goharbor.io / v1beta1 / HarborCluster
- string
.apiVersion
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- string
.kind
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- object
.metadata
- object
.spec
HarborClusterSpec defines the desired state of HarborCluster.
- object required
.spec .cache
Cache configuration for in-cluster cache services
- string required
.spec .cache .kind
Set the kind of cache service to be used. Only support Redis now.
- object required
.spec .cache .spec
RedisSpec is the specification of redis.
- object
.spec .cache .spec .redis
- string
.spec .cache .spec .redis .certificateRef
Secret containing the client certificate to authenticate with.
- string required
.spec .cache .spec .redis .host
Server hostname.
- string
.spec .cache .spec .redis .passwordRef
Secret containing the password to use when connecting to the server.
- integer
.spec .cache .spec .redis .port
Server port.
- string
.spec .cache .spec .redis .sentinelMasterSet
for Sentinel MasterSet.
- object
.spec .cache .spec .redisFailover
- string
.spec .cache .spec .redisFailover .image
Image name for the component.
- string
.spec .cache .spec .redisFailover .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .cache .spec .redisFailover .imagePullSecrets
- string
.spec .cache .spec .redisFailover .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- string required
.spec .cache .spec .redisFailover .operatorVersion
- object
.spec .cache .spec .redisFailover .sentinel
Sentinel is the configuration of the redis sentinel.
- integer
.spec .cache .spec .redisFailover .sentinel .replicas
Replicas is the instance number of redis sentinel.
- object
.spec .cache .spec .redisFailover .server
Server is the configuration of the redis server.
- integer
.spec .cache .spec .redisFailover .server .replicas
Replicas is the instance number of redis server.
- object
.spec .cache .spec .redisFailover .server .resources
Resources is the resources requests and limits for redis.
- array
.spec .cache .spec .redisFailover .server .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .cache .spec .redisFailover .server .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .cache .spec .redisFailover .server .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .cache .spec .redisFailover .server .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .cache .spec .redisFailover .server .serviceAccountName
ServiceAccountName is the service account name of the redis server.
- string
.spec .cache .spec .redisFailover .server .storage
Storage is the size of the redis storage.
- string
.spec .cache .spec .redisFailover .server .storageClassName
StorageClassName is the storage class name of the redis storage.
- object
.spec .chartmuseum
- boolean
.spec .chartmuseum .absoluteUrl
Harbor defaults ChartMuseum to returning relative urls, if you want using absolute url you should enable it
- array
.spec .chartmuseum .certificateRefs
- string
.spec .chartmuseum .image
Image name for the component.
- string
.spec .chartmuseum .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .chartmuseum .imagePullSecrets
- string
.spec .chartmuseum .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- object
.spec .chartmuseum .nodeSelector
NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
- integer
.spec .chartmuseum .replicas
Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
- object
.spec .chartmuseum .resources
Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
- array
.spec .chartmuseum .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .chartmuseum .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .chartmuseum .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .chartmuseum .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .chartmuseum .serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- object
.spec .chartmuseum .templateAnnotations
Custom annotations to be added into the pods
- object
.spec .chartmuseum .templateLabels
Custom Labels to be added into the pods
- array
.spec .chartmuseum .tolerations
If specified, the pod’s tolerations.
- string
.spec .chartmuseum .tolerations[] .effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- string
.spec .chartmuseum .tolerations[] .key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- string
.spec .chartmuseum .tolerations[] .operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- integer
.spec .chartmuseum .tolerations[] .tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- string
.spec .chartmuseum .tolerations[] .value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- object
.spec .core
- array
.spec .core .certificateRefs
- string
.spec .core .image
Image name for the component.
- string
.spec .core .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .core .imagePullSecrets
- string
.spec .core .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- integer
.spec .core .maxIdleConnections
- integer
.spec .core .maxOpenConnections
- object
.spec .core .metrics
- boolean
.spec .core .metrics .enabled
- string
.spec .core .metrics .path
The path of the metrics.
- integer
.spec .core .metrics .port
The port of the metrics.
- object
.spec .core .nodeSelector
NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
- integer
.spec .core .replicas
Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
- object
.spec .core .resources
Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
- array
.spec .core .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .core .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .core .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .core .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .core .serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- object
.spec .core .templateAnnotations
Custom annotations to be added into the pods
- object
.spec .core .templateLabels
Custom Labels to be added into the pods
- object required
.spec .core .tokenIssuer
ObjectReference is a reference to an object with a given name, kind and group.
- string
.spec .core .tokenIssuer .group
Group of the resource being referred to.
- string
.spec .core .tokenIssuer .kind
Kind of the resource being referred to.
- string required
.spec .core .tokenIssuer .name
Name of the resource being referred to.
- array
.spec .core .tolerations
If specified, the pod’s tolerations.
- string
.spec .core .tolerations[] .effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- string
.spec .core .tolerations[] .key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- string
.spec .core .tolerations[] .operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- integer
.spec .core .tolerations[] .tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- string
.spec .core .tolerations[] .value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- object required
.spec .database
Database configuration for in-cluster database service
- string required
.spec .database .kind
Set the kind of which database service to be used, Only support PostgreSQL now.
- object required
.spec .database .spec
- object
.spec .database .spec .postgresql
- array required
.spec .database .spec .postgresql .hosts
- string required
.spec .database .spec .postgresql .hosts[] .host
Name of host to connect to. If a host name begins with a slash, it specifies Unix-domain communication rather than TCP/IP communication; the value is the name of the directory in which the socket file is stored.
- integer
.spec .database .spec .postgresql .hosts[] .port
Port number to connect to at the server host, or socket file name extension for Unix-domain connections. Zero, specifies the default port number established when PostgreSQL was built.
- string
.spec .database .spec .postgresql .passwordRef
Secret containing the password to be used if the server demands password authentication.
- string
.spec .database .spec .postgresql .prefix
- string
.spec .database .spec .postgresql .sslMode
PostgreSQL has native support for using SSL connections to encrypt client/server communications for increased security.
- string
.spec .database .spec .postgresql .username
PostgreSQL user name to connect as. Defaults to be the same as the operating system name of the user running the application.
- object
.spec .database .spec .zlandoPostgreSql
ZlandoPostgreSQL
- integer
.spec .database .spec .zlandoPostgreSql .connectTimeout
- string
.spec .database .spec .zlandoPostgreSql .image
Image name for the component.
- string
.spec .database .spec .zlandoPostgreSql .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .database .spec .zlandoPostgreSql .imagePullSecrets
- string
.spec .database .spec .zlandoPostgreSql .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- string required
.spec .database .spec .zlandoPostgreSql .operatorVersion
- integer
.spec .database .spec .zlandoPostgreSql .replicas
- object
.spec .database .spec .zlandoPostgreSql .resources
ResourceRequirements describes the compute resource requirements.
- array
.spec .database .spec .zlandoPostgreSql .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .database .spec .zlandoPostgreSql .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .database .spec .zlandoPostgreSql .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .database .spec .zlandoPostgreSql .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .database .spec .zlandoPostgreSql .sslConfig
- string
.spec .database .spec .zlandoPostgreSql .storage
- string
.spec .database .spec .zlandoPostgreSql .storageClassName
- object
.spec .exporter
- object
.spec .exporter .cache
- string
.spec .exporter .cache .cleanInterval
The interval to clean the cache info from the database and core.
- string
.spec .exporter .cache .duration
The duration to cache info from the database and core.
- string
.spec .exporter .image
Image name for the component.
- string
.spec .exporter .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .exporter .imagePullSecrets
- string
.spec .exporter .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- object
.spec .exporter .nodeSelector
NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
- string
.spec .exporter .path
The metrics path of the exporter.
- integer
.spec .exporter .port
The port of the exporter.
- integer
.spec .exporter .replicas
Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
- object
.spec .exporter .resources
Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
- array
.spec .exporter .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .exporter .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .exporter .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .exporter .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .exporter .serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- object
.spec .exporter .templateAnnotations
Custom annotations to be added into the pods
- object
.spec .exporter .templateLabels
Custom Labels to be added into the pods
- array
.spec .exporter .tolerations
If specified, the pod’s tolerations.
- string
.spec .exporter .tolerations[] .effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- string
.spec .exporter .tolerations[] .key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- string
.spec .exporter .tolerations[] .operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- integer
.spec .exporter .tolerations[] .tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- string
.spec .exporter .tolerations[] .value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- object required
.spec .expose
- object required
.spec .expose .core
- object
.spec .expose .core .ingress
- object
.spec .expose .core .ingress .annotations
- string
.spec .expose .core .ingress .controller
Set to the type of ingress controller.
- string required
.spec .expose .core .ingress .host
- string
.spec .expose .core .ingress .ingressClassName
- object
.spec .expose .core .tls
- string
.spec .expose .core .tls .certificateRef
- object
.spec .expose .notary
The ingress of the notary, required when notary component enabled.
- object
.spec .expose .notary .ingress
- object
.spec .expose .notary .ingress .annotations
- string
.spec .expose .notary .ingress .controller
Set to the type of ingress controller.
- string required
.spec .expose .notary .ingress .host
- string
.spec .expose .notary .ingress .ingressClassName
- object
.spec .expose .notary .tls
- string
.spec .expose .notary .tls .certificateRef
- string required
.spec .externalURL
- string required
.spec .harborAdminPasswordRef
- object
.spec .imageSource
- string
.spec .imageSource .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .imageSource .imagePullSecrets
- string
.spec .imageSource .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- string
.spec .imageSource .repository
The default repository for the images of the components. eg docker.io/goharbor/
- string
.spec .imageSource .tagSuffix
The tag suffix for the images of the images of the components. eg ‘-patch1’
- object
.spec .internalTLS
- boolean
.spec .internalTLS .enabled
- object
.spec .jobservice
- array
.spec .jobservice .certificateRefs
- string
.spec .jobservice .image
Image name for the component.
- string
.spec .jobservice .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .jobservice .imagePullSecrets
- string
.spec .jobservice .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- object
.spec .jobservice .metrics
- boolean
.spec .jobservice .metrics .enabled
- string
.spec .jobservice .metrics .path
The path of the metrics.
- integer
.spec .jobservice .metrics .port
The port of the metrics.
- object
.spec .jobservice .nodeSelector
NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
- integer
.spec .jobservice .replicas
Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
- object
.spec .jobservice .resources
Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
- array
.spec .jobservice .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .jobservice .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .jobservice .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .jobservice .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .jobservice .serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- object
.spec .jobservice .storage
- object
.spec .jobservice .storage .scanDataExportsPersistentVolume
ScanDataExportsPersistentVolume specify the persistent volume used to store data exports. If empty, empty dir will be used.
- string required
.spec .jobservice .storage .scanDataExportsPersistentVolume .claimName
claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- string
.spec .jobservice .storage .scanDataExportsPersistentVolume .prefix
- boolean
.spec .jobservice .storage .scanDataExportsPersistentVolume .readOnly
readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
- object
.spec .jobservice .templateAnnotations
Custom annotations to be added into the pods
- object
.spec .jobservice .templateLabels
Custom Labels to be added into the pods
- array
.spec .jobservice .tolerations
If specified, the pod’s tolerations.
- string
.spec .jobservice .tolerations[] .effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- string
.spec .jobservice .tolerations[] .key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- string
.spec .jobservice .tolerations[] .operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- integer
.spec .jobservice .tolerations[] .tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- string
.spec .jobservice .tolerations[] .value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- integer
.spec .jobservice .workerCount
- string
.spec .logLevel
HarborLogLevel is the log level for Harbor.
- object
.spec .network
Network settings for the harbor
- array
.spec .network .ipFamilies
- object
.spec .notary
- boolean
.spec .notary .migrationEnabled
Inject migration configuration to notary resources
- object
.spec .notary .server
- string
.spec .notary .server .image
Image name for the component.
- string
.spec .notary .server .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .notary .server .imagePullSecrets
- string
.spec .notary .server .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- object
.spec .notary .server .nodeSelector
NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
- integer
.spec .notary .server .replicas
Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
- object
.spec .notary .server .resources
Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
- array
.spec .notary .server .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .notary .server .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .notary .server .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .notary .server .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .notary .server .serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- object
.spec .notary .server .templateAnnotations
Custom annotations to be added into the pods
- object
.spec .notary .server .templateLabels
Custom Labels to be added into the pods
- array
.spec .notary .server .tolerations
If specified, the pod’s tolerations.
- string
.spec .notary .server .tolerations[] .effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- string
.spec .notary .server .tolerations[] .key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- string
.spec .notary .server .tolerations[] .operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- integer
.spec .notary .server .tolerations[] .tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- string
.spec .notary .server .tolerations[] .value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- object
.spec .notary .signer
- string
.spec .notary .signer .image
Image name for the component.
- string
.spec .notary .signer .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .notary .signer .imagePullSecrets
- string
.spec .notary .signer .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- object
.spec .notary .signer .nodeSelector
NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
- integer
.spec .notary .signer .replicas
Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
- object
.spec .notary .signer .resources
Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
- array
.spec .notary .signer .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .notary .signer .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .notary .signer .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .notary .signer .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .notary .signer .serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- object
.spec .notary .signer .templateAnnotations
Custom annotations to be added into the pods
- object
.spec .notary .signer .templateLabels
Custom Labels to be added into the pods
- array
.spec .notary .signer .tolerations
If specified, the pod’s tolerations.
- string
.spec .notary .signer .tolerations[] .effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- string
.spec .notary .signer .tolerations[] .key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- string
.spec .notary .signer .tolerations[] .operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- integer
.spec .notary .signer .tolerations[] .tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- string
.spec .notary .signer .tolerations[] .value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- object
.spec .portal
- string
.spec .portal .image
Image name for the component.
- string
.spec .portal .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .portal .imagePullSecrets
- string
.spec .portal .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- object
.spec .portal .nodeSelector
NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
- integer
.spec .portal .replicas
Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
- object
.spec .portal .resources
Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
- array
.spec .portal .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .portal .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .portal .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .portal .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .portal .serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- object
.spec .portal .templateAnnotations
Custom annotations to be added into the pods
- object
.spec .portal .templateLabels
Custom Labels to be added into the pods
- array
.spec .portal .tolerations
If specified, the pod’s tolerations.
- string
.spec .portal .tolerations[] .effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- string
.spec .portal .tolerations[] .key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- string
.spec .portal .tolerations[] .operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- integer
.spec .portal .tolerations[] .tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- string
.spec .portal .tolerations[] .value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- object
.spec .proxy
- array
.spec .proxy .components
- string
.spec .proxy .httpProxy
- string
.spec .proxy .httpsProxy
- array
.spec .proxy .noProxy
- object
.spec .registry
- array
.spec .registry .certificateRefs
- string
.spec .registry .image
Image name for the component.
- string
.spec .registry .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .registry .imagePullSecrets
- string
.spec .registry .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- object
.spec .registry .metrics
- boolean
.spec .registry .metrics .enabled
- string
.spec .registry .metrics .path
The path of the metrics.
- integer
.spec .registry .metrics .port
The port of the metrics.
- object
.spec .registry .nodeSelector
NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
- boolean
.spec .registry .relativeURLs
- integer
.spec .registry .replicas
Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
- object
.spec .registry .resources
Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
- array
.spec .registry .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .registry .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .registry .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .registry .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .registry .serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- array
.spec .registry .storageMiddlewares
- string required
.spec .registry .storageMiddlewares[] .name
- string
.spec .registry .storageMiddlewares[] .optionsRef
- object
.spec .registry .templateAnnotations
Custom annotations to be added into the pods
- object
.spec .registry .templateLabels
Custom Labels to be added into the pods
- array
.spec .registry .tolerations
If specified, the pod’s tolerations.
- string
.spec .registry .tolerations[] .effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- string
.spec .registry .tolerations[] .key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- string
.spec .registry .tolerations[] .operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- integer
.spec .registry .tolerations[] .tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- string
.spec .registry .tolerations[] .value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- object
.spec .registryctl
- string
.spec .registryctl .image
Image name for the component.
- string
.spec .registryctl .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .registryctl .imagePullSecrets
- string
.spec .registryctl .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- object
.spec .registryctl .nodeSelector
NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
- integer
.spec .registryctl .replicas
Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
- object
.spec .registryctl .resources
Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
- array
.spec .registryctl .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .registryctl .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .registryctl .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .registryctl .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .registryctl .serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- object
.spec .registryctl .templateAnnotations
Custom annotations to be added into the pods
- object
.spec .registryctl .templateLabels
Custom Labels to be added into the pods
- array
.spec .registryctl .tolerations
If specified, the pod’s tolerations.
- string
.spec .registryctl .tolerations[] .effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- string
.spec .registryctl .tolerations[] .key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- string
.spec .registryctl .tolerations[] .operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- integer
.spec .registryctl .tolerations[] .tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- string
.spec .registryctl .tolerations[] .value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- object required
.spec .storage
Storage configuration for in-cluster storage service
- string required
.spec .storage .kind
Kind of which storage service to be used. Only support MinIO now.
- object required
.spec .storage .spec
the spec of Storage.
- object
.spec .storage .spec .azure
- string
.spec .storage .spec .azure .accountkeyRef
- string
.spec .storage .spec .azure .accountname
- string
.spec .storage .spec .azure .baseURL
- string
.spec .storage .spec .azure .container
- string
.spec .storage .spec .azure .pathPrefix
- object
.spec .storage .spec .fileSystem
- object
.spec .storage .spec .fileSystem .chartPersistentVolume
- string required
.spec .storage .spec .fileSystem .chartPersistentVolume .claimName
claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- string
.spec .storage .spec .fileSystem .chartPersistentVolume .prefix
- boolean
.spec .storage .spec .fileSystem .chartPersistentVolume .readOnly
readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
- object required
.spec .storage .spec .fileSystem .registryPersistentVolume
- string required
.spec .storage .spec .fileSystem .registryPersistentVolume .claimName
claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- integer
.spec .storage .spec .fileSystem .registryPersistentVolume .maxthreads
- string
.spec .storage .spec .fileSystem .registryPersistentVolume .prefix
- boolean
.spec .storage .spec .fileSystem .registryPersistentVolume .readOnly
readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
- object
.spec .storage .spec .gcs
- string
.spec .storage .spec .gcs .bucket
bucket to store charts for Gcs storage
- string
.spec .storage .spec .gcs .chunkSize
- string
.spec .storage .spec .gcs .keyDataRef
The base64 encoded json file which contains the key
- string
.spec .storage .spec .gcs .pathPrefix
- object
.spec .storage .spec .minIO
inCluster options.
- string
.spec .storage .spec .minIO .image
Image name for the component.
- string
.spec .storage .spec .minIO .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .storage .spec .minIO .imagePullSecrets
- string
.spec .storage .spec .minIO .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- object
.spec .storage .spec .minIO .mc
MinIOClientSpec the spec for the mc
- string
.spec .storage .spec .minIO .mc .image
Image name for the component.
- string
.spec .storage .spec .minIO .mc .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .storage .spec .minIO .mc .imagePullSecrets
- string
.spec .storage .spec .minIO .mc .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- string required
.spec .storage .spec .minIO .operatorVersion
the version of minIO operator
- object
.spec .storage .spec .minIO .redirect
deprecated Determine if the redirection of minio storage is disabled.
- boolean required
.spec .storage .spec .minIO .redirect .enable
Default is true
- object
.spec .storage .spec .minIO .redirect .expose
- object
.spec .storage .spec .minIO .redirect .expose .ingress
- object
.spec .storage .spec .minIO .redirect .expose .ingress .annotations
- string
.spec .storage .spec .minIO .redirect .expose .ingress .controller
Set to the type of ingress controller.
- string required
.spec .storage .spec .minIO .redirect .expose .ingress .host
- string
.spec .storage .spec .minIO .redirect .expose .ingress .ingressClassName
- object
.spec .storage .spec .minIO .redirect .expose .tls
- string
.spec .storage .spec .minIO .redirect .expose .tls .certificateRef
- integer required
.spec .storage .spec .minIO .replicas
Supply number of replicas. For standalone mode, supply 1. For distributed mode, supply 4 to 16 drives (should be even). Note that the operator does not support upgrading from standalone to distributed mode.
- object
.spec .storage .spec .minIO .resources
If provided, use these requests and limit for cpu/memory resource allocation
- array
.spec .storage .spec .minIO .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .storage .spec .minIO .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .storage .spec .minIO .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .storage .spec .minIO .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .storage .spec .minIO .secretRef
Reference to the secret containing the MinIO access key and secret key.
- object
.spec .storage .spec .minIO .volumeClaimTemplate
VolumeClaimTemplate allows a user to specify how volumes inside a MinIOInstance
- string
.spec .storage .spec .minIO .volumeClaimTemplate .apiVersion
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- string
.spec .storage .spec .minIO .volumeClaimTemplate .kind
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- object
.spec .storage .spec .minIO .volumeClaimTemplate .metadata
Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
- object
.spec .storage .spec .minIO .volumeClaimTemplate .spec
spec defines the desired characteristics of a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- array
.spec .storage .spec .minIO .volumeClaimTemplate .spec .accessModes
accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
- object
.spec .storage .spec .minIO .volumeClaimTemplate .spec .dataSource
dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.
- string
.spec .storage .spec .minIO .volumeClaimTemplate .spec .dataSource .apiGroup
APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
- string required
.spec .storage .spec .minIO .volumeClaimTemplate .spec .dataSource .kind
Kind is the type of resource being referenced
- string required
.spec .storage .spec .minIO .volumeClaimTemplate .spec .dataSource .name
Name is the name of resource being referenced
- object
.spec .storage .spec .minIO .volumeClaimTemplate .spec .dataSourceRef
dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn’t specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn’t set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
- string
.spec .storage .spec .minIO .volumeClaimTemplate .spec .dataSourceRef .apiGroup
APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.
- string required
.spec .storage .spec .minIO .volumeClaimTemplate .spec .dataSourceRef .kind
Kind is the type of resource being referenced
- string required
.spec .storage .spec .minIO .volumeClaimTemplate .spec .dataSourceRef .name
Name is the name of resource being referenced
- string
.spec .storage .spec .minIO .volumeClaimTemplate .spec .dataSourceRef .namespace
Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace’s owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.
- object
.spec .storage .spec .minIO .volumeClaimTemplate .spec .resources
resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
- array
.spec .storage .spec .minIO .volumeClaimTemplate .spec .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .storage .spec .minIO .volumeClaimTemplate .spec .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .storage .spec .minIO .volumeClaimTemplate .spec .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .storage .spec .minIO .volumeClaimTemplate .spec .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .storage .spec .minIO .volumeClaimTemplate .spec .selector
selector is a label query over volumes to consider for binding.
- array
.spec .storage .spec .minIO .volumeClaimTemplate .spec .selector .matchExpressions
matchExpressions is a list of label selector requirements. The requirements are ANDed.
- string required
.spec .storage .spec .minIO .volumeClaimTemplate .spec .selector .matchExpressions[] .key
key is the label key that the selector applies to.
- string required
.spec .storage .spec .minIO .volumeClaimTemplate .spec .selector .matchExpressions[] .operator
operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
- array
.spec .storage .spec .minIO .volumeClaimTemplate .spec .selector .matchExpressions[] .values
values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
- object
.spec .storage .spec .minIO .volumeClaimTemplate .spec .selector .matchLabels
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is “key”, the operator is “In”, and the values array contains only “value”. The requirements are ANDed.
- string
.spec .storage .spec .minIO .volumeClaimTemplate .spec .storageClassName
storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
- string
.spec .storage .spec .minIO .volumeClaimTemplate .spec .volumeMode
volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- string
.spec .storage .spec .minIO .volumeClaimTemplate .spec .volumeName
volumeName is the binding reference to the PersistentVolume backing this claim.
- object
.spec .storage .spec .minIO .volumeClaimTemplate .status
status represents the current information/status of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- array
.spec .storage .spec .minIO .volumeClaimTemplate .status .accessModes
accessModes contains the actual access modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1
- object
.spec .storage .spec .minIO .volumeClaimTemplate .status .allocatedResources
allocatedResources is the storage resource within AllocatedResources tracks the capacity allocated to a PVC. It may be larger than the actual capacity when a volume expansion operation is requested. For storage quota, the larger value from allocatedResources and PVC.spec.resources is used. If allocatedResources is not set, PVC.spec.resources alone is used for quota calculation. If a volume expansion capacity request is lowered, allocatedResources is only lowered if there are no expansion operations in progress and if the actual volume capacity is equal or lower than the requested capacity. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
- object
.spec .storage .spec .minIO .volumeClaimTemplate .status .capacity
capacity represents the actual resources of the underlying volume.
- array
.spec .storage .spec .minIO .volumeClaimTemplate .status .conditions
conditions is the current Condition of persistent volume claim. If underlying persistent volume is being resized then the Condition will be set to ‘ResizeStarted’.
- string
.spec .storage .spec .minIO .volumeClaimTemplate .status .conditions[] .lastProbeTime
lastProbeTime is the time we probed the condition.
- string
.spec .storage .spec .minIO .volumeClaimTemplate .status .conditions[] .lastTransitionTime
lastTransitionTime is the time the condition transitioned from one status to another.
- string
.spec .storage .spec .minIO .volumeClaimTemplate .status .conditions[] .message
message is the human-readable message indicating details about last transition.
- string
.spec .storage .spec .minIO .volumeClaimTemplate .status .conditions[] .reason
reason is a unique, this should be a short, machine understandable string that gives the reason for condition’s last transition. If it reports “ResizeStarted” that means the underlying persistent volume is being resized.
- string required
.spec .storage .spec .minIO .volumeClaimTemplate .status .conditions[] .status
- string required
.spec .storage .spec .minIO .volumeClaimTemplate .status .conditions[] .type
PersistentVolumeClaimConditionType is a valid value of PersistentVolumeClaimCondition.Type
- string
.spec .storage .spec .minIO .volumeClaimTemplate .status .phase
phase represents the current phase of PersistentVolumeClaim.
- string
.spec .storage .spec .minIO .volumeClaimTemplate .status .resizeStatus
resizeStatus stores status of resize operation. ResizeStatus is not set by default but when expansion is complete resizeStatus is set to empty string by resize controller or kubelet. This is an alpha field and requires enabling RecoverVolumeExpansionFailure feature.
- integer required
.spec .storage .spec .minIO .volumesPerServer
Number of persistent volumes that will be attached per server
- object
.spec .storage .spec .oss
- string required
.spec .storage .spec .oss .accessKeyID
- string required
.spec .storage .spec .oss .accessSecretRef
- string required
.spec .storage .spec .oss .bucket
- integer
.spec .storage .spec .oss .chunksize
The Oss API requires multipart upload chunks to be at least 5MB.
- boolean
.spec .storage .spec .oss .encrypt
Specifies whether the registry stores the image in encrypted format or not. A boolean value.
- string
.spec .storage .spec .oss .endpoint
- boolean
.spec .storage .spec .oss .internal
- string
.spec .storage .spec .oss .pathPrefix
- string required
.spec .storage .spec .oss .region
- boolean
.spec .storage .spec .oss .secure
- object
.spec .storage .spec .redirect
Determine if the redirection of minio storage is disabled.
- boolean required
.spec .storage .spec .redirect .enable
Default is true
- object
.spec .storage .spec .redirect .expose
- object
.spec .storage .spec .redirect .expose .ingress
- object
.spec .storage .spec .redirect .expose .ingress .annotations
- string
.spec .storage .spec .redirect .expose .ingress .controller
Set to the type of ingress controller.
- string required
.spec .storage .spec .redirect .expose .ingress .host
- string
.spec .storage .spec .redirect .expose .ingress .ingressClassName
- object
.spec .storage .spec .redirect .expose .tls
- string
.spec .storage .spec .redirect .expose .tls .certificateRef
- object
.spec .storage .spec .s3
- string
.spec .storage .spec .s3 .accesskey
The AWS Access Key. If you use IAM roles, omit to fetch temporary credentials from IAM.
- string required
.spec .storage .spec .s3 .bucket
The bucket name in which you want to store the registry’s data.
- string
.spec .storage .spec .s3 .certificateRef
- integer
.spec .storage .spec .s3 .chunksize
The S3 API requires multipart upload chunks to be at least 5MB.
- boolean
.spec .storage .spec .s3 .encrypt
Specifies whether the registry stores the image in encrypted format or not. A boolean value.
- string
.spec .storage .spec .s3 .keyid
KMS key ID to use for encryption (encrypt must be true, or this parameter is ignored).
- integer
.spec .storage .spec .s3 .multipartcopychunksize
- integer
.spec .storage .spec .s3 .multipartcopymaxconcurrency
- integer
.spec .storage .spec .s3 .multipartcopythresholdsize
- string required
.spec .storage .spec .s3 .region
The AWS region in which your bucket exists. For the moment, the Go AWS library in use does not use the newer DNS based bucket routing. For a list of regions, see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
- string
.spec .storage .spec .s3 .regionendpoint
Endpoint for S3 compatible storage services (Minio, etc).
- string
.spec .storage .spec .s3 .rootdirectory
This is a prefix that is applied to all S3 keys to allow you to segment data in your bucket if necessary.
- string
.spec .storage .spec .s3 .secretkeyRef
Reference to the secret containing the AWS Secret Key. If you use IAM roles, omit to fetch temporary credentials from IAM.
- boolean
.spec .storage .spec .s3 .secure
- boolean
.spec .storage .spec .s3 .skipverify
Skips TLS verification when the value is set to true.
- string
.spec .storage .spec .s3 .storageclass
The S3 storage class applied to each registry file.
- boolean
.spec .storage .spec .s3 .v4auth
Indicates whether the registry uses Version 4 of AWS’s authentication.
- object
.spec .storage .spec .swift
- string
.spec .storage .spec .swift .accesskey
The access key to generate temporary URLs. It is used by HP Cloud Object Storage in addition to the secretkey parameter.
- string required
.spec .storage .spec .swift .authurl
URL for obtaining an auth token. https://storage.myprovider.com/v2.0 or https://storage.myprovider.com/v3/auth
- string
.spec .storage .spec .swift .authversion
Specify the OpenStack Auth’s version, for example 3. By default the driver autodetects the auth’s version from the authurl.
- integer
.spec .storage .spec .swift .chunksize
Size of the data segments for the Swift Dynamic Large Objects. This value should be a number.
- string required
.spec .storage .spec .swift .container
The name of your Swift container where you wish to store the registry’s data. The driver creates the named container during its initialization.
- string
.spec .storage .spec .swift .domain
Your Openstack domain name for Identity v3 API. You can either use domain or domainid.
- string
.spec .storage .spec .swift .domainID
Your Openstack domain ID for Identity v3 API. You can either use domain or domainid.
- string
.spec .storage .spec .swift .endpointtype
The endpoint type used when connecting to swift.
- boolean
.spec .storage .spec .swift .insecureskipverify
Skips TLS verification if the value is set to true.
- string
.spec .storage .spec .swift .passwordRef
Secret name containing the Openstack password.
- string
.spec .storage .spec .swift .prefix
This is a prefix that is applied to all Swift keys to allow you to segment data in your container if necessary. Defaults to the container’s root.
- string
.spec .storage .spec .swift .region
The Openstack region in which your container exists.
- string
.spec .storage .spec .swift .secretkeyRef
The secret key used to generate temporary URLs.
- string
.spec .storage .spec .swift .tenant
Your Openstack tenant name. You can either use tenant or tenantid.
- string
.spec .storage .spec .swift .tenantID
Your Openstack tenant ID. You can either use tenant or tenantid.
- string
.spec .storage .spec .swift .trustid
Your Openstack trust ID for Identity v3 API.
- string
.spec .storage .spec .swift .username
The Openstack user name.
- object
.spec .trace
Trace settings for the harbor
- object
.spec .trace .attributes
A key value dict contains user defined attributes used to initialize trace provider.
- boolean
.spec .trace .enabled
Enable tracing or not.
- object
.spec .trace .jaeger
- object
.spec .trace .jaeger .agent
- string
.spec .trace .jaeger .agent .host
The host of the jaeger agent.
- integer
.spec .trace .jaeger .agent .port
The port of the jaeger agent.
- object
.spec .trace .jaeger .collector
- string required
.spec .trace .jaeger .collector .endpoint
The endpoint of the jaeger collector.
- string
.spec .trace .jaeger .collector .passwordRef
The password secret reference name of the jaeger collector.
- string
.spec .trace .jaeger .collector .username
The username of the jaeger collector.
- string required
.spec .trace .jaeger .mode
The jaeger mode: ‘collector’ or ‘agent’.
- string
.spec .trace .namespace
Namespace used to differentiate different harbor services.
- object
.spec .trace .otel
- boolean
.spec .trace .otel .compression
Whether enable compression or not for otel.
- string required
.spec .trace .otel .endpoint
The endpoint of otel.
- boolean
.spec .trace .otel .insecure
Whether establish insecure connection or not for otel.
- string
.spec .trace .otel .timeout
The timeout of otel.
- string required
.spec .trace .otel .urlPath
The URL path of otel.
- string required
.spec .trace .provider
The tracing provider: ‘jaeger’ or ‘otel’.
- integer
.spec .trace .sampleRate
Set
sampleRateto 1 if you wanna sampling 100% of trace data; set 0.5 if you wanna sampling 50% of trace data, and so forth. - object
.spec .trivy
- array
.spec .trivy .certificateRefs
- string
.spec .trivy .githubTokenRef
The name of the secret containing the token to connect to GitHub API.
- string
.spec .trivy .image
Image name for the component.
- string
.spec .trivy .imagePullPolicy
Image pull policy. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
- array
.spec .trivy .imagePullSecrets
- string
.spec .trivy .imagePullSecrets[] .name
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
- object
.spec .trivy .nodeSelector
NodeSelector is a selector which must be true for the component to fit on a node. Selector which must match a node’s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
- boolean
.spec .trivy .offlineScan
Option prevents Trivy from sending API requests to identify dependencies. This option doesn’t affect DB download. You need to specify “skip-update” as well as “offline-scan” in an air-gapped environment.
- integer
.spec .trivy .replicas
Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#what-is-a-replicationcontroller
- object
.spec .trivy .resources
Compute Resources required by this component. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
- array
.spec .trivy .resources .claims
Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable.
- string required
.spec .trivy .resources .claims[] .name
Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
- object
.spec .trivy .resources .limits
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- object
.spec .trivy .resources .requests
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- string
.spec .trivy .serviceAccountName
ServiceAccountName is the name of the ServiceAccount to use to run this component. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
- boolean
.spec .trivy .skipUpdate
The flag to enable or disable Trivy DB downloads from GitHub
- object required
.spec .trivy .storage
- object
.spec .trivy .storage .cachePersistentVolume
CachePersistentVolume specify the persistent volume used to store Trivy cache. If empty, empty dir will be used.
- string required
.spec .trivy .storage .cachePersistentVolume .claimName
claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- string
.spec .trivy .storage .cachePersistentVolume .prefix
- boolean
.spec .trivy .storage .cachePersistentVolume .readOnly
readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
- object
.spec .trivy .storage .reportsPersistentVolume
ReportsPersistentVolume specify the persistent volume used to store Trivy reports. If empty, empty dir will be used.
- string required
.spec .trivy .storage .reportsPersistentVolume .claimName
claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims
- string
.spec .trivy .storage .reportsPersistentVolume .prefix
- boolean
.spec .trivy .storage .reportsPersistentVolume .readOnly
readOnly Will force the ReadOnly setting in VolumeMounts. Default false.
- object
.spec .trivy .templateAnnotations
Custom annotations to be added into the pods
- object
.spec .trivy .templateLabels
Custom Labels to be added into the pods
- array
.spec .trivy .tolerations
If specified, the pod’s tolerations.
- string
.spec .trivy .tolerations[] .effect
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
- string
.spec .trivy .tolerations[] .key
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
- string
.spec .trivy .tolerations[] .operator
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
- integer
.spec .trivy .tolerations[] .tolerationSeconds
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
- string
.spec .trivy .tolerations[] .value
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
- string
.spec .updateStrategyType
- string required
.spec .version
The version of the harbor, eg 2.1.2
- object
.status
HarborClusterStatus defines the observed state of HarborCluster.
- array
.status .conditions
Conditions of each components
- string
.status .conditions[] .lastTransitionTime
Last time the condition transitioned from one status to another.
- string
.status .conditions[] .message
Human-readable message indicating details about last transition.
- string
.status .conditions[] .reason
Unique, one-word, CamelCase reason for the condition’s last transition.
- string required
.status .conditions[] .status
Status is the status of the condition. Can be True, False, Unknown.
- string required
.status .conditions[] .type
Type is the type of the condition.
- integer
.status .observedGeneration
- object
.status .operator
ControllerStatus represents the current status of the operator.
- string
.status .operator .controllerGitCommit
- string
.status .operator .controllerName
- string
.status .operator .controllerVersion
- integer required
.status .revision
Revision of the status Use unix nano
- string required
.status .status
INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run “make” to regenerate code after modifying this file Status indicates the overall status of the Harbor cluster Status can be “unknown”, “creating”, “healthy” and “unhealthy”