" - name: INFRA_DEPLOYMENTS - value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller"]' + value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]' - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName - - name: SELF_AGENT_NODE_SELECTOR - value: "" - - name: SELF_AGENT_TOLERATIONS - value: "" - name: CHAOS_CENTER_UI_ENDPOINT value: "" - name: INGRESS @@ -683,16 +675,18 @@ spec: value: "litmus-ingress" - name: CONTAINER_RUNTIME_EXECUTOR value: "k8sapi" - - name: HUB_BRANCH_NAME - value: "refactor-hub-3.0.0" + - name: DEFAULT_HUB_BRANCH_NAME + value: "master" - name: LITMUS_AUTH_GRPC_ENDPOINT - value: "litmusportal-auth-server-service.litmus.svc.cluster.local" + value: "litmusportal-auth-server-service" - name: LITMUS_AUTH_GRPC_PORT value: ":3030" - name: WORKFLOW_HELPER_IMAGE_VERSION - value: "3.0.0-beta9" + value: "3.0.0" - name: REMOTE_HUB_MAX_SIZE value: "5000000" + - name: INFRA_COMPATIBLE_VERSIONS + value: '["ci"]' ports: - containerPort: 8080 - containerPort: 8000 @@ -755,7 +749,7 @@ spec: - name: ADMIN_PASSWORD value: "litmus" - name: LITMUS_GQL_GRPC_ENDPOINT - value: "litmusportal-server-service.litmus.svc.cluster.local" + value: "litmusportal-server-service" - name: LITMUS_GQL_GRPC_PORT value: ":8000" ports: diff --git a/chaoscenter/web/src/components/PipelineDiagram/Nodes/ChaosExecutionNode/ChaosExecutionNode.tsx b/chaoscenter/web/src/components/PipelineDiagram/Nodes/ChaosExecutionNode/ChaosExecutionNode.tsx index b5700a8f5cc..e205482be52 100644 --- a/chaoscenter/web/src/components/PipelineDiagram/Nodes/ChaosExecutionNode/ChaosExecutionNode.tsx +++ b/chaoscenter/web/src/components/PipelineDiagram/Nodes/ChaosExecutionNode/ChaosExecutionNode.tsx @@ -132,7 +132,7 @@ function ChaosExecutionNode(props: ChaosExecutionNodeProps): JSX.Element { { nodeName: props.name ?? props.data.name, stepStatus: props.status as ExperimentRunFaultStatus, - chaosResult: props.data.chaosData?.chaosResult + chaosResult: props.data.chaosResult }, { useArrows: true, diff --git a/chaoscenter/web/src/strings/strings.en.yaml b/chaoscenter/web/src/strings/strings.en.yaml index 663b2db2c18..4fb86cf72c6 100644 --- a/chaoscenter/web/src/strings/strings.en.yaml +++ b/chaoscenter/web/src/strings/strings.en.yaml @@ -653,10 +653,7 @@ noKubernetesChaosInfrastructureFound: >- noLogs: Sorry, Logs are currently not available noMonitoredService: No monitoring services found for noProbeDescription: >- - Probes are pluggable checks that can be defined within the ChaosEngine for any - Chaos Fault. The experiment pods execute these checks based on the mode they - are defined in & factor their success as necessary conditions in - determining the verdict of the experiment + Probes are lightweight, self-contained scripts that can be run against Kubernetes applications to gather information about their behavior under stress and failure conditions. noProbeExecution: No Probe executions found noProbeExecutionDetails: subtitle: >- diff --git a/chaoscenter/web/src/views/Environments/EnvironmentList/CreateEnvironment.tsx b/chaoscenter/web/src/views/Environments/EnvironmentList/CreateEnvironment.tsx index e30d9dea6da..b3ac4491480 100644 --- a/chaoscenter/web/src/views/Environments/EnvironmentList/CreateEnvironment.tsx +++ b/chaoscenter/web/src/views/Environments/EnvironmentList/CreateEnvironment.tsx @@ -156,7 +156,11 @@ export default function CreateEnvironment({ variation={ButtonVariation.SECONDARY} text={getString('cancel')} /> -