serving.knative.dev / v1 / Service

• string

  .apiVersion

  APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

• string

  .kind

  Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

• object

  .metadata

• object

  .spec

  ServiceSpec represents the configuration for the Service object. A Service’s specification is the union of the specifications for a Route and Configuration. The Service restricts what can be expressed in these fields, e.g. the Route must reference the provided Configuration; however, these limitations also enable friendlier defaulting, e.g. Route never needs a Configuration name, and may be defaulted to the appropriate “run latest” spec.

• object

  .spec .template

  Template holds the latest specification for the Revision to be stamped out.

• object

  .spec .template .metadata

• object

  .spec .template .metadata .annotations

• array

  .spec .template .metadata .finalizers

• object

  .spec .template .metadata .labels

• string

  .spec .template .metadata .name

• string

  .spec .template .metadata .namespace

• object

  .spec .template .spec

  RevisionSpec holds the desired state of the Revision (from the client).

• object

  .spec .template .spec .affinity

  This is accessible behind a feature flag - kubernetes.podspec-affinity

• boolean

  .spec .template .spec .automountServiceAccountToken

  AutomountServiceAccountToken indicates whether a service account token should be automatically mounted.

• integer

  .spec .template .spec .containerConcurrency

  ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container of the Revision. Defaults to 0 which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler.

• array required

  .spec .template .spec .containers

  List of containers belonging to the pod. Containers cannot currently be added or removed. There must be at least one container in a Pod. Cannot be updated.

• array

  .spec .template .spec .containers[] .args

  Arguments to the entrypoint. The container image’s CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. “$$(VAR_NAME)” will produce the string literal “$(VAR_NAME)”. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

• array

  .spec .template .spec .containers[] .command

  Entrypoint array. Not executed within a shell. The container image’s ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container’s environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. “$$(VAR_NAME)” will produce the string literal “$(VAR_NAME)”. Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell

• array

  .spec .template .spec .containers[] .env

  List of environment variables to set in the container. Cannot be updated.

• string required

  .spec .template .spec .containers[] .env[] .name

  Name of the environment variable. Must be a C_IDENTIFIER.

• string

  .spec .template .spec .containers[] .env[] .value

  Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. “$$(VAR_NAME)” will produce the string literal “$(VAR_NAME)”. Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to “”.

• object

  .spec .template .spec .containers[] .env[] .valueFrom

  Source for the environment variable’s value. Cannot be used if value is not empty.

• object

  .spec .template .spec .containers[] .env[] .valueFrom .configMapKeyRef

  Selects a key of a ConfigMap.

• string required

  .spec .template .spec .containers[] .env[] .valueFrom .configMapKeyRef .key

  The key to select.

• string

  .spec .template .spec .containers[] .env[] .valueFrom .configMapKeyRef .name

  Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

• boolean

  .spec .template .spec .containers[] .env[] .valueFrom .configMapKeyRef .optional

  Specify whether the ConfigMap or its key must be defined

• object

  .spec .template .spec .containers[] .env[] .valueFrom .fieldRef

  This is accessible behind a feature flag - kubernetes.podspec-fieldref

• object

  .spec .template .spec .containers[] .env[] .valueFrom .resourceFieldRef

  This is accessible behind a feature flag - kubernetes.podspec-fieldref

• object

  .spec .template .spec .containers[] .env[] .valueFrom .secretKeyRef

  Selects a key of a secret in the pod’s namespace

• string required

  .spec .template .spec .containers[] .env[] .valueFrom .secretKeyRef .key

  The key of the secret to select from. Must be a valid secret key.

• string

  .spec .template .spec .containers[] .env[] .valueFrom .secretKeyRef .name

  Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

• boolean

  .spec .template .spec .containers[] .env[] .valueFrom .secretKeyRef .optional

  Specify whether the Secret or its key must be defined

• array

  .spec .template .spec .containers[] .envFrom

  List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated.

• object

  .spec .template .spec .containers[] .envFrom[] .configMapRef

  The ConfigMap to select from

• string

  .spec .template .spec .containers[] .envFrom[] .configMapRef .name

  Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

• boolean

  .spec .template .spec .containers[] .envFrom[] .configMapRef .optional

  Specify whether the ConfigMap must be defined

• string

  .spec .template .spec .containers[] .envFrom[] .prefix

  An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER.

• object

  .spec .template .spec .containers[] .envFrom[] .secretRef

  The Secret to select from

• string

  .spec .template .spec .containers[] .envFrom[] .secretRef .name

  Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

• boolean

  .spec .template .spec .containers[] .envFrom[] .secretRef .optional

  Specify whether the Secret must be defined

• string

  .spec .template .spec .containers[] .image

  Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.

• string

  .spec .template .spec .containers[] .imagePullPolicy

  Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images

• object

  .spec .template .spec .containers[] .livenessProbe

  Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

• object

  .spec .template .spec .containers[] .livenessProbe .exec

  Exec specifies the action to take.

• array

  .spec .template .spec .containers[] .livenessProbe .exec .command

  Command is the command line to execute inside the container, the working directory for the command is root (‘/’) in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions (‘|’, etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

• integer

  .spec .template .spec .containers[] .livenessProbe .failureThreshold

  Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

• object

  .spec .template .spec .containers[] .livenessProbe .grpc

  GRPC specifies an action involving a GRPC port.

• integer required

  .spec .template .spec .containers[] .livenessProbe .grpc .port

  Port number of the gRPC service. Number must be in the range 1 to 65535.

• string

  .spec .template .spec .containers[] .livenessProbe .grpc .service

  Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

  If this is not specified, the default behavior is defined by gRPC.

• object

  .spec .template .spec .containers[] .livenessProbe .httpGet

  HTTPGet specifies the http request to perform.

• string

  .spec .template .spec .containers[] .livenessProbe .httpGet .host

  Host name to connect to, defaults to the pod IP. You probably want to set “Host” in httpHeaders instead.

• array

  .spec .template .spec .containers[] .livenessProbe .httpGet .httpHeaders

  Custom headers to set in the request. HTTP allows repeated headers.

• string required

  .spec .template .spec .containers[] .livenessProbe .httpGet .httpHeaders[] .name

  The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

• string required

  .spec .template .spec .containers[] .livenessProbe .httpGet .httpHeaders[] .value

  The header field value

• string

  .spec .template .spec .containers[] .livenessProbe .httpGet .path

  Path to access on the HTTP server.

• integer | string

  .spec .template .spec .containers[] .livenessProbe .httpGet .port

  Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

• string

  .spec .template .spec .containers[] .livenessProbe .httpGet .scheme

  Scheme to use for connecting to the host. Defaults to HTTP.

• integer

  .spec .template .spec .containers[] .livenessProbe .initialDelaySeconds

  Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

• integer

  .spec .template .spec .containers[] .livenessProbe .periodSeconds

  How often (in seconds) to perform the probe.

• integer

  .spec .template .spec .containers[] .livenessProbe .successThreshold

  Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

• object

  .spec .template .spec .containers[] .livenessProbe .tcpSocket

  TCPSocket specifies an action involving a TCP port.

• string

  .spec .template .spec .containers[] .livenessProbe .tcpSocket .host

  Optional: Host name to connect to, defaults to the pod IP.

• integer | string

  .spec .template .spec .containers[] .livenessProbe .tcpSocket .port

  Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

• integer

  .spec .template .spec .containers[] .livenessProbe .timeoutSeconds

  Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

• string

  .spec .template .spec .containers[] .name

  Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.

• array

  .spec .template .spec .containers[] .ports

  List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default “0.0.0.0” address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated.

• integer required

  .spec .template .spec .containers[] .ports[] .containerPort

  Number of port to expose on the pod’s IP address. This must be a valid port number, 0 < x < 65536.

• string

  .spec .template .spec .containers[] .ports[] .name

  If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services.

• string

  .spec .template .spec .containers[] .ports[] .protocol

  Protocol for port. Must be UDP, TCP, or SCTP. Defaults to “TCP”.

• object

  .spec .template .spec .containers[] .readinessProbe

  Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

• object

  .spec .template .spec .containers[] .readinessProbe .exec

  Exec specifies the action to take.

• array

  .spec .template .spec .containers[] .readinessProbe .exec .command

  Command is the command line to execute inside the container, the working directory for the command is root (‘/’) in the container’s filesystem. The command is simply exec’d, it is not run inside a shell, so traditional shell instructions (‘|’, etc) won’t work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.

• integer

  .spec .template .spec .containers[] .readinessProbe .failureThreshold

  Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.

• object

  .spec .template .spec .containers[] .readinessProbe .grpc

  GRPC specifies an action involving a GRPC port.

• integer required

  .spec .template .spec .containers[] .readinessProbe .grpc .port

  Port number of the gRPC service. Number must be in the range 1 to 65535.

• string

  .spec .template .spec .containers[] .readinessProbe .grpc .service

  Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).

  If this is not specified, the default behavior is defined by gRPC.

• object

  .spec .template .spec .containers[] .readinessProbe .httpGet

  HTTPGet specifies the http request to perform.

• string

  .spec .template .spec .containers[] .readinessProbe .httpGet .host

  Host name to connect to, defaults to the pod IP. You probably want to set “Host” in httpHeaders instead.

• array

  .spec .template .spec .containers[] .readinessProbe .httpGet .httpHeaders

  Custom headers to set in the request. HTTP allows repeated headers.

• string required

  .spec .template .spec .containers[] .readinessProbe .httpGet .httpHeaders[] .name

  The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header.

• string required

  .spec .template .spec .containers[] .readinessProbe .httpGet .httpHeaders[] .value

  The header field value

• string

  .spec .template .spec .containers[] .readinessProbe .httpGet .path

  Path to access on the HTTP server.

• integer | string

  .spec .template .spec .containers[] .readinessProbe .httpGet .port

  Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

• string

  .spec .template .spec .containers[] .readinessProbe .httpGet .scheme

  Scheme to use for connecting to the host. Defaults to HTTP.

• integer

  .spec .template .spec .containers[] .readinessProbe .initialDelaySeconds

  Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

• integer

  .spec .template .spec .containers[] .readinessProbe .periodSeconds

  How often (in seconds) to perform the probe.

• integer

  .spec .template .spec .containers[] .readinessProbe .successThreshold

  Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.

• object

  .spec .template .spec .containers[] .readinessProbe .tcpSocket

  TCPSocket specifies an action involving a TCP port.

• string

  .spec .template .spec .containers[] .readinessProbe .tcpSocket .host

  Optional: Host name to connect to, defaults to the pod IP.

• integer | string

  .spec .template .spec .containers[] .readinessProbe .tcpSocket .port

  Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.

• integer

  .spec .template .spec .containers[] .readinessProbe .timeoutSeconds

  Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

• object

  .spec .template .spec .containers[] .resources

  Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

• array

  .spec .template .spec .containers[] .resources .claims

  Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container.

  This is an alpha field and requires enabling the DynamicResourceAllocation feature gate.

  This field is immutable. It can only be set for containers.

• string required

  .spec .template .spec .containers[] .resources .claims[] .name

  Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.

• object

  .spec .template .spec .containers[] .resources .limits

  Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

• object

  .spec .template .spec .containers[] .resources .requests

  Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

• object

  .spec .template .spec .containers[] .securityContext

  SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/

• boolean

  .spec .template .spec .containers[] .securityContext .allowPrivilegeEscalation

  AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is:

  1. run as Privileged
  2. has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
• object

  .spec .template .spec .containers[] .securityContext .capabilities

  The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

• array

  .spec .template .spec .containers[] .securityContext .capabilities .add

  This is accessible behind a feature flag - kubernetes.containerspec-addcapabilities

• array

  .spec .template .spec .containers[] .securityContext .capabilities .drop

  Removed capabilities

• boolean

  .spec .template .spec .containers[] .securityContext .readOnlyRootFilesystem

  Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.

• integer

  .spec .template .spec .containers[] .securityContext .runAsGroup

  The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

• boolean

  .spec .template .spec .containers[] .securityContext .runAsNonRoot

  Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.

• integer

  .spec .template .spec .containers[] .securityContext .runAsUser

  The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

• object

  .spec .template .spec .containers[] .securityContext .seccompProfile

  The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

• string

  .spec .template .spec .containers[] .securityContext .seccompProfile .localhostProfile

  localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet’s configured seccomp profile location. Must be set if type is “Localhost”. Must NOT be set for any other type.

• string required

  .spec .template .spec .containers[] .securityContext .seccompProfile .type

  type indicates which kind of seccomp profile will be applied. Valid options are:

  Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.

• string

  .spec .template .spec .containers[] .terminationMessagePath

  Optional: Path at which the file to which the container’s termination message will be written is mounted into the container’s filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated.

• string

  .spec .template .spec .containers[] .terminationMessagePolicy

  Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated.

• array

  .spec .template .spec .containers[] .volumeMounts

  Pod volumes to mount into the container’s filesystem. Cannot be updated.

• string required

  .spec .template .spec .containers[] .volumeMounts[] .mountPath

  Path within the container at which the volume should be mounted. Must not contain ‘:’.

• string required

  .spec .template .spec .containers[] .volumeMounts[] .name

  This must match the Name of a Volume.

• boolean

  .spec .template .spec .containers[] .volumeMounts[] .readOnly

  Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.

• string

  .spec .template .spec .containers[] .volumeMounts[] .subPath

  Path within the volume from which the container’s volume should be mounted. Defaults to “” (volume’s root).

• string

  .spec .template .spec .containers[] .workingDir

  Container’s working directory. If not specified, the container runtime’s default will be used, which might be configured in the container image. Cannot be updated.

• object

  .spec .template .spec .dnsConfig

  This is accessible behind a feature flag - kubernetes.podspec-dnsconfig

• string

  .spec .template .spec .dnsPolicy

  This is accessible behind a feature flag - kubernetes.podspec-dnspolicy

• boolean

  .spec .template .spec .enableServiceLinks

  EnableServiceLinks indicates whether information about services should be injected into pod’s environment variables, matching the syntax of Docker links. Optional: Knative defaults this to false.

• array

  .spec .template .spec .hostAliases

  This is accessible behind a feature flag - kubernetes.podspec-hostaliases

• integer

  .spec .template .spec .idleTimeoutSeconds

  IdleTimeoutSeconds is the maximum duration in seconds a request will be allowed to stay open while not receiving any bytes from the user’s application. If unspecified, a system default will be provided.

• array

  .spec .template .spec .imagePullSecrets

  ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod

• string

  .spec .template .spec .imagePullSecrets[] .name

  Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

• array

  .spec .template .spec .initContainers

  List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/

• object

  .spec .template .spec .nodeSelector

  This is accessible behind a feature flag - kubernetes.podspec-nodeselector

• string

  .spec .template .spec .priorityClassName

  This is accessible behind a feature flag - kubernetes.podspec-priorityclassname

• integer

  .spec .template .spec .responseStartTimeoutSeconds

  ResponseStartTimeoutSeconds is the maximum duration in seconds that the request routing layer will wait for a request delivered to a container to begin sending any network traffic.

• string

  .spec .template .spec .runtimeClassName

  This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname

• string

  .spec .template .spec .schedulerName

  This is accessible behind a feature flag - kubernetes.podspec-schedulername

• object

  .spec .template .spec .securityContext

  This is accessible behind a feature flag - kubernetes.podspec-securitycontext

• string

  .spec .template .spec .serviceAccountName

  ServiceAccountName is the name of the ServiceAccount to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

• boolean

  .spec .template .spec .shareProcessNamespace

  This is accessible behind a feature flag - kubernetes.podspec-shareproccessnamespace

• integer

  .spec .template .spec .timeoutSeconds

  TimeoutSeconds is the maximum duration in seconds that the request instance is allowed to respond to a request. If unspecified, a system default will be provided.

• array

  .spec .template .spec .tolerations

  This is accessible behind a feature flag - kubernetes.podspec-tolerations

• array

  .spec .template .spec .topologySpreadConstraints

  This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints

• array

  .spec .template .spec .volumes

  List of volumes that can be mounted by containers belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes

• object

  .spec .template .spec .volumes[] .configMap

  configMap represents a configMap that should populate this volume

• integer

  .spec .template .spec .volumes[] .configMap .defaultMode

  defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

• array

  .spec .template .spec .volumes[] .configMap .items

  items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the ‘..’ path or start with ‘..’.

• string required

  .spec .template .spec .volumes[] .configMap .items[] .key

  key is the key to project.

• integer

  .spec .template .spec .volumes[] .configMap .items[] .mode

  mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

• string required

  .spec .template .spec .volumes[] .configMap .items[] .path

  path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element ‘..’. May not start with the string ‘..’.

• string

  .spec .template .spec .volumes[] .configMap .name

  Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

• boolean

  .spec .template .spec .volumes[] .configMap .optional

  optional specify whether the ConfigMap or its keys must be defined

• object

  .spec .template .spec .volumes[] .emptyDir

  This is accessible behind a feature flag - kubernetes.podspec-emptydir

• string required

  .spec .template .spec .volumes[] .name

  name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

• object

  .spec .template .spec .volumes[] .persistentVolumeClaim

  This is accessible behind a feature flag - kubernetes.podspec-persistent-volume-claim

• object

  .spec .template .spec .volumes[] .projected

  projected items for all in one resources secrets, configmaps, and downward API

• integer

  .spec .template .spec .volumes[] .projected .defaultMode

  defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

• array

  .spec .template .spec .volumes[] .projected .sources

  sources is the list of volume projections

• object

  .spec .template .spec .volumes[] .projected .sources[] .configMap

  configMap information about the configMap data to project

• array

  .spec .template .spec .volumes[] .projected .sources[] .configMap .items

  items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the ‘..’ path or start with ‘..’.

• string required

  .spec .template .spec .volumes[] .projected .sources[] .configMap .items[] .key

  key is the key to project.

• integer

  .spec .template .spec .volumes[] .projected .sources[] .configMap .items[] .mode

  mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

• string required

  .spec .template .spec .volumes[] .projected .sources[] .configMap .items[] .path

  path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element ‘..’. May not start with the string ‘..’.

• string

  .spec .template .spec .volumes[] .projected .sources[] .configMap .name

  Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

• boolean

  .spec .template .spec .volumes[] .projected .sources[] .configMap .optional

  optional specify whether the ConfigMap or its keys must be defined

• object

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI

  downwardAPI information about the downwardAPI data to project

• array

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI .items

  Items is a list of DownwardAPIVolume file

• object

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI .items[] .fieldRef

  Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.

• string

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI .items[] .fieldRef .apiVersion

  Version of the schema the FieldPath is written in terms of, defaults to “v1”.

• string required

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI .items[] .fieldRef .fieldPath

  Path of the field to select in the specified API version.

• integer

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI .items[] .mode

  Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

• string required

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI .items[] .path

  Required: Path is the relative path name of the file to be created. Must not be absolute or contain the ‘..’ path. Must be utf-8 encoded. The first item of the relative path must not start with ‘..’

• object

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI .items[] .resourceFieldRef

  Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported.

• string

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI .items[] .resourceFieldRef .containerName

  Container name: required for volumes, optional for env vars

• integer | string

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI .items[] .resourceFieldRef .divisor

  Specifies the output format of the exposed resources, defaults to “1”

• string required

  .spec .template .spec .volumes[] .projected .sources[] .downwardAPI .items[] .resourceFieldRef .resource

  Required: resource to select

• object

  .spec .template .spec .volumes[] .projected .sources[] .secret

  secret information about the secret data to project

• array

  .spec .template .spec .volumes[] .projected .sources[] .secret .items

  items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the ‘..’ path or start with ‘..’.

• string required

  .spec .template .spec .volumes[] .projected .sources[] .secret .items[] .key

  key is the key to project.

• integer

  .spec .template .spec .volumes[] .projected .sources[] .secret .items[] .mode

  mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

• string required

  .spec .template .spec .volumes[] .projected .sources[] .secret .items[] .path

  path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element ‘..’. May not start with the string ‘..’.

• string

  .spec .template .spec .volumes[] .projected .sources[] .secret .name

  Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?

• boolean

  .spec .template .spec .volumes[] .projected .sources[] .secret .optional

  optional field specify whether the Secret or its key must be defined

• object

  .spec .template .spec .volumes[] .projected .sources[] .serviceAccountToken

  serviceAccountToken is information about the serviceAccountToken data to project

• string

  .spec .template .spec .volumes[] .projected .sources[] .serviceAccountToken .audience

  audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver.

• integer

  .spec .template .spec .volumes[] .projected .sources[] .serviceAccountToken .expirationSeconds

  expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes.

• string required

  .spec .template .spec .volumes[] .projected .sources[] .serviceAccountToken .path

  path is the path relative to the mount point of the file to project the token into.

• object

  .spec .template .spec .volumes[] .secret

  secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

• integer

  .spec .template .spec .volumes[] .secret .defaultMode

  defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

• array

  .spec .template .spec .volumes[] .secret .items

  items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the ‘..’ path or start with ‘..’.

• string required

  .spec .template .spec .volumes[] .secret .items[] .key

  key is the key to project.

• integer

  .spec .template .spec .volumes[] .secret .items[] .mode

  mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.

• string required

  .spec .template .spec .volumes[] .secret .items[] .path

  path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element ‘..’. May not start with the string ‘..’.

• boolean

  .spec .template .spec .volumes[] .secret .optional

  optional field specify whether the Secret or its keys must be defined

• string

  .spec .template .spec .volumes[] .secret .secretName

  secretName is the name of the secret in the pod’s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret

• array

  .spec .traffic

  Traffic specifies how to distribute traffic over a collection of revisions and configurations.

• string

  .spec .traffic[] .configurationName

  ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the “status.latestReadyRevisionName” of the referenced configuration changes, we will automatically migrate traffic from the prior “latest ready” revision to the new one. This field is never set in Route’s status, only its spec. This is mutually exclusive with RevisionName.

• boolean

  .spec .traffic[] .latestRevision

  LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.

• integer

  .spec .traffic[] .percent

  Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. 0 (zero) mean no traffic, 100 means all traffic. When percentage based routing is being used the follow rules apply:

  • the sum of all percent values must equal 100
  • when not specified, the implied value for percent is zero for that particular Revision or Configuration
• string

  .spec .traffic[] .revisionName

  RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.

• string

  .spec .traffic[] .tag

  Tag is optionally used to expose a dedicated url for referencing this target exclusively.

• string

  .spec .traffic[] .url

  URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)

• object

  .status

  ServiceStatus represents the Status stanza of the Service resource.

• object

  .status .address

  Address holds the information needed for a Route to be the target of an event.

• string

  .status .address .CACerts

  CACerts is the Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468.

• string

  .status .address .audience

  Audience is the OIDC audience for this address.

• string

  .status .address .name

  Name is the name of the address.

• string

  .status .address .url

• object

  .status .annotations

  Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards.

• array

  .status .conditions

  Conditions the latest available observations of a resource’s current state.

• string

  .status .conditions[] .lastTransitionTime

  LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant).

• string

  .status .conditions[] .message

  A human readable message indicating details about the transition.

• string

  .status .conditions[] .reason

  The reason for the condition’s last transition.

• string

  .status .conditions[] .severity

  Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error.

• string required

  .status .conditions[] .status

  Status of the condition, one of True, False, Unknown.

• string required

  .status .conditions[] .type

  Type of condition.

• string

  .status .latestCreatedRevisionName

  LatestCreatedRevisionName is the last revision that was created from this Configuration. It might not be ready yet, for that use LatestReadyRevisionName.

• string

  .status .latestReadyRevisionName

  LatestReadyRevisionName holds the name of the latest Revision stamped out from this Configuration that has had its “Ready” condition become “True”.

• integer

  .status .observedGeneration

  ObservedGeneration is the ‘Generation’ of the Service that was last processed by the controller.

• array

  .status .traffic

  Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed.

• string

  .status .traffic[] .configurationName

  ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the “status.latestReadyRevisionName” of the referenced configuration changes, we will automatically migrate traffic from the prior “latest ready” revision to the new one. This field is never set in Route’s status, only its spec. This is mutually exclusive with RevisionName.

• boolean

  .status .traffic[] .latestRevision

  LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty.

• integer

  .status .traffic[] .percent

  Percent indicates that percentage based routing should be used and the value indicates the percent of traffic that is be routed to this Revision or Configuration. 0 (zero) mean no traffic, 100 means all traffic. When percentage based routing is being used the follow rules apply:

  • the sum of all percent values must equal 100
  • when not specified, the implied value for percent is zero for that particular Revision or Configuration
• string

  .status .traffic[] .revisionName

  RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName.

• string

  .status .traffic[] .tag

  Tag is optionally used to expose a dedicated url for referencing this target exclusively.

• string

  .status .traffic[] .url

  URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc.)

• string

  .status .url

  URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form http[s]://{route-name}.{route-namespace}.{cluster-level-suffix}