diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
new file mode 100644
index 000000000000..391283c46aee
--- /dev/null
+++ b/.devcontainer/devcontainer.json
@@ -0,0 +1,23 @@
+{
+ "name": "Kubernetes - Minikube-in-Docker",
+ "image": "mcr.microsoft.com/devcontainers/base:bullseye",
+ "runArgs": [
+ "--privileged",
+ "--device",
+ "/dev/kvm"
+ ],
+ "features": {
+ "ghcr.io/devcontainers/features/docker-in-docker:2": {
+ "enableNonRootDocker": "true",
+ "moby": "true"
+ },
+ "ghcr.io/devcontainers/features/kubectl-helm-minikube:1": {
+ "version": "latest",
+ "helm": "latest",
+ "minikube": "latest"
+ },
+ "ghcr.io/devcontainers/features/go:1": {
+ "version": "latest"
+ }
+ }
+}
\ No newline at end of file
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 000000000000..641c1ef6561d
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,4 @@
+# Prevent Git from altering line endings for test fixtures; enforce LF for YAML/JSON under any testdata directory.
+**/testdata/**/*.yaml text eol=lf
+**/testdata/**/*.yml text eol=lf
+**/testdata/**/*.json text eol=lf
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/__en-US.md b/.github/ISSUE_TEMPLATE/__en-US.md
deleted file mode 100644
index c930965aa515..000000000000
--- a/.github/ISSUE_TEMPLATE/__en-US.md
+++ /dev/null
@@ -1,23 +0,0 @@
----
-name: English
-about: Report an issue
----
-
-**Steps to reproduce the issue:**
-
-1.
-2.
-3.
-
-**Full output of `minikube logs` command:**
-
-
-
-
-
-
-**Full output of failed command:**
-
-
-
-
diff --git a/.github/ISSUE_TEMPLATE/__en-US.yaml b/.github/ISSUE_TEMPLATE/__en-US.yaml
new file mode 100644
index 000000000000..491b66599d31
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/__en-US.yaml
@@ -0,0 +1,56 @@
+name: English
+description: Report an issue
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: What Happened?
+ description: |
+ Tip: Add the "--alsologtostderr" flag to the command-line for more logs
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: Attach the log file
+ description: |
+ Tip: Run `minikube logs --file=log.txt` then drag & drop `log.txt` file to the browser.
+ **WARNING:** If you're using the HyperKit driver, please look through your logs and remove any environment variables that may contain sensitive information (ex. access tokens or secrets).
+ All environment variables will be stripped as of minikube `1.26.0` but any prior versions will have to be removed manually.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: Operating System
+ description: What is your OS?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: Driver
+ description: What driver do you use?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/ar.md b/.github/ISSUE_TEMPLATE/ar.md
deleted file mode 100644
index eddc8cf42992..000000000000
--- a/.github/ISSUE_TEMPLATE/ar.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-name: عربى
-about: بلغ عن خطأ
-labels: l/ar
----
-
-
-**الأوامر المطلوبة لإعادة إظهار المشكلة**:
-
-**النتيجة الكاملة للأمر الذي تعذّر تنفيذه**:
-
-
-
-
-**نتيجة الأمر `minikube logs`**:
-
-
-
-
-**إصدار نظام التشغيل المُستخدَم**:
diff --git a/.github/ISSUE_TEMPLATE/ar.yaml b/.github/ISSUE_TEMPLATE/ar.yaml
new file mode 100644
index 000000000000..3b8839749cb1
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/ar.yaml
@@ -0,0 +1,56 @@
+name: العربية
+description: الإبلاغ عن مشكلة
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: ماذا حدث؟
+ description: |
+ نصيحة: أضف العلم "--alsologtostderr" إلى سطر الأوامر للحصول على مزيد من السجلات
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: أرفق ملف السجلات
+ description: |
+ نصيحة: شغّل الأمر `minikube logs --file=log.txt` ثم قم بسحب وإفلات ملف `log.txt` في المتصفح.
+ **تحذير:** إذا كنت تستخدم برنامج التشغيل HyperKit، يُرجى مراجعة السجلات وإزالة أي متغيرات بيئية قد تحتوي على معلومات حساسة (مثل رموز الوصول أو الأسرار).
+ تتم إزالة جميع المتغيرات البيئية تلقائيًا بدءًا من الإصدار `1.26.0` من minikube، ولكن في الإصدارات السابقة يجب إزالتها يدويًا.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: نظام التشغيل
+ description: ما هو نظام التشغيل لديك؟
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: برنامج التشغيل
+ description: ما هو برنامج التشغيل الذي تستخدمه؟
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/bg.yaml b/.github/ISSUE_TEMPLATE/bg.yaml
new file mode 100644
index 000000000000..07c6b0d38e92
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bg.yaml
@@ -0,0 +1,56 @@
+name: Български
+description: Докладвай проблем
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: Какво се случи?
+ description: |
+ Съвет: Добавете флага "--alsologtostderr" към командния ред за повече логове.
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: Прикачи лог файл
+ description: |
+ Съвет: Стартирайте `minikube logs --file=log.txt`, след това плъзнете и пуснете файла `log.txt` в браузъра.
+ **ВНИМАНИЕ:** Ако използвате драйвера HyperKit, проверете логовете си и премахнете всички променливи на средата, които могат да съдържат чувствителна информация (например токени за достъп или тайни).
+ Всички променливи на средата ще бъдат премахнати автоматично от версия `1.26.0` на minikube, но при по-ранни версии трябва да бъдат премахнати ръчно.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: Операционна система
+ description: Каква е вашата ОС?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: Driver
+ description: Кой драйвър използвате?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 000000000000..a49eab2f6b99
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1 @@
+blank_issues_enabled: true
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/de.yaml b/.github/ISSUE_TEMPLATE/de.yaml
new file mode 100644
index 000000000000..3ab65e59d78b
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/de.yaml
@@ -0,0 +1,56 @@
+name: Deutsch
+description: Problem melden
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: Was ist passiert?
+ description: |
+ Tipp: Fügen Sie das Flag "--alsologtostderr" zur Befehlszeile hinzu, um weitere Logs zu erhalten.
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: Log-Datei anhängen
+ description: |
+ Tipp: Führen Sie `minikube logs --file=log.txt` aus und ziehen Sie dann die Datei `log.txt` in den Browser.
+ **WARNUNG:** Wenn Sie den HyperKit-Treiber verwenden, überprüfen Sie bitte Ihre Logs und entfernen Sie alle Umgebungsvariablen, die sensible Informationen enthalten könnten (z. B. Zugriffstoken oder Secrets).
+ Ab Minikube-Version `1.26.0` werden alle Umgebungsvariablen automatisch entfernt, bei früheren Versionen müssen diese manuell gelöscht werden.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: Betriebssystem
+ description: Welches Betriebssystem verwenden Sie?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: Treiber
+ description: Welchen Treiber verwenden Sie?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/es.md b/.github/ISSUE_TEMPLATE/es.md
deleted file mode 100644
index 9492378578ea..000000000000
--- a/.github/ISSUE_TEMPLATE/es.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-name: Español
-about: Reportar un problema
-labels: l/es
----
-
-
-**Los comandos necesarios para reproducir la incidencia**:
-
-**El resultado completo del comando que ha fallado**:
-
-
-
-
-
-**El resultado del comando `minikube logs`**:
-
-
-
-
-
-**La versión del sistema operativo que utilizaste**:
diff --git a/.github/ISSUE_TEMPLATE/es.yaml b/.github/ISSUE_TEMPLATE/es.yaml
new file mode 100644
index 000000000000..8a759ffbf950
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/es.yaml
@@ -0,0 +1,56 @@
+name: Español
+description: Reportar un problema
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: ¿Qué ocurrió?
+ description: |
+ Consejo: añade el indicador "--alsologtostderr" en la línea de comandos para obtener más registros.
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: Adjunta el archivo de registro
+ description: |
+ Consejo: ejecuta `minikube logs --file=log.txt` y luego arrastra y suelta el archivo `log.txt` en el navegador.
+ **ADVERTENCIA:** Si estás usando el controlador HyperKit, revisa tus registros y elimina cualquier variable de entorno que pueda contener información sensible (por ejemplo, tokens de acceso o secretos).
+ Todas las variables de entorno se eliminarán automáticamente a partir de la versión `1.26.0` de minikube, pero en versiones anteriores deberán eliminarse manualmente.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: Sistema operativo
+ description: ¿Cuál es tu sistema operativo?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: Controlador
+ description: ¿Qué controlador utilizas?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/fa.md b/.github/ISSUE_TEMPLATE/fa.md
deleted file mode 100644
index 973186dce223..000000000000
--- a/.github/ISSUE_TEMPLATE/fa.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-name: فارسی
-about: مشكلی را گرزارش كن
-labels: l/fa
----
-
-
-**کامندی که مشکل را به وجود می آورد**:
-
-**خروجی کامل کامند مورد مشکل:**:
-
-
-
-
-
-**`minikube logs` خروجی کامل دسستور**:
-
-
-
-
-
-**سیستم عامل مورد استفاده با ذکر ورژن**:
diff --git a/.github/ISSUE_TEMPLATE/fa.yaml b/.github/ISSUE_TEMPLATE/fa.yaml
new file mode 100644
index 000000000000..e60a88e30ed5
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/fa.yaml
@@ -0,0 +1,56 @@
+name: فارسی
+description: گزارش یک مشکل
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: چه اتفاقی افتاد؟
+ description: |
+ نکته: برای دریافت گزارشهای بیشتر، پرچم "--alsologtostderr" را به خط فرمان اضافه کنید.
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: فایل گزارش را پیوست کنید
+ description: |
+ نکته: دستور `minikube logs --file=log.txt` را اجرا کرده و سپس فایل `log.txt` را در مرورگر بکشید و رها کنید.
+ **هشدار:** اگر از درایور HyperKit استفاده میکنید، لطفاً گزارشهای خود را بررسی کرده و هر متغیر محیطی که ممکن است شامل اطلاعات حساس (مانند توکنهای دسترسی یا اسرار) باشد را حذف کنید.
+ از نسخه `1.26.0` به بعد در minikube، تمام متغیرهای محیطی بهطور خودکار حذف میشوند، اما در نسخههای قبلی باید به صورت دستی حذف شوند.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: سیستمعامل
+ description: سیستمعامل شما چیست؟
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: درایور
+ description: از کدام درایور استفاده میکنید؟
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/fr.md b/.github/ISSUE_TEMPLATE/fr.md
deleted file mode 100644
index 8ef71cf5d071..000000000000
--- a/.github/ISSUE_TEMPLATE/fr.md
+++ /dev/null
@@ -1,24 +0,0 @@
----
-name: Français
-about: Signaler un problème
-labels: l/fr
----
-
-**Étapes pour reproduire le problème:**
-
-1.
-2.
-3.
-
-**Sortie complète de la commande `minikube logs`:**
-
-
-
-
-
-
-**Sortie complète de la commande échouée:**
-
-
-
-
diff --git a/.github/ISSUE_TEMPLATE/fr.yaml b/.github/ISSUE_TEMPLATE/fr.yaml
new file mode 100644
index 000000000000..c514b3178b12
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/fr.yaml
@@ -0,0 +1,56 @@
+name: Français
+description: Signaler un problème
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: Que s’est-il passé ?
+ description: |
+ Astuce : ajoutez le paramètre "--alsologtostderr" à la ligne de commande pour obtenir davantage de journaux.
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: Joindre le fichier de journal
+ description: |
+ Astuce : exécutez `minikube logs --file=log.txt`, puis faites glisser et déposez le fichier `log.txt` dans le navigateur.
+ **AVERTISSEMENT :** Si vous utilisez le pilote HyperKit, veuillez vérifier vos journaux et supprimer toute variable d’environnement susceptible de contenir des informations sensibles (par ex. jetons d’accès ou secrets).
+ Toutes les variables d’environnement seront automatiquement supprimées à partir de la version `1.26.0` de minikube, mais pour les versions antérieures, elles doivent être supprimées manuellement.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: Système d’exploitation
+ description: Quel est votre système d’exploitation ?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: Pilote
+ description: Quel pilote utilisez-vous ?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/id.md b/.github/ISSUE_TEMPLATE/id.md
deleted file mode 100644
index f7692ee87431..000000000000
--- a/.github/ISSUE_TEMPLATE/id.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-name: Bahasa Indonesia
-about: Laporkan masalah
-labels: l/id
----
-
-
-**Perintah yang diperlukan untuk merekonstruksi masalah**:
-
-**Output penuh dari perintah yang gagal**:
-
-
-
-
-**Output dari perintah `minikube logs`**:
-
-
-
-
-**Versi sistem operasi yang digunakan**:
diff --git a/.github/ISSUE_TEMPLATE/id.yaml b/.github/ISSUE_TEMPLATE/id.yaml
new file mode 100644
index 000000000000..2b318f5ef124
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/id.yaml
@@ -0,0 +1,56 @@
+name: Bahasa Indonesia
+description: Laporkan masalah
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: Apa yang terjadi?
+ description: |
+ Tips: Tambahkan flag "--alsologtostderr" pada baris perintah untuk mendapatkan lebih banyak log.
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: Lampirkan file log
+ description: |
+ Tips: Jalankan `minikube logs --file=log.txt` lalu seret dan jatuhkan file `log.txt` ke peramban.
+ **PERINGATAN:** Jika Anda menggunakan driver HyperKit, harap periksa log Anda dan hapus variabel lingkungan apa pun yang mungkin berisi informasi sensitif (misalnya token akses atau rahasia).
+ Semua variabel lingkungan akan dihapus secara otomatis mulai dari versi `1.26.0` minikube, tetapi pada versi sebelumnya harus dihapus secara manual.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: Sistem Operasi
+ description: Apa sistem operasi Anda?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: Driver
+ description: Driver apa yang Anda gunakan?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/it.yaml b/.github/ISSUE_TEMPLATE/it.yaml
new file mode 100644
index 000000000000..fe9e2ec98227
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/it.yaml
@@ -0,0 +1,56 @@
+name: Italiano
+description: Segnala un problema
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: Cosa è successo?
+ description: |
+ Suggerimento: Aggiungi il flag "--alsologtostderr" al comando per ottenere più log.
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: Allegare il file di log
+ description: |
+ Suggerimento: Esegui `minikube logs --file=log.txt` e poi trascina il file `log.txt` nel browser.
+ **ATTENZIONE:** Se stai usando il driver HyperKit, controlla i tuoi log e rimuovi eventuali variabili d'ambiente che potrebbero contenere informazioni sensibili (ad es. token di accesso o segreti).
+ Tutte le variabili d'ambiente saranno rimosse automaticamente a partire da minikube `1.26.0`, ma nelle versioni precedenti devono essere rimosse manualmente.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: Sistema operativo
+ description: Qual è il tuo sistema operativo?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: Driver
+ description: Quale driver stai usando?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
\ No newline at end of file
diff --git a/.github/ISSUE_TEMPLATE/ja.yaml b/.github/ISSUE_TEMPLATE/ja.yaml
new file mode 100644
index 000000000000..328c1396a01a
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/ja.yaml
@@ -0,0 +1,56 @@
+name: 日本語
+description: 問題を報告する
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: 何が起こりましたか?
+ description: |
+ ヒント: 追加のログを取得するには、コマンドラインに "--alsologtostderr" フラグを付けて実行してください。
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: ログファイルを添付
+ description: |
+ ヒント: `minikube logs --file=log.txt` を実行し、ブラウザに `log.txt` ファイルをドラッグ&ドロップしてください。
+ **警告:** HyperKit ドライバーを使用している場合は、ログを確認し、機密情報(アクセストークンやシークレットなど)が含まれる環境変数を削除してください。
+ minikube バージョン `1.26.0` 以降では、すべての環境変数が自動的に削除されますが、それ以前のバージョンでは手動で削除する必要があります。
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: オペレーティングシステム
+ description: ご使用のOSは何ですか?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: ドライバー
+ description: どのドライバーを使用していますか?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/ku.md b/.github/ISSUE_TEMPLATE/ku.md
deleted file mode 100644
index 97b52ae62f8d..000000000000
--- a/.github/ISSUE_TEMPLATE/ku.md
+++ /dev/null
@@ -1,20 +0,0 @@
----
-name: Kurdî
-about: Girêftek gozarîş bike
-labels: l/ku
----
-
-
-**Rêk ew kommandey be karit henawe, bo dubara kirdin girifteke**:
-
-**Tewawi berhem (output) kommandeke**:
-
-
-
-
-**Berhemî kommandi `minikube logs`**:
-
-
-
-
-**Jor o virjênî operating system**:
diff --git a/.github/ISSUE_TEMPLATE/ku.yaml b/.github/ISSUE_TEMPLATE/ku.yaml
new file mode 100644
index 000000000000..1ee94622e159
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/ku.yaml
@@ -0,0 +1,56 @@
+name: Kurdî (Kurmanji)
+description: Raportkirina pirsgirêkekê
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: Çi bû?
+ description: |
+ Rêwîtiya bikar: Ji bo ku zêdetir log bistînin, flag "--alsologtostderr" li ser rêza fermana xwe zêde bikin.
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: Pelê logê bikeve
+ description: |
+ Rêwîtiya bikar: Run `minikube logs --file=log.txt` û paşê pelê `log.txt` ji browser ve drag & drop bikin.
+ **HİZAR:** Heke hûn driverê HyperKit têkiliyê dikin, ji kerema xwe logên xwe kontrol bikin û her guhertoyekî env ku dikare agahiyên sezayî (mînak: token-an an şîfre) heye, jê bidin.
+ Hemû guhertoyên env ji minikube `1.26.0` ve bi awayê otomatik hate rakirin, lê di guhertoyên berê de divê bi destan jêbirin.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: Pergala Operasyonê
+ description: Pergala Operasyonê te çi ye?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: Driver
+ description: Hûn çi driverê têkiliyê dikin?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/pt-BR.md b/.github/ISSUE_TEMPLATE/pt-BR.md
deleted file mode 100644
index 4d823098f291..000000000000
--- a/.github/ISSUE_TEMPLATE/pt-BR.md
+++ /dev/null
@@ -1,21 +0,0 @@
----
-name: Português
-about: Comunicar um problema
-labels: l/pt-BR
----
-
-
-**Os comandos necessários para reproduzir o problema**:
-
-**A saída completa do comando que apresentou falha**:
-
-
-
-
-
-**A saída do comando `minikube logs`**:
-
-
-
-
-**A versão do sistema operacional usado**:
diff --git a/.github/ISSUE_TEMPLATE/pt-BR.yaml b/.github/ISSUE_TEMPLATE/pt-BR.yaml
new file mode 100644
index 000000000000..f3ce576713b8
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/pt-BR.yaml
@@ -0,0 +1,56 @@
+name: Português (Brasil)
+description: Reportar um problema
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: O que aconteceu?
+ description: |
+ Dica: Adicione a flag "--alsologtostderr" na linha de comando para obter mais logs.
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: Anexe o arquivo de log
+ description: |
+ Dica: Execute `minikube logs --file=log.txt` e depois arraste e solte o arquivo `log.txt` no navegador.
+ **AVISO:** Se você estiver usando o driver HyperKit, verifique seus logs e remova quaisquer variáveis de ambiente que possam conter informações sensíveis (ex.: tokens de acesso ou segredos).
+ Todas as variáveis de ambiente serão removidas automaticamente a partir da versão `1.26.0` do minikube, mas em versões anteriores será necessário removê-las manualmente.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: Sistema Operacional
+ description: Qual é o seu sistema operacional?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: Driver
+ description: Qual driver você usa?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/ru.yaml b/.github/ISSUE_TEMPLATE/ru.yaml
new file mode 100644
index 000000000000..ab61963ee371
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/ru.yaml
@@ -0,0 +1,54 @@
+name: Сообщить о проблеме
+description: Отчет о проблеме на русском
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: Что произошло?
+ description: |
+ Подсказка: Добавьте флаг "--alsologtostderr", чтобы получить более подробные логи
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: Приложите логи
+ description: |
+ Подсказка: Выполните `minikube logs --file=log.txt` и перетащите файл `log.txt` в браузер.
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: Операционная система
+ description: Какая у вас ОС?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: Драйвер
+ description: Какой драйвер используете?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/zh-CN.md b/.github/ISSUE_TEMPLATE/zh-CN.md
deleted file mode 100644
index 00fd749e7af6..000000000000
--- a/.github/ISSUE_TEMPLATE/zh-CN.md
+++ /dev/null
@@ -1,22 +0,0 @@
----
-name: 中文 (Chinese)
-about: 报告问题
-labels: l/zh-CN
----
-
-
-**重现问题所需的命令**:
-
-**失败的命令的完整输出**:
-
-
-
-
-
-**`minikube logs`命令的输出**:
-
-
-
-
-
-**使用的操作系统版本**:
diff --git a/.github/ISSUE_TEMPLATE/zh-CN.yaml b/.github/ISSUE_TEMPLATE/zh-CN.yaml
new file mode 100644
index 000000000000..1cd58d3abb66
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/zh-CN.yaml
@@ -0,0 +1,56 @@
+name: 中文 (Chinese)
+description: 报告一个问题
+body:
+ - type: textarea
+ id: problem
+ attributes:
+ label: 发生了什么?
+ description: |
+ 提示:在命令行中添加 "--alsologtostderr" 参数以获取更多日志。
+ validations:
+ required: true
+ - type: textarea
+ id: logs
+ attributes:
+ label: 附上日志文件
+ description: |
+ 提示:运行 `minikube logs --file=log.txt`,然后将 `log.txt` 文件拖放到浏览器中。
+ **警告:** 如果你使用 HyperKit 驱动,请检查日志并删除可能包含敏感信息(例如访问令牌或密钥)的环境变量。
+ 从 minikube `1.26.0` 版本开始,所有环境变量将自动清除,但在之前的版本中需要手动删除。
+ validations:
+ required: true
+ - type: dropdown
+ id: operating-system
+ attributes:
+ label: 操作系统
+ description: 你的操作系统是什么?
+ options:
+ - macOS (Default)
+ - Windows
+ - Ubuntu
+ - Redhat/Fedora
+ - Other
+ validations:
+ required: false
+ - type: dropdown
+ id: driver
+ attributes:
+ label: 驱动程序
+ description: 你使用哪个驱动程序?
+ options:
+ - N/A
+ - Docker
+ - Podman
+ - HyperKit
+ - Hyper-V
+ - KVM2
+ - VirtualBox
+ - None (Baremetal)
+ - SSH
+ - VMware
+ - Parallels
+ - QEMU
+ - vfkit
+ - krunkit
+ validations:
+ required: false
\ No newline at end of file
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 61634d5a45f2..31d630fd3e7b 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,3 +5,9 @@ updates:
directory: "/"
schedule:
interval: "weekly"
+ - package-ecosystem: "github-actions"
+ directory: "/"
+ schedule:
+ interval: "weekly"
+ ignore:
+ - dependency-name: "vedantmgoyal2009/winget-releaser"
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index c9c14c92dd83..1ab34d9d50c6 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -12,16 +12,18 @@ on:
- "!deploy/iso/**"
env:
GOPROXY: https://proxy.golang.org
- GO_VERSION: '1.16.7'
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
jobs:
build_minikube:
- runs-on: ubuntu-18.04
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
with:
go-version: ${{env.GO_VERSION}}
- stable: true
- name: Download Dependencies
run: go mod download
- name: Build Binaries
@@ -37,18 +39,17 @@ jobs:
echo workspace $GITHUB_WORKSPACE
echo "end of debug stuff"
echo $(which jq)
- - uses: actions/upload-artifact@v1
+ - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
with:
name: minikube_binaries
path: out
lint:
- runs-on: ubuntu-18.04
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
with:
go-version: ${{env.GO_VERSION}}
- stable: true
- name: Install libvirt
run: |
sudo apt-get update
@@ -61,13 +62,12 @@ jobs:
run: make test
continue-on-error: false
unit_test:
- runs-on: ubuntu-18.04
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
with:
go-version: ${{env.GO_VERSION}}
- stable: true
- name: Install libvirt
run: |
sudo apt-get update
diff --git a/.github/workflows/dependabot-gomodtidy.yml b/.github/workflows/dependabot-gomodtidy.yml
new file mode 100644
index 000000000000..f5477f292582
--- /dev/null
+++ b/.github/workflows/dependabot-gomodtidy.yml
@@ -0,0 +1,38 @@
+name: "dependabot-gomodtidy"
+on:
+ pull_request_target:
+ types: [opened, synchronize, reopened]
+ paths:
+ - "go.mod"
+ - "go.sum"
+
+permissions:
+ contents: write
+ pull-requests: write
+
+jobs:
+ dependabot-gomodtidy:
+ if: github.actor == 'dependabot[bot]' && github.event.pull_request.head.repo.full_name == 'kubernetes/minikube'
+ runs-on: ubuntu-22.04
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ ref: ${{ github.event.pull_request.head.ref }}
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+
+ - name: Setup Go
+ uses: actions/setup-go@v5
+ with:
+ go-version-file: 'go.mod'
+
+ - name: Run make gomodtidy
+ run: |
+ make gomodtidy
+ if [[ -n $(git status --porcelain) ]]; then
+ git config --global user.name "minikube-bot"
+ git config --global user.email "minikube-bot@google.com"
+ git add .
+ git commit -m "update go.mod and go.sum"
+ git push origin HEAD:${{ github.event.pull_request.head.ref }}
+ fi
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
index dc6e2dc3936d..1081560ee8c8 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -3,27 +3,34 @@ on:
workflow_dispatch:
push:
branches:
- - master
+ - master
env:
GOPROXY: https://proxy.golang.org
- GO_VERSION: '1.16.7'
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
jobs:
generate-docs:
- runs-on: ubuntu-18.04
+ if: github.repository == 'kubernetes/minikube'
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
with:
go-version: ${{env.GO_VERSION}}
- stable: true
- name: Generate Docs
id: gendocs
run: |
make generate-docs
- echo "::set-output name=changes::$(git status --porcelain)"
+ c=$(git status --porcelain)
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$c" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
- name: Create PR
if: ${{ steps.gendocs.outputs.changes != '' }}
- uses: peter-evans/create-pull-request@v3
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
with:
token: ${{ secrets.MINIKUBE_BOT_PAT }}
commit-message: Update auto-generated docs and translations
@@ -33,10 +40,11 @@ jobs:
push-to-fork: minikube-bot/minikube
base: master
delete-branch: true
- title: 'Update auto-generated docs and translations'
+ title: 'docs: Update auto-generated docs and translations'
body: |
Committing changes resulting from `make generate-docs`.
This PR is auto-generated by the [gendocs](https://github.com/kubernetes/minikube/blob/master/.github/workflows/docs.yml) CI workflow.
+
```
${{ steps.gendocs.outputs.changes }}
```
diff --git a/.github/workflows/functional_test.yml b/.github/workflows/functional_test.yml
new file mode 100644
index 000000000000..dae30805de47
--- /dev/null
+++ b/.github/workflows/functional_test.yml
@@ -0,0 +1,464 @@
+# Functional Test is a subset of minikube integration test, testing the most essential features of minikube.
+name: Functional Test
+on:
+ workflow_dispatch:
+ pull_request:
+ paths:
+ - "go.mod"
+ - "**.go"
+ - "Makefile"
+ - .github/workflows/functional_test.yml
+ - "!site/**"
+ - "!**.md"
+ - "!**.json"
+ push:
+ branches: [ master ]
+ paths:
+ - "go.mod"
+ - "**.go"
+ - "Makefile"
+ - "!site/**"
+ - "!**.md"
+ - "!**.json"
+# Limit one functional test job running per PR/Branch
+concurrency:
+ group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+ # For example, if you push multiple commits to a pull request in quick succession, only the latest workflow run will continue
+ cancel-in-progress: true
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+jobs:
+ # build-test-binaries job runs before all other jobs and produces binaries/test-data per arch to be shared by all following jobs
+ build-test-binaries:
+ strategy:
+ fail-fast: false
+ matrix:
+ include:
+ - name: build-test-binaries-x86
+ arch: amd64
+ runs-on: ubuntu-24.04
+ make-targets: e2e-linux-amd64
+ - name: build-test-binaries-arm
+ arch: arm64
+ runs-on: ubuntu-24.04-arm
+ make-targets: e2e-linux-arm64
+ runs-on: ${{ matrix.runs-on }}
+ name: ${{ matrix.name }}
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ cache: true
+ - name: Download Dependencies
+ run: go mod download
+ - name: Build minikube and e2e test binaries
+ run: |
+ make ${{ matrix.make-targets }}
+ cp -r test/integration/testdata ./out
+ - name: Upload Test Binaries
+ uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
+ with:
+ name: binaries-${{ matrix.arch }}
+ path: out
+ functional-test:
+ name: ${{ matrix.name }}
+ needs: build-test-binaries
+ runs-on: ${{ matrix.os }}
+ permissions:
+ contents: none
+ strategy:
+ fail-fast: false
+ matrix:
+ include:
+ - name: docker-docker-ubuntu24.04-x86
+ driver: docker
+ cruntime: docker
+ os: ubuntu-24.04
+ arch: amd64
+ test-timeout: 15m
+ - name: docker-docker-ubuntu24.04-arm
+ driver: docker
+ cruntime: docker
+ os: ubuntu-24.04-arm
+ arch: arm64
+ test-timeout: 15m
+ - name: docker-containerd-ubuntu-24.04-x86
+ driver: docker
+ cruntime: containerd
+ extra-start-args: --container-runtime=containerd
+ os: ubuntu-24.04
+ arch: amd64
+ test-timeout: 15m
+ - name: docker-containerd-ubuntu-24.04-arm
+ driver: docker
+ cruntime: containerd
+ extra-start-args: --container-runtime=containerd
+ os: ubuntu-24.04-arm
+ arch: arm64
+ test-timeout: 15m
+ - name: docker-containerd-rootless-ubuntu-24.04-x86
+ driver: docker
+ cruntime: containerd
+ os: ubuntu-24.04
+ extra-start-args: --container-runtime=containerd --rootless
+ rootless: true
+ arch: amd64
+ test-timeout: 17m
+ - name: podman-docker-ubuntu-24.04-x86
+ driver: podman
+ cruntime: docker
+ os: ubuntu-24.04
+ arch: amd64
+ test-timeout: 18m
+ - name: baremetal-docker-ubuntu-24.04-x86
+ driver: none
+ cruntime: docker
+ os: ubuntu-24.04
+ arch: amd64
+ test-timeout: 10m
+ - name: baremetal-docker-ubuntu-24.04-arm
+ driver: none
+ cruntime: docker
+ os: ubuntu-24.04-arm
+ arch: arm64
+ test-timeout: 10m
+ - name: baremetal-containerd-ubuntu-24.04-x86
+ driver: none
+ cruntime: containerd
+ os: ubuntu-24.04
+ arch: amd64
+ extra-start-args: --container-runtime=containerd
+ test-timeout: 10m
+ - name: baremetal-containerd-ubuntu-24.04-arm
+ driver: none
+ cruntime: containerd
+ os: ubuntu-24.04-arm
+ arch: arm64
+ extra-start-args: --container-runtime=containerd
+ test-timeout: 10m
+ steps:
+ - id: info-block
+ uses: medyagh/info-block@main
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ cache: true
+ - name: Install gopogh
+ shell: bash
+ run: |
+ GOPOGH_VERSION=v0.29.0
+ GOOS=$(go env GOOS)
+ GOARCH=$(go env GOARCH)
+ URL="https://github.com/medyagh/gopogh/releases/download/${GOPOGH_VERSION}/gopogh-${GOOS}-${GOARCH}"
+ echo "Downloading ${URL}"
+ curl -fsSL "${URL}" -o gopogh
+ sudo install -m 0755 gopogh /usr/local/bin/gopogh
+ rm gopogh
+ command -v gopogh
+ gopogh -version || true
+ - name: Set up cgroup v2 delegation (rootless)
+ if: ${{ matrix.rootless }}
+ run: |
+ sudo mkdir -p /etc/systemd/system/user@.service.d
+ cat </dev/null 2>&1 && jq . || cat; } || true
+
+ echo "=== Running Containers ==="
+ docker ps -a || true
+
+ echo "=== Images ==="
+ docker images || true
+ fi
+ - name: Install podman
+ if: matrix.driver == 'podman'
+ shell: bash
+ run: |
+ sudo apt -q update
+ sudo apt install -q -y podman
+ lsb_release -a || true
+ echo "=== podman version ==="
+ podman version || true
+ echo "=== podman info ==="
+ podman info || true
+ echo "=== podman system df ==="
+ podman system df || true
+ echo "=== podman system info (JSON) ==="
+ podman system info --format='{{json .}}' || true
+ echo "=== podman ps ==="
+ podman ps || true
+ - name: Install kubectl
+ uses: azure/setup-kubectl@v4
+ - name: Install qemu and socket_vmnet (macos)
+ if: contains(matrix.os, 'macos') && matrix.driver == 'qemu'
+ run: |
+ brew install qemu socket_vmnet
+ HOMEBREW=$(which brew) && sudo ${HOMEBREW} services start socket_vmnet
+ - name: Install vfkit and vmnet_helper (macos)
+ if: matrix.driver == 'vfkit'
+ run: |
+ brew install vfkit
+ curl -fsSL https://github.com/minikube-machine/vmnet-helper/releases/latest/download/install.sh | sudo VMNET_INTERACTIVE=0 bash
+ - name: Download Test Binaries
+ uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131
+ with:
+ name: binaries-${{ matrix.arch }}
+ - name: Disable AppArmor for MySQL
+ if: runner.os == 'Linux'
+ run: |
+ sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
+ sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
+ - name: Install containerd (baremetal only)
+ if: matrix.driver == 'none' && matrix.cruntime == 'containerd'
+ run: |
+ sudo apt-get update
+ sudo apt-get install -y containerd
+ # Configure containerd
+ sudo mkdir -p /etc/containerd
+ containerd config default | sudo tee /etc/containerd/config.toml
+ sudo systemctl restart containerd
+ - name: Run Functional Test
+ id: run_test
+ continue-on-error: true
+ shell: bash
+ run: |
+ set -x
+ mkdir -p report
+ chmod a+x ./e2e-*
+ chmod a+x ./minikube-*
+ ./minikube-$(go env GOOS)-$(go env GOARCH) delete --all --purge
+ START_TIME=$(date -u +%s)
+ ./e2e-$(go env GOOS)-$(go env GOARCH) -minikube-start-args=" --driver=${{ matrix.driver }} ${{ matrix.extra-start-args }} -v=6 --alsologtostderr" -test.run TestFunctional -test.timeout=${{ matrix.test-timeout }} -test.v -binary=./minikube-$(go env GOOS)-$(go env GOARCH) 2>&1 | tee ./report/testout.txt
+ END_TIME=$(date -u +%s)
+ TIME_ELAPSED=$(($END_TIME-$START_TIME))
+ min=$((${TIME_ELAPSED}/60))
+ sec=$((${TIME_ELAPSED}%60))
+ TIME_ELAPSED="${min} min $sec seconds "
+ # make variables available for next step
+ echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
+ - name: Generate Gopogh HTML Report
+ if: always()
+ shell: bash
+ run: |
+ go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
+ STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${{ matrix.name }} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
+ # Check if the test step failed AND the log contains "timed out"
+ if [[ "${{ steps.run_test.outcome }}" == "failure" && $(grep -c "panic: test timed out" ./report/testout.txt) -gt 0 ]]; then
+ # If it was a timeout, set your custom message
+ RESULT_SHORT="⌛⌛⌛ Test Timed out ${TIME_ELAPSED} ⌛⌛⌛"
+ else
+ PassNum=$(echo $STAT | jq '.NumberOfPass')
+ FailNum=$(echo $STAT | jq '.NumberOfFail')
+ TestsNum=$(echo $STAT | jq '.NumberOfTests')
+
+ if [ "${FailNum}" -eq 0 ]; then
+ STATUS_ICON="✓"
+ else
+ STATUS_ICON="✗"
+ fi
+ if [ "${PassNum}" -eq 0 ]; then
+ STATUS_ICON="✗"
+ fi
+
+ # Result in one sentence
+ RESULT_SHORT="${STATUS_ICON} Completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
+ fi
+
+ echo "RESULT_SHORT=${RESULT_SHORT}" >> $GITHUB_ENV
+ echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
+ echo 'STAT<> $GITHUB_ENV
+ echo "${STAT}" >> $GITHUB_ENV
+ echo 'EOF' >> $GITHUB_ENV
+ - name: Set PR or Branch label for report filename
+ id: vars
+ run: |
+ if [ "${{ github.event_name }}" = "pull_request" ]; then
+ echo "PR_OR_MASTER=PR${{ github.event.pull_request.number }}" >> $GITHUB_OUTPUT
+ else
+ echo "PR_OR_MASTER=Master" >> $GITHUB_OUTPUT
+ fi
+ echo "COMMIT_SHA=${GITHUB_SHA:0:7}" >> $GITHUB_OUTPUT
+ RUN_ID_SHORT="$GITHUB_RUN_ID"
+ if [ ${#RUN_ID_SHORT} -gt 7 ]; then
+ RUN_ID_SHORT="${RUN_ID_SHORT: -7}"
+ fi
+ echo "RUN_ID_SHORT=${RUN_ID_SHORT}" >> $GITHUB_OUTPUT
+ - name: Upload Gopogh report
+ id: upload_gopogh
+ uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
+ with:
+ name: functional-${{ matrix.name }}-${{ steps.vars.outputs.PR_OR_MASTER }}-sha-${{ steps.vars.outputs.COMMIT_SHA }}-run-${{ steps.vars.outputs.RUN_ID_SHORT}}
+ path: ./report
+ - name: The End Result Summary ${{ matrix.name }}
+ shell: bash
+ run: |
+ summary="$GITHUB_STEP_SUMMARY"
+ Print_Gopogh_Artifact_Download_URL() {
+ ARTIFACT_NAME="functional-${{ matrix.name }}-${{ steps.vars.outputs.PR_OR_MASTER }}-sha-${{ steps.vars.outputs.COMMIT_SHA }}"
+ ARTIFACT_ID='${{ steps.upload_gopogh.outputs.artifact-id }}'
+ if [ -n "$ARTIFACT_ID" ]; then
+ URL="https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}/artifacts/$ARTIFACT_ID"
+ echo "Gopogh report artifact ($ARTIFACT_NAME): $URL"
+ echo "📥 [Download Gopogh Report]($URL)" >> "$summary"
+ else
+ echo "Could not determine artifact ID (action version may not expose it). Find artifact named: $ARTIFACT_NAME"
+ echo "Report artifact name: $ARTIFACT_NAME" | tee -a "$summary"
+ fi
+ }
+
+ Print_Gopogh_Artifact_Download_URL
+ echo "-------------------- RESULT SUMMARY --------------------"
+ echo "$RESULT_SHORT" | tee -a "$summary"
+ echo "Time Elapsed: ${TIME_ELAPSED}" | tee -a "$summary"
+
+ numFail=$(echo "$STAT" | jq -r '.NumberOfFail // 0')
+ numPass=$(echo "$STAT" | jq -r '.NumberOfPass // 0')
+ numSkip=$(echo "$STAT" | jq -r '.NumberOfSkip // 0')
+
+ # Print test counts only if they are non-zero
+ print_test_counts_only() {
+ if [ -n "${numFail}" ]; then
+ echo "Failed: ${numFail}" | tee -a "$summary"
+ fi
+ if [ -n "${numPass}" ]; then
+ echo "Passed: ${numPass}" | tee -a "$summary"
+ fi
+ if [ -n "${numSkip}" ]; then
+ echo "Skipped: ${numSkip}" | tee -a "$summary"
+ fi
+ }
+
+ print_test_counts_only
+
+ # Prints lits of test names grouped by result status
+ print_test_names_by_status() {
+ local count="$1" header="$2" sym="$3" field="$4" to_summary="$5"
+ (( count > 0 )) || return 0
+ local line="------------------------ ${count} ${header} ------------------------"
+ if [ "$to_summary" = "yes" ]; then
+ echo "$line" | tee -a "$summary"
+ jq -r ".${field}[]? | \" ${sym} \(.)\"" <<<"$STAT" | tee -a "$summary"
+ else
+ echo "$line"
+ jq -r ".${field}[]? | \" ${sym} \(.)\"" <<<"$STAT"
+ fi
+ }
+
+ print_test_names_by_status "${numFail:-0}" "Failed" "✗" "FailedTests" yes
+ print_test_names_by_status "${numPass:-0}" "Passed" "✓" "PassedTests" no
+ print_test_names_by_status "${numSkip:-0}" "Skipped" "•" "SkippedTests" yes
+ echo $summary >> $GITHUB_STEP_SUMMARY
+ decide_exit_code() {
+ # Allow overriding minimum expected passes for when some tests pass and others are timed out
+ local min_pass="${MIN_PASS_THRESHOLD:-45}"
+ local timeout_pattern="Test Timed out"
+
+ echo "---------------------------------------------------------"
+
+ # Timeout detection
+ if echo "$RESULT_SHORT" | grep -iq "$timeout_pattern"; then
+ echo "*** Detected test timeout ${TIME_ELAPSED} ⌛: '$timeout_pattern' ***"
+ exit 3
+ fi
+
+ # Any failures
+ if [ "${numFail:-0}" -gt 0 ]; then
+ echo "*** ${numFail} test(s) failed ***"
+ exit 2
+ fi
+
+ # Zero passes (likely setup issue)
+ if [ "${numPass:-0}" -eq 0 ]; then
+ echo "*** No tests passed ***"
+ exit 4
+ fi
+
+ # Insufficient passes safeguard
+ if [ "${numPass:-0}" -lt "$min_pass" ]; then
+ echo "*** Only ${numPass} passed (< required ${min_pass}) ***" | tee -a "$summary"
+ exit 5
+ fi
+
+ echo "Exit criteria satisfied: ${numPass} passed, ${numFail} failed, ${numSkip} skipped."
+ }
+
+ decide_exit_code
diff --git a/.github/workflows/go-mod-tidy.yml b/.github/workflows/go-mod-tidy.yml
new file mode 100644
index 000000000000..189870d964d8
--- /dev/null
+++ b/.github/workflows/go-mod-tidy.yml
@@ -0,0 +1,50 @@
+name: "go-mod-tidy"
+on:
+ workflow_dispatch:
+ push:
+ branches:
+ - master
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ go-mod-tidy:
+ if: github.repository == 'kubernetes/minikube'
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Tidy Go Modules
+ id: gmodtidy
+ run: |
+ make gomodtidy
+ c=$(git status --porcelain)
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$c" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.gmodtidy.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: Update auto-generated docs and translations
+ committer: minikube-bot
+ author: minikube-bot
+ branch: gomodtidy
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'build: go mod tidy'
+ body: |
+ Committing changes resulting from `make gomodtidy`.
+ This PR is auto-generated by the [gendocs](https://github.com/kubernetes/minikube/blob/master/.github/workflows/go-mod-tidy.yml) CI workflow that runs on every push to master.
+
+ ```
+ ${{ steps.gmodtidy.outputs.changes }}
+ ```
diff --git a/.github/workflows/hide-minikube-bot-comments.yml b/.github/workflows/hide-minikube-bot-comments.yml
new file mode 100644
index 000000000000..c3d16a0308e6
--- /dev/null
+++ b/.github/workflows/hide-minikube-bot-comments.yml
@@ -0,0 +1,13 @@
+name: hide-minikube-bot-comments
+on: issue_comment
+permissions:
+ contents: read
+
+jobs:
+ hide-comments:
+ if: ${{ github.event.issue.pull_request }}
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: spowelljr/hide-minikube-bot-comments@6ef419ab40a17cf0bdc1f98f2442bf19b72d911d
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
diff --git a/.github/workflows/leaderboard.yml b/.github/workflows/leaderboard.yml
index 38c118625f5c..f5d9ea117ff2 100644
--- a/.github/workflows/leaderboard.yml
+++ b/.github/workflows/leaderboard.yml
@@ -4,42 +4,48 @@ on:
push:
tags-ignore:
- 'v*-beta.*'
- release:
- types: [published]
env:
- GO_VERSION: '1.16.7'
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
jobs:
update-leaderboard:
- runs-on: ubuntu-latest
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
with:
go-version: ${{env.GO_VERSION}}
- stable: true
- name: Update Leaderboard
id: leaderboard
run: |
make update-leaderboard
- echo "::set-output name=changes::$(git status --porcelain)"
+ c=$(git status --porcelain)
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$c" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
env:
GITHUB_TOKEN: ${{ secrets.MINIKUBE_BOT_PAT }}
- name: Create PR
if: ${{ steps.leaderboard.outputs.changes != '' }}
- uses: peter-evans/create-pull-request@v3
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
with:
token: ${{ secrets.MINIKUBE_BOT_PAT }}
- commit-message: Update leaderboard
+ commit-message: 'Add leaderboard for ${{ github.ref_name }}'
committer: minikube-bot
author: minikube-bot
branch: leaderboard
push-to-fork: minikube-bot/minikube
base: master
delete-branch: true
- title: 'Update leaderboard'
+ title: 'site: Add leaderboard for ${{ github.ref_name }} (Post-release)'
body: |
Committing changes resulting from `make update-leaderboard`.
This PR is auto-generated by the [update-leaderboard](https://github.com/kubernetes/minikube/blob/master/.github/workflows/leaderboard.yml) CI workflow.
+
```
${{ steps.leaderboard.outputs.changes }}
```
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
new file mode 100644
index 000000000000..2236408de12b
--- /dev/null
+++ b/.github/workflows/lint.yml
@@ -0,0 +1,76 @@
+name: Lint
+on:
+ workflow_dispatch:
+ pull_request:
+ push:
+ branches: [ master ]
+
+# Limit one unit test job running per PR/Branch
+concurrency:
+ group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+ # For example, if you push multiple commits to a pull request in quick succession, only the latest workflow run will continue
+ cancel-in-progress: true
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+jobs:
+ Lint-:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ cache: true
+ - name: Download Dependencies
+ run: go mod download
+ # needed because pkg/drivers/kvm/domain.go:28:2:
+ - name: Install libvirt (Linux)
+ if: runner.os == 'Linux'
+ run: |
+ sudo apt-get update
+ sudo apt-get install -y libvirt-dev
+ - name: Lint
+ timeout-minutes: 8
+ env:
+ TESTSUITE: lint
+ run: make test
+ continue-on-error: false
+ Boilerplate:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ cache: true
+ - name: Boilerplate check
+ timeout-minutes: 2
+ env:
+ TESTSUITE: boilerplate
+ run: make test
+ continue-on-error: false
+ Gomodtidy:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ cache: true
+ - name: Verify go mod tidy
+ timeout-minutes: 2
+ continue-on-error: false
+ run: |
+ echo "::group::go mod tidy"
+ make gomodtidy
+ echo "::endgroup::"
+ if ! git diff-index --quiet HEAD; then
+ echo "::group::diff"
+ git --no-pager diff
+ echo "::endgroup::"
+ echo "::notice::Please run 'make gomodtidy' and commit the changes"
+ exit 1
+ fi
diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
deleted file mode 100644
index d735338d83a3..000000000000
--- a/.github/workflows/master.yml
+++ /dev/null
@@ -1,1033 +0,0 @@
-name: Master
-on:
- workflow_dispatch:
- push:
- branches:
- - master
- paths:
- - "go.mod"
- - "**.go"
- - "**.yml"
- - "**.yaml"
- - "Makefile"
- - "!deploy/kicbase/**"
- - "!deploy/iso/**"
-env:
- GOPROXY: https://proxy.golang.org
- GO_VERSION: '1.16.7'
-jobs:
- # Runs before all other jobs
- # builds the minikube binaries
- build_minikube:
- runs-on: ubuntu-18.04
- steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Download Dependencies
- run: go mod download
- - name: Build Binaries
- run: |
- make cross
- make e2e-cross
- cp -r test/integration/testdata ./out
- whoami
- echo github ref $GITHUB_REF
- echo workflow $GITHUB_WORKFLOW
- echo home $HOME
- echo event name $GITHUB_EVENT_NAME
- echo workspace $GITHUB_WORKSPACE
- echo "end of debug stuff"
- echo $(which jq)
- - uses: actions/upload-artifact@v1
- with:
- name: minikube_binaries
- path: out
- lint:
- runs-on: ubuntu-18.04
- steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install libvirt
- run: |
- sudo apt-get update
- sudo apt-get install -y libvirt-dev
- - name: Download Dependencies
- run: go mod download
- - name: Lint
- env:
- TESTSUITE: lintall
- run: make test
- continue-on-error: false
- unit_test:
- runs-on: ubuntu-18.04
- steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install libvirt
- run: |
- sudo apt-get update
- sudo apt-get install -y libvirt-dev
- - name: Download Dependencies
- run: go mod download
- - name: Unit Test
- env:
- TESTSUITE: unittest
- run: make test
- continue-on-error: false
- # Run the following integration tests after the build_minikube
- # They will run in parallel and use the binaries in previous step
- functional_docker_ubuntu:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_docker_ubuntu"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- runs-on: ubuntu-18.04
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- - name: Docker Info
- shell: bash
- run: |
- echo "--------------------------"
- docker version || true
- echo "--------------------------"
- docker info || true
- echo "--------------------------"
- docker system df || true
- echo "--------------------------"
- docker system info --format='{{json .}}'|| true
- echo "--------------------------"
- docker ps || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
- sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-amd64 -minikube-start-args=--vm-driver=docker -test.run TestFunctional -test.timeout=10m -test.v -timeout-multiplier=1.5 -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: functional_docker_ubuntu
- path: minikube_binaries/report
- - name: The End Result functional_docker_ubuntu
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 36 ];then echo "*** Failed to pass at least 36 ! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
- functional_docker_containerd_ubuntu:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_docker_containerd_ubuntu"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- runs-on: ubuntu-18.04
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- - name: Docker Info
- shell: bash
- run: |
- echo "--------------------------"
- docker version || true
- echo "--------------------------"
- docker info || true
- echo "--------------------------"
- docker system df || true
- echo "--------------------------"
- docker system info --format='{{json .}}'|| true
- echo "--------------------------"
- docker ps || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
- sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-amd64 -minikube-start-args="--vm-driver=docker --container-runtime=containerd" -test.run TestFunctional -test.timeout=30m -test.v -timeout-multiplier=1.5 -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: functional_docker_containerd_ubuntu
- path: minikube_binaries/report
- - name: The End Result functional_docker_containerd_ubuntu
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 36 ];then echo "*** Failed to pass at least 36 ! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
-
- functional_podman_ubuntu:
- needs: [ build_minikube ]
- env:
- TIME_ELAPSED: time
- JOB_NAME: functional_podman_ubuntu
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- runs-on: ubuntu-20.04
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
-
- - name: Install Podman
- shell: bash
- run: |
- sudo apt update
- sudo apt install -y podman
- echo "--------------------------"
- podman version || true
- echo "--------------------------"
- podman info || true
- echo "--------------------------"
- podman system df || true
- echo "--------------------------"
- podman system info --format='{{json .}}'|| true
- echo "--------------------------"
- podman ps || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
- sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-amd64 -minikube-start-args=--vm-driver=podman -v=6 --alsologtostderr -test.run TestFunctional -test.timeout=10m -test.v -timeout-multiplier=1.5 -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: functional_podman_ubuntu
- path: minikube_binaries/report
- - name: The End Result functional_podman_ubuntu
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 36 ];then echo "*** Failed to pass at least 36 ! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
-
- functional_virtualbox_macos:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_virtualbox_macos"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- runs-on: macos-10.15
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/darwin/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-darwin-amd64
- sudo install gopogh-darwin-amd64 /usr/local/bin/gopogh
- - name: Install docker
- shell: bash
- run: |
- brew install docker-machine docker
- sudo docker --version
- - name: Info
- shell: bash
- run: |
- hostname
- VBoxManage --version
- sysctl hw.physicalcpu hw.logicalcpu
- - name: Disable firewall
- run: |
- sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate off
- sudo /usr/libexec/ApplicationFirewall/socketfilterfw -k
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-darwin-amd64 -minikube-start-args=--vm-driver=virtualbox -test.run "TestFunctional" -test.timeout=35m -test.v -timeout-multiplier=1.5 -binary=./minikube-darwin-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: functional_virtualbox_macos
- path: minikube_binaries/report
- - name: The End Result functional_virtualbox_macos
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "----------------${numFail} Failures :(----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 33 ];then echo "*** Failed to pass at least 33 ! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
- functional_docker_windows:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_docker_windows"
- GOPOGH_RESULT: ""
- STAT: ""
- runs-on: [self-hosted, windows-10-ent, 8CPUs]
- steps:
- - name: Clean up
- continue-on-error: true
- shell: powershell
- run: |
- echo $env:computerName
- ls
- $ErrorActionPreference = "SilentlyContinue"
- cd minikube_binaries
- ls
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- .\minikube-windows-amd64.exe delete --all --purge
- Get-VM | Where-Object {$_.Name -ne "DockerDesktopVM"} | Foreach {
- .\minikube-windows-amd64.exe delete -p $_.Name
- Suspend-VM $_.Name
- Stop-VM $_.Name -Force
- Remove-VM $_.Name -Force
- }
- cd ..
- Remove-Item minikube_binaries -Force -Recurse
- ls
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Start Docker Desktop
- shell: powershell
- continue-on-error: true
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- if (!$docker_running) {
- Write-Output "Starting Docker as an administrator"
- Start-Process 'C:/Program Files/Docker/Docker/Docker Desktop.exe' -Verb runAs
- }
- while (!$docker_running) {
- Start-Sleep 5
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- }
- Write-Output "Docker is running"
- docker system prune -f
- docker system prune --volumes -f
- - name: Info
- shell: powershell
- run: |
- echo $env:computername
- echo "------------------------"
- docker info
- echo "------------------------"
- docker volume ls
- echo "------------------------"
- docker system info --format '{{json .}}'
- echo "------------------------"
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install tools
- continue-on-error: true
- shell: powershell
- run: |
- (New-Object Net.WebClient).DownloadFile("https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh.exe", "C:\ProgramData\chocolatey\bin\gopogh.exe")
- choco install -y kubernetes-cli
- choco install -y jq
- choco install -y caffeine
- if (Test-Path 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe') { Remove-Item 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe' };
- - name: Run Integration Test in powershell
- continue-on-error: true
- shell: powershell
- run: |
- cd minikube_binaries
- New-Item -Force -Path "report" -ItemType Directory
- New-Item -Force -Path "testhome" -ItemType Directory
- $START_TIME=(GET-DATE)
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- $ErrorActionPreference = "SilentlyContinue"
- .\e2e-windows-amd64.exe --minikube-start-args="--driver=docker" --test.timeout=15m --timeout-multiplier=1 --test.v --test.run=TestFunctional --binary=./minikube-windows-amd64.exe | Tee-Object -FilePath ".\report\testout.txt"
- $END_TIME=(GET-DATE)
- echo $END_TIME
- $DURATION=(NEW-TIMESPAN -Start $START_TIME -End $END_TIME)
- echo $DURATION
- $SECS=($DURATION.TotalSeconds)
- $MINS=($DURATION.TotalMinutes)
- $T_ELAPSED="$MINS m $SECS s"
- echo "----"
- echo $T_ELAPSED
- echo "----"
- echo "TIME_ELAPSED=$T_ELAPSED" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- - name: Generate HTML Report
- continue-on-error: true
- shell: powershell
- run: |
- cd minikube_binaries
- Get-Content .\report\testout.txt -Encoding ASCII | go tool test2json -t | Out-File -FilePath .\report\testout.json -Encoding ASCII
- $STAT=(gopogh -in .\report\testout.json -out .\report\testout.html -name "${Env:JOB_NAME} ${Env:GITHUB_REF}" -repo "${Env:GITHUB_REPOSITORY}" -details "${Env:GITHUB_SHA}")
- echo status: ${STAT}
- $FailNum=$(echo $STAT | jq '.NumberOfFail')
- $TestsNum=$(echo $STAT | jq '.NumberOfTests')
- $GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${Env:TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- echo "STAT=${STAT}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- echo ${GOPOGH_RESULT}
- $numFail=(echo $STAT | jq '.NumberOfFail')
- $failedTests=( echo $STAT | jq '.FailedTests')
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $failedTest
- echo "-------------------------------------------------------"
- $numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*** $numPass Passed ***"
- - uses: actions/upload-artifact@v1
- with:
- name: functional_docker_windows
- path: minikube_binaries/report
- - name: The End Result functional_docker_windows
- shell: powershell
- run: |
- $numFail=(echo $Env:STAT | jq '.NumberOfFail')
- $failedTests=( echo $Env:STAT | jq '.FailedTests')
- $numPass=$(echo $Env:STAT | jq '.NumberOfPass')
- $passedTests=( echo $Env:STAT | jq '.PassedTests')
- echo "*******************${numPass} Passes :) *******************"
- echo $passedTests
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $failedTests
- echo "-------------------------------------------------------"
- If ($numFail -gt 0){ exit 2 }
- If ($numPass -eq 0){ exit 2 }
- If ($numPass -lt 33){ exit 2 }
- If ($numFail -eq 0){ exit 0 }
- functional_hyperv_windows:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_hyperv_windows"
- GOPOGH_RESULT: ""
- runs-on: [self-hosted, windows-10-ent, Standard_D16s_v3, hyperv]
- steps:
- - name: Clean up
- continue-on-error: true
- shell: powershell
- run: |
- echo $env:computerName
- ls
- $ErrorActionPreference = "SilentlyContinue"
- cd minikube_binaries
- ls
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- .\minikube-windows-amd64.exe delete --all --purge
- Get-VM | Where-Object {$_.Name -ne "DockerDesktopVM"} | Foreach {
- Stop-VM -Name $_.Name -Force
- Remove-VM $_.Name -Force
- }
- cd ..
- Remove-Item minikube_binaries -Force -Recurse
- ls
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Start Docker Desktop
- shell: powershell
- continue-on-error: true
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- if (!$docker_running) {
- Write-Output "Starting Docker as an administrator"
- Start-Process 'C:/Program Files/Docker/Docker/Docker Desktop.exe' -Verb runAs
- }
- while (!$docker_running) {
- Start-Sleep 5
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- }
- Write-Output "Docker is running"
- docker system prune -f
- docker system prune --volumes -f
- - name: Info
- continue-on-error: true
- shell: powershell
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- cd minikube_binaries
- ls
- echo $env:computername
- Get-WmiObject -class Win32_ComputerSystem
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install tools
- continue-on-error: true
- shell: powershell
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- (New-Object Net.WebClient).DownloadFile("https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh.exe", "C:\ProgramData\chocolatey\bin\gopogh.exe")
- choco install -y kubernetes-cli
- choco install -y jq
- choco install -y caffeine
- if (Test-Path 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe') { Remove-Item 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe' };
- - name: Run Integration Test in powershell
- continue-on-error: true
- shell: powershell
- run: |
- cd minikube_binaries
- New-Item -Force -Path "report" -ItemType Directory
- New-Item -Force -Path "testhome" -ItemType Directory
- $START_TIME=(GET-DATE)
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- $ErrorActionPreference = "SilentlyContinue"
- .\e2e-windows-amd64.exe --minikube-start-args="--driver=hyperv" --test.timeout=20m --timeout-multiplier=1.5 --test.v --test.run=TestFunctional --binary=./minikube-windows-amd64.exe | Tee-Object -FilePath ".\report\testout.txt"
- $END_TIME=(GET-DATE)
- echo $END_TIME
- $DURATION=(NEW-TIMESPAN -Start $START_TIME -End $END_TIME)
- echo $DURATION
- $SECS=($DURATION.TotalSeconds)
- $MINS=($DURATION.TotalMinutes)
- $T_ELAPSED="$MINS m $SECS s"
- echo "----"
- echo $T_ELAPSED
- echo "----"
- echo "TIME_ELAPSED=$T_ELAPSED" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- - name: Generate HTML Report
- continue-on-error: true
- shell: powershell
- run: |
- cd minikube_binaries
- Get-Content .\report\testout.txt -Encoding ASCII | go tool test2json -t | Out-File -FilePath .\report\testout.json -Encoding ASCII
- $STAT=(gopogh -in .\report\testout.json -out .\report\testout.html -name "${Env:JOB_NAME} ${Env:GITHUB_REF}" -repo "${Env:GITHUB_REPOSITORY}" -details "${Env:GITHUB_SHA}")
- echo status: ${STAT}
- $FailNum=$(echo $STAT | jq '.NumberOfFail')
- $TestsNum=$(echo $STAT | jq '.NumberOfTests')
- $GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${Env:TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- echo "STAT=${STAT}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- echo ${GOPOGH_RESULT}
- $numFail=(echo $STAT | jq '.NumberOfFail')
- $failedTests=( echo $STAT | jq '.FailedTests')
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $failedTest
- echo "-------------------------------------------------------"
- $numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*** $numPass Passed ***"
- - uses: actions/upload-artifact@v1
- with:
- name: functional_hyperv_windows
- path: minikube_binaries/report
- - name: The End Result functional_hyperv_windows
- shell: powershell
- run: |
- $numFail=(echo $Env:STAT | jq '.NumberOfFail')
- $failedTests=( echo $Env:STAT | jq '.FailedTests')
- $numPass=$(echo $Env:STAT | jq '.NumberOfPass')
- $passedTests=( echo $Env:STAT | jq '.PassedTests')
- echo "*******************${numPass} Passes :) *******************"
- echo $passedTests
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $failedTests
- echo "-------------------------------------------------------"
- If ($numFail -gt 0){ exit 2 }
- If ($numPass -eq 0){ exit 2 }
- If ($numPass -lt 33){ exit 2 }
- If ($numFail -eq 0){ exit 0 }
- functional_baremetal_ubuntu18_04:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_baremetal_ubuntu18_04"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- runs-on: ubuntu-18.04
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- # conntrack is required for kubernetes 1.18 and higher
- # socat is required for kubectl port forward which is used in some tests such as validateHelmTillerAddon
- - name: Install tools for none
- shell: bash
- run: |
- sudo apt-get update -qq
- sudo apt-get -qq -y install conntrack
- sudo apt-get -qq -y install socat
- VERSION="v1.17.0"
- curl -L https://github.com/kubernetes-sigs/cri-tools/releases/download/$VERSION/crictl-${VERSION}-linux-amd64.tar.gz --output crictl-${VERSION}-linux-amd64.tar.gz
- sudo tar zxvf crictl-$VERSION-linux-amd64.tar.gz -C /usr/local/bin
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: true
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome sudo -E ./e2e-linux-amd64 -minikube-start-args=--driver=none -test.timeout=10m -test.v -timeout-multiplier=1.5 -test.run TestFunctional -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: none_ubuntu18_04
- path: minikube_binaries/report
- - name: The End Result - None on Ubuntu 18:04
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 26 ];then echo "*** Failed to pass at least 26 ! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
- functional_docker_ubuntu_arm64:
- needs: [ build_minikube ]
- runs-on: [ self-hosted, arm64 ]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_docker_ubuntu_arm64"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- steps:
- - name: Install tools
- shell: bash
- run: |
- sudo apt update
- sudo apt install -y jq docker git cron
- sudo usermod -aG docker $USER
-
- - name: Init
- shell: bash
- run: |
- if [[ -f /var/run/reboot.in.progress ]]; then
- echo "reboot in progress"
- exit 1
- fi
- sudo touch /var/run/job.in.progress
- rm -rf cleanup.sh install_cleanup.sh
- # after this PR is merged, update URLs to get the scripts from github master
- wget https://storage.googleapis.com/minikube-ci-utils/cleanup.sh
- wget https://storage.googleapis.com/minikube-ci-utils/install_cleanup.sh
- chmod +x cleanup.sh install_cleanup.sh
- ./install_cleanup.sh
-
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
-
- - name: Install gopogh
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-arm64
- sudo install gopogh-linux-arm64 /usr/local/bin/gopogh
-
- - name: Docker Info
- shell: bash
- run: |
- echo "--------------------------"
- docker version || true
- echo "--------------------------"
- docker info || true
- echo "--------------------------"
- docker system df || true
- echo "--------------------------"
- docker system info --format='{{json .}}'|| true
- echo "--------------------------"
- docker ps || true
- echo "--------------------------"
- whoami || true
- echo "--------------------------"
- hostname || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
-
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
-
- - name: Pre-cleanup
- continue-on-error: true
- run: |
- minikube_binaries/minikube-linux-arm64 delete --all --purge || true
- docker kill $(docker ps -aq) || true
- docker system prune --volumes --force || true
-
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-arm64 -minikube-start-args=--vm-driver=docker -test.run TestFunctional -test.timeout=25m -test.v -timeout-multiplier=1.5 -binary=./minikube-linux-arm64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
-
- - uses: actions/upload-artifact@v1
- with:
- name: functional_docker_ubuntu_arm64
- path: minikube_binaries/report
-
- - name: The End Result - functional_docker_ubuntu_arm64
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 0 ];then echo "*** Failed to pass at least 20! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
- # After all integration tests finished
- # collect all the reports and upload them
- upload_all_reports:
- if: always()
- needs:
- [
- functional_docker_ubuntu,
- functional_docker_containerd_ubuntu,
- functional_docker_ubuntu_arm64,
- functional_podman_ubuntu,
- functional_virtualbox_macos,
- functional_docker_windows,
- functional_hyperv_windows,
- functional_baremetal_ubuntu18_04,
- ]
- runs-on: ubuntu-18.04
- steps:
- - name: download all reports
- uses: actions/download-artifact@v2-preview
- - name: upload all reports
- shell: bash {0}
- continue-on-error: true
- run: |
- mkdir -p all_reports
- ls -lah
- cp -r ./functional_docker_ubuntu ./all_reports/
- cp -r ./functional_docker_containerd_ubuntu ./all_reports/
- cp -r ./functional_docker_ubuntu_arm64 ./all_reports/
- cp -r ./functional_podman_ubuntu ./all_reports/
- cp -r ./functional_virtualbox_macos ./all_reports/
- cp -r ./functional_docker_windows ./all_reports/
- cp -r ./functional_hyperv_windows ./all_reports/
- cp -r ./functional_baremetal_ubuntu18_04 ./all_reports/
-
- - uses: actions/upload-artifact@v1
- with:
- name: all_reports
- path: all_reports
diff --git a/.github/workflows/minikube-image-benchmark.yml b/.github/workflows/minikube-image-benchmark.yml
new file mode 100644
index 000000000000..60553eb2a4a0
--- /dev/null
+++ b/.github/workflows/minikube-image-benchmark.yml
@@ -0,0 +1,30 @@
+name: "publish image benchmark"
+on:
+ workflow_dispatch:
+ schedule:
+ # every day at 7am & 7pm pacific
+ - cron: "0 2,14 * * *"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ image-benchmark:
+ if: github.repository == 'kubernetes/minikube'
+ runs-on: ubuntu-22.04
+ env:
+ AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ AWS_DEFAULT_REGION: 'us-west-1'
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Run Benchmark
+ run: |
+ ./hack/benchmark/image-build/publish-chart.sh
+
+
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
deleted file mode 100644
index 1b1c36b1734f..000000000000
--- a/.github/workflows/pr.yml
+++ /dev/null
@@ -1,1040 +0,0 @@
-name: PR
-on:
- workflow_dispatch:
- pull_request:
- paths:
- - "go.mod"
- - "**.go"
- - "**.yml"
- - "**.yaml"
- - "Makefile"
- - "!deploy/kicbase/**"
- - "!deploy/iso/**"
-env:
- GOPROXY: https://proxy.golang.org
- GO_VERSION: '1.16.7'
-jobs:
- # Runs before all other jobs
- # builds the minikube binaries
- build_minikube:
- runs-on: ubuntu-18.04
- steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Download Dependencies
- run: go mod download
- - name: Build Binaries
- run: |
- make cross
- make e2e-cross
- cp -r test/integration/testdata ./out
- whoami
- echo github ref $GITHUB_REF
- echo workflow $GITHUB_WORKFLOW
- echo home $HOME
- echo event name $GITHUB_EVENT_NAME
- echo workspace $GITHUB_WORKSPACE
- echo "end of debug stuff"
- echo $(which jq)
- - uses: actions/upload-artifact@v1
- with:
- name: minikube_binaries
- path: out
- lint:
- runs-on: ubuntu-18.04
- steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install libvirt
- run: |
- sudo apt-get update
- sudo apt-get install -y libvirt-dev
- - name: Download Dependencies
- run: go mod download
- - name: Lint
- env:
- TESTSUITE: lintall
- run: make test
- continue-on-error: false
- unit_test:
- runs-on: ubuntu-18.04
- steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install libvirt
- run: |
- sudo apt-get update
- sudo apt-get install -y libvirt-dev
- - name: Download Dependencies
- run: go mod download
- - name: Unit Test
- env:
- TESTSUITE: unittest
- run: make test
- continue-on-error: false
- # Run the following integration tests after the build_minikube
- # They will run in parallel and use the binaries in previous step
- functional_docker_ubuntu:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_docker_ubuntu"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- runs-on: ubuntu-18.04
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- - name: Docker Info
- shell: bash
- run: |
- echo "--------------------------"
- docker version || true
- echo "--------------------------"
- docker info || true
- echo "--------------------------"
- docker system df || true
- echo "--------------------------"
- docker system info --format='{{json .}}'|| true
- echo "--------------------------"
- docker ps || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
- sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
- MINIKUBE_HOME=$(pwd)/testhome ./minikube-linux-amd64 delete --all --purge
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-amd64 -minikube-start-args=--vm-driver=docker -test.run TestFunctional -test.timeout=10m -test.v -timeout-multiplier=1.5 -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: functional_docker_ubuntu
- path: minikube_binaries/report
- - name: The End Result functional_docker_ubuntu
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 36 ];then echo "*** Failed to pass at least 36 ! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
- functional_docker_containerd_ubuntu:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_docker_containerd_ubuntu"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- runs-on: ubuntu-18.04
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- - name: Docker Info
- shell: bash
- run: |
- echo "--------------------------"
- docker version || true
- echo "--------------------------"
- docker info || true
- echo "--------------------------"
- docker system df || true
- echo "--------------------------"
- docker system info --format='{{json .}}'|| true
- echo "--------------------------"
- docker ps || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
- sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
- MINIKUBE_HOME=$(pwd)/testhome ./minikube-linux-amd64 delete --all --purge
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-amd64 -minikube-start-args="--vm-driver=docker --container-runtime=containerd" -test.run TestFunctional -test.timeout=30m -test.v -timeout-multiplier=1.5 -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: functional_docker_containerd_ubuntu
- path: minikube_binaries/report
- - name: The End Result functional_docker_containerd_ubuntu
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 36 ];then echo "*** Failed to pass at least 36 ! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
-
- functional_podman_ubuntu:
- needs: [ build_minikube ]
- env:
- TIME_ELAPSED: time
- JOB_NAME: functional_podman_ubuntu
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- runs-on: ubuntu-20.04
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
-
- - name: Install Podman
- shell: bash
- run: |
- sudo apt update
- sudo apt install -y podman
- echo "--------------------------"
- podman version || true
- echo "--------------------------"
- podman info || true
- echo "--------------------------"
- podman system df || true
- echo "--------------------------"
- podman system info --format='{{json .}}'|| true
- echo "--------------------------"
- podman ps || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
- sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
- MINIKUBE_HOME=$(pwd)/testhome ./minikube-linux-amd64 delete --all --purge
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-amd64 -minikube-start-args=--vm-driver=podman -v=6 --alsologtostderr -test.run TestFunctional -test.timeout=10m -test.v -timeout-multiplier=1.5 -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: functional_podman_ubuntu
- path: minikube_binaries/report
- - name: The End Result functional_podman_ubuntu
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 36 ];then echo "*** Failed to pass at least 36 ! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
-
- functional_virtualbox_macos:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_virtualbox_macos"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- runs-on: macos-10.15
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/darwin/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-darwin-amd64
- sudo install gopogh-darwin-amd64 /usr/local/bin/gopogh
- - name: Install docker
- shell: bash
- run: |
- brew install docker-machine docker
- sudo docker --version
- - name: Info
- shell: bash
- run: |
- hostname
- VBoxManage --version
- sysctl hw.physicalcpu hw.logicalcpu
- - name: Disable firewall
- run: |
- sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate off
- sudo /usr/libexec/ApplicationFirewall/socketfilterfw -k
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- MINIKUBE_HOME=$(pwd)/testhome ./minikube-darwin-amd64 delete --all --purge
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-darwin-amd64 -minikube-start-args=--vm-driver=virtualbox -test.run "TestFunctional" -test.timeout=35m -test.v -timeout-multiplier=1.5 -binary=./minikube-darwin-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: functional_virtualbox_macos
- path: minikube_binaries/report
- - name: The End Result functional_virtualbox_macos
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "----------------${numFail} Failures :(----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 33 ];then echo "*** Failed to pass at least 33 ! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
- functional_docker_windows:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_docker_windows"
- GOPOGH_RESULT: ""
- STAT: ""
- runs-on: [self-hosted, windows-10-ent, 8CPUs]
- steps:
- - name: Clean up
- continue-on-error: true
- shell: powershell
- run: |
- echo $env:computerName
- ls
- $ErrorActionPreference = "SilentlyContinue"
- cd minikube_binaries
- ls
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- .\minikube-windows-amd64.exe delete --all --purge
- Get-VM | Where-Object {$_.Name -ne "DockerDesktopVM"} | Foreach {
- .\minikube-windows-amd64.exe delete -p $_.Name
- Suspend-VM $_.Name
- Stop-VM $_.Name -Force
- Remove-VM $_.Name -Force
- }
- cd ..
- Remove-Item minikube_binaries -Force -Recurse
- ls
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Start Docker Desktop
- shell: powershell
- continue-on-error: true
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- if (!$docker_running) {
- Write-Output "Starting Docker as an administrator"
- Start-Process 'C:/Program Files/Docker/Docker/Docker Desktop.exe' -Verb runAs
- }
- while (!$docker_running) {
- Start-Sleep 5
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- }
- Write-Output "Docker is running"
- docker system prune -f
- docker system prune --volumes -f
- - name: Info
- shell: powershell
- run: |
- echo $env:computername
- echo "------------------------"
- docker info
- echo "------------------------"
- docker volume ls
- echo "------------------------"
- docker system info --format '{{json .}}'
- echo "------------------------"
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install tools
- continue-on-error: true
- shell: powershell
- run: |
- (New-Object Net.WebClient).DownloadFile("https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh.exe", "C:\ProgramData\chocolatey\bin\gopogh.exe")
- choco install -y kubernetes-cli
- choco install -y jq
- choco install -y caffeine
- if (Test-Path 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe') { Remove-Item 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe' };
- - name: Run Integration Test in powershell
- continue-on-error: true
- shell: powershell
- run: |
- cd minikube_binaries
- New-Item -Force -Path "report" -ItemType Directory
- New-Item -Force -Path "testhome" -ItemType Directory
- $START_TIME=(GET-DATE)
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- $ErrorActionPreference = "SilentlyContinue"
- .\e2e-windows-amd64.exe --minikube-start-args="--driver=docker" --test.timeout=15m --timeout-multiplier=1 --test.v --test.run=TestFunctional --binary=./minikube-windows-amd64.exe | Tee-Object -FilePath ".\report\testout.txt"
- $END_TIME=(GET-DATE)
- echo $END_TIME
- $DURATION=(NEW-TIMESPAN -Start $START_TIME -End $END_TIME)
- echo $DURATION
- $SECS=($DURATION.TotalSeconds)
- $MINS=($DURATION.TotalMinutes)
- $T_ELAPSED="$MINS m $SECS s"
- echo "----"
- echo $T_ELAPSED
- echo "----"
- echo "TIME_ELAPSED=$T_ELAPSED" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- - name: Generate HTML Report
- continue-on-error: true
- shell: powershell
- run: |
- cd minikube_binaries
- Get-Content .\report\testout.txt -Encoding ASCII | go tool test2json -t | Out-File -FilePath .\report\testout.json -Encoding ASCII
- $STAT=(gopogh -in .\report\testout.json -out .\report\testout.html -name "${Env:JOB_NAME} ${Env:GITHUB_REF}" -repo "${Env:GITHUB_REPOSITORY}" -details "${Env:GITHUB_SHA}")
- echo status: ${STAT}
- $FailNum=$(echo $STAT | jq '.NumberOfFail')
- $TestsNum=$(echo $STAT | jq '.NumberOfTests')
- $GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${Env:TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- echo "STAT=${STAT}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- echo ${GOPOGH_RESULT}
- $numFail=(echo $STAT | jq '.NumberOfFail')
- $failedTests=( echo $STAT | jq '.FailedTests')
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $failedTest
- echo "-------------------------------------------------------"
- $numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*** $numPass Passed ***"
- - uses: actions/upload-artifact@v1
- with:
- name: functional_docker_windows
- path: minikube_binaries/report
- - name: The End Result functional_docker_windows
- shell: powershell
- run: |
- $numFail=(echo $Env:STAT | jq '.NumberOfFail')
- $failedTests=( echo $Env:STAT | jq '.FailedTests')
- $numPass=$(echo $Env:STAT | jq '.NumberOfPass')
- $passedTests=( echo $Env:STAT | jq '.PassedTests')
- echo "*******************${numPass} Passes :) *******************"
- echo $passedTests
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $failedTests
- echo "-------------------------------------------------------"
- If ($numFail -gt 0){ exit 2 }
- If ($numPass -eq 0){ exit 2 }
- If ($numPass -lt 33){ exit 2 }
- If ($numFail -eq 0){ exit 0 }
- functional_hyperv_windows:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_hyperv_windows"
- GOPOGH_RESULT: ""
- runs-on: [self-hosted, windows-10-ent, Standard_D16s_v3, hyperv]
- steps:
- - name: Clean up
- continue-on-error: true
- shell: powershell
- run: |
- echo $env:computerName
- ls
- $ErrorActionPreference = "SilentlyContinue"
- cd minikube_binaries
- ls
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- .\minikube-windows-amd64.exe delete --all --purge
- Get-VM | Where-Object {$_.Name -ne "DockerDesktopVM"} | Foreach {
- Stop-VM -Name $_.Name -Force
- Remove-VM $_.Name -Force
- }
- cd ..
- Remove-Item minikube_binaries -Force -Recurse
- ls
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Start Docker Desktop
- shell: powershell
- continue-on-error: true
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- if (!$docker_running) {
- Write-Output "Starting Docker as an administrator"
- Start-Process 'C:/Program Files/Docker/Docker/Docker Desktop.exe' -Verb runAs
- }
- while (!$docker_running) {
- Start-Sleep 5
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- }
- Write-Output "Docker is running"
- docker system prune -f
- docker system prune --volumes -f
- - name: Info
- continue-on-error: true
- shell: powershell
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- cd minikube_binaries
- ls
- echo $env:computername
- Get-WmiObject -class Win32_ComputerSystem
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install tools
- continue-on-error: true
- shell: powershell
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- (New-Object Net.WebClient).DownloadFile("https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh.exe", "C:\ProgramData\chocolatey\bin\gopogh.exe")
- choco install -y kubernetes-cli
- choco install -y jq
- choco install -y caffeine
- if (Test-Path 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe') { Remove-Item 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe' };
- - name: Run Integration Test in powershell
- continue-on-error: true
- shell: powershell
- run: |
- cd minikube_binaries
- New-Item -Force -Path "report" -ItemType Directory
- New-Item -Force -Path "testhome" -ItemType Directory
- $START_TIME=(GET-DATE)
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- $ErrorActionPreference = "SilentlyContinue"
- .\e2e-windows-amd64.exe --minikube-start-args="--driver=hyperv" --test.timeout=20m --timeout-multiplier=1.5 --test.v --test.run=TestFunctional --binary=./minikube-windows-amd64.exe | Tee-Object -FilePath ".\report\testout.txt"
- $END_TIME=(GET-DATE)
- echo $END_TIME
- $DURATION=(NEW-TIMESPAN -Start $START_TIME -End $END_TIME)
- echo $DURATION
- $SECS=($DURATION.TotalSeconds)
- $MINS=($DURATION.TotalMinutes)
- $T_ELAPSED="$MINS m $SECS s"
- echo "----"
- echo $T_ELAPSED
- echo "----"
- echo "TIME_ELAPSED=$T_ELAPSED" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- - name: Generate HTML Report
- continue-on-error: true
- shell: powershell
- run: |
- cd minikube_binaries
- Get-Content .\report\testout.txt -Encoding ASCII | go tool test2json -t | Out-File -FilePath .\report\testout.json -Encoding ASCII
- $STAT=(gopogh -in .\report\testout.json -out .\report\testout.html -name "${Env:JOB_NAME} ${Env:GITHUB_REF}" -repo "${Env:GITHUB_REPOSITORY}" -details "${Env:GITHUB_SHA}")
- echo status: ${STAT}
- $FailNum=$(echo $STAT | jq '.NumberOfFail')
- $TestsNum=$(echo $STAT | jq '.NumberOfTests')
- $GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${Env:TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- echo "STAT=${STAT}" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- echo ${GOPOGH_RESULT}
- $numFail=(echo $STAT | jq '.NumberOfFail')
- $failedTests=( echo $STAT | jq '.FailedTests')
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $failedTest
- echo "-------------------------------------------------------"
- $numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*** $numPass Passed ***"
- - uses: actions/upload-artifact@v1
- with:
- name: functional_hyperv_windows
- path: minikube_binaries/report
- - name: The End Result functional_hyperv_windows
- shell: powershell
- run: |
- $numFail=(echo $Env:STAT | jq '.NumberOfFail')
- $failedTests=( echo $Env:STAT | jq '.FailedTests')
- $numPass=$(echo $Env:STAT | jq '.NumberOfPass')
- $passedTests=( echo $Env:STAT | jq '.PassedTests')
- echo "*******************${numPass} Passes :) *******************"
- echo $passedTests
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $failedTests
- echo "-------------------------------------------------------"
- If ($numFail -gt 0){ exit 2 }
- If ($numPass -eq 0){ exit 2 }
- If ($numPass -lt 33){ exit 2 }
- If ($numFail -eq 0){ exit 0 }
- functional_baremetal_ubuntu18_04:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_baremetal_ubuntu18_04"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- runs-on: ubuntu-18.04
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- # conntrack is required for kubernetes 1.18 and higher
- # socat is required for kubectl port forward which is used in some tests such as validateHelmTillerAddon
- - name: Install tools for none
- shell: bash
- run: |
- sudo apt-get update -qq
- sudo apt-get -qq -y install conntrack
- sudo apt-get -qq -y install socat
- VERSION="v1.17.0"
- curl -L https://github.com/kubernetes-sigs/cri-tools/releases/download/$VERSION/crictl-${VERSION}-linux-amd64.tar.gz --output crictl-${VERSION}-linux-amd64.tar.gz
- sudo tar zxvf crictl-$VERSION-linux-amd64.tar.gz -C /usr/local/bin
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: true
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- MINIKUBE_HOME=$(pwd)/testhome ./minikube-linux-amd64 delete --all --purge
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome sudo -E ./e2e-linux-amd64 -minikube-start-args=--driver=none -test.timeout=10m -test.v -timeout-multiplier=1.5 -test.run TestFunctional -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: none_ubuntu18_04
- path: minikube_binaries/report
- - name: The End Result - None on Ubuntu 18:04
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 26 ];then echo "*** Failed to pass at least 26 ! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
- functional_docker_ubuntu_arm64:
- needs: [ build_minikube ]
- runs-on: [ self-hosted, arm64 ]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "functional_docker_ubuntu_arm64"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- steps:
- - name: Install tools
- shell: bash
- run: |
- sudo apt update
- sudo apt install -y jq docker git cron
- sudo usermod -aG docker $USER
-
- - name: Init
- shell: bash
- run: |
- if [[ -f /var/run/reboot.in.progress ]]; then
- echo "reboot in progress"
- exit 1
- fi
- sudo touch /var/run/job.in.progress
- rm -rf cleanup.sh install_cleanup.sh
- # after this PR is merged, update URLs to get the scripts from github master
- wget https://storage.googleapis.com/minikube-ci-utils/cleanup.sh
- wget https://storage.googleapis.com/minikube-ci-utils/install_cleanup.sh
- chmod +x cleanup.sh install_cleanup.sh
- ./install_cleanup.sh
-
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/arm64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
-
- - name: Install gopogh
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-arm64
- sudo install gopogh-linux-arm64 /usr/local/bin/gopogh
-
- - name: Docker Info
- shell: bash
- run: |
- echo "--------------------------"
- docker version || true
- echo "--------------------------"
- docker info || true
- echo "--------------------------"
- docker system df || true
- echo "--------------------------"
- docker system info --format='{{json .}}'|| true
- echo "--------------------------"
- docker ps || true
- echo "--------------------------"
- whoami || true
- echo "--------------------------"
- hostname || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
-
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
-
- - name: Pre-cleanup
- continue-on-error: true
- run: |
- minikube_binaries/minikube-linux-arm64 delete --all --purge || true
- docker kill $(docker ps -aq) || true
- docker system prune --volumes --force || true
-
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- MINIKUBE_HOME=$(pwd)/testhome ./minikube-linux-arm64 delete --all --purge
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-arm64 -minikube-start-args=--vm-driver=docker -test.run TestFunctional -test.timeout=25m -test.v -timeout-multiplier=1.5 -binary=./minikube-linux-arm64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
-
- - uses: actions/upload-artifact@v1
- with:
- name: functional_docker_ubuntu_arm64
- path: minikube_binaries/report
-
- - name: The End Result - functional_docker_ubuntu_arm64
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 0 ];then echo "*** Failed to pass at least 20! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
-
- - name: finalize
- shell: bash
- run: sudo rm -rf /var/run/job.in.progress
- # After all integration tests finished
- # collect all the reports and upload them
- upload_all_reports:
- if: always()
- needs:
- [
- functional_docker_ubuntu,
- functional_docker_containerd_ubuntu,
- functional_podman_ubuntu,
- functional_docker_ubuntu_arm64,
- functional_virtualbox_macos,
- functional_docker_windows,
- functional_hyperv_windows,
- functional_baremetal_ubuntu18_04,
- ]
- runs-on: ubuntu-18.04
- steps:
- - name: download all reports
- uses: actions/download-artifact@v2-preview
- - name: upload all reports
- shell: bash {0}
- continue-on-error: true
- run: |
- mkdir -p all_reports
- ls -lah
- cp -r ./functional_docker_ubuntu ./all_reports/
- cp -r ./functional_docker_containerd_ubuntu ./all_reports/
- cp -r ./functional_podman_ubuntu ./all_reports/
- cp -r ./functional_docker_ubuntu_arm64 ./all_reports/
- cp -r ./functional_virtualbox_macos ./all_reports/
- cp -r ./functional_docker_windows ./all_reports/
- cp -r ./functional_hyperv_windows ./all_reports/
- cp -r ./functional_baremetal_ubuntu18_04 ./all_reports/
-
- - uses: actions/upload-artifact@v1
- with:
- name: all_reports
- path: all_reports
diff --git a/.github/workflows/pr_verified.yaml b/.github/workflows/pr_verified.yaml
deleted file mode 100644
index 46f69ae0e790..000000000000
--- a/.github/workflows/pr_verified.yaml
+++ /dev/null
@@ -1,1033 +0,0 @@
-name: PR_Verified
-on:
- workflow_dispatch:
- pull_request:
- paths:
- - "go.mod"
- - "**.go"
- - "**.yml"
- - "**.yaml"
- - "Makefile"
- - "!deploy/kicbase/**"
- - "!deploy/iso/**"
- types:
- - labeled
- - opened
- - synchronize
- label:
- types:
- - created
- - edited
- - deleted
-env:
- GOPROXY: https://proxy.golang.org
- GO_VERSION: '1.16.7'
-
-jobs:
- # Runs before all other jobs
- # builds the minikube binaries
- build_minikube:
- if: contains(github.event.pull_request.labels.*.name, 'pr_verified')
- runs-on: ubuntu-18.04
- steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Download Dependencies
- run: go mod download
- - name: Build Binaries
- run: |
- sudo apt-get update
- sudo apt-get install -y libvirt-dev
- MINIKUBE_BUILD_IN_DOCKER=y make cross e2e-cross debs
- cp -r test/integration/testdata ./out
- whoami
- echo github ref $GITHUB_REF
- echo workflow $GITHUB_WORKFLOW
- echo home $HOME
- echo event name $GITHUB_EVENT_NAME
- echo workspace $GITHUB_WORKSPACE
- echo "end of debug stuff"
- echo $(which jq)
- - uses: actions/upload-artifact@v1
- with:
- name: minikube_binaries
- path: out
- pkg_install_amd64:
- needs: [ build_minikube ]
- runs-on: ubuntu-18.04
- env:
- TIME_ELAPSED: time
- JOB_NAME: "pkg_install_amd64"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- steps:
- - name: Install gopogh
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
-
- - name: Install Go
- uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
-
- - name: Install tools
- shell: bash
- run: |
- sudo apt update
- sudo apt install -y jq
-
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
-
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-amd64 -test.run TestDebPackageInstall -test.timeout=10m -test.v -timeout-multiplier=1.5 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
-
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out ./report/testout.html -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
-
- - uses: actions/upload-artifact@v1
- with:
- name: pkg_install_amd64
- path: minikube_binaries/report
-
- - name: The End Result - pkg_install_amd64
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 0 ];then echo "*** Failed to pass at least 20! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
- pkg_install_arm64:
- needs: [ build_minikube ]
- runs-on: [ self-hosted, arm64 ]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "pkg_install_arm64"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- steps:
- - name: Install gopogh
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-arm64
- sudo install gopogh-linux-arm64 /usr/local/bin/gopogh
-
- - name: Install Go
- uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
-
- - name: Install tools
- shell: bash
- run: |
- sudo apt update
- sudo apt install -y jq
-
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
-
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-arm64 -test.run TestDebPackageInstall -test.timeout=10m -test.v -timeout-multiplier=1.5 -binary=./minikube-linux-arm64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
-
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out ./report/testout.html -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
-
- - uses: actions/upload-artifact@v1
- with:
- name: pkg_install_arm64
- path: minikube_binaries/report
-
- - name: The End Result - pkg_install_arm64
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 0 ];then echo "*** Failed to pass at least 20! ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** Passed! ***";exit 0;fi
- addons_certs_docker_ubuntu:
- runs-on: ubuntu-18.04
- env:
- TIME_ELAPSED: time
- JOB_NAME: "addons_certs_docker_ubuntu"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- needs: [build_minikube]
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- - name: Docker Info
- shell: bash
- run: |
- echo "--------------------------"
- docker version || true
- echo "--------------------------"
- docker info || true
- echo "--------------------------"
- docker system df || true
- echo "--------------------------"
- docker system info || true
- echo "--------------------------"
- docker ps || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: true
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-amd64 -minikube-start-args=--driver=docker -test.run "(TestAddons|TestCertOptions|TestSkaffold)" -test.timeout=30m -test.v -timeout-multiplier=1.2 -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: addons_certs_docker_ubuntu
- path: minikube_binaries/report
- - name: The End Result - addons_certs_docker_ubuntu
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 6 ];then echo "*** Failed to pass at least 6 ! ***";exit 2;fi
- addons_certs_virtualbox_macos:
- runs-on: macos-10.15
- env:
- TIME_ELAPSED: time
- JOB_NAME: "addons_certs_virtualbox_macos"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- needs: [build_minikube]
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/darwin/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-darwin-amd64
- sudo install gopogh-darwin-amd64 /usr/local/bin/gopogh
- - name: Install docker
- shell: bash
- run: |
- brew install docker-machine docker
- sudo docker --version
- - name: Info
- shell: bash
- run: |
- hostname
- VBoxManage --version
- sysctl hw.physicalcpu hw.logicalcpu
- - name: Disable firewall
- run: |
- sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate off
- sudo /usr/libexec/ApplicationFirewall/socketfilterfw -k
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: true
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- cp minikube-darwin-amd64 minikube
- chmod a+x minikube*
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-darwin-amd64 -minikube-start-args=--vm-driver=virtualbox -test.run "(TestDownloadOnly|TestAddons|TestCertOptions|TestSkaffold)" -test.timeout=30m -test.v -timeout-multiplier=1.2 -binary=./minikube-darwin-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: addons_certs_virtualbox_macos
- path: minikube_binaries/report
- - name: The End Result - addons_certs_virtualbox_macos
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 6 ];then echo "*** Failed to pass at least 6 ! ***";exit 2;fi
- multinode_docker_ubuntu:
- runs-on: ubuntu-18.04
- env:
- TIME_ELAPSED: time
- JOB_NAME: "multinode_docker_ubuntu"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- needs: [build_minikube]
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- - name: Docker Info
- shell: bash
- run: |
- echo "--------------------------"
- docker version || true
- echo "--------------------------"
- docker info || true
- echo "--------------------------"
- docker system df || true
- echo "--------------------------"
- docker system info || true
- echo "--------------------------"
- docker ps || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
-
- - name: Install gopogh
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: true
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
- sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-amd64 -minikube-start-args=--driver=docker -test.run "TestMultiNode" -test.timeout=15m -test.v -timeout-multiplier=1.5 -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: multinode_docker_ubuntu
- path: minikube_binaries/report
- - name: The End Result - multinode_docker_ubuntu
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 5 ];then echo "*** Failed to pass at least 5 ! ***";exit 2;fi
- multinode_virtualbox_macos:
- runs-on: macos-10.15
- env:
- TIME_ELAPSED: time
- JOB_NAME: "multinode_virtualbox_macos"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- needs: [build_minikube]
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/darwin/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-darwin-amd64
- sudo install gopogh-darwin-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Info
- shell: bash
- run: |
- hostname
- VBoxManage --version
- sysctl hw.physicalcpu hw.logicalcpu
- - name: Disable firewall
- run: |
- sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate off
- sudo /usr/libexec/ApplicationFirewall/socketfilterfw -k
- - name: Run Integration Test
- continue-on-error: true
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-darwin-amd64 -minikube-start-args=--driver=virtualbox -test.run "TestDownloadOnly|TestMultiNode" -test.timeout=45m -test.v -timeout-multiplier=1.2 -binary=./minikube-darwin-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: multinode_virtualbox_macos
- path: minikube_binaries/report
- - name: The End Result - multinode_virtualbox_macos
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 7 ];then echo "*** Failed to pass at least 7 ! ***";exit 2;fi
- preload_dockerflags_docker_ubuntu:
- # TestPause was removed due to https://github.com/kubernetes/minikube/issues/9568
- runs-on: ubuntu-18.04
- env:
- TIME_ELAPSED: time
- JOB_NAME: "preload_dockerflags_docker_ubuntu"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- needs: [build_minikube]
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- - name: Docker Info
- shell: bash
- run: |
- echo "--------------------------"
- docker version || true
- echo "--------------------------"
- docker info || true
- echo "--------------------------"
- docker system df || true
- echo "--------------------------"
- docker system info || true
- echo "--------------------------"
- docker ps || true
- echo "--------------------------"
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-linux-amd64
- sudo install gopogh-linux-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Run Integration Test
- continue-on-error: true
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-linux-amd64 -minikube-start-args=--driver=docker -test.run "(TestDockerFlags|TestPreload)" -test.timeout=30m -test.v -timeout-multiplier=1.2 -binary=./minikube-linux-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: preload_dockerflags_docker_ubuntu
- path: minikube_binaries/report
- - name: The End Result - preload_dockerflags_docker_ubuntu
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 2 ];then echo "*** Failed to pass at least 2 ! ***";exit 2;fi
- pause_preload_dockerflags_virtualbox_macos:
- runs-on: macos-10.15
- env:
- TIME_ELAPSED: time
- JOB_NAME: "pause_preload_dockerflags_virtualbox_macos"
- GOPOGH_RESULT: ""
- SHELL: "/bin/bash" # To prevent https://github.com/kubernetes/minikube/issues/6643
- needs: [build_minikube]
- steps:
- - name: Install kubectl
- shell: bash
- run: |
- curl -LO https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/darwin/amd64/kubectl
- sudo install kubectl /usr/local/bin/kubectl
- kubectl version --client=true
- # go 1.14.6+ is needed because of this bug https://github.com/golang/go/issues/39308
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install gopogh
-
- shell: bash
- run: |
- curl -LO https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh-darwin-amd64
- sudo install gopogh-darwin-amd64 /usr/local/bin/gopogh
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Info
- shell: bash
- run: |
- hostname
- VBoxManage --version
- sysctl hw.physicalcpu hw.logicalcpu
- - name: Disable firewall
- run: |
- sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate off
- sudo /usr/libexec/ApplicationFirewall/socketfilterfw -k
- - name: Run Integration Test
- continue-on-error: false
- # bash {0} to allow test to continue to next step. in case of
- shell: bash {0}
- run: |
- cd minikube_binaries
- mkdir -p report
- mkdir -p testhome
- chmod a+x e2e-*
- chmod a+x minikube-*
- START_TIME=$(date -u +%s)
- KUBECONFIG=$(pwd)/testhome/kubeconfig MINIKUBE_HOME=$(pwd)/testhome ./e2e-darwin-amd64 -minikube-start-args=--vm-driver=virtualbox -test.run "(TestPause|TestPreload|TestDockerFlags)" -test.timeout=30m -test.v -timeout-multiplier=1.2 -binary=./minikube-darwin-amd64 2>&1 | tee ./report/testout.txt
- END_TIME=$(date -u +%s)
- TIME_ELAPSED=$(($END_TIME-$START_TIME))
- min=$((${TIME_ELAPSED}/60))
- sec=$((${TIME_ELAPSED}%60))
- TIME_ELAPSED="${min} min $sec seconds "
- echo "TIME_ELAPSED=${TIME_ELAPSED}" >> $GITHUB_ENV
- - name: Generate HTML Report
- shell: bash
- run: |
- cd minikube_binaries
- export PATH=${PATH}:`go env GOPATH`/bin
- go tool test2json -t < ./report/testout.txt > ./report/testout.json || true
- STAT=$(gopogh -in ./report/testout.json -out_html ./report/testout.html -out_summary ./report/testout_summary.json -name "${JOB_NAME} ${GITHUB_REF}" -repo "${GITHUB_REPOSITORY}" -details "${GITHUB_SHA}") || true
- echo status: ${STAT}
- FailNum=$(echo $STAT | jq '.NumberOfFail')
- TestsNum=$(echo $STAT | jq '.NumberOfTests')
- GOPOGH_RESULT="${JOB_NAME} : completed with ${FailNum} / ${TestsNum} failures in ${TIME_ELAPSED}"
- echo "GOPOGH_RESULT=${GOPOGH_RESULT}" >> $GITHUB_ENV
- echo 'STAT<> $GITHUB_ENV
- echo "${STAT}" >> $GITHUB_ENV
- echo 'EOF' >> $GITHUB_ENV
- - uses: actions/upload-artifact@v1
- with:
- name: pause_preload_dockerflags_virtualbox_macos
- path: minikube_binaries/report
- - name: The End Result - pause_preload_dockerflags_virtualbox_macos
- shell: bash
- run: |
- echo ${GOPOGH_RESULT}
- numFail=$(echo $STAT | jq '.NumberOfFail')
- numPass=$(echo $STAT | jq '.NumberOfPass')
- echo "*******************${numPass} Passes :) *******************"
- echo $STAT | jq '.PassedTests' || true
- echo "*******************************************************"
- echo "---------------- ${numFail} Failures :( ----------------------------"
- echo $STAT | jq '.FailedTests' || true
- echo "-------------------------------------------------------"
- if [ "$numFail" -gt 0 ];then echo "*** $numFail Failed ***";exit 2;fi
- if [ "$numPass" -eq 0 ];then echo "*** 0 Passed! ***";exit 2;fi
- if [ "$numPass" -lt 9 ];then echo "*** Failed to pass at least 9 ! ***";exit 2;fi
- scheduled_stop_docker_windows:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "scheduled_stop_docker_windows"
- GOPOGH_RESULT: ""
- STAT: ""
- runs-on: [self-hosted, windows-10-ent, 8CPUs]
- steps:
- - name: Clean up
- continue-on-error: true
- shell: powershell
- run: |
- echo $env:computerName
- ls
- $ErrorActionPreference = "SilentlyContinue"
- cd minikube_binaries
- ls
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- .\minikube-windows-amd64.exe delete --all --purge
- Get-VM | Where-Object {$_.Name -ne "DockerDesktopVM"} | Foreach {
- .\minikube-windows-amd64.exe delete -p $_.Name
- Suspend-VM $_.Name
- Stop-VM $_.Name -Force
- Remove-VM $_.Name -Force
- }
- cd ..
- Remove-Item minikube_binaries -Force -Recurse
- ls
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Start Docker Desktop
- shell: powershell
- continue-on-error: true
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- if (!$docker_running) {
- Write-Output "Starting Docker as an administrator"
- Start-Process 'C:/Program Files/Docker/Docker/Docker Desktop.exe' -Verb runAs
- }
- while (!$docker_running) {
- Start-Sleep 5
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- }
- Write-Output "Docker is running"
- docker system prune -f
- - name: Info
- shell: powershell
- run: |
- echo $env:computername
- echo "------------------------"
- docker info
- echo "------------------------"
- docker volume ls
- echo "------------------------"
- docker system info --format '{{json .}}'
- echo "------------------------"
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install tools
- continue-on-error: true
- shell: powershell
- run: |
- (New-Object Net.WebClient).DownloadFile("https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh.exe", "C:\ProgramData\chocolatey\bin\gopogh.exe")
- choco install -y kubernetes-cli
- choco install -y jq
- choco install -y caffeine
- if (Test-Path 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe') { Remove-Item 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe' };
- - name: Run Integration Test in powershell
- shell: powershell
- run: |
- cd minikube_binaries
- New-Item -Force -Path "report" -ItemType Directory
- New-Item -Force -Path "testhome" -ItemType Directory
- $START_TIME=(GET-DATE)
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- $ErrorActionPreference = "SilentlyContinue"
- .\e2e-windows-amd64.exe --minikube-start-args="--driver=docker" --test.timeout=15m --timeout-multiplier=1 --test.v --test.run=TestScheduledStopWindows --binary=./minikube-windows-amd64.exe | Tee-Object -FilePath ".\report\testout.txt"
- $END_TIME=(GET-DATE)
- echo $END_TIME
- $DURATION=(NEW-TIMESPAN -Start $START_TIME -End $END_TIME)
- echo $DURATION
- $SECS=($DURATION.TotalSeconds)
- $MINS=($DURATION.TotalMinutes)
- $T_ELAPSED="$MINS m $SECS s"
- echo "----"
- echo $T_ELAPSED
- echo "----"
- echo "TIME_ELAPSED=$T_ELAPSED" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- scheduled_stop_hyperv_windows:
- needs: [build_minikube]
- env:
- TIME_ELAPSED: time
- JOB_NAME: "scheduled_stop_hyperv_windows"
- GOPOGH_RESULT: ""
- runs-on: [self-hosted, windows-10-ent, Standard_D16s_v3, hyperv]
- steps:
- - name: Clean up
- continue-on-error: true
- shell: powershell
- run: |
- echo $env:computerName
- ls
- $ErrorActionPreference = "SilentlyContinue"
- cd minikube_binaries
- ls
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- .\minikube-windows-amd64.exe delete --all --purge
- Get-VM | Where-Object {$_.Name -ne "DockerDesktopVM"} | Foreach {
- Stop-VM -Name $_.Name -Force
- Remove-VM $_.Name -Force
- }
- cd ..
- Remove-Item minikube_binaries -Force -Recurse
- ls
- - name: Download Binaries
- uses: actions/download-artifact@v1
- with:
- name: minikube_binaries
- - name: Start Docker Desktop
- shell: powershell
- continue-on-error: true
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- if (!$docker_running) {
- Write-Output "Starting Docker as an administrator"
- Start-Process 'C:/Program Files/Docker/Docker/Docker Desktop.exe' -Verb runAs
- }
- while (!$docker_running) {
- Start-Sleep 5
- docker ps 2>&1 | Out-Null
- $docker_running = $?
- }
- Write-Output "Docker is running"
- docker system prune -f
- - name: Info
- continue-on-error: true
- shell: powershell
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- cd minikube_binaries
- ls
- echo $env:computername
- Get-WmiObject -class Win32_ComputerSystem
- - uses: actions/setup-go@v2
- with:
- go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Install tools
- continue-on-error: true
- shell: powershell
- run: |
- $ErrorActionPreference = "SilentlyContinue"
- (New-Object Net.WebClient).DownloadFile("https://github.com/medyagh/gopogh/releases/download/v0.9.0/gopogh.exe", "C:\ProgramData\chocolatey\bin\gopogh.exe")
- choco install -y kubernetes-cli
- choco install -y jq
- choco install -y caffeine
- if (Test-Path 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe') { Remove-Item 'C:\Program Files\Docker\Docker\resources\bin\kubectl.exe' };
- - name: Run Integration Test in powershell
- shell: powershell
- run: |
- cd minikube_binaries
- New-Item -Force -Path "report" -ItemType Directory
- New-Item -Force -Path "testhome" -ItemType Directory
- $START_TIME=(GET-DATE)
- $env:KUBECONFIG="${pwd}\testhome\kubeconfig"
- $env:MINIKUBE_HOME="${pwd}\testhome"
- $ErrorActionPreference = "SilentlyContinue"
- .\e2e-windows-amd64.exe --minikube-start-args="--driver=hyperv" --test.timeout=20m --timeout-multiplier=1.5 --test.v --test.run=TestScheduledStopWindows --binary=./minikube-windows-amd64.exe | Tee-Object -FilePath ".\report\testout.txt"
- $END_TIME=(GET-DATE)
- echo $END_TIME
- $DURATION=(NEW-TIMESPAN -Start $START_TIME -End $END_TIME)
- echo $DURATION
- $SECS=($DURATION.TotalSeconds)
- $MINS=($DURATION.TotalMinutes)
- $T_ELAPSED="$MINS m $SECS s"
- echo "----"
- echo $T_ELAPSED
- echo "----"
- echo "TIME_ELAPSED=$T_ELAPSED" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
- # After all integration tests finished
- # collect all the reports and upload them
- upload_all_reports:
- needs:
- [
- pkg_install_amd64,
- pkg_install_arm64,
- addons_certs_virtualbox_macos,
- multinode_docker_ubuntu,
- multinode_virtualbox_macos,
- preload_dockerflags_docker_ubuntu,
- pause_preload_dockerflags_virtualbox_macos,
- ]
- runs-on: ubuntu-18.04
- steps:
- - name: download all extra reports
- uses: actions/download-artifact@v2-preview
- - name: upload all extra reports
- shell: bash {0}
- continue-on-error: true
- run: |
- mkdir -p all_reports
- cp -r ./pkg_install_amd64 ./all_reports/
- cp -r ./pkg_install_arm64 ./all_reports/
- cp -r ./scheduled_stop_docker_windows ./all_reports/
- cp -r ./scheduled_stop_hyperv_windows ./all_reports/
- cp -r ./addons_certs_docker_ubuntu ./all_reports/
- cp -r ./addons_certs_virtualbox_macos ./all_reports/
- cp -r ./multinode_docker_ubuntu ./all_reports/
- cp -r ./multinode_virtualbox_macos ./all_reports/
- cp -r ./preload_dockerflags_docker_ubuntu ./all_reports/
- cp -r ./pause_preload_dockerflags_virtualbox_macos ./all_reports/
- - uses: actions/upload-artifact@v1
- with:
- name: all_reports
- path: all_reports
diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
new file mode 100644
index 000000000000..7b5d62304c64
--- /dev/null
+++ b/.github/workflows/sbom.yml
@@ -0,0 +1,25 @@
+name: Generate SBOM
+on:
+ workflow_dispatch:
+ release:
+ types: [published]
+permissions:
+ contents: write
+jobs:
+ generate_sbom_action:
+ runs-on: ubuntu-latest
+ name: Install bom and generate SBOM
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - name: Install bom
+ uses: kubernetes-sigs/release-actions/setup-bom@8af7b2a5596dff526de9db59b2c4b8457e9f52a1 # main
+ - name: Generage SBOM
+ run: |
+ bom generate -o minikube_${{github.ref_name}}_sbom.spdx \
+ --dirs=.\
+ - name: Upload SBOM
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ run: |
+ gh release upload ${{github.ref_name}} minikube_${{github.ref_name}}_sbom.spdx
diff --git a/.github/workflows/smoke-test.yml b/.github/workflows/smoke-test.yml
new file mode 100644
index 000000000000..53d2fa22bb26
--- /dev/null
+++ b/.github/workflows/smoke-test.yml
@@ -0,0 +1,120 @@
+# Boot Smoke Test only tests Bare VM (start,stop,delete) and not any minikube/kubernetes functionality.
+name: Smoke Test
+on:
+ push:
+ branches: [ master ]
+ paths:
+ - "go.mod"
+ - "**.go"
+ - "Makefile"
+ - "!hack/**"
+ - "!site/**"
+ - "!**.md"
+ - "!**.json"
+ pull_request:
+ paths:
+ - "go.mod"
+ - "**.go"
+ - "Makefile"
+ - ".github/workflows/smoke-test.yml"
+ - "!hack/**"
+ - "!site/**"
+ - "!**.md"
+ - "!**.json"
+ workflow_dispatch:
+env:
+ GOPROXY: https://proxy.golang.org
+ LOG_ARGS: --v=8 --alsologtostderr
+
+permissions:
+ contents: read
+# Limit one unit test job running per PR/Branch
+concurrency:
+ group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+ # For example, if you push multiple commits to a pull request in quick succession, only the latest workflow run will continue
+ cancel-in-progress: true
+jobs:
+ minikube-vm-boot:
+ name: Boot
+ runs-on: ${{ matrix.os }}
+ strategy:
+ fail-fast: false
+ matrix:
+ include:
+ - driver: qemu
+ os: macos-15-intel
+ network_flag: --network socket_vmnet
+ - driver: vfkit
+ os: macos-15-intel
+ network_flag: --network vmnet-shared
+ - driver: docker
+ os: ubuntu-24.04
+ network_flag: ""
+ - driver: docker
+ os: ubuntu-24.04-arm
+ network_flag: ""
+ steps:
+ - id: info-block
+ uses: medyagh/info-block@main
+ - name: Load avg and free memory
+ run: |
+ echo "memory_gb=${{ steps.info-block.outputs.memory_gb }}"
+ echo "cpu_cores=${{ steps.info-block.outputs.cpu_cores }}"
+ echo "load_average=${{ steps.info-block.outputs.load_average }}"
+ echo "free_mem=${{ steps.info-block.outputs.free_mem }}"
+ load_avg=${{ steps.info-block.outputs.load_average }}
+ cores=${{ steps.info-block.outputs.cpu_cores }}
+ if (( $(echo "$load_avg / $cores > 2" | bc -l) )); then
+ echo "Load average per core is above 2; stopping job early."
+ exit 1
+ fi
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version-file: go.mod
+ cache: true
+ - name: Download Golang Dependencies
+ run: go mod download
+ - name: Build Binaries
+ run: make
+ - name: Update brew (macos)
+ if: contains(matrix.os, 'macos')
+ run: brew update
+ - name: Install tools (macos)
+ if: contains(matrix.os, 'macos')
+ run: brew install tree
+ - name: Install vfkit and vmnet-helper (macos)
+ if: matrix.driver == 'vfkit'
+ run: |
+ brew install vfkit
+ curl -fsSL https://github.com/minikube-machine/vmnet-helper/releases/latest/download/install.sh | sudo VMNET_INTERACTIVE=0 bash
+ - name: Install qemu and socket_vmnet (macos)
+ if: contains(matrix.os, 'macos') && matrix.driver == 'qemu'
+ run: |
+ brew install qemu socket_vmnet
+ HOMEBREW=$(which brew) && sudo ${HOMEBREW} services start socket_vmnet
+ - name: Start minikube (1st boot)
+ run: |
+ ./out/minikube start \
+ --no-kubernetes \
+ --memory 4gb \
+ --driver ${{ matrix.driver }} \
+ ${{ matrix.network_flag }} \
+ ${{ env.LOG_ARGS }}
+ - name: Inspect minikube
+ if: always()
+ run: |
+ tree -h ~/.minikube
+ machine="$HOME/.minikube/machines/minikube"
+ machine_logs=$(find "$machine" -name "*.log")
+ minikube_logs="$HOME/.minikube/logs/lastStart.txt"
+ for f in $machine_logs $minikube_logs /var/db/dhcpd_leases; do
+ echo "==> $f <=="
+ head -n 1000 "$f" || true
+ done
+ - name: Stop minikube
+ run: ./out/minikube stop ${{ env.LOG_ARGS }}
+ - name: Start minikube again (2nd boot)
+ run: ./out/minikube start ${{ env.LOG_ARGS }}
+ - name: Delete minikube
+ run: ./out/minikube delete ${{ env.LOG_ARGS }}
diff --git a/.github/workflows/sync-minikube.yml b/.github/workflows/sync-minikube.yml
new file mode 100644
index 000000000000..3d25e9154846
--- /dev/null
+++ b/.github/workflows/sync-minikube.yml
@@ -0,0 +1,39 @@
+name: Sync docker images of minikube to Alibaba Cloud
+on:
+ workflow_dispatch:
+ schedule:
+ # every day at 7am & 7pm pacific
+ - cron: "0 2,14 * * *"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ sync-images:
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ working-directory: ./image-syncer
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ with:
+ repository: denverdino/image-syncer
+ path: ./image-syncer
+
+ - name: Set up Go
+ uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Build
+ run: make
+
+ - name: Synchronize images to Alibaba Cloud Container Registry Service
+ env:
+ ACR_USER: ${{ secrets.ALIBABA_CLOUD_ACR_USER }}
+ ACR_PASSWORD: ${{ secrets.ALIBABA_CLOUD_ACR_PASSWORD }}
+ DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
+ DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
+
+ run: ./image-syncer --auth=auth.json --images=images.json --days=2 --proc=2
diff --git a/.github/workflows/time-to-k8s-public-chart.yml b/.github/workflows/time-to-k8s-public-chart.yml
index a41de2aa068b..3947e20a3dae 100644
--- a/.github/workflows/time-to-k8s-public-chart.yml
+++ b/.github/workflows/time-to-k8s-public-chart.yml
@@ -6,25 +6,54 @@ on:
- cron: "0 2,14 * * *"
env:
GOPROXY: https://proxy.golang.org
- GO_VERSION: '1.16.7'
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
jobs:
- time-to-k8s-public-chart:
- runs-on: ubuntu-latest
+ time-to-k8s-public-chart-docker:
+ if: github.repository == 'kubernetes/minikube'
+ runs-on: ubuntu-22.04
+ env:
+ AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ AWS_DEFAULT_REGION: 'us-west-1'
steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
with:
go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Set up Cloud SDK
- uses: google-github-actions/setup-gcloud@master
+ - name: Benchmark time-to-k8s for Docker driver with Docker runtime
+ run: |
+ ./hack/benchmark/time-to-k8s/public-chart/public-chart.sh docker docker
+ - name: Benchmark time-to-k8s for Docker driver with containerd runtime
+ run: |
+ ./hack/benchmark/time-to-k8s/public-chart/public-chart.sh docker containerd
+ time-to-k8s-public-chart-virtualbox:
+ if: github.repository == 'kubernetes/minikube'
+ runs-on: macos-12
+ env:
+ AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ AWS_DEFAULT_REGION: 'us-west-1'
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - name: Install kubectl
+ shell: bash
+ run: |
+ curl -LO "https://dl.k8s.io/release/$(curl -sSL https://dl.k8s.io/release/stable.txt)/bin/darwin/amd64/kubectl"
+ sudo install kubectl /usr/local/bin/kubectl
+ kubectl version --client=true
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
with:
- project_id: ${{ secrets.GCP_PROJECT_ID }}
- service_account_key: ${{ secrets.GCP_TIME_TO_K8S_SA_KEY }}
- export_default_credentials: true
- - name: Benchmark time-to-k8s for Docker
+ go-version: ${{env.GO_VERSION}}
+ - name: Disable firewall
+ run: |
+ sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate off
+ sudo /usr/libexec/ApplicationFirewall/socketfilterfw -k
+ - name: Benchmark time-to-k8s for VirtualBox driver with Docker runtime
run: |
- ./hack/benchmark/time-to-k8s/public-chart/public-chart.sh docker
- - name: Benchmark time-to-k8s for Containerd
+ ./hack/benchmark/time-to-k8s/public-chart/public-chart.sh virtualbox docker
+ - name: Benchmark time-to-k8s for VirtualBox driver with containerd runtime
run: |
- ./hack/benchmark/time-to-k8s/public-chart/public-chart.sh containerd
+ ./hack/benchmark/time-to-k8s/public-chart/public-chart.sh virtualbox containerd
diff --git a/.github/workflows/time-to-k8s.yml b/.github/workflows/time-to-k8s.yml
index 791b2a19c9fc..2584ef0d6783 100644
--- a/.github/workflows/time-to-k8s.yml
+++ b/.github/workflows/time-to-k8s.yml
@@ -5,32 +5,36 @@ on:
types: [released]
env:
GOPROXY: https://proxy.golang.org
- GO_VERSION: '1.16.7'
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
jobs:
benchmark:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/checkout@v2
- - name: Checkout submodules
- run: git submodule update --init
- - uses: actions/setup-go@v2
- with:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - name: Checkout submodules
+ run: git submodule update --init
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Benchmark
- run: |
+ - name: time-to-k8s Benchmark
+ id: timeToK8sBenchmark
+ run: |
./hack/benchmark/time-to-k8s/time-to-k8s.sh
- echo "::set-output name=version::$(minikube version --short)"
- - name: Create PR
- uses: peter-evans/create-pull-request@v3
- with:
- token: ${{ secrets.MINIKUBE_BOT_PAT }}
- commit-message: add time-to-k8s benchmark for ${{ steps.gendocs.outputs.version }}
- committer: minikube-bot
- author: minikube-bot
- branch: addTimeToK8s${{ steps.gendocs.outputs.version }}
- push-to-fork: minikube-bot/minikube
- base: master
- delete-branch: true
- title: Add time-to-k8s benchmark for ${{ steps.gendocs.outputs.version }}
- body: Updating time-to-k8s benchmark as part of the release process
+ echo "version=$(minikube version --short)" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: add time-to-k8s benchmark for ${{ steps.timeToK8sBenchmark.outputs.version }}
+ committer: minikube-bot
+ author: minikube-bot
+ branch: addTimeToK8s${{ steps.timeToK8sBenchmark.outputs.version }}
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: "site: Add time-to-k8s benchmark for ${{ steps.timeToK8sBenchmark.outputs.version }} (Post-release)"
+ body: Updating time-to-k8s benchmark as part of the release process
diff --git a/.github/workflows/translations.yml b/.github/workflows/translations.yml
index 98605138e656..d3225318b799 100644
--- a/.github/workflows/translations.yml
+++ b/.github/workflows/translations.yml
@@ -6,16 +6,18 @@ on:
- "translations/**"
env:
GOPROXY: https://proxy.golang.org
- GO_VERSION: '1.16.7'
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
jobs:
unit_test:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
with:
go-version: ${{env.GO_VERSION}}
- stable: true
- name: Install libvirt
run: |
sudo apt-get update
diff --git a/.github/workflows/twitter-bot.yml b/.github/workflows/twitter-bot.yml
index 1a7c97b56a1b..eaaf3cdc5de2 100644
--- a/.github/workflows/twitter-bot.yml
+++ b/.github/workflows/twitter-bot.yml
@@ -1,18 +1,17 @@
name: "Tweet the release"
on:
workflow_dispatch:
- push:
- tags:
- - 'v*'
release:
types: [published]
+permissions:
+ contents: read
jobs:
twitter-release:
- runs-on: ubuntu-latest
+ runs-on: ubuntu-22.04
steps:
- - uses: ethomson/send-tweet-action@v1
+ - uses: ethomson/send-tweet-action@288f9339e0412e3038dce350e0da5ecdf12133a6
with:
- status: "A new minikube version just released ! check it out https://github.com/kubernetes/minikube/blob/master/CHANGELOG.md"
+ status: "minikube ${{github.ref_name}} was just released! Check it out: https://github.com/kubernetes/minikube/blob/master/CHANGELOG.md"
consumer-key: ${{ secrets.TWITTER_API_KEY }}
consumer-secret: ${{ secrets.TWITTER_API_SECRET }}
access-token: ${{ secrets.TWITTER_ACCESS_TOKEN }}
diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml
new file mode 100644
index 000000000000..9afac50f1d09
--- /dev/null
+++ b/.github/workflows/unit-test.yml
@@ -0,0 +1,73 @@
+name: Unit Test
+on:
+ workflow_dispatch:
+ push:
+ branches: [ master ]
+ paths:
+ - .github/workflows/unit-test.yml
+ - .gitattributes
+ - go.mod
+ - Makefile
+ - '**/*.go'
+ - '**/testdata/**/*.yaml'
+ - '**/testdata/**/*.yml'
+ - '**/testdata/**/*.json'
+ - '!hack/**'
+ - '!site/**'
+ - '!**/*.md'
+ - '!**/*.json'
+ pull_request:
+ paths:
+ - .github/workflows/unit-test.yml
+ - .gitattributes
+ - go.mod
+ - Makefile
+ - '**/*.go'
+ - '**/testdata/**/*.yaml'
+ - '**/testdata/**/*.yml'
+ - '**/testdata/**/*.json'
+ - '!hack/**'
+ - '!site/**'
+ - '!**/*.md'
+ - '!**/*.json'
+# Limit one unit test job running per PR/Branch
+concurrency:
+ group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+ # For example, if you push multiple commits to a pull request in quick succession, only the latest workflow run will continue
+ cancel-in-progress: true
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+jobs:
+ unit_test:
+ strategy:
+ fail-fast: false
+ matrix:
+ os: [ubuntu-22.04, macos-15, windows-2022]
+ runs-on: ${{ matrix.os }}
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ cache: true
+ - name: Download Dependencies
+ run: go mod download
+ # needed because pkg/drivers/kvm/domain.go:28:2:
+ - name: Install libvirt (Linux)
+ if: runner.os == 'Linux'
+ run: |
+ sudo apt-get update
+ sudo apt-get install -y libvirt-dev
+ - name: Install make (Windows)
+ if: runner.os == 'Windows'
+ run: choco install make -y
+ # TODO: add gopogh reports for unit tests too
+ - name: unit test
+ timeout-minutes: 15
+ env:
+ TESTSUITE: unittest
+ run: make test
+ continue-on-error: false
diff --git a/.github/workflows/update-all.yml b/.github/workflows/update-all.yml
new file mode 100644
index 000000000000..7e3950425325
--- /dev/null
+++ b/.github/workflows/update-all.yml
@@ -0,0 +1,42 @@
+name: "update-all"
+on:
+ workflow_dispatch:
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+jobs:
+ update-all:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump versions
+ id: bumpVersions
+ run: |
+ MAKEALL_OUTPUT=$(make _update-all)
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$MAKEALL_OUTPUT" >> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpVersions.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update dependency versions'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: bump_iso_image_versions
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'chore: (debug pr) update all dependencies'
+ body: |
+ Changelog:
+ ${{ steps.bumpVersions.outputs.changes }}
diff --git a/.github/workflows/update-amd-gpu-device-plugin-version.yml b/.github/workflows/update-amd-gpu-device-plugin-version.yml
new file mode 100644
index 000000000000..d1d8ce180f7a
--- /dev/null
+++ b/.github/workflows/update-amd-gpu-device-plugin-version.yml
@@ -0,0 +1,48 @@
+name: "update-amd-gpu-device-plugin-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-amd-gpu-device-plugin-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump amd-gpu-device-plugin version
+ id: bumpAmdDevicePlugin
+ run: |
+ echo "OLD_VERSION=$(DEP=amd-device-gpu-plugin make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-amd-device-plugin-version
+ echo "NEW_VERSION=$(DEP=amd-device-gpu-plugin make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpAmdDevicePlugin.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon amd-gpu-device-plugin: Update amd/k8s-device-plugin image from ${{ steps.bumpAmdDevicePlugin.outputs.OLD_VERSION }} to ${{ steps.bumpAmdDevicePlugin.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_amd_device_plugin_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon amd-gpu-device-plugin: Update amd/k8s-device-plugin image from ${{ steps.bumpAmdDevicePlugin.outputs.OLD_VERSION }} to ${{ steps.bumpAmdDevicePlugin.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The [k8s-device-plugin](https://github.com/ROCm/k8s-device-plugin) project released a new k8s-device-plugin image
+
+ This PR was auto-generated by `make update-amd-device-plugin-version` using [update-amd-gpu-device-plugin-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-amd-gpu-device-plugin-version.yml) CI Workflow.
diff --git a/.github/workflows/update-buildkit-version.yml b/.github/workflows/update-buildkit-version.yml
new file mode 100644
index 000000000000..d811ec0def89
--- /dev/null
+++ b/.github/workflows/update-buildkit-version.yml
@@ -0,0 +1,71 @@
+name: "update-buildkit-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Wednesday at around 3 am pacific/10 am UTC
+ - cron: "0 10 * * 3"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-buildkit-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump buildkit Version
+ id: bumpBuildkit
+ run: |
+ echo "OLD_VERSION=$(DEP=buildkit make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-buildkit-version
+ echo "NEW_VERSION=$(DEP=buildkit make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpBuildkit.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update buildkit from ${{ steps.bumpBuildkit.outputs.OLD_VERSION }} to ${{ steps.bumpBuildkit.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_buildkit_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update buildkit from ${{ steps.bumpBuildkit.outputs.OLD_VERSION }} to ${{ steps.bumpBuildkit.outputs.NEW_VERSION }}'
+ body: |
+ The buildkit project released a [new version](https://github.com/moby/buildkit/releases)
+
+ This PR was auto-generated by `make update-buildkit-version` using [update-buildkit-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-buildkit-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpBuildkit.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpBuildkit.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-calico-version.yml b/.github/workflows/update-calico-version.yml
new file mode 100644
index 000000000000..76ef79b19440
--- /dev/null
+++ b/.github/workflows/update-calico-version.yml
@@ -0,0 +1,48 @@
+name: "update-calico-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-calico-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump calico version
+ id: bumpCalico
+ run: |
+ echo "OLD_VERSION=$(DEP=calico make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-calico-version
+ echo "NEW_VERSION=$(DEP=calico make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpCalico.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'CNI: Update calico from ${{ steps.bumpCalico.outputs.OLD_VERSION }} to ${{ steps.bumpCalico.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_calico_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'CNI: Update calico from ${{ steps.bumpCalico.outputs.OLD_VERSION }} to ${{ steps.bumpCalico.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The calico project released a [new version](https://github.com/projectcalico/calico)
+
+ This PR was auto-generated by `make update-calico-version` using [update-calico-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-calico-version.yml) CI Workflow.
diff --git a/.github/workflows/update-cilium-version.yml b/.github/workflows/update-cilium-version.yml
new file mode 100644
index 000000000000..9f4b8c671132
--- /dev/null
+++ b/.github/workflows/update-cilium-version.yml
@@ -0,0 +1,48 @@
+name: "update-cilium-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-cilium-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump cilium version
+ id: bumpCilium
+ run: |
+ echo "OLD_VERSION=$(DEP=cilium make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-cilium-version
+ echo "NEW_VERSION=$(DEP=cilium make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpCilium.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'CNI: Update cilium from ${{ steps.bumpCilium.outputs.OLD_VERSION }} to ${{ steps.bumpCilium.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_cilium_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'CNI: Update cilium from ${{ steps.bumpCilium.outputs.OLD_VERSION }} to ${{ steps.bumpCilium.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The cilium project released a [new version](https://github.com/cilium/cilium)
+
+ This PR was auto-generated by `make update-cilium-version` using [update-cilium-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-cilium-version.yml) CI Workflow.
diff --git a/.github/workflows/update-cloud-spanner-emulator-version.yml b/.github/workflows/update-cloud-spanner-emulator-version.yml
new file mode 100644
index 000000000000..7f52f06e0914
--- /dev/null
+++ b/.github/workflows/update-cloud-spanner-emulator-version.yml
@@ -0,0 +1,48 @@
+name: "update-cloud-spanner-emulator-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-cloud-spanner-emulator-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump cloud-spanner-emulator version
+ id: bumpCloudSpannerEmulator
+ run: |
+ echo "OLD_VERSION=$(DEP=cloud-spanner-emulator make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-cloud-spanner-emulator-version
+ echo "NEW_VERSION=$(DEP=cloud-spanner-emulator make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpCloudSpannerEmulator.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon cloud-spanner: Update cloud-spanner-emulator/emulator image from ${{ steps.bumpCloudSpannerEmulator.outputs.OLD_VERSION }} to ${{ steps.bumpCloudSpannerEmulator.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_cloud_spanner_emulator_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon cloud-spanner: Update cloud-spanner-emulator/emulator image from ${{ steps.bumpCloudSpannerEmulator.outputs.OLD_VERSION }} to ${{ steps.bumpCloudSpannerEmulator.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The cloud-spanner-emulator project released a [new version](https://github.com/GoogleCloudPlatform/cloud-spanner-emulator)
+
+ This PR was auto-generated by `make update-cloud-spanner-emulator-version` using [update-cloud-spanner-emulator-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-cloud-spanner-emulator-version.yml) CI Workflow.
diff --git a/.github/workflows/update-cni-plugins-version.yml b/.github/workflows/update-cni-plugins-version.yml
new file mode 100644
index 000000000000..87586f986895
--- /dev/null
+++ b/.github/workflows/update-cni-plugins-version.yml
@@ -0,0 +1,71 @@
+name: "update-cni-plugins-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-cni-plugins-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump cni-plugins Version
+ id: bumpCNIPlugins
+ run: |
+ echo "OLD_VERSION=$(DEP=cni-plugins make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-cni-plugins-version
+ echo "NEW_VERSION=$(DEP=cni-plugins make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpCNIPlugins.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update cni-plugins from ${{ steps.bumpCNIPlugins.outputs.OLD_VERSION }} to ${{ steps.bumpCNIPlugins.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_cni_plugins_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update cni-plugins from ${{ steps.bumpCNIPlugins.outputs.OLD_VERSION }} to ${{ steps.bumpCNIPlugins.outputs.NEW_VERSION }}'
+ body: |
+ The cni-plugins project released a [new version](https://github.com/containernetworking/plugins/releases)
+
+ This PR was auto-generated by `make update-cni-plugins-version` using [update-cni-plugins-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-cni-plugins-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpCNIPlugins.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpCNIPlugins.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-containerd-version.yml b/.github/workflows/update-containerd-version.yml
new file mode 100644
index 000000000000..e9e893d4a3fd
--- /dev/null
+++ b/.github/workflows/update-containerd-version.yml
@@ -0,0 +1,71 @@
+name: "update-containerd-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-containerd-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump containerd Version
+ id: bumpContainerd
+ run: |
+ echo "OLD_VERSION=$(DEP=containerd make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-containerd-version
+ echo "NEW_VERSION=$(DEP=containerd make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpContainerd.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update containerd from ${{ steps.bumpContainerd.outputs.OLD_VERSION }} to ${{ steps.bumpContainerd.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_containerd_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update containerd from ${{ steps.bumpContainerd.outputs.OLD_VERSION }} to ${{ steps.bumpContainerd.outputs.NEW_VERSION }}'
+ body: |
+ The containerd project released a [new version](https://github.com/containerd/containerd/releases)
+
+ This PR was auto-generated by `make update-containerd-version` using [update-containerd-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-containerd-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpContainerd.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpContainerd.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-cri-dockerd-version.yml b/.github/workflows/update-cri-dockerd-version.yml
new file mode 100644
index 000000000000..96bfab5b457c
--- /dev/null
+++ b/.github/workflows/update-cri-dockerd-version.yml
@@ -0,0 +1,61 @@
+name: "update-cri-dockerd-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-cri-dockerd-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump cri-dockerd version
+ id: bumpCriDockerd
+ run: |
+ echo "OLD_VERSION=$(DEP=cri-dockerd make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-cri-dockerd-version
+ echo "NEW_VERSION=$(DEP=cri-dockerd make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpCriDockerd.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update cri-dockerd from ${{ steps.bumpCriDockerd.outputs.OLD_VERSION }} to ${{ steps.bumpCriDockerd.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_cri_dockerd_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update cri-dockerd from ${{ steps.bumpCriDockerd.outputs.OLD_VERSION }} to ${{ steps.bumpCriDockerd.outputs.NEW_VERSION }}'
+ body: |
+ The cri-dockerd project released a [new version](https://github.com/Mirantis/cri-dockerd)
+
+ This PR was auto-generated by `make update-cri-dockerd-version` using [update-cri-dockerd-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-cri-dockerd-version.yml) CI Workflow.
+
+ A minikube maintainer needs to checkout this PR, run `make build-and-upload-cri-dockerd-binaries`, and then comment `ok-to-build-image`.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpCriDockerd.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-cri-o-version.yml b/.github/workflows/update-cri-o-version.yml
new file mode 100644
index 000000000000..5ec1a8805bc0
--- /dev/null
+++ b/.github/workflows/update-cri-o-version.yml
@@ -0,0 +1,72 @@
+name: "update-cri-o-version"
+on:
+ workflow_dispatch:
+ # Uncomment after crictl/cri-o issue resolved: https://github.com/kubernetes/minikube/issues/18359
+ # schedule:
+ # every Friday at around 3 am pacific/10 am UTC
+ # - cron: "0 10 * * 5"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-cri-o-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump cri-o Version
+ id: bumpCrio
+ run: |
+ echo "OLD_VERSION=$(DEP=cri-o make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-cri-o-version
+ echo "NEW_VERSION=$(DEP=cri-o make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpCrio.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update cri-o from ${{ steps.bumpCrio.outputs.OLD_VERSION }} to ${{ steps.bumpCrio.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_cri-o_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update cri-o from ${{ steps.bumpCrio.outputs.OLD_VERSION }} to ${{ steps.bumpCrio.outputs.NEW_VERSION }}'
+ body: |
+ The cri-o project released a [new version](https://github.com/cri-o/cri-o/releases)
+
+ This PR was auto-generated by `make update-cri-o-version` using [update-cri-o-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-cri-o-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpCrio.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpCrio.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-crictl-version.yml b/.github/workflows/update-crictl-version.yml
new file mode 100644
index 000000000000..1cf308f52d78
--- /dev/null
+++ b/.github/workflows/update-crictl-version.yml
@@ -0,0 +1,72 @@
+name: "update-crictl-version"
+on:
+ workflow_dispatch:
+ # Uncomment after crictl/cri-o issue resolved: https://github.com/kubernetes/minikube/issues/18359
+ # schedule:
+ # every Wednesday at around 3 am pacific/10 am UTC
+ # - cron: "0 10 * * 3"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-crictl-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump crictl Version
+ id: bumpCrictl
+ run: |
+ echo "OLD_VERSION=$(DEP=crictl make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-crictl-version
+ echo "NEW_VERSION=$(DEP=crictl make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpCrictl.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update crictl from ${{ steps.bumpCrictl.outputs.OLD_VERSION }} to ${{ steps.bumpCrictl.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_crictl_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update crictl from ${{ steps.bumpCrictl.outputs.OLD_VERSION }} to ${{ steps.bumpCrictl.outputs.NEW_VERSION }}'
+ body: |
+ The crictl project released a [new version](https://github.com/moby/crictl/releases)
+
+ This PR was auto-generated by `make update-crictl-version` using [update-crictl-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-crictl-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpCrictl.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpCrictl.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-crun-version.yml b/.github/workflows/update-crun-version.yml
new file mode 100644
index 000000000000..8e6e7f181674
--- /dev/null
+++ b/.github/workflows/update-crun-version.yml
@@ -0,0 +1,71 @@
+name: "update-crun-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Wednesday at around 3 am pacific/10 am UTC
+ - cron: "0 10 * * 3"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-crun-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump crun Version
+ id: bumpCrun
+ run: |
+ echo "OLD_VERSION=$(DEP=crun make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-crun-version
+ echo "NEW_VERSION=$(DEP=crun make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpCrun.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update crun from ${{ steps.bumpCrun.outputs.OLD_VERSION }} to ${{ steps.bumpCrun.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_crun_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update crun from ${{ steps.bumpCrun.outputs.OLD_VERSION }} to ${{ steps.bumpCrun.outputs.NEW_VERSION }}'
+ body: |
+ The crun project released a [new version](https://github.com/containers/crun/releases)
+
+ This PR was auto-generated by `make update-crun-version` using [update-crun-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-crun-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpCrun.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpCrun.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-debian-version.yml b/.github/workflows/update-debian-version.yml
new file mode 100644
index 000000000000..6ef36f4fea24
--- /dev/null
+++ b/.github/workflows/update-debian-version.yml
@@ -0,0 +1,59 @@
+name: "update-debian-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-ubuntu-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump Ubuntu version
+ id: bumpBaseOsImage
+ run: |
+ echo "OLD_VERSION=$(DEP=debian make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-debian-version
+ echo "NEW_VERSION=$(DEP=debian make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpBaseOsImage.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase: Bump debian:bookworm from ${{ steps.bumpBaseOsImage.outputs.OLD_VERSION }} to ${{ steps.bumpBaseOsImage.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_debian_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase: Bump debian:bookworm from ${{ steps.bumpBaseOsImage.outputs.OLD_VERSION }} to ${{ steps.bumpBaseOsImage.outputs.NEW_VERSION }}'
+ body: |
+ The debian:bookworm image released a new version
+
+ This PR was auto-generated by `make update-debian-version` using [update-debian-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-debian-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpBaseOsImage.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
diff --git a/.github/workflows/update-docker-buildx-version.yml b/.github/workflows/update-docker-buildx-version.yml
new file mode 100644
index 000000000000..057e18e2d826
--- /dev/null
+++ b/.github/workflows/update-docker-buildx-version.yml
@@ -0,0 +1,60 @@
+name: "update-docker-buildx-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-docker-buildx-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump docker-buildx Version
+ id: bumpDockerBuildx
+ run: |
+ echo "OLD_VERSION=$(DEP=docker-buildx make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-docker-buildx-version
+ echo "NEW_VERSION=$(DEP=docker-buildx make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpDockerBuildx.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'ISO: Update docker-buildx from ${{ steps.bumpDockerBuildx.outputs.OLD_VERSION }} to ${{ steps.bumpDockerBuildx.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_docker_buildx_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'ISO: Update docker-buildx from ${{ steps.bumpDockerBuildx.outputs.OLD_VERSION }} to ${{ steps.bumpDockerBuildx.outputs.NEW_VERSION }}'
+ body: |
+ The docker-buildx project released a [new version](https://github.com/docker/buildx/releases)
+
+ This PR was auto-generated by `make update-docker-buildx-version` using [update-docker-buildx-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-docker-buildx-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpDockerBuildx.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-docker-version.yml b/.github/workflows/update-docker-version.yml
new file mode 100644
index 000000000000..44542a2c53ef
--- /dev/null
+++ b/.github/workflows/update-docker-version.yml
@@ -0,0 +1,71 @@
+name: "update-docker-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Thursday at around 3 am pacific/10 am UTC
+ - cron: "0 10 * * 4"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-docker-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump docker Version
+ id: bumpDocker
+ run: |
+ echo "OLD_VERSION=$(DEP=docker make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-docker-version
+ echo "NEW_VERSION=$(DEP=docker make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpDocker.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update docker from ${{ steps.bumpDocker.outputs.OLD_VERSION }} to ${{ steps.bumpDocker.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_docker_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update docker from ${{ steps.bumpDocker.outputs.OLD_VERSION }} to ${{ steps.bumpDocker.outputs.NEW_VERSION }}'
+ body: |
+ The docker project released a [new version](https://github.com/moby/moby/releases)
+
+ This PR was auto-generated by `make update-docker-version` using [update-docker-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-docker-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpDocker.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpDocker.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-docsy-version.yml b/.github/workflows/update-docsy-version.yml
new file mode 100644
index 000000000000..d480130c7cba
--- /dev/null
+++ b/.github/workflows/update-docsy-version.yml
@@ -0,0 +1,45 @@
+name: "update-docsy-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-docsy-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump Docsy version
+ id: bumpDocsy
+ run: |
+ echo "NEW_VERSION=$(make update-docsy-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpDocsy.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'site: Update docsy version to ${{ steps.bumpDocsy.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_docsy_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'site: Update docsy version to ${{ steps.bumpDocsy.outputs.NEW_VERSION }}'
+ body: |
+ Docsy project released a [new version](https://github.com/google/docsy/releases),
+
+ This PR was auto-generated by `make update-docsy-version` using [update-docsy-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-docsy-version.yml) CI Workflow.
diff --git a/.github/workflows/update-flannel-version.yml b/.github/workflows/update-flannel-version.yml
new file mode 100644
index 000000000000..3f02937ea4fc
--- /dev/null
+++ b/.github/workflows/update-flannel-version.yml
@@ -0,0 +1,48 @@
+name: "update-flannel-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-flannel-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump flannel version
+ id: bumpFlannel
+ run: |
+ echo "OLD_VERSION=$(DEP=flannel make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-flannel-version
+ echo "NEW_VERSION=$(DEP=flannel make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpFlannel.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'CNI: Update flannel from ${{ steps.bumpFlannel.outputs.OLD_VERSION }} to ${{ steps.bumpFlannel.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_flannel_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'CNI: Update flannel from ${{ steps.bumpFlannel.outputs.OLD_VERSION }} to ${{ steps.bumpFlannel.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The flannel project released a [new version](https://github.com/flannel-io/flannel)
+
+ This PR was auto-generated by `make update-flannel-version` using [update-flannel-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-flannel-version.yml) CI Workflow.
diff --git a/.github/workflows/update-gcp-auth-version.yml b/.github/workflows/update-gcp-auth-version.yml
new file mode 100644
index 000000000000..ebb25d0bedb5
--- /dev/null
+++ b/.github/workflows/update-gcp-auth-version.yml
@@ -0,0 +1,48 @@
+name: "update-gcp-auth-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-gcp-auth-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump gcp-auth version
+ id: bumpGCPAuth
+ run: |
+ echo "OLD_VERSION=$(DEP=gcp-auth make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-gcp-auth-version
+ echo "NEW_VERSION=$(DEP=gcp-auth make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpGCPAuth.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon gcp-auth: Update k8s-minikube/gcp-auth-webhook image from ${{ steps.bumpGCPAuth.outputs.OLD_VERSION }} to ${{ steps.bumpGCPAuth.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_gcp_auth_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon gcp-auth: Update k8s-minikube/gcp-auth-webhook image from ${{ steps.bumpGCPAuth.outputs.OLD_VERSION }} to ${{ steps.bumpGCPAuth.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The gcp-auth-webhook project released a [new version](https://github.com/GoogleContainerTools/gcp-auth-webhook)
+
+ This PR was auto-generated by `make update-gcp-auth-version` using [update-gcp-auth-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-gcp-auth-version.yml) CI Workflow.
diff --git a/.github/workflows/update-gh-version.yml b/.github/workflows/update-gh-version.yml
new file mode 100644
index 000000000000..1e0a56c0ddc9
--- /dev/null
+++ b/.github/workflows/update-gh-version.yml
@@ -0,0 +1,47 @@
+name: "update-gh-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-gh-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump gh version
+ id: bumpGh
+ run: |
+ echo "OLD_VERSION=$(DEP=gh make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-gh-version
+ echo "NEW_VERSION=$(DEP=gh make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpGh.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'CI: Update gh from ${{ steps.bumpGh.outputs.OLD_VERSION }} to ${{ steps.bumpGh.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_gh_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'CI: Update gh from ${{ steps.bumpGh.outputs.OLD_VERSION }} to ${{ steps.bumpGh.outputs.NEW_VERSION }}'
+ body: |
+ The gh project released a [new version](https://github.com/cli/cli/releases)
+
+ This PR was auto-generated by `make update-gh-version` using [update-gh-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-gh-version.yml) CI Workflow.
diff --git a/.github/workflows/update-go-github-version.yml b/.github/workflows/update-go-github-version.yml
new file mode 100644
index 000000000000..0b9145da3755
--- /dev/null
+++ b/.github/workflows/update-go-github-version.yml
@@ -0,0 +1,47 @@
+name: "update-go-github-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-go-github-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump go-github version
+ id: bumpGoGithub
+ run: |
+ echo "OLD_VERSION=$(DEP=go-github make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-go-github-version
+ echo "NEW_VERSION=$(DEP=go-github make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpGoGithub.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Update go-github from ${{ steps.bumpGoGithub.outputs.OLD_VERSION }} to ${{ steps.bumpGoGithub.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_go_github_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'CI: update go-github from ${{ steps.bumpGoGithub.outputs.OLD_VERSION }} to ${{ steps.bumpGoGithub.outputs.NEW_VERSION }}'
+ body: |
+ The go-github project released a [new version](https://github.com/google/go-github)
+
+ This PR was auto-generated by `make update-go-github-version` using [update-go-github-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-go-github-version.yml) CI Workflow.
diff --git a/.github/workflows/update-golang-version.yml b/.github/workflows/update-golang-version.yml
index b4cf4cd549b7..435c2b8d52f2 100644
--- a/.github/workflows/update-golang-version.yml
+++ b/.github/workflows/update-golang-version.yml
@@ -6,40 +6,55 @@ on:
- cron: "0 9 * * 1"
env:
GOPROXY: https://proxy.golang.org
- GO_VERSION: '1.16.7'
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
jobs:
- bump-k8s-versions:
- runs-on: ubuntu-latest
+ bump-golang-version:
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
with:
go-version: ${{env.GO_VERSION}}
- stable: true
- name: Bump Golang Versions
id: bumpGolang
run: |
+ echo "OLD_VERSION=$(DEP=golang make get-dependency-version)" >> "$GITHUB_OUTPUT"
make update-golang-version
- echo "::set-output name=changes::$(git status --porcelain)"
+ echo "NEW_VERSION=$(DEP=golang make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
- name: Create PR
+ id: createPR
if: ${{ steps.bumpGolang.outputs.changes != '' }}
- uses: peter-evans/create-pull-request@v3
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
with:
token: ${{ secrets.MINIKUBE_BOT_PAT }}
- commit-message: bump golang versions
+ commit-message: 'Update go from ${{ steps.bumpGolang.outputs.OLD_VERSION }} to ${{ steps.bumpGolang.outputs.NEW_VERSION }}'
committer: minikube-bot
author: minikube-bot
branch: auto_bump_golang_version
+ branch-suffix: short-commit-hash
push-to-fork: minikube-bot/minikube
base: master
delete-branch: true
- title: 'bump golang version'
- labels: ok-to-test
+ title: 'build: Update go from ${{ steps.bumpGolang.outputs.OLD_VERSION }} to ${{ steps.bumpGolang.outputs.NEW_VERSION }}'
body: |
Kubernetes Project just updated the [golang version](https://github.com/kubernetes/kubernetes/blob/master/build/build-image/cross/VERSION), updating minikube golang to match Kubernetes.
- This PR was auto-generated by `make update-golang-version` using [update-golang-versions.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-golang-version.yml) CI Workflow.
-
-
-
-
+ This PR was auto-generated by `make update-golang-version` using [update-golang-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-golang-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpGolang.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
diff --git a/.github/workflows/update-golint-version.yml b/.github/workflows/update-golint-version.yml
new file mode 100644
index 000000000000..8d2ef38bcd20
--- /dev/null
+++ b/.github/workflows/update-golint-version.yml
@@ -0,0 +1,47 @@
+name: "update-golint-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-golint-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump Golint Versions
+ id: bumpGolint
+ run: |
+ echo "OLD_VERSION=$(DEP=golint make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-golint-version
+ echo "NEW_VERSION=$(DEP=golint make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpGolint.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'CI: Update golint from ${{ steps.bumpGolint.outputs.OLD_VERSION }} to ${{ steps.bumpGolint.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_golint_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'CI: Update golint from ${{ steps.bumpGolint.outputs.OLD_VERSION }} to ${{ steps.bumpGolint.outputs.NEW_VERSION }}'
+ body: |
+ The golangci-lint project released a [new version](https://github.com/golangci/golangci-lint/releases)
+
+ This PR was auto-generated by `make update-golint-version` using [update-golint-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-golint-version.yml) CI Workflow.
diff --git a/.github/workflows/update-gopogh-version.yml b/.github/workflows/update-gopogh-version.yml
new file mode 100644
index 000000000000..f47edfb43947
--- /dev/null
+++ b/.github/workflows/update-gopogh-version.yml
@@ -0,0 +1,47 @@
+name: "update-gopogh-versions"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Monday at around 2 am pacific/9 am UTC
+ - cron: "0 9 * * 1"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-gopogh-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump gopogh Versions
+ id: bumpGopogh
+ run: |
+ echo "OLD_VERSION=$(DEP=gopogh make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-gopogh-version
+ echo "NEW_VERSION=$(DEP=gopogh make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpGopogh.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'CI: Update gopogh from ${{ steps.bumpGopogh.outputs.OLD_VERSION }} to ${{ steps.bumpGopogh.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_gopogh_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'CI: Update gopogh from ${{ steps.bumpGopogh.outputs.OLD_VERSION }} to ${{ steps.bumpGopogh.outputs.NEW_VERSION }}'
+ body: |
+ The gopogh project released a [new version](https://github.com/medyagh/gopogh/releases)
+
+ This PR was auto-generated by `make update-gopogh-version` using [update-gopogh-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-gopogh-version.yml) CI Workflow.
diff --git a/.github/workflows/update-gotestsum-version.yml b/.github/workflows/update-gotestsum-version.yml
new file mode 100644
index 000000000000..47e1ae30d58e
--- /dev/null
+++ b/.github/workflows/update-gotestsum-version.yml
@@ -0,0 +1,47 @@
+name: "update-gotestsum-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-gotestsum-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump Gotestsum Versions
+ id: bumpGotestsum
+ run: |
+ echo "OLD_VERSION=$(DEP=gotestsum make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-gotestsum-version
+ echo "NEW_VERSION=$(DEP=gotestsum make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpGotestsum.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'CI: Update gotestsum from ${{ steps.bumpGotestsum.outputs.OLD_VERSION }} to ${{ steps.bumpGotestsum.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_gotestsum_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'CI: Update gotestsum from ${{ steps.bumpGotestsum.outputs.OLD_VERSION }} to ${{ steps.bumpGotestsum.outputs.NEW_VERSION }}'
+ body: |
+ The gotestsum project released a [new version](https://github.com/gotestyourself/gotestsum/releases)
+
+ This PR was auto-generated by `make update-gotestsum-version` using [update-gotestsum-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-gotestsum-version.yml) CI Workflow.
diff --git a/.github/workflows/update-headlamp-version.yml b/.github/workflows/update-headlamp-version.yml
new file mode 100644
index 000000000000..c2c063974658
--- /dev/null
+++ b/.github/workflows/update-headlamp-version.yml
@@ -0,0 +1,48 @@
+name: "update-headlamp-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-headlamp-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump Headlamp version
+ id: bumpHeadlamp
+ run: |
+ echo "OLD_VERSION=$(DEP=headlamp make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-headlamp-version
+ echo "NEW_VERSION=$(DEP=headlamp make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpHeadlamp.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon Headlamp: Update Headlamp image from ${{ steps.bumpHeadlamp.outputs.OLD_VERSION }} to ${{ steps.bumpHeadlamp.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_headlamp_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon Headlamp: Update Headlamp image from ${{ steps.bumpHeadlamp.outputs.OLD_VERSION }} to ${{ steps.bumpHeadlamp.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The [Headlamp](https://github.com/headlamp-k8s/headlamp) project released a new Headlamp image
+
+ This PR was auto-generated by `make update-headlamp-version` using [update-headlamp-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-headlamp-version.yml) CI Workflow.
diff --git a/.github/workflows/update-hugo-version.yml b/.github/workflows/update-hugo-version.yml
new file mode 100644
index 000000000000..877292f5b78c
--- /dev/null
+++ b/.github/workflows/update-hugo-version.yml
@@ -0,0 +1,47 @@
+name: "update-hugo-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-hugo-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump Hugo version
+ id: bumpHugo
+ run: |
+ echo "OLD_VERSION=$(DEP=hugo make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-hugo-version
+ echo "NEW_VERSION=$(DEP=hugo make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpHugo.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Site: Update hugo from ${{ steps.bumpHugo.outputs.OLD_VERSION }} to ${{ steps.bumpHugo.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_hugo_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Site: Update hugo from ${{ steps.bumpHugo.outputs.OLD_VERSION }} to ${{ steps.bumpHugo.outputs.NEW_VERSION }}'
+ body: |
+ The hugo project released a [new version](https://github.com/gohugoio/hugo/releases)
+
+ This PR was auto-generated by `make update-hugo-version` using [update-hugo-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-hugo-version.yml) CI Workflow.
diff --git a/.github/workflows/update-ingress-version.yml b/.github/workflows/update-ingress-version.yml
new file mode 100644
index 000000000000..3cff7d7352a6
--- /dev/null
+++ b/.github/workflows/update-ingress-version.yml
@@ -0,0 +1,48 @@
+name: "update-ingress-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-ingress-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump ingress version
+ id: bumpIngress
+ run: |
+ echo "OLD_VERSION=$(DEP=ingress make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-ingress-version
+ echo "NEW_VERSION=$(DEP=ingress make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpIngress.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon ingress: Update ingress-nginx/controller image from ${{ steps.bumpIngress.outputs.OLD_VERSION }} to ${{ steps.bumpIngress.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_ingress_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon ingress: Update ingress-nginx/controller image from ${{ steps.bumpIngress.outputs.OLD_VERSION }} to ${{ steps.bumpIngress.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The ingress-nginx project released a [new version](https://github.com/kubernetes/ingress-nginx)
+
+ This PR was auto-generated by `make update-ingress-version` using [update-ingress-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-ingress-version.yml) CI Workflow.
diff --git a/.github/workflows/update-inspektor-gadget-version.yml b/.github/workflows/update-inspektor-gadget-version.yml
new file mode 100644
index 000000000000..df21a05c1b15
--- /dev/null
+++ b/.github/workflows/update-inspektor-gadget-version.yml
@@ -0,0 +1,48 @@
+name: "update-inspektor-gadget-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-inspektor-gadget-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump inspektor-gadget version
+ id: bumpInspektorGadget
+ run: |
+ echo "OLD_VERSION=$(DEP=inspektor-gadget make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-inspektor-gadget-version
+ echo "NEW_VERSION=$(DEP=inspektor-gadget make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpInspektorGadget.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon inspektor-gadget: Update inspektor-gadget image from ${{ steps.bumpInspektorGadget.outputs.OLD_VERSION }} to ${{ steps.bumpInspektorGadget.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_inspektor_gadget_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon inspektor-gadget: Update inspektor-gadget image from ${{ steps.bumpInspektorGadget.outputs.OLD_VERSION }} to ${{ steps.bumpInspektorGadget.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The inspektor-gadget project released a [new version](https://github.com/inspektor-gadget/inspektor-gadget)
+
+ This PR was auto-generated by `make update-inspektor-gadget-version` using [update-inspektor-gadget-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-inspektor-gadget-version.yml) CI Workflow.
diff --git a/.github/workflows/update-iso-image-versions.yml b/.github/workflows/update-iso-image-versions.yml
new file mode 100644
index 000000000000..d79d6972d323
--- /dev/null
+++ b/.github/workflows/update-iso-image-versions.yml
@@ -0,0 +1,155 @@
+name: "update-iso-image-versions"
+on:
+ workflow_dispatch:
+ inputs:
+ make_targets:
+ type: string
+ description: "Comma-separated list of make targets to run (e.g., update-buildkit-version,update-cni-plugins-version)"
+ required: true
+ # Uncomment after crictl/cri-o issue resolved: https://github.com/kubernetes/minikube/issues/18359
+ # default: "update-buildkit-version,update-cni-plugins-version,update-containerd-version,update-cri-o-version,update-crictl-version,update-crun-version,update-docker-version,update-docker-buildx-version,update-golang-version,update-nerdctl-version,update-nerdctld-version,update-runc-version,update-debian-version"
+ default: "update-buildkit-version,update-cni-plugins-version,update-crun-version,update-docker-version,update-golang-version,update-runc-version,update-debian-version"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+jobs:
+ update-all:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump versions
+ id: bumpVersions
+ run: |
+ OLD_BUILDKIT=$(DEP=buildkit make get-dependency-version)
+ OLD_CNI_PLUGINS=$(DEP=cni-plugins make get-dependency-version)
+ OLD_CONTAINERD=$(DEP=containerd make get-dependency-version)
+ OLD_CRICTL=$(DEP=crictl make get-dependency-version)
+ OLD_CRIO=$(DEP=cri-o make get-dependency-version)
+ OLD_CRUN=$(DEP=crun make get-dependency-version)
+ OLD_DOCKER=$(DEP=docker make get-dependency-version)
+ OLD_DOCKER_BUILDX=$(DEP=docker-buildx make get-dependency-version)
+ OLD_GO=$(DEP=go make get-dependency-version)
+ OLD_NERDCTL=$(DEP=nerdctl make get-dependency-version)
+ OLD_NERDCTLD=$(DEP=nerdctld make get-dependency-version)
+ OLD_RUNC=$(DEP=runc make get-dependency-version)
+ OLD_UBUNTU=$(DEP=ubuntu make get-dependency-version)
+ TARGETS="${{ inputs.make_targets }}"
+ IFS=',' read -ra TARGET_ARRAY <<< "$TARGETS"
+ for TARGET in "${TARGET_ARRAY[@]}"; do
+ echo "Running make $TARGET"
+ make $TARGET
+ done
+ NEW_BUILDKIT=$(DEP=buildkit make get-dependency-version)
+ NEW_CNI_PLUGINS=$(DEP=cni-plugins make get-dependency-version)
+ NEW_CONTAINERD=$(DEP=containerd make get-dependency-version)
+ NEW_CRICTL=$(DEP=crictl make get-dependency-version)
+ NEW_CRIO=$(DEP=cri-o make get-dependency-version)
+ NEW_CRUN=$(DEP=crun make get-dependency-version)
+ NEW_DOCKER=$(DEP=docker make get-dependency-version)
+ NEW_DOCKER_BUILDX=$(DEP=docker-buildx make get-dependency-version)
+ NEW_GO=$(DEP=go make get-dependency-version)
+ NEW_NERDCTL=$(DEP=nerdctl make get-dependency-version)
+ NEW_NERDCTLD=$(DEP=nerdctld make get-dependency-version)
+ NEW_RUNC=$(DEP=runc make get-dependency-version)
+ NEW_UBUNTU=$(DEP=ubuntu make get-dependency-version)
+ echo "changelog<> "$GITHUB_OUTPUT"
+ if [ "$OLD_BUILDKIT" != "$NEW_BUILDKIT" ]; then
+ echo "### Update BuildKit from $OLD_BUILDKIT to $NEW_BUILDKIT" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/moby/buildkit/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_CNI_PLUGINS" != "$NEW_CNI_PLUGINS" ]; then
+ echo "### Update CNI Plugins from $OLD_CNI_PLUGINS to $NEW_CNI_PLUGINS" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/containernetworking/plugins/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_CONTAINERD" != "$NEW_CONTAINERD" ]; then
+ echo "### Update containerd from $OLD_CONTAINERD to $NEW_CONTAINERD" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/containerd/containerd/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_CRICTL" != "$NEW_CRICTL" ]; then
+ echo "### Update crictl from $OLD_CRICTL to $NEW_CRICTL" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/kubernetes-sigs/cri-tools/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_CRIO" != "$NEW_CRIO" ]; then
+ echo "### Update CRI-O from $OLD_CRIO to $NEW_CRIO" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/cri-o/cri-o/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_CRUN" != "$NEW_CRUN" ]; then
+ echo "### Update crun from $OLD_CRUN to $NEW_CRUN" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/containers/crun/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_DOCKER" != "$NEW_DOCKER" ]; then
+ echo "### Update Docker from $OLD_DOCKER to $NEW_DOCKER" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/moby/moby/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_DOCKER_BUILDX" != "$NEW_DOCKER_BUILDX" ]; then
+ echo "### Update buildx from $OLD_DOCKER_BUILDX to $NEW_DOCKER_BUILDX" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/docker/buildx/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_GO" != "$NEW_GO" ]; then
+ echo "### Update Go from $OLD_GO to $NEW_GO" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_NERDCTL" != "$NEW_NERDCTL" ]; then
+ echo "### Update nerdctl from $OLD_NERDCTL to $NEW_NERDCTL" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/containerd/nerdctl/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_NERDCTLD" != "$NEW_NERDCTLD" ]; then
+ echo "### Update nerdctld from $OLD_NERDCTLD to $NEW_NERDCTLD" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/afbjorklund/nerdctld/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_RUNC" != "$NEW_RUNC" ]; then
+ echo "### Update runc from $OLD_RUNC to $NEW_RUNC" >> "$GITHUB_OUTPUT"
+ echo "[Release notes](https://github.com/opencontainers/runc/releases)" >> "$GITHUB_OUTPUT"
+ fi
+ if [ "$OLD_UBUNTU" != "$NEW_UBUNTU" ]; then
+ echo "### Update Ubuntu from $OLD_UBUNTU to $NEW_UBUNTU" >> "$GITHUB_OUTPUT"
+ fi
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpVersions.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update dependency versions'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: bump_iso_image_versions
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update dependency versions'
+ body: |
+ Changelog:
+ ${{ steps.bumpVersions.outputs.changelog }}
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpVersions.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpVersions.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-istio-operator.yml b/.github/workflows/update-istio-operator.yml
new file mode 100644
index 000000000000..496a2d044a0d
--- /dev/null
+++ b/.github/workflows/update-istio-operator.yml
@@ -0,0 +1,48 @@
+name: "update-istio-operator-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-istio-operator-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump istio-operator version
+ id: bumpIstioOperator
+ run: |
+ echo "OLD_VERSION=$(DEP=istio-operator make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-istio-operator-version
+ echo "NEW_VERSION=$(DEP=istio-operator make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpIstioOperator.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon istio-provisioner: Update istio/operator image from ${{ steps.bumpIstioOperator.outputs.OLD_VERSION }} to ${{ steps.bumpIstioOperator.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_istio_operator_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon istio-provisioner: Update istio/operator image from ${{ steps.bumpIstioOperator.outputs.OLD_VERSION }} to ${{ steps.bumpIstioOperator.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The [istio](https://github.com/istio/istio) project released a new istio/operator image
+
+ This PR was auto-generated by `make update-istio-operator-version` using [update-istio-operator-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-istio-operator-version.yml) CI Workflow.
diff --git a/.github/workflows/update-k8s-versions.yml b/.github/workflows/update-k8s-versions.yml
index 97b4a6043e0b..a825c9967cb3 100644
--- a/.github/workflows/update-k8s-versions.yml
+++ b/.github/workflows/update-k8s-versions.yml
@@ -6,24 +6,31 @@ on:
- cron: "0 8 * * 1"
env:
GOPROXY: https://proxy.golang.org
- GO_VERSION: '1.16.7'
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
jobs:
bump-k8s-versions:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
steps:
- - uses: actions/checkout@v2
- - uses: actions/setup-go@v2
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
with:
go-version: ${{env.GO_VERSION}}
- stable: true
- - name: Bump Kuberenetes Versions
+ - name: Bump Kubernetes Versions
id: bumpk8s
run: |
- make update-kubernetes-version
- echo "::set-output name=changes::$(git status --porcelain)"
+ t=$(make update-kubernetes-version)
+ t=$(echo $t | head -n 1)
+ echo "title=$t" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
- name: Create PR
if: ${{ steps.bumpk8s.outputs.changes != '' }}
- uses: peter-evans/create-pull-request@v3
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
with:
token: ${{ secrets.MINIKUBE_BOT_PAT }}
commit-message: bump default/newest kubernetes versions
@@ -33,11 +40,12 @@ jobs:
push-to-fork: minikube-bot/minikube
base: master
delete-branch: true
- title: 'bump default/newest kubernetes versions'
- labels: ok-to-test
+ title: "${{ steps.bumpk8s.outputs.title }}"
+ labels: ok-to-test,kind/feature
body: |
- This PR was auto-generated by `make update-kubernetes-version` using [update-k8s-versions.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows) CI Workflow.
+ This PR was auto-generated by `make update-kubernetes-version` using [update-k8s-versions.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-k8s-versions.yml) CI Workflow.
Please only merge if all the tests pass.
-
- ${{ steps.bumpk8s.outputs.changes }}
+ ```
+ ${{ steps.bumpk8s.outputs.changes }}
+ ```
diff --git a/.github/workflows/update-kindnetd-version.yml b/.github/workflows/update-kindnetd-version.yml
new file mode 100644
index 000000000000..d4f07cf62d35
--- /dev/null
+++ b/.github/workflows/update-kindnetd-version.yml
@@ -0,0 +1,47 @@
+name: "update-kindnetd-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+jobs:
+ bump-kindnetd-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump kindnetd version
+ id: bumpKindnetd
+ run: |
+ echo "OLD_VERSION=$(DEP=kindnetd make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-kindnetd-version
+ echo "NEW_VERSION=$(DEP=kindnetd make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ c=$(git status --porcelain)
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$c" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpKindnetd.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'CNI: Update kindnetd from ${{ steps.bumpKindnetd.outputs.OLD_VERSION }} to ${{ steps.bumpKindnetd.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_kindnetd_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'CNI: Update kindnetd from ${{ steps.bumpKindnetd.outputs.OLD_VERSION }} to ${{ steps.bumpKindnetd.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ A new version of the kind/kindnetd image was released
+
+ This PR was auto-generated by `make update-kindnetd-version` using [update-kindnetd-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-kindnetd-version.yml) CI Workflow.
diff --git a/.github/workflows/update-kong-ingress-controller-version.yml b/.github/workflows/update-kong-ingress-controller-version.yml
new file mode 100644
index 000000000000..e5bfbadf525d
--- /dev/null
+++ b/.github/workflows/update-kong-ingress-controller-version.yml
@@ -0,0 +1,48 @@
+name: "update-kong-ingress-controller-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-kong-ingress-controller-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump kong-ingress-controller version
+ id: bumpKongIngressController
+ run: |
+ echo "OLD_VERSION=$(DEP=kong-ingress-controller make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-kong-ingress-controller-version
+ echo "NEW_VERSION=$(DEP=kong-ingress-controller make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpKongIngressController.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon kong: Update kong/kubernetes-ingress-controller image from ${{ steps.bumpKongIngressController.outputs.OLD_VERSION }} to ${{ steps.bumpKongIngressController.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_kong_ingress_controller_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon kong: Update kong/kubernetes-ingress-controller image from ${{ steps.bumpKongIngressController.outputs.OLD_VERSION }} to ${{ steps.bumpKongIngressController.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The [kubernetes-ingress-controller](https://github.com/Kong/kubernetes-ingress-controller) project released a new kong/kubernetes-ingress-controller image
+
+ This PR was auto-generated by `make update-kong-ingress-controller-version` using [update-kong-ingress-controller-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-kong-ingress-controller-version.yml) CI Workflow.
diff --git a/.github/workflows/update-kong-version.yml b/.github/workflows/update-kong-version.yml
new file mode 100644
index 000000000000..afd8d7af093f
--- /dev/null
+++ b/.github/workflows/update-kong-version.yml
@@ -0,0 +1,48 @@
+name: "update-kong-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-kong-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump kong version
+ id: bumpKong
+ run: |
+ echo "OLD_VERSION=$(DEP=kong make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-kong-version
+ echo "NEW_VERSION=$(DEP=kong make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpKong.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon kong: Update kong image from ${{ steps.bumpKong.outputs.OLD_VERSION }} to ${{ steps.bumpKong.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_kong_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon kong: Update kong image from ${{ steps.bumpKong.outputs.OLD_VERSION }} to ${{ steps.bumpKong.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The [kong](https://github.com/Kong/kong) project released a new kong image
+
+ This PR was auto-generated by `make update-kong-version` using [update-kong-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-kong-version.yml) CI Workflow.
diff --git a/.github/workflows/update-kube-registry-proxy-version.yaml b/.github/workflows/update-kube-registry-proxy-version.yaml
new file mode 100644
index 000000000000..81878df2935e
--- /dev/null
+++ b/.github/workflows/update-kube-registry-proxy-version.yaml
@@ -0,0 +1,48 @@
+name: "update-kube-registry-proxy-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-kube-registry-proxy-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump kube-registry-proxy version
+ id: bumpKubeRegistryProxy
+ run: |
+ echo "OLD_VERSION=$(DEP=kube-registry-proxy make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-kube-registry-proxy-version
+ echo "NEW_VERSION=$(DEP=kube-registry-proxy make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpKubeRegistryProxy.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon registry: Update kube-registry-proxy image from ${{ steps.bumpKubeRegistryProxy.outputs.OLD_VERSION }} to ${{ steps.bumpKubeRegistryProxy.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_kube_registry_proxy_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon registry: Update kube-registry-proxy image from ${{ steps.bumpKubeRegistryProxy.outputs.OLD_VERSION }} to ${{ steps.bumpKubeRegistryProxy.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The kube-registry-proxy project released a [new version](https://github.com/spowelljr/kube-registry-proxy)
+
+ This PR was auto-generated by `make update-kube-registry-proxy-version` using [update-kube-registry-proxy-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-kube-registry-proxy-version.yml) CI Workflow.
diff --git a/.github/workflows/update-kube-vip-version.yml b/.github/workflows/update-kube-vip-version.yml
new file mode 100644
index 000000000000..50cef6a11d3a
--- /dev/null
+++ b/.github/workflows/update-kube-vip-version.yml
@@ -0,0 +1,48 @@
+name: "update-kube-vip-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-kube-vip-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump kube-vip version
+ id: bumpKubeVip
+ run: |
+ echo "OLD_VERSION=$(DEP=kube-vip make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-kube-vip-version
+ echo "NEW_VERSION=$(DEP=kube-vip make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpKubeVip.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'HA (multi-control plane): Update kube-vip from ${{ steps.bumpKubeVip.outputs.OLD_VERSION }} to ${{ steps.bumpKubeVip.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_kube_vip_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'HA (multi-control plane): Update kube-vip from ${{ steps.bumpKubeVip.outputs.OLD_VERSION }} to ${{ steps.bumpKubeVip.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The kube-vip project released a [new version](https://github.com/kube-vip/kube-vip)
+
+ This PR was auto-generated by `make update-kube-vip-version` using [update-kube-vip-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-kube-vip-version.yml) CI Workflow.
diff --git a/.github/workflows/update-kubeadm-constants.yml b/.github/workflows/update-kubeadm-constants.yml
new file mode 100644
index 000000000000..ca158f26ad46
--- /dev/null
+++ b/.github/workflows/update-kubeadm-constants.yml
@@ -0,0 +1,48 @@
+name: "update-kubeadm-constants"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Monday at around midnight pacific/7 am UTC
+ - cron: "0 6 * * 1"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-k8s-versions:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump Kubeadm Constants for Kubernetes Images
+ id: bumpKubeadmConsts
+ run: |
+ make update-kubeadm-constants
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpKubeadmConsts.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: update image constants for kubeadm images
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_kubeadm_constants
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'build: Bump kubeadm constants for kubernetes images'
+ body: |
+ This PR was auto-generated by `make update-kubeadm-constants` using [update-kubeadm-constants.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-kubeadm-constants.yml) CI Workflow.
+ Please only merge if all the tests pass.
+
+ ```
+ ${{ steps.bumpKubeadmConsts.outputs.changes }}
+ ```
diff --git a/.github/workflows/update-kubectl-version.yml b/.github/workflows/update-kubectl-version.yml
new file mode 100644
index 000000000000..c9bbb4b80986
--- /dev/null
+++ b/.github/workflows/update-kubectl-version.yml
@@ -0,0 +1,48 @@
+name: "update-kubectl-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-kubectl-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump Kubectl version
+ id: bumpKubectl
+ run: |
+ echo "OLD_VERSION=$(DEP=kubectl make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-kubectl-version
+ echo "NEW_VERSION=$(DEP=kubectl make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpKubectl.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon kubevirt: Update bitnami/kubectl image from ${{ steps.bumpKubectl.outputs.OLD_VERSION }} to ${{ steps.bumpKubectl.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_kubectl_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon kubevirt: Update bitnami/kubectl image from ${{ steps.bumpKubectl.outputs.OLD_VERSION }} to ${{ steps.bumpKubectl.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The [bitnami](https://github.com/bitnami/containers) project released a new bitnami/kubectl image
+
+ This PR was auto-generated by `make update-kubectl-version` using [update-kubectl-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-kubectl-version.yml) CI Workflow.
diff --git a/.github/workflows/update-kubernetes-versions-list.yml b/.github/workflows/update-kubernetes-versions-list.yml
new file mode 100644
index 000000000000..8a7401916c2e
--- /dev/null
+++ b/.github/workflows/update-kubernetes-versions-list.yml
@@ -0,0 +1,46 @@
+name: "update-kubernetes-versions-list"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Monday at around midnight pacific/7 am UTC
+ - cron: "0 6 * * 1"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ update-kubernetes-versions-list:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump Kubernetes versions list
+ id: bumpKubernetesVersionsList
+ run: |
+ make update-kubernetes-versions-list
+ c=$(git status --porcelain)
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$c" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpKubernetesVersionsList.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: update Kubernetes versions list
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_update_kubernetes_versions_list
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'build: Update Kubernetes versions list'
+ body: |
+ This PR was auto-generated by `make update-kubernetes-versions-list` using [update-kubernetes-versions-list.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-kubernetes-versions-list.yml) CI Workflow.
+ The purpose of this ValidKubernetesVersions in the code is, to check a kuberentes version is valid without checking Github on first try
+ and if the version is not valid, it will check Github for the latest valid versions. this will save some unesccary network calls.
diff --git a/.github/workflows/update-metrics-server-version.yml b/.github/workflows/update-metrics-server-version.yml
new file mode 100644
index 000000000000..c318cbb78320
--- /dev/null
+++ b/.github/workflows/update-metrics-server-version.yml
@@ -0,0 +1,48 @@
+name: "update-metrics-server-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-metrics-server-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump metrics-server version
+ id: bumpMetricsServer
+ run: |
+ echo "OLD_VERSION=$(DEP=metrics-server make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-metrics-server-version
+ echo "NEW_VERSION=$(DEP=metrics-server make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpMetricsServer.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon metrics-server: Update metrics-server/metrics-server image from ${{ steps.bumpMetricsServer.outputs.OLD_VERSION }} to ${{ steps.bumpMetricsServer.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_metrics_server_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon metrics-server: Update metrics-server/metrics-server image from ${{ steps.bumpMetricsServer.outputs.OLD_VERSION }} to ${{ steps.bumpMetricsServer.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The metrics-server project released a [new version](https://github.com/kubernetes-sigs/metrics-server)
+
+ This PR was auto-generated by `make update-metrics-server-version` using [update-metrics-server-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-metrics-server-version.yml) CI Workflow.
diff --git a/.github/workflows/update-nerdctl-version.yml b/.github/workflows/update-nerdctl-version.yml
new file mode 100644
index 000000000000..11abedd4b40f
--- /dev/null
+++ b/.github/workflows/update-nerdctl-version.yml
@@ -0,0 +1,71 @@
+name: "update-nerdctl-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-nerdctl-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump nerdctl Version
+ id: bumpNerdctl
+ run: |
+ echo "OLD_VERSION=$(DEP=nerdctl make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-nerdctl-version
+ echo "NEW_VERSION=$(DEP=nerdctl make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpNerdctl.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update nerdctl from ${{ steps.bumpNerdctl.outputs.OLD_VERSION }} to ${{ steps.bumpNerdctl.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_nerdctl_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update nerdctl from ${{ steps.bumpNerdctl.outputs.OLD_VERSION }} to ${{ steps.bumpNerdctl.outputs.NEW_VERSION }}'
+ body: |
+ The nerdctl project released a [new version](https://github.com/containerd/nerdctl/releases)
+
+ This PR was auto-generated by `make update-nerdctl-version` using [update-nerdctl-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-nerdctl-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpNerdctl.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpNerdctl.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-nerdctld-version.yml b/.github/workflows/update-nerdctld-version.yml
new file mode 100644
index 000000000000..7cbfa964ab42
--- /dev/null
+++ b/.github/workflows/update-nerdctld-version.yml
@@ -0,0 +1,60 @@
+name: "update-nerdctld-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-nerdctld-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump nerdctld Version
+ id: bumpNerdctld
+ run: |
+ echo "OLD_VERSION=$(DEP=nerdctld make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-nerdctld-version
+ echo "NEW_VERSION=$(DEP=nerdctld make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpNerdctld.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase: Update nerdctld from ${{ steps.bumpNerdctld.outputs.OLD_VERSION }} to ${{ steps.bumpNerdctld.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_nerdctld_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase: Update nerdctld from ${{ steps.bumpNerdctld.outputs.OLD_VERSION }} to ${{ steps.bumpNerdctld.outputs.NEW_VERSION }}'
+ body: |
+ The nerdctld project released a [new version](https://github.com/afbjorklund/nerdctld/releases)
+
+ This PR was auto-generated by `make update-nerdctld-version` using [update-nerdctld-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-nerdctld-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpNerdctld.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
diff --git a/.github/workflows/update-nvidia-device-plugin-version.yml b/.github/workflows/update-nvidia-device-plugin-version.yml
new file mode 100644
index 000000000000..ee8686855ce1
--- /dev/null
+++ b/.github/workflows/update-nvidia-device-plugin-version.yml
@@ -0,0 +1,48 @@
+name: "update-nvidia-device-plugin-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-nvidia-device-plugin-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump nvidia-device-plugin version
+ id: bumpNvidiaDevicePlugin
+ run: |
+ echo "OLD_VERSION=$(DEP=nvidia-device-plugin make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-nvidia-device-plugin-version
+ echo "NEW_VERSION=$(DEP=nvidia-device-plugin make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpNvidiaDevicePlugin.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon nvidia-device-plugin: Update nvidia/k8s-device-plugin image from ${{ steps.bumpNvidiaDevicePlugin.outputs.OLD_VERSION }} to ${{ steps.bumpNvidiaDevicePlugin.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_nvidia_device_plugin_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon nvidia-device-plugin: Update nvidia/k8s-device-plugin image from ${{ steps.bumpNvidiaDevicePlugin.outputs.OLD_VERSION }} to ${{ steps.bumpNvidiaDevicePlugin.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The [k8s-device-plugin](https://github.com/NVIDIA/k8s-device-plugin) project released a new k8s-device-plugin image
+
+ This PR was auto-generated by `make update-nvidia-device-plugin-version` using [update-nvidia-device-plugin-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-nvidia-device-plugin-version.yml) CI Workflow.
diff --git a/.github/workflows/update-portainer-version.yml b/.github/workflows/update-portainer-version.yml
new file mode 100644
index 000000000000..af6680db072c
--- /dev/null
+++ b/.github/workflows/update-portainer-version.yml
@@ -0,0 +1,48 @@
+name: "update-portainer-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Monday at around 3 am pacific/10 am UTC
+ - cron: "0 10 * * 1"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.24.0'
+permissions:
+ contents: read
+
+jobs:
+ bump-portainer-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+ - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump portainer version
+ id: bumpPortainer
+ run: |
+ echo "OLD_VERSION=$(DEP=portainer make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-portainer-version
+ echo "NEW_VERSION=$(DEP=portainer make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpPortainer.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon portainer: Update portainer image from ${{ steps.bumpPortainer.outputs.OLD_VERSION }} to ${{ steps.bumpPortainer.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_portainer_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon portainer: Update portainer image from ${{ steps.bumpPortainer.outputs.OLD_VERSION }} to ${{ steps.bumpPortainer.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The [portainer](https://github.com/portainer/portainer) project released a new portainer image
+
+ This PR was auto-generated by `make update-portainer-version` using [update-portainer-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-portainer-version.yml) CI Workflow.
diff --git a/.github/workflows/update-registry-version.yml b/.github/workflows/update-registry-version.yml
new file mode 100644
index 000000000000..dc85315e33ac
--- /dev/null
+++ b/.github/workflows/update-registry-version.yml
@@ -0,0 +1,46 @@
+name: "update-registry-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-registry-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump registry version
+ id: bumpRegistry
+ run: |
+ echo "OLD_VERSION=$(DEP=registry make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-registry-version
+ echo "NEW_VERSION=$(DEP=registry make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpRegistry.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon registry: Update registry image from ${{ steps.bumpRegistry.outputs.OLD_VERSION }} to ${{ steps.bumpRegistry.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_registry_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon registry: Update registry image from ${{ steps.bumpRegistry.outputs.OLD_VERSION }} to ${{ steps.bumpRegistry.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ This PR was auto-generated by `make update-registry-version` using [update-registry-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-registry-version.yml) CI Workflow.
diff --git a/.github/workflows/update-runc-version.yml b/.github/workflows/update-runc-version.yml
new file mode 100644
index 000000000000..e416c4f0d7ef
--- /dev/null
+++ b/.github/workflows/update-runc-version.yml
@@ -0,0 +1,71 @@
+name: "update-runc-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Tuesday at around 3 am pacific/10 am UTC
+ - cron: "0 10 * * 2"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-runc-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump runc Version
+ id: bumpRunc
+ run: |
+ echo "OLD_VERSION=$(DEP=runc make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-runc-version
+ echo "NEW_VERSION=$(DEP=runc make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ id: createPR
+ if: ${{ steps.bumpRunc.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Kicbase/ISO: Update runc from ${{ steps.bumpRunc.outputs.OLD_VERSION }} to ${{ steps.bumpRunc.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_runc_version
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Kicbase/ISO: Update runc from ${{ steps.bumpRunc.outputs.OLD_VERSION }} to ${{ steps.bumpRunc.outputs.NEW_VERSION }}'
+ body: |
+ The runc project released a [new version](https://github.com/opencontainers/runc/releases)
+
+ This PR was auto-generated by `make update-runc-version` using [update-runc-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-runc-version.yml) CI Workflow.
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpRunc.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-image'
+ })
+ - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
+ if: ${{ steps.bumpRunc.outputs.changes != '' }}
+ with:
+ github-token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ script: |
+ github.rest.issues.createComment({
+ issue_number: ${{ steps.createPR.outputs.pull-request-number }},
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ body: 'ok-to-build-iso'
+ })
diff --git a/.github/workflows/update-site-node-version.yml b/.github/workflows/update-site-node-version.yml
new file mode 100644
index 000000000000..da57001f699a
--- /dev/null
+++ b/.github/workflows/update-site-node-version.yml
@@ -0,0 +1,47 @@
+name: "update-site-node-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-site-node-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump site node version
+ id: bumpSiteNode
+ run: |
+ echo "OLD_VERSION=$(DEP=node make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-site-node-version
+ echo "NEW_VERSION=$(DEP=node make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpSiteNode.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'site: Update node from ${{ steps.bumpSiteNode.outputs.OLD_VERSION }} to ${{ steps.bumpSiteNode.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_site_node_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'site: Update node from ${{ steps.bumpSiteNode.outputs.OLD_VERSION }} to ${{ steps.bumpSiteNode.outputs.NEW_VERSION }}'
+ body: |
+ The [node](https://github.com/nodejs/node) project released a new version
+
+ This PR was auto-generated by `make update-site-node-version` using [update-site-node-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-site-node-version.yml) CI Workflow.
diff --git a/.github/workflows/update-volcano-version.yml b/.github/workflows/update-volcano-version.yml
new file mode 100644
index 000000000000..a727cbb48fb4
--- /dev/null
+++ b/.github/workflows/update-volcano-version.yml
@@ -0,0 +1,49 @@
+name: "update-volcano-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-volcano-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ cache-dependency-path: ./go.sum
+ - name: Bump volcano version
+ id: bumpVolcano
+ run: |
+ echo "OLD_VERSION=$(DEP=volcano make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-volcano-version
+ echo "NEW_VERSION=$(DEP=volcano make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpVolcano.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon Volcano: Update volcano images from ${{ steps.bumpVolcano.outputs.OLD_VERSION }} to ${{ steps.bumpVolcano.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_volcano_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon Volcano: Update volcano images from ${{ steps.bumpVolcano.outputs.OLD_VERSION }} to ${{ steps.bumpVolcano.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The [Volcano](https://github.com/volcano-sh/volcano) project made a new release
+
+ This PR was auto-generated by `make update-volcano-version` using [update-volcano-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-volcano-version.yml) CI Workflow.
diff --git a/.github/workflows/update-yakd-version.yml b/.github/workflows/update-yakd-version.yml
new file mode 100644
index 000000000000..9f22c8bbc53f
--- /dev/null
+++ b/.github/workflows/update-yakd-version.yml
@@ -0,0 +1,48 @@
+name: "update-yakd-version"
+on:
+ workflow_dispatch:
+ schedule:
+ # every Saturday at 1:00 Pacific/8:00 UTC
+ - cron: "0 8 * * 6"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ bump-yakd-version:
+ runs-on: ubuntu-22.04
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Bump yakd version
+ id: bumpYakd
+ run: |
+ echo "OLD_VERSION=$(DEP=yakd make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ make update-yakd-version
+ echo "NEW_VERSION=$(DEP=yakd make get-dependency-version)" >> "$GITHUB_OUTPUT"
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ - name: Create PR
+ if: ${{ steps.bumpYakd.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: 'Addon yakd: Update marcnuri/yakd image from ${{ steps.bumpYakd.outputs.OLD_VERSION }} to ${{ steps.bumpYakd.outputs.NEW_VERSION }}'
+ committer: minikube-bot
+ author: minikube-bot
+ branch: auto_bump_yakd_version
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'Addon yakd: Update marcnuri/yakd image from ${{ steps.bumpYakd.outputs.OLD_VERSION }} to ${{ steps.bumpYakd.outputs.NEW_VERSION }}'
+ labels: ok-to-test
+ body: |
+ The [yakd](https://github.com/manusa/yakd) project released a new yakd image
+
+ This PR was auto-generated by `make update-yakd-version` using [update-yakd-version.yml](https://github.com/kubernetes/minikube/tree/master/.github/workflows/update-yakd-version.yml) CI Workflow.
diff --git a/.github/workflows/vex.yml b/.github/workflows/vex.yml
new file mode 100644
index 000000000000..05dcbf747071
--- /dev/null
+++ b/.github/workflows/vex.yml
@@ -0,0 +1,18 @@
+on:
+ workflow_dispatch:
+ push:
+ tags:
+ - 'v*.*.*'
+jobs:
+ vexctl:
+ runs-on: ubuntu-22.04
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - name: Set env
+ run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+ - uses: openvex/generate-vex@31b415924ea0d72ed5f2640f1dee59dea6c2770b
+ name: Run vexctl
+ with:
+ product: pkg:golang/k8s.io/minikube@${{ env.RELEASE_VERSION }}
+
diff --git a/.github/workflows/winget.yml b/.github/workflows/winget.yml
new file mode 100644
index 000000000000..0387e0f43186
--- /dev/null
+++ b/.github/workflows/winget.yml
@@ -0,0 +1,18 @@
+name: Publish to WinGet
+on:
+ workflow_dispatch:
+ release:
+ types: [released]
+permissions:
+ contents: read
+
+jobs:
+ publish:
+ runs-on: windows-latest # action can only be run on windows
+ steps:
+ - uses: vedantmgoyal9/winget-releaser@main
+ with:
+ identifier: Kubernetes.minikube
+ installers-regex: 'minikube-installer.exe'
+ token: ${{ secrets.WINGET_TOKEN }}
+ fork-user: minikube-bot
diff --git a/.github/workflows/yearly-leaderboard.yml b/.github/workflows/yearly-leaderboard.yml
new file mode 100644
index 000000000000..5e4c73f15e7c
--- /dev/null
+++ b/.github/workflows/yearly-leaderboard.yml
@@ -0,0 +1,53 @@
+name: "update-yearly-leaderboard"
+on:
+ workflow_dispatch:
+ schedule:
+ # The 2nd of every month
+ - cron: "0 0 2 * *"
+env:
+ GOPROXY: https://proxy.golang.org
+ GO_VERSION: '1.25.5'
+permissions:
+ contents: read
+
+jobs:
+ update-yearly-leaderboard:
+ if: github.repository == 'kubernetes/minikube'
+ runs-on: ubuntu-22.04
+ env:
+ AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+ AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+ AWS_DEFAULT_REGION: 'us-west-1'
+ steps:
+ - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+ - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c
+ with:
+ go-version: ${{env.GO_VERSION}}
+ - name: Update Yearly Leaderboard
+ id: yearlyLeaderboard
+ run: |
+ sudo apt install ncal
+ make update-yearly-leaderboard
+ # The following is to support multiline with GITHUB_OUTPUT, see https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings
+ echo "changes<> "$GITHUB_OUTPUT"
+ echo "$(git status --porcelain)" >> "$GITHUB_OUTPUT"
+ echo "EOF" >> "$GITHUB_OUTPUT"
+ env:
+ GITHUB_TOKEN: ${{ secrets.MINIKUBE_BOT_PAT }}
+ - name: Create PR
+ if: ${{ steps.yearlyLeaderboard.outputs.changes != '' }}
+ uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725
+ with:
+ token: ${{ secrets.MINIKUBE_BOT_PAT }}
+ commit-message: Update yearly leaderboard
+ committer: minikube-bot
+ author: minikube-bot
+ branch: yearly-leaderboard
+ branch-suffix: short-commit-hash
+ push-to-fork: minikube-bot/minikube
+ base: master
+ delete-branch: true
+ title: 'site: Update Yearly Leaderboard'
+ body: |
+ Committing changes resulting from `make update-yearly-leaderboard`.
+ This PR is auto-generated by the [update-yearly-leaderboard](https://github.com/kubernetes/minikube/blob/master/.github/workflows/yearly-leaderboard.yml) CI workflow.
diff --git a/.gitignore b/.gitignore
index cf6f99bc49fd..79d6ee19aaa3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,6 +5,7 @@
# Folders
.cache
+.modcache
_obj
_test
@@ -25,28 +26,47 @@ _testmain.go
*.exe
*.test
*.prof
+*.pprof
+*.log
-/deploy/iso/minikube-iso/board/coreos/minikube/rootfs-overlay/usr/bin/auto-pause
+/deploy/iso/minikube-iso/board/minikube/x86_64/rootfs-overlay/usr/bin/auto-pause
+/deploy/iso/minikube-iso/board/minikube/aarch64/rootfs-overlay/usr/bin/auto-pause
+/deploy/iso/minikube-iso/Config.in
+/deploy/iso/minikube-iso/CHANGELOG
+/deploy/iso/minikube-iso/board/minikube/x86_64/rootfs-overlay/CHANGELOG
+/deploy/iso/minikube-iso/board/minikube/aarch64/rootfs-overlay/CHANGELOG
/deploy/kicbase/auto-pause
+/deploy/kicbase/CHANGELOG
/deploy/addons/auto-pause/auto-pause-hook
/out
/_gopath
#iso version file
-deploy/iso/minikube-iso/board/coreos/minikube/rootfs-overlay/etc/VERSION
+deploy/iso/minikube-iso/board/minikube/x86_64/rootfs-overlay/etc/VERSION
+deploy/iso/minikube-iso/board/minikube/aarch64/rootfs-overlay/etc/VERSION
+deploy/iso/minikube-iso/board/minikube/x86_64/rootfs-overlay/version.json
+deploy/iso/minikube-iso/board/minikube/aarch64/rootfs-overlay/version.json
/minikube
.DS_Store
+# Editor files
/.idea
-
/.vscode
+/.zed
-test/integration/testdata/minikube-linux-amd64-latest-stable
+/test/integration/testdata/minikube-linux-amd64-latest-stable
+/test/integration/licenses
# hugo
/public
/site/resources
/_gen
+/site/public
+# gopogh filldb
+hack/legacy_fill_db/gopogh_filldb_log.txt
+hack/legacy_fill_db/out/output_summary.json
+hack/legacy_fill_db/out/output.html
+hack/go-licenses
diff --git a/.gitmodules b/.gitmodules
index d398a94cf9b5..c74518b4fac7 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -4,3 +4,6 @@
[submodule "hack/benchmark/time-to-k8s/time-to-k8s-repo"]
path = hack/benchmark/time-to-k8s/time-to-k8s-repo
url = https://github.com/tstromberg/time-to-k8s.git
+[submodule "hack/benchmark/image-build/minikube-image-benchmark"]
+ path = hack/benchmark/image-build/minikube-image-benchmark
+ url = https://github.com/GoogleContainerTools/minikube-image-benchmark.git
diff --git a/.golangci.max.yaml b/.golangci.max.yaml
new file mode 100644
index 000000000000..1d6e8722df6f
--- /dev/null
+++ b/.golangci.max.yaml
@@ -0,0 +1,26 @@
+version: "2"
+linters:
+ enable:
+ - dogsled
+ - errcheck
+ - gocritic
+ - govet
+ - gocyclo
+ - ineffassign
+ - misspell
+ - nakedret
+ - revive
+ - staticcheck
+ - unconvert
+ - unparam
+ - unused
+ exclusions:
+ paths:
+ - third_party
+formatters:
+ enable:
+ - gofmt
+ - goimports
+ exclusions:
+ paths:
+ - third_party
diff --git a/.golangci.min.yaml b/.golangci.min.yaml
new file mode 100644
index 000000000000..072bcbb45111
--- /dev/null
+++ b/.golangci.min.yaml
@@ -0,0 +1,26 @@
+version: "2"
+linters:
+ enable:
+ - govet
+ - gocyclo
+ disable:
+ - errcheck
+ - staticcheck
+ exclusions:
+ generated: lax
+ presets:
+ - comments
+ - common-false-positives
+ - legacy
+ - std-error-handling
+ paths:
+ - third_party
+ - '(.+)_test\.go'
+formatters:
+ enable:
+ - gofmt
+ - goimports
+ exclusions:
+ generated: lax
+ paths:
+ - third_party
diff --git a/.golangci.yaml b/.golangci.yaml
new file mode 100644
index 000000000000..0c46fa82122b
--- /dev/null
+++ b/.golangci.yaml
@@ -0,0 +1,179 @@
+version: "2"
+run:
+ timeout: 7m
+linters:
+ enable:
+ - dogsled
+ - errcheck
+ - gocritic
+ - govet
+ - gocyclo
+ - ineffassign
+ - misspell
+ - nakedret
+ - revive
+ - staticcheck
+ - unconvert
+ - unparam
+ - unused
+ settings:
+ staticcheck:
+ checks:
+ # Below is the default set
+ - "all"
+ - "-ST1000"
+ - "-ST1003"
+ - "-ST1016"
+ - "-ST1020"
+ - "-ST1021"
+ - "-ST1022"
+ # Omit embedded fields from selector expression
+ - "-QF1008"
+
+ revive:
+ enable-all-rules: true
+ rules:
+ # See https://revive.run/r
+
+ ##### P0: we should do it ASAP.
+ - name: max-control-nesting
+ arguments: [7]
+ - name: deep-exit
+ disabled: true
+ - name: unchecked-type-assertion
+ disabled: true
+ - name: bare-return
+ disabled: true
+ - name: import-shadowing
+ disabled: true
+ - name: use-errors-new
+ disabled: true
+ ##### P1: consider making a dent on these, but not critical.
+ - name: argument-limit
+ arguments: [12]
+ - name: unnecessary-stmt
+ disabled: true
+ - name: defer
+ disabled: true
+ - name: confusing-naming
+ disabled: true
+ - name: early-return
+ disabled: true
+ - name: function-result-limit
+ arguments: [7]
+ - name: function-length
+ arguments: [0, 400]
+ - name: cyclomatic
+ arguments: [100]
+ - name: unhandled-error
+ disabled: true
+ - name: cognitive-complexity
+ arguments: [197]
+ ##### P2: nice to have.
+ - name: max-public-structs
+ arguments: [25]
+ - name: confusing-results
+ disabled: true
+ - name: comment-spacings
+ disabled: true
+ - name: use-any
+ disabled: true
+ - name: empty-lines
+ disabled: true
+ - name: package-comments
+ disabled: true
+ - name: exported
+ disabled: true
+ ###### Permanently disabled. Below have been reviewed and vetted to be unnecessary.
+ - name: line-length-limit
+ disabled: true
+ - name: nested-structs
+ disabled: true
+ - name: flag-parameter
+ disabled: true
+ - name: unused-parameter
+ disabled: true
+ - name: unused-receiver
+ disabled: true
+ - name: add-constant
+ disabled: true
+ ###### To be determined, this is a rule with differences.
+ - name: import-alias-naming
+ disabled: true
+ - name: unexported-naming
+ disabled: true
+ - name: struct-tag
+ disabled: true
+ - name: redundant-import-alias
+ disabled: true
+ gocritic:
+ # See https://go-critic.com/overview.html
+ disabled-checks:
+ # Below are normally enabled by default, but we do not pass
+ - appendAssign
+ - ifElseChain
+ - unslice
+ - badCall
+ - assignOp
+ - commentFormatting
+ - captLocal
+ - singleCaseSwitch
+ - wrapperFunc
+ - elseif
+ - regexpMust
+ - deprecatedComment
+ enabled-checks:
+ # Below used to be enabled, but we do not pass anymore
+ # - paramTypeCombine
+ # - octalLiteral
+ # - unnamedResult
+ # - equalFold
+ # - sloppyReassign
+ # - emptyStringTest
+ # - hugeParam
+ # - appendCombine
+ # - stringXbytes
+ # - ptrToRefParam
+ # - commentedOutCode
+ # - rangeValCopy
+ # - methodExprCall
+ # - yodaStyleExpr
+ # - typeUnparen
+
+ # We enabled these and we pass
+ - nilValReturn
+ - weakCond
+ - indexAlloc
+ - rangeExprCopy
+ - boolExprSimplify
+ - commentedOutImport
+ - docStub
+ - emptyFallthrough
+ - hexLiteral
+ - typeAssertChain
+ - unlabelStmt
+ - builtinShadow
+ - importShadow
+ - initClause
+ - nestingReduce
+ - unnecessaryBlock
+
+ exclusions:
+ paths:
+ # we generally dont wanna touch or lint the Third_party code, it is basically like a fork for code that we can not import.
+ # but have to copy/paste
+ - third_party
+ # Skip test files
+ - '(.+)_test\.go'
+ rules:
+ # I think this check is meaningless.
+ - path: '(.+)\.go$'
+ text: "Error return value of `.*` is not checked"
+ linter: errcheck
+formatters:
+ enable:
+ - gofmt
+ - goimports
+ exclusions:
+ paths:
+ - third_party
diff --git a/.openvex/templates/README.md b/.openvex/templates/README.md
new file mode 100644
index 000000000000..d724e1d0e7eb
--- /dev/null
+++ b/.openvex/templates/README.md
@@ -0,0 +1,27 @@
+# OpenVEX Templates Directory
+
+This directory contains the OpenVEX data for this repository.
+The files stored in this directory are used as templates by
+`vexctl generate` when generating VEX data for a release or
+a specific artifact.
+
+To add new statements to publish data about a vulnerability,
+download [vexctl](https://github.com/openvex/vexctl)
+and append new statements using `vexctl add`. For example:
+```
+vexctl add --in-place main.openvex.json pkg:oci/test CVE-2014-1234567 fixed
+```
+That will add a new VEX statement expressing that the impact of
+CVE-2014-1234567 is under investigation in the test image. When
+cutting a new release, for `pkg:oci/test` the new file will be
+incorporated to the relase's VEX data.
+
+## Read more about OpenVEX
+
+To know more about generating, publishing and using VEX data
+in your project, please check out the vexctl repository and
+documentation: https://github.com/openvex/vexctl
+
+OpenVEX also has an examples repository with samples and docs:
+https://github.com/openvex/examples
+
diff --git a/.openvex/templates/main.openvex.json b/.openvex/templates/main.openvex.json
new file mode 100644
index 000000000000..2f9b8d2fdce0
--- /dev/null
+++ b/.openvex/templates/main.openvex.json
@@ -0,0 +1,8 @@
+{
+ "@context": "https://openvex.dev/ns/v0.2.0",
+ "@id": "https://openvex.dev/docs/public/vex-081fa16bd7164a81aa33b8897afd8efb325c037636e2709ed5fdd145eacedcf5",
+ "author": "vexctl (automated template)",
+ "timestamp": "2023-12-15T23:43:21.490011+05:30",
+ "version": 1,
+ "statements": []
+}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index ab0ded5a073f..22599e6a0793 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,2327 @@
# Release Notes
+## Version 1.37.0 - 2025-09-09
+
+## Highlight
+Run AI workloads on Macbook's GPU in Kubernetes using the new `krunkit driver`. Get started with our [AI Playground tutorial](https://minikube.sigs.k8s.io/docs/tutorials/ai-playground/)
+
+## Features
+* Bump Kubernetes version default: v1.34.0 and latest: v1.34.0 (#21439)
+* Add krunkit driver supporting GPU acceleration on macOS (#20826) [Tutorial](https://minikube.sigs.k8s.io/docs/tutorials/ai-playground/)
+* add short hand -m for --memory (#20854)
+* Add support to docker runtime for OCI access to NVIDIA GPUs (#20959)
+* Add `--disable-coredns-log` flag to suppress coredns logs (#20992)
+* new addon: kubetail (#20345)
+* drivers: Add support for Virtiofs mounts for vfkit and krunkit (#21149)
+
+## Improvements
+* Improve ingress-dns addon for ipv4 and windows v0.0.4 (#21449)
+* iso: Disable grub timeout speeding up vm start by 5 seconds (#20895)
+* improve docker service reliability, update docker systemd files (#21174)
+* Don't require both --mount for using --mount-string and remove default mount-string (#21250)
+* Update oldest supported Kubernetes versions (#21490)
+* license cmd: don't fail if output dir doesn't exist & download from github assets first (#21206)
+* remove deprecated proxy-refresh-interval v2 etcd flag (#21278)
+* vmnet: Support offloading for krunkit (#20831)
+* Don't call startKicServiceTunnel for non-kic drivers (#20863)
+* krunkit: Disable offloading for faster networking (#21341)
+
+## Deprication
+* Deprecate HyperKit driver with warning (#21024)
+
+## Bug fixes
+* fix dirty commit version (#21062)
+* Fix minikube image load on windows (#20529) (#20921)
+* Fix mount to same folder causing Input/output error (#21077)
+* fix: YAML file escape error problem affecting addons (#20904)
+* iso: Fix `minikube stop` with vfkit and krunkit drivers (#21089)
+* iso: Fix console for vfkit/krunkit (#20832)
+
+## Addons
+* Addon nvidia-device-plugin: Update nvidia/k8s-device-plugin image from v0.17.2 to v0.17.3 (#21225)
+* Addon cloud-spanner: Update cloud-spanner-emulator/emulator image from 1.5.34 to 1.5.41 (#20976)(#21040)(#21243)(#21287)(#21359)(#21512)
+* Addon Headlamp: Update Headlamp image from v0.28.0 to v0.34.0 (#21238)(#21508)
+* Addon ingress: Update ingress-nginx/controller image from v1.12.2 to v1.13.2 (#20909)(#21232)(#21353)(#21458)
+* Addon inspektor-gadget: Update inspektor-gadget image from v0.40.0 to v0.44.1 (#20873)(#21038)(#21240)(#21462)(#21510)(#21358)
+* Addon kong: Update kong image from 3.9.0 to 3.9.1 (#20966)(#21503)
+* Addon kong: Update kong/kubernetes-ingress-controller image from 3.4.5 to 3.5.1 (#20908)(#20969)(#21034)(#21282)
+* Addon kubevirt: Update bitnami/kubectl image from 1.33.1 to 1.33.4 (#20911)(#20939)(#21235)(#21283)(#21414)
+* Addon metrics-server: Update metrics-server/metrics-server image from v0.7.2 to v0.8.0 (#21033)
+* Addon registry: Update registry image from 3.0.0 to 3.0.0 (#21242)
+* Addon Volcano: Update volcano images from v1.11.2 to v1.12.2 (#20868)(#21351)
+* Addon kubetail: update version 0.13.3 (#21244)
+* HA (multi-control plane): Update kube-vip from v0.9.1 to v1.0.0 (#20999)(#21228)
+
+## CNI versions
+* CNI: Update calico from v3.30.0 to v3.30.3 (#20871)(#20971)(#21416)
+* CNI: Update cilium from v1.17.4 to v1.18.1 (#20968)(#21226)(#21349)
+* CNI: Update flannel from v0.26.7 to v0.27.0 (#20907)(#21230)(#21504)
+
+## Base image versions
+* iso: Update to longterm kernel to 6.6.95 (#20995)
+* iso: Enable VirtioFS for x86_64 and aarch64 (#21147)
+* iso: Improve build and clean up configuration (#20991)
+* Kicbase/ISO: Update cni-plugins from v1.7.1 to v1.8.0 (#21517)
+* Kicbase/ISO: Update crun from 1.19 to 1.23.1 (#21198)(#21330)
+* Kicbase/ISO: Update docker from 28.0.4 to 28.4.0 (#21053)(#21248)(#21488)
+* Kicbase: Bump ubuntu:jammy from 20250415.1 to 20250819 (#21233)(#21413)(#21505)
+
+## UI
+* redo "minikube profile list" to move the verbose details into a --det… (#20544)
+* improve config flag long description (#21515)
+* Refactor spinner library & hide sub steps after spinning (#21215)
+* do not show "create github issue" twice if kubeadm init fails (#21263)
+* Refactor table rendering (#20893)
+
+## UI/Translations
+* Add Greak Translation
+* Add more Korean translations (#21467)(#21465)
+* Add more French translation (#21050)(#20862)(#20945)(#20964)(#21156)(#21372)(#21514)
+
+
+Thank you to our contributors for this release!
+
+- Aaron Nall
+- Andres Morey
+- ByoungUk Lee
+- Chemabj
+- Cosmic Oppai
+- Divy Singhvi
+- gopherorg
+- Imran Pochi
+- James World
+- Jeff MAURY
+- Joaquim Rocha
+- Jun Sugimoto
+- Kartik Joshi
+- Kaviraj Sankameeswaran
+- Kay Yan
+- Kubernetes Prow Robot
+- Laxman Gupta
+- Lefteris T.
+- Medya Ghazizadeh
+- Nir Soffer
+- Predrag Rogic
+- Shin Jihoon
+- Shin_Jihoon
+- Steven Powell
+- Tian
+- VerlorenerReisender
+- Victor Ubahakwe
+
+Thank you to our PR reviewers for this release!
+
+- medyagh (145 comments)
+- nirs (102 comments)
+- afbjorklund (18 comments)
+- prezha (11 comments)
+- Copilot (5 comments)
+- bobsira (4 comments)
+- cfergeau (2 comments)
+- gabrielgbs97 (2 comments)
+- aronahl (1 comments)
+- ComradeProgrammer (1 comments)
+- illume (1 comments)
+- rata (1 comments)
+- wt (1 comments)
+
+Thank you to our triage members for this release!
+
+- afbjorklund (37 comments)
+- nirs (21 comments)
+- divysinghvi (10 comments)
+- LJTian (9 comments)
+- medyagh (8 comments)
+
+
+## Version 1.36.0 - 2025-05-22
+
+Features
+* Support Kubernetes version v1.33.1 [#20784](https://github.com/kubernetes/minikube/pull/20784)
+* New flag "-f" to allow passing a config file for addon configure command. [#20255](https://github.com/kubernetes/minikube/pull/20255)
+* vfkit: bump to Preferred driver on macOs [#20808](https://github.com/kubernetes/minikube/pull/20808)
+* vfkit: new network option "--network vment-shared' for vfkit driver [#20501](https://github.com/kubernetes/minikube/pull/20501)
+
+Bug Fixes:
+* fix bootpd check on macOS >= 15 [#20400](https://github.com/kubernetes/minikube/pull/20400)
+* fix bug in parsing proxies with dashes [#20648](https://github.com/kubernetes/minikube/pull/20648)
+* fix waiting for all pods having specified labels to be Ready [#20315](https://github.com/kubernetes/minikube/pull/20315)
+* fix: incorrect finalImg affecting downloading kic form github assets [#20316](https://github.com/kubernetes/minikube/pull/20316)
+* fix: reference missing files in schema (Closes #20752) [#20761](https://github.com/kubernetes/minikube/pull/20761)
+Improvements:
+* Additional checks for 9p support [#20288](https://github.com/kubernetes/minikube/pull/20288)
+* vfkit: Graceful shutdown on stop [#20504](https://github.com/kubernetes/minikube/pull/20504)
+* vfkit: More robust state management [#20506](https://github.com/kubernetes/minikube/pull/20506)
+* vfkit vmnet: support running without sudoers configuration [#20719](https://github.com/kubernetes/minikube/pull/20719)
+* Revert "fix --wait's failure to work on coredns pods" [#20313](https://github.com/kubernetes/minikube/pull/20313)
+
+Languages:
+* Add Indonesian translation [#20494](https://github.com/kubernetes/minikube/pull/20494)
+* Add more french translation [#20361](https://github.com/kubernetes/minikube/pull/20361)
+* Add more Korean translations [#20634](https://github.com/kubernetes/minikube/pull/20634)
+* Add more Chinese translations [#20543](https://github.com/kubernetes/minikube/pull/20543)[#20543](https://github.com/kubernetes/minikube/pull/20543)
+* fixed minor typo in german translation [#20546](https://github.com/kubernetes/minikube/pull/20546)
+Version Updates:
+* Addon cloud-spanner: Update cloud-spanner-emulator/emulator image from 1.5.28 to 1.5.34 [#20451](https://github.com/kubernetes/minikube/pull/20451) [#20539](https://github.com/kubernetes/minikube/pull/20539) [#20602](https://github.com/kubernetes/minikube/pull/20602)[#20623](https://github.com/kubernetes/minikube/pull/20623) [#20670](https://github.com/kubernetes/minikube/pull/20670) [#20704](https://github.com/kubernetes/minikube/pull/20704)[#20795](https://github.com/kubernetes/minikube/pull/20795)
+* Addon headlamp: Update headlamp-k8s/headlamp image from v0.26.0 to v0.28.0 [#20311](https://github.com/kubernetes/minikube/pull/20311)
+* Addon ingress: Update ingress-nginx/controller image from v1.11.3 to v1.12.2 [#20789](https://github.com/kubernetes/minikube/pull/20789)
+* Addon inspektor-gadget: Update inspektor-gadget image from v0.36.0 to v0.40.0 [#20325](https://github.com/kubernetes/minikube/pull/20325)[#20354](https://github.com/kubernetes/minikube/pull/20354)[#20512](https://github.com/kubernetes/minikube/pull/20512) [#20736](https://github.com/kubernetes/minikube/pull/20736)
+* Addon kong: Update kong image from 3.8.0 to 3.9.0 [#20151](https://github.com/kubernetes/minikube/pull/20151)[#20384](https://github.com/kubernetes/minikube/pull/20384) [#20728](https://github.com/kubernetes/minikube/pull/20728)
+* Addon kong: Update kong/kubernetes-ingress-controller image from 3.3.1 to 3.4.5 [#20319](https://github.com/kubernetes/minikube/pull/20319)[#20446](https://github.com/kubernetes/minikube/pull/20446)[#20788](https://github.com/kubernetes/minikube/pull/20788)
+* Addon kubevirt: Update bitnami/kubectl image from 1.31.3 to 1.33.1 [#20321](https://github.com/kubernetes/minikube/pull/20321)[#20349](https://github.com/kubernetes/minikube/pull/20349)[#20665](https://github.com/kubernetes/minikube/pull/20665)[#20731](https://github.com/kubernetes/minikube/pull/20731)[#20790](https://github.com/kubernetes/minikube/pull/20790)
+* Addon nvidia-device-plugin: Update nvidia/k8s-device-plugin image from v0.17.0 to v0.17.2 [#20786](https://github.com/kubernetes/minikube/pull/20786)[#20534](https://github.com/kubernetes/minikube/pull/20534)
+* Addon registry: Update kube-registry-proxy image from 0.0.8 to 0.0.9 [#20717](https://github.com/kubernetes/minikube/pull/20717)
+* Addon registry: Update registry image from 2.8.3 to 3.0.0 [#20242](https://github.com/kubernetes/minikube/pull/20242) [#20425](https://github.com/kubernetes/minikube/pull/20425)
+* Addon Volcano: Update volcano images from v1.10.0 to v1.11.2 [#20318](https://github.com/kubernetes/minikube/pull/20318)[#20616](https://github.com/kubernetes/minikube/pull/20616)[#20697](https://github.com/kubernetes/minikube/pull/20697)
+* CNI: Update cilium from v1.17.0 to v3.30.0 [#20419](https://github.com/kubernetes/minikube/pull/20419) [#20390](https://github.com/kubernetes/minikube/pull/20390) [#20584](https://github.com/kubernetes/minikube/pull/20584) [#20734](https://github.com/kubernetes/minikube/pull/20734) [#20317](https://github.com/kubernetes/minikube/pull/20317)[#20383](https://github.com/kubernetes/minikube/pull/20383)[#20535](https://github.com/kubernetes/minikube/pull/20535) [#20637](https://github.com/kubernetes/minikube/pull/20637) [#20787](https://github.com/kubernetes/minikube/pull/20787)
+* CNI: Update flannel from v0.26.2 to v0.26.7 [#20385](https://github.com/kubernetes/minikube/pull/20385)[#20617](https://github.com/kubernetes/minikube/pull/20617) [#20639](https://github.com/kubernetes/minikube/pull/20639)
+* CNI: Update kindnetd from v20241108-5c6d2daf to v20250512-df8de77b [#20327](https://github.com/kubernetes/minikube/pull/20327)[#20427](https://github.com/kubernetes/minikube/pull/20427) [#20797](https://github.com/kubernetes/minikube/pull/20797)
+* HA (multi-control plane): Update kube-vip from v0.8.10 to v0.9.1 [#20638](https://github.com/kubernetes/minikube/pull/20638)[#20238](https://github.com/kubernetes/minikube/pull/20238)[#20598](https://github.com/kubernetes/minikube/pull/20598) [#20699](https://github.com/kubernetes/minikube/pull/20699)
+* Kicbase: Bump ubuntu:jammy from 20240911.1 to 20250126 [#20387](https://github.com/kubernetes/minikube/pull/20387)[#20718](https://github.com/kubernetes/minikube/pull/20718)
+* Kicbase/ISO: Update buildroot from 2023.02.9 to 2025.2 [#20720](https://github.com/kubernetes/minikube/pull/20720)
+* Kicbase/ISO: Update cni-plugins from v1.6.2 to v1.7.1 [#20771](https://github.com/kubernetes/minikube/pull/20771)
+* Kicbase/ISO: Update cri-dockerd from v0.3.15 to v0.4.0 [#20747](https://github.com/kubernetes/minikube/pull/20747)
+* Kicbase/ISO: Update docker from 27.4.0 to 28.0.4 [#20436](https://github.com/kubernetes/minikube/pull/20436) [#20523](https://github.com/kubernetes/minikube/pull/20523)[#20591](https://github.com/kubernetes/minikube/pull/20591)
+* Kicbase/ISO: Update runc from v1.2.3 to v1.3.0[#20433](https://github.com/kubernetes/minikube/pull/20433)[#20604](https://github.com/kubernetes/minikube/pull/20604) [#20764](https://github.com/kubernetes/minikube/pull/20764)
+
+For a more detailed changelog, including changes occurring in pre-release versions, see [CHANGELOG.md](https://github.com/kubernetes/minikube/blob/master/CHANGELOG.md).
+
+Thank you to our contributors for this release!
+
+- 錦南路之花
+- Aaina Lohia
+- Anthony Holloman
+- cdw8431
+- Cosmic Oppai
+- Daniel Pepuho
+- Jeff MAURY
+- joaquimrocha
+- Kubernetes Prow Robot
+- Lan Liang
+- luchenhan
+- Medya Ghazizadeh
+- minikube-bot
+- Nir Soffer
+- Predrag Rogic
+- Sri Panyam
+- Sylvester Carolan
+- Tian
+- VerlorenerReisender
+- Victor Ubahakwe
+- zvdy
+
+Thank you to our PR reviewers for this release!
+
+- medyagh (64 comments)
+- nirs (23 comments)
+- cfergeau (12 comments)
+- prezha (8 comments)
+- afbjorklund (1 comments)
+
+Thank you to our triage members for this release!
+
+- Ritikaa96 (54 comments)
+- Ruchi1499 (43 comments)
+- dhairya-seth (31 comments)
+- afbjorklund (14 comments)
+- medyagh (13 comments)
+
+Check out our [contributions leaderboard](https://minikube.sigs.k8s.io/docs/contrib/leaderboard/v1.36.0/) for this release!
+
+
+## Version 1.35.0 - 2025-01-15
+
+Features:
+* Add support for AMD GPUs via --gpus=amd [#19749](https://github.com/kubernetes/minikube/pull/19749)
+* Use Github Assets as New fail over for kic base image [#19464](https://github.com/kubernetes/minikube/pull/19464)
+* Support latest Kubernetes v1.32.0 [#20091](https://github.com/kubernetes/minikube/pull/20091)
+* Adds support for kubeadm.k8s.io/v1beta4 (available since k8s v1.31) [#19790](https://github.com/kubernetes/minikube/pull/19790)
+
+Improvements:
+* Merge nvidia-gpu-device-plugin and nvidia-device-plugin. [#19545](https://github.com/kubernetes/minikube/pull/19545)
+* kicbase: Update nvidia packages [#19738](https://github.com/kubernetes/minikube/pull/19738)
+* cilium: remove appArmorProfile for k8s "x.y". kube-cross and golang.org/dl use different formats for x.y.0 go versions
-KVM_GO_VERSION ?= $(GO_VERSION:.0=)
-
+# used by hack/jenkins/release_build_and_upload.sh, see also BUILD_IMAGE below
+# update this only by running `make update-golang-version`
+GO_VERSION ?= 1.25.5
+# set GOTOOLCHAIN to GO_VERSION to override any toolchain version specified in
+# go.mod (ref: https://go.dev/doc/toolchain#GOTOOLCHAIN)
+export GOTOOLCHAIN := go$(GO_VERSION)
+# update this only by running `make update-golang-version`
+GO_K8S_VERSION_PREFIX ?= v1.35.0
INSTALL_SIZE ?= $(shell du out/minikube-windows-amd64.exe | cut -f1)
-BUILDROOT_BRANCH ?= 2020.02.12
+BUILDROOT_BRANCH ?= 2025.02
+GOLANG_OPTIONS = GOWORK=off GO_VERSION=$(GO_VERSION) GO_HASH_FILE=$(PWD)/deploy/iso/minikube-iso/go.hash
+BUILDROOT_OPTIONS = BR2_EXTERNAL=../../deploy/iso/minikube-iso $(GOLANG_OPTIONS)
REGISTRY ?= gcr.io/k8s-minikube
# Get git commit id
COMMIT_NO := $(shell git rev-parse HEAD 2> /dev/null || true)
COMMIT ?= $(if $(shell git status --porcelain --untracked-files=no),"${COMMIT_NO}-dirty","${COMMIT_NO}")
COMMIT_SHORT = $(shell git rev-parse --short HEAD 2> /dev/null || true)
-HYPERKIT_BUILD_IMAGE ?= neilotoole/xcgo:go1.15
+COMMIT_NOQUOTES := $(patsubst "%",%,$(COMMIT))
# NOTE: "latest" as of 2021-02-06. kube-cross images aren't updated as often as Kubernetes
# https://github.com/kubernetes/kubernetes/blob/master/build/build-image/cross/VERSION
#
-BUILD_IMAGE ?= us.gcr.io/k8s-artifacts-prod/build-image/kube-cross:v$(GO_VERSION)-1
-ISO_BUILD_IMAGE ?= $(REGISTRY)/buildroot-image
+BUILD_IMAGE ?= registry.k8s.io/build-image/kube-cross:$(GO_K8S_VERSION_PREFIX)-go$(GO_VERSION)-bullseye.0
-KVM_BUILD_IMAGE_AMD64 ?= $(REGISTRY)/kvm-build-image_amd64:$(KVM_GO_VERSION)
-KVM_BUILD_IMAGE_ARM64 ?= $(REGISTRY)/kvm-build-image_arm64:$(KVM_GO_VERSION)
+ISO_BUILD_IMAGE ?= $(REGISTRY)/buildroot-image
ISO_BUCKET ?= minikube/iso
@@ -65,18 +69,22 @@ MINIKUBE_BUCKET ?= minikube/releases
MINIKUBE_UPLOAD_LOCATION := gs://${MINIKUBE_BUCKET}
MINIKUBE_RELEASES_URL=https://github.com/kubernetes/minikube/releases/download
-KERNEL_VERSION ?= 4.19.182
# latest from https://github.com/golangci/golangci-lint/releases
-GOLINT_VERSION ?= v1.39.0
+# update this only by running `make update-golint-version`
+GOLINT_VERSION ?= v2.7.2
+# see https://golangci-lint.run/docs/configuration/file/ for config details
+GOLINT_CONFIG ?= .golangci.min.yaml
+# Set this to --verbose to see details about the linters and formatters used
+GOLINT_VERBOSE ?=
# Limit number of default jobs, to avoid the CI builds running out of memory
GOLINT_JOBS ?= 4
# see https://github.com/golangci/golangci-lint#memory-usage-of-golangci-lint
GOLINT_GOGC ?= 100
# options for lint (golangci-lint)
-GOLINT_OPTIONS = --timeout 7m \
+GOLINT_OPTIONS = \
+ --max-issues-per-linter 0 --max-same-issues 0 \
--build-tags "${MINIKUBE_INTEGRATION_BUILD_TAGS}" \
- --enable gofmt,goimports,gocritic,golint,gocyclo,misspell,nakedret,stylecheck,unconvert,unparam,dogsled \
- --exclude 'variable on range scope.*in function literal|ifElseChain'
+ --config $(GOLINT_CONFIG) $(GOLINT_VERBOSE)
export GO111MODULE := on
@@ -84,25 +92,31 @@ GOOS ?= $(shell go env GOOS)
GOARCH ?= $(shell go env GOARCH)
GOARM ?= 7 # the default is 5
GOPATH ?= $(shell go env GOPATH)
-BUILD_DIR ?= ./out
+BUILD_DIR ?= $(PWD)/out
$(shell mkdir -p $(BUILD_DIR))
CURRENT_GIT_BRANCH ?= $(shell git branch | grep \* | cut -d ' ' -f2)
# Use system python if it exists, otherwise use Docker.
-PYTHON := $(shell command -v python || echo "docker run --rm -it -v $(shell pwd):/minikube -w /minikube python python")
+PYTHON := $(shell command -v python || echo "docker run --rm -it -v $(shell pwd):/minikube:Z -w /minikube python python")
BUILD_OS := $(shell uname -s)
SHA512SUM=$(shell command -v sha512sum || echo "shasum -a 512")
+# check which "flavor" of SED is being used as the flags are different between BSD and GNU sed.
+# BSD sed does not support "--version"
+SED_VERSION := $(shell sed --version 2>/dev/null | head -n 1 | cut -d' ' -f4)
+ifeq ($(SED_VERSION),)
+ SED = sed -i ''
+else
+ SED = sed -i
+endif
+
# gvisor tag to automatically push changes to
# to update minikubes default, update deploy/addons/gvisor
-GVISOR_TAG ?= latest
+GVISOR_TAG ?= v0.0.2
# auto-pause-hook tag to push changes to
-AUTOPAUSE_HOOK_TAG ?= v0.0.2
-
-# prow-test tag to push changes to
-PROW_TEST_TAG ?= v0.0.1
+AUTOPAUSE_HOOK_TAG ?= v0.0.5
# storage provisioner tag to push changes to
# NOTE: you will need to bump the PreloadVersion if you change this
@@ -116,7 +130,6 @@ MINIKUBE_LDFLAGS := -X k8s.io/minikube/pkg/version.version=$(VERSION) -X k8s.io/
PROVISIONER_LDFLAGS := "-X k8s.io/minikube/pkg/storage.version=$(STORAGE_PROVISIONER_TAG) -s -w -extldflags '-static'"
MINIKUBEFILES := ./cmd/minikube/
-HYPERKIT_FILES := ./cmd/drivers/hyperkit
STORAGE_PROVISIONER_FILES := ./cmd/storage-provisioner
KVM_DRIVER_FILES := ./cmd/drivers/kvm/
@@ -128,7 +141,11 @@ MARKDOWNLINT ?= markdownlint
MINIKUBE_MARKDOWN_FILES := README.md CONTRIBUTING.md CHANGELOG.md
-MINIKUBE_BUILD_TAGS :=
+# The `libvirt_dlopen` build tag is used only linux to avoid linking with
+# libvirt shared library. This is not documnted but can be found in the source.
+# https://gitlab.com/libvirt/libvirt-go-module/-/blob/f7cdeba9979dd248582901d2aaf7ab1f2d27cbe0/domain.go#L30
+MINIKUBE_BUILD_TAGS := libvirt_dlopen
+
MINIKUBE_INTEGRATION_BUILD_TAGS := integration $(MINIKUBE_BUILD_TAGS)
CMD_SOURCE_DIRS = cmd pkg deploy/addons translations
@@ -141,15 +158,12 @@ ADDON_FILES = $(shell find "deploy/addons" -type f | grep -v "\.go")
TRANSLATION_FILES = $(shell find "translations" -type f | grep -v "\.go")
ASSET_FILES = $(ADDON_FILES) $(TRANSLATION_FILES)
-# kvm2 ldflags
-KVM2_LDFLAGS := -X k8s.io/minikube/pkg/drivers/kvm.version=$(VERSION) -X k8s.io/minikube/pkg/drivers/kvm.gitCommitID=$(COMMIT)
-
-# hyperkit ldflags
-HYPERKIT_LDFLAGS := -X k8s.io/minikube/pkg/drivers/hyperkit.version=$(VERSION) -X k8s.io/minikube/pkg/drivers/hyperkit.gitCommitID=$(COMMIT)
-
# autopush artefacts
AUTOPUSH ?=
+# version file json
+VERSION_JSON := "{\"iso_version\": \"$(ISO_VERSION)\", \"kicbase_version\": \"$(KIC_VERSION)\", \"minikube_version\": \"$(VERSION)\", \"commit\": \"$(COMMIT_NOQUOTES)\"}"
+
# don't ask for user confirmation
IN_CI := false
@@ -163,7 +177,7 @@ endef
# $(call DOCKER, image, command)
define DOCKER
- docker run --rm -e GOCACHE=/app/.cache -e IN_DOCKER=1 --user $(shell id -u):$(shell id -g) -w /app -v $(PWD):/app -v $(GOPATH):/go --init $(1) /bin/bash -c '$(2)'
+ docker run --rm -e GOCACHE=/app/.cache -e GOPATH=/go -e GOMODCACHE=/app/.modcache -e IN_DOCKER=1 --user $(shell id -u):$(shell id -g) -w /app -v $(PWD):/app:Z -v $(GOPATH):/go:Z --init $(1) /bin/bash -c '$(2)'
endef
ifeq ($(BUILD_IN_DOCKER),y)
@@ -260,7 +274,7 @@ out/minikube-linux-armv6: $(SOURCE_FILES) $(ASSET_FILES)
$(Q)GOOS=linux GOARCH=arm GOARM=6 \
go build -tags "$(MINIKUBE_BUILD_TAGS)" -ldflags="$(MINIKUBE_LDFLAGS)" -a -o $@ k8s.io/minikube/cmd/minikube
-.PHONY: e2e-linux-amd64 e2e-linux-arm64 e2e-darwin-amd64 e2e-windows-amd64.exe
+.PHONY: e2e-linux-amd64 e2e-linux-arm64 e2e-darwin-amd64 e2e-darwin-arm64 e2e-windows-amd64.exe
e2e-linux-amd64: out/e2e-linux-amd64 ## build end2end binary for Linux x86 64bit
e2e-linux-arm64: out/e2e-linux-arm64 ## build end2end binary for Linux ARM 64bit
e2e-darwin-amd64: out/e2e-darwin-amd64 ## build end2end binary for Darwin x86 64bit
@@ -273,69 +287,67 @@ out/e2e-%: out/minikube-%
out/e2e-windows-amd64.exe: out/e2e-windows-amd64
cp $< $@
-minikube_iso: deploy/iso/minikube-iso/board/coreos/minikube/rootfs-overlay/usr/bin/auto-pause # build minikube iso
- echo $(ISO_VERSION) > deploy/iso/minikube-iso/board/coreos/minikube/rootfs-overlay/etc/VERSION
+minikube-iso-amd64: minikube-iso-x86_64
+minikube-iso-arm64: minikube-iso-aarch64
+
+minikube-iso-%: iso-prepare-% deploy/iso/minikube-iso/board/minikube/%/rootfs-overlay/usr/bin/auto-pause # build minikube iso
+ $(MAKE) -C $(BUILD_DIR)/buildroot $(BUILDROOT_OPTIONS) O=$(BUILD_DIR)/buildroot/output-$*
+ # x86_64 ISO is still BIOS rather than EFI because of AppArmor issues for KVM, and Gen 2 issues for Hyper-V
+ if [ "$*" = "aarch64" ]; then \
+ mv $(BUILD_DIR)/buildroot/output-aarch64/images/boot.iso $(BUILD_DIR)/minikube-arm64.iso; \
+ else \
+ mv $(BUILD_DIR)/buildroot/output-x86_64/images/rootfs.iso9660 $(BUILD_DIR)/minikube-amd64.iso; \
+ fi;
+
+.PHONY: iso-prepare-%
+iso-prepare-%: buildroot
+ echo $(VERSION_JSON) > deploy/iso/minikube-iso/board/minikube/$*/rootfs-overlay/version.json
+ echo $(ISO_VERSION) > deploy/iso/minikube-iso/board/minikube/$*/rootfs-overlay/etc/VERSION
+ cp deploy/iso/minikube-iso/arch/$*/Config.in.tmpl deploy/iso/minikube-iso/Config.in
+ $(MAKE) -C $(BUILD_DIR)/buildroot $(BUILDROOT_OPTIONS) O=$(BUILD_DIR)/buildroot/output-$* minikube_$*_defconfig
+
+.PHONY: buildroot
+buildroot:
if [ ! -d $(BUILD_DIR)/buildroot ]; then \
mkdir -p $(BUILD_DIR); \
git clone --depth=1 --branch=$(BUILDROOT_BRANCH) https://github.com/buildroot/buildroot $(BUILD_DIR)/buildroot; \
+ perl -pi -e 's@\s+source "package/sysdig/Config\.in"\n@@;' $(BUILD_DIR)/buildroot/package/Config.in; \
+ rm -r $(BUILD_DIR)/buildroot/package/sysdig; \
+ cp deploy/iso/minikube-iso/go.hash $(BUILD_DIR)/buildroot/package/go/go.hash; \
fi;
- $(MAKE) BR2_EXTERNAL=../../deploy/iso/minikube-iso minikube_defconfig -C $(BUILD_DIR)/buildroot
- mkdir -p $(BUILD_DIR)/buildroot/output/build
- echo "module buildroot.org/go" > $(BUILD_DIR)/buildroot/output/build/go.mod
- $(MAKE) -C $(BUILD_DIR)/buildroot host-python
- $(MAKE) -C $(BUILD_DIR)/buildroot
- mv $(BUILD_DIR)/buildroot/output/images/rootfs.iso9660 $(BUILD_DIR)/minikube.iso
# Change buildroot configuration for the minikube ISO
.PHONY: iso-menuconfig
-iso-menuconfig: ## Configure buildroot configuration
- $(MAKE) -C $(BUILD_DIR)/buildroot menuconfig
- $(MAKE) -C $(BUILD_DIR)/buildroot savedefconfig
+iso-menuconfig-%: iso-prepare-% ## Configure buildroot configuration
+ $(MAKE) -C $(BUILD_DIR)/buildroot $(BUILDROOT_OPTIONS) O=$(BUILD_DIR)/buildroot/output-$* menuconfig
+ $(MAKE) -C $(BUILD_DIR)/buildroot $(BUILDROOT_OPTIONS) O=$(BUILD_DIR)/buildroot/output-$* savedefconfig
# Change the kernel configuration for the minikube ISO
-.PHONY: linux-menuconfig
-linux-menuconfig: ## Configure Linux kernel configuration
- $(MAKE) -C $(BUILD_DIR)/buildroot/output/build/linux-$(KERNEL_VERSION)/ menuconfig
- $(MAKE) -C $(BUILD_DIR)/buildroot/output/build/linux-$(KERNEL_VERSION)/ savedefconfig
- cp $(BUILD_DIR)/buildroot/output/build/linux-$(KERNEL_VERSION)/defconfig deploy/iso/minikube-iso/board/coreos/minikube/linux_defconfig
+linux-menuconfig-%: iso-prepare-% ## Configure Linux kernel configuration
+ $(MAKE) -C $(BUILD_DIR)/buildroot $(BUILDROOT_OPTIONS) O=$(BUILD_DIR)/buildroot/output-$* linux-menuconfig
+ $(MAKE) -C $(BUILD_DIR)/buildroot $(BUILDROOT_OPTIONS) O=$(BUILD_DIR)/buildroot/output-$* linux-savedefconfig
+ $(MAKE) -C $(BUILD_DIR)/buildroot $(BUILDROOT_OPTIONS) O=$(BUILD_DIR)/buildroot/output-$* linux-update-defconfig
-out/minikube.iso: $(shell find "deploy/iso/minikube-iso" -type f)
+out/minikube-%.iso: $(shell find "deploy/iso/minikube-iso" -type f)
ifeq ($(IN_DOCKER),1)
- $(MAKE) minikube_iso
+ $(MAKE) minikube-iso-$*
else
- docker run --rm --workdir /mnt --volume $(CURDIR):/mnt $(ISO_DOCKER_EXTRA_ARGS) \
+ docker run --rm --workdir /mnt --volume $(CURDIR):/mnt:Z $(ISO_DOCKER_EXTRA_ARGS) \
--user $(shell id -u):$(shell id -g) --env HOME=/tmp --env IN_DOCKER=1 \
- $(ISO_BUILD_IMAGE) /usr/bin/make out/minikube.iso
+ $(ISO_BUILD_IMAGE) /bin/bash -lc '/usr/bin/make minikube-iso-$*'
endif
iso_in_docker:
- docker run -it --rm --workdir /mnt --volume $(CURDIR):/mnt $(ISO_DOCKER_EXTRA_ARGS) \
+ docker run -it --rm --workdir /mnt --volume $(CURDIR):/mnt:Z $(ISO_DOCKER_EXTRA_ARGS) \
--user $(shell id -u):$(shell id -g) --env HOME=/tmp --env IN_DOCKER=1 \
$(ISO_BUILD_IMAGE) /bin/bash
-test-iso:
- go test -v $(INTEGRATION_TESTS_TO_RUN) --tags=iso --minikube-start-args="--iso-url=file://$(shell pwd)/out/buildroot/output/images/rootfs.iso9660"
-
.PHONY: test-pkg
test-pkg/%: ## Trigger packaging test
go test -v -test.timeout=60m ./$* --tags="$(MINIKUBE_BUILD_TAGS)"
.PHONY: all
-all: cross drivers e2e-cross cross-tars exotic retro out/gvisor-addon ## Build all different minikube components
-
-.PHONY: drivers
-drivers: ## Build Hyperkit and KVM2 drivers
-drivers: docker-machine-driver-hyperkit \
- docker-machine-driver-kvm2 \
- out/docker-machine-driver-kvm2-amd64 \
- out/docker-machine-driver-kvm2-arm64
-
-
-.PHONY: docker-machine-driver-hyperkit
-docker-machine-driver-hyperkit: out/docker-machine-driver-hyperkit ## Build Hyperkit driver
-
-.PHONY: docker-machine-driver-kvm2
-docker-machine-driver-kvm2: out/docker-machine-driver-kvm2 ## Build KVM2 driver
+all: cross e2e-cross cross-tars exotic retro out/gvisor-addon ## Build all different minikube components
.PHONY: integration
integration: out/minikube$(IS_EXE) ## Trigger minikube integration test, logs to ./out/testout_COMMIT.txt
@@ -343,7 +355,7 @@ integration: out/minikube$(IS_EXE) ## Trigger minikube integration test, logs to
.PHONY: integration-none-driver
integration-none-driver: e2e-linux-$(GOARCH) out/minikube-linux-$(GOARCH) ## Trigger minikube none driver test, logs to ./out/testout_COMMIT.txt
- sudo -E out/e2e-linux-$(GOARCH) -testdata-dir "test/integration/testdata" -minikube-start-args="--driver=none" -test.v -test.timeout=60m -binary=out/minikube-linux-amd64 $(TEST_ARGS) 2>&1 | tee "./out/testout_$(COMMIT_SHORT).txt"
+ out/e2e-linux-$(GOARCH) -testdata-dir "test/integration/testdata" -minikube-start-args="--driver=none" -test.v -test.timeout=60m -binary=out/minikube-linux-amd64 $(TEST_ARGS) 2>&1 | tee "./out/testout_$(COMMIT_SHORT).txt"
.PHONY: integration-versioned
integration-versioned: out/minikube ## Trigger minikube integration testing, logs to ./out/testout_COMMIT.txt
@@ -359,6 +371,11 @@ integration-functional-only: out/minikube$(IS_EXE) ## Trigger only functioanl te
.PHONY: html_report
html_report: ## Generate HTML report out of the last ran integration test logs.
@go tool test2json -t < "./out/testout_$(COMMIT_SHORT).txt" > "./out/testout_$(COMMIT_SHORT).json"
+ # install gopogh if not already installed
+ @if ! command -v gopogh >/dev/null 2>&1; then \
+ echo "gopogh not found, installing..."; \
+ GOBIN=$(shell go env GOPATH)/bin go install github.com/medyagh/gopogh/cmd/gopogh@v0.29.0; \
+ fi
@gopogh -in "./out/testout_$(COMMIT_SHORT).json" -out ./out/testout_$(COMMIT_SHORT).html -name "$(shell git rev-parse --abbrev-ref HEAD)" -pr "" -repo github.com/kubernetes/minikube/ -details "${COMMIT_SHORT}"
@echo "-------------------------- Open HTML Report in Browser: ---------------------------"
ifeq ($(GOOS),windows)
@@ -391,7 +408,7 @@ out/unittest.json: $(SOURCE_FILES) $(GOTEST_FILES)
-coverprofile=out/coverage.out -json > out/unittest.json
out/coverage.out: out/unittest.json
-# Generate go test report (from gotest) as a a HTML page
+# Generate go test report (from gotest) as a HTML page
out/unittest.html: out/unittest.json
$(if $(quiet),@echo " REPORT $@")
$(Q)go-test-report < $< -o $@
@@ -401,7 +418,7 @@ out/coverage.html: out/coverage.out
$(if $(quiet),@echo " COVER $@")
$(Q)go tool cover -html=$< -o $@
-.PHONY: extract
+.PHONY: extract
extract: ## extract internationalization words for translations
go run cmd/extract/extract.go
@@ -424,15 +441,13 @@ darwin: minikube-darwin-amd64 ## Build minikube for Darwin 64bit
linux: minikube-linux-amd64 ## Build minikube for Linux 64bit
.PHONY: e2e-cross
-e2e-cross: e2e-linux-amd64 e2e-linux-arm64 e2e-darwin-amd64 e2e-windows-amd64.exe ## End-to-end cross test
+e2e-cross: e2e-linux-amd64 e2e-linux-arm64 e2e-darwin-amd64 e2e-darwin-arm64 e2e-windows-amd64.exe ## End-to-end cross test
.PHONY: checksum
checksum: ## Generate checksums
- for f in out/minikube.iso out/minikube-linux-amd64 out/minikube-linux-arm \
+ for f in out/minikube-amd64.iso out/minikube-arm64.iso out/minikube-linux-amd64 out/minikube-linux-arm \
out/minikube-linux-arm64 out/minikube-linux-ppc64le out/minikube-linux-s390x \
- out/minikube-darwin-amd64 out/minikube-windows-amd64.exe \
- out/docker-machine-driver-kvm2 out/docker-machine-driver-kvm2-amd64 out/docker-machine-driver-kvm2-arm64 \
- out/docker-machine-driver-hyperkit; do \
+ out/minikube-darwin-amd64 out/minikube-darwin-arm64 out/minikube-windows-amd64.exe; do \
if [ -f "$${f}" ]; then \
openssl sha256 "$${f}" | awk '{print $$2}' > "$${f}.sha256" ; \
fi ; \
@@ -445,6 +460,7 @@ clean: ## Clean build
rm -f pkg/minikube/translate/translations.go
rm -rf ./vendor
rm -rf /tmp/tmp.*.minikube_*
+ rm -rf test/integration/licenses
.PHONY: gendocs
gendocs: out/docs/minikube.md ## Generate documentation
@@ -488,13 +504,17 @@ out/linters/golangci-lint-$(GOLINT_VERSION):
.PHONY: lint
ifeq ($(MINIKUBE_BUILD_IN_DOCKER),y)
lint:
- docker run --rm -v $(pwd):/app -w /app golangci/golangci-lint:$(GOLINT_VERSION) \
- golangci-lint run ${GOLINT_OPTIONS} --skip-dirs "cmd/drivers/kvm|cmd/drivers/hyperkit|pkg/drivers/kvm|pkg/drivers/hyperkit" ./...
+ docker run --rm -v `pwd`:/app:Z -w /app golangci/golangci-lint:$(GOLINT_VERSION) \
+ ./out/linters/golangci-lint-$(GOLINT_VERSION) run ${GOLINT_OPTIONS} ./...
else
lint: out/linters/golangci-lint-$(GOLINT_VERSION) ## Run lint
./out/linters/golangci-lint-$(GOLINT_VERSION) run ${GOLINT_OPTIONS} ./...
endif
+.PHONY: lint-max
+lint-max: out/linters/golangci-lint-$(GOLINT_VERSION) ## Run lint
+ ./out/linters/golangci-lint-$(GOLINT_VERSION) run ${GOLINT_OPTIONS} --config .golangci.max.yaml ./...
+
# lint-ci is slower version of lint and is meant to be used in ci (travis) to avoid out of memory leaks.
.PHONY: lint-ci
lint-ci: out/linters/golangci-lint-$(GOLINT_VERSION) ## Run lint-ci
@@ -513,17 +533,15 @@ mdlint:
.PHONY: verify-iso
verify-iso: # Make sure the current ISO exists in the expected bucket
- gsutil stat gs://$(ISO_BUCKET)/minikube-$(ISO_VERSION).iso
+ gsutil stat gs://$(ISO_BUCKET)/minikube-$(ISO_VERSION)-amd64.iso
+ gsutil stat gs://$(ISO_BUCKET)/minikube-$(ISO_VERSION)-arm64.iso
out/docs/minikube.md: $(shell find "cmd") $(shell find "pkg/minikube/constants")
- go run -ldflags="$(MINIKUBE_LDFLAGS)" -tags gendocs hack/help_text/gen_help_text.go
+ cd hack && go run -ldflags="$(MINIKUBE_LDFLAGS)" -tags gendocs help_text/gen_help_text.go
.PHONY: debs ## Build all deb packages
debs: out/minikube_$(DEB_VERSION)-$(DEB_REVISION)_amd64.deb \
- out/minikube_$(DEB_VERSION)-$(DEB_REVISION)_arm64.deb \
- out/docker-machine-driver-kvm2_$(DEB_VERSION).deb \
- out/docker-machine-driver-kvm2_$(DEB_VERSION)-$(DEB_REVISION)_amd64.deb \
- out/docker-machine-driver-kvm2_$(DEB_VERSION)-$(DEB_REVISION)_arm64.deb
+ out/minikube_$(DEB_VERSION)-$(DEB_REVISION)_arm64.deb
.PHONY: deb_version
deb_version:
@@ -543,13 +561,13 @@ out/minikube_$(DEB_VERSION)-$(DEB_REVISION)_%.deb: out/minikube-linux-%
sed -E -i 's/--VERSION--/'$(DEB_VERSION)'/g' $(DEB_PACKAGING_DIRECTORY_$*)/DEBIAN/control
sed -E -i 's/--REVISION--/'$(DEB_REVISION)'/g' $(DEB_PACKAGING_DIRECTORY_$*)/DEBIAN/control
sed -E -i 's/--ARCH--/'$*'/g' $(DEB_PACKAGING_DIRECTORY_$*)/DEBIAN/control
-
+
if [ "$*" = "amd64" ]; then \
sed -E -i 's/--RECOMMENDS--/virtualbox/' $(DEB_PACKAGING_DIRECTORY_$*)/DEBIAN/control; \
else \
sed -E -i '/Recommends: --RECOMMENDS--/d' $(DEB_PACKAGING_DIRECTORY_$*)/DEBIAN/control; \
fi
-
+
mkdir -p $(DEB_PACKAGING_DIRECTORY_$*)/usr/bin
cp $< $(DEB_PACKAGING_DIRECTORY_$*)/usr/bin/minikube
fakeroot dpkg-deb --build $(DEB_PACKAGING_DIRECTORY_$*) $@
@@ -587,10 +605,10 @@ out/repodata/repomd.xml: out/minikube-$(RPM_VERSION).rpm
-u "$(MINIKUBE_RELEASES_URL)/$(VERSION)/" out
.SECONDEXPANSION:
-TAR_TARGETS_linux-amd64 := out/minikube-linux-amd64 out/docker-machine-driver-kvm2
-TAR_TARGETS_linux-arm64 := out/minikube-linux-arm64 #out/docker-machine-driver-kvm2
-TAR_TARGETS_darwin-amd64 := out/minikube-darwin-amd64 out/docker-machine-driver-hyperkit
-TAR_TARGETS_darwin-arm64 := out/minikube-darwin-arm64 #out/docker-machine-driver-hyperkit
+TAR_TARGETS_linux-amd64 := out/minikube-linux-amd64
+TAR_TARGETS_linux-arm64 := out/minikube-linux-arm64
+TAR_TARGETS_darwin-amd64 := out/minikube-darwin-amd64
+TAR_TARGETS_darwin-arm64 := out/minikube-darwin-arm64
TAR_TARGETS_windows-amd64 := out/minikube-windows-amd64.exe
out/minikube-%.tar.gz: $$(TAR_TARGETS_$$*)
$(if $(quiet),@echo " TAR $@")
@@ -614,35 +632,6 @@ out/minikube-installer.exe: out/minikube-windows-amd64.exe
mv out/windows_tmp/minikube-installer.exe out/minikube-installer.exe
rm -rf out/windows_tmp
-out/docker-machine-driver-hyperkit:
-ifeq ($(MINIKUBE_BUILD_IN_DOCKER),y)
- docker run --rm -e GOCACHE=/app/.cache -e IN_DOCKER=1 \
- --user $(shell id -u):$(shell id -g) -w /app \
- -v $(PWD):/app -v $(GOPATH):/go --init --entrypoint "" \
- $(HYPERKIT_BUILD_IMAGE) /bin/bash -c 'CC=o64-clang CXX=o64-clang++ /usr/bin/make $@'
-else
- $(if $(quiet),@echo " GO $@")
- $(Q)GOOS=darwin CGO_ENABLED=1 go build \
- -ldflags="$(HYPERKIT_LDFLAGS)" \
- -o $@ k8s.io/minikube/cmd/drivers/hyperkit
-endif
-
-hyperkit_in_docker:
- rm -f out/docker-machine-driver-hyperkit
- $(MAKE) MINIKUBE_BUILD_IN_DOCKER=y out/docker-machine-driver-hyperkit
-
-.PHONY: install-hyperkit-driver
-install-hyperkit-driver: out/docker-machine-driver-hyperkit ## Install hyperkit to local machine
- mkdir -p $(HOME)/bin
- sudo cp out/docker-machine-driver-hyperkit $(HOME)/bin/docker-machine-driver-hyperkit
- sudo chown root:wheel $(HOME)/bin/docker-machine-driver-hyperkit
- sudo chmod u+s $(HOME)/bin/docker-machine-driver-hyperkit
-
-.PHONY: release-hyperkit-driver
-release-hyperkit-driver: install-hyperkit-driver checksum ## Copy hyperkit using gsutil
- gsutil cp $(GOBIN)/docker-machine-driver-hyperkit gs://minikube/drivers/hyperkit/$(VERSION)/
- gsutil cp $(GOBIN)/docker-machine-driver-hyperkit.sha256 gs://minikube/drivers/hyperkit/$(VERSION)/
-
.PHONY: check-release
check-release: ## Execute go test
go test -timeout 42m -v ./deploy/minikube/release_sanity_test.go
@@ -673,41 +662,39 @@ storage-provisioner-image-%: out/storage-provisioner-%
docker build -t $(REGISTRY)/storage-provisioner-$*:$(STORAGE_PROVISIONER_TAG) -f deploy/storage-provisioner/Dockerfile --build-arg arch=$* .
-X_DOCKER_BUILDER ?= minikube-builder
-X_BUILD_ENV ?= DOCKER_CLI_EXPERIMENTAL=enabled
+.PHONY: docker-multi-arch-build
+docker-multi-arch-build:
+ # installs QEMU static binaries to allow docker multi-arch build, see: https://github.com/docker/setup-qemu-action
+ docker run --rm --privileged tonistiigi/binfmt:latest --install all
-.PHONY: docker-multi-arch-builder
-docker-multi-arch-builder:
- env $(X_BUILD_ENV) docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- env $(X_BUILD_ENV) docker buildx rm --builder $(X_DOCKER_BUILDER) || true
- env $(X_BUILD_ENV) docker buildx create --name $(X_DOCKER_BUILDER) --buildkitd-flags '--debug' || true
-
-KICBASE_ARCH = linux/arm64,linux/amd64
+KICBASE_ARCH ?= linux/amd64,linux/arm64,linux/s390x,linux/arm,linux/ppc64le
KICBASE_IMAGE_GCR ?= $(REGISTRY)/kicbase:$(KIC_VERSION)
KICBASE_IMAGE_HUB ?= kicbase/stable:$(KIC_VERSION)
KICBASE_IMAGE_REGISTRIES ?= $(KICBASE_IMAGE_GCR) $(KICBASE_IMAGE_HUB)
+.PHONY: build-and-upload-cri-dockerd-binaries
+build-and-upload-cri-dockerd-binaries:
+ (cd hack/update/cri_dockerd_version && \
+ ./build_and_upload_cri_dockerd_binaries.sh $(KICBASE_ARCH))
+
.PHONY: local-kicbase
local-kicbase: ## Builds the kicbase image and tags it local/kicbase:latest and local/kicbase:$(KIC_VERSION)-$(COMMIT_SHORT)
- docker build -f ./deploy/kicbase/Dockerfile -t local/kicbase:$(KIC_VERSION) --build-arg COMMIT_SHA=${VERSION}-$(COMMIT) --cache-from $(KICBASE_IMAGE_GCR) .
+ touch deploy/kicbase/CHANGELOG
+ docker build -f ./deploy/kicbase/Dockerfile -t local/kicbase:$(KIC_VERSION) --build-arg VERSION_JSON=$(VERSION_JSON) --build-arg COMMIT_SHA=${VERSION}-$(COMMIT_NOQUOTES) --cache-from $(KICBASE_IMAGE_GCR) .
docker tag local/kicbase:$(KIC_VERSION) local/kicbase:latest
docker tag local/kicbase:$(KIC_VERSION) local/kicbase:$(KIC_VERSION)-$(COMMIT_SHORT)
-SED = sed -i
-ifeq ($(GOOS),darwin)
- SED = sed -i ''
-endif
.PHONY: local-kicbase-debug
local-kicbase-debug: local-kicbase ## Builds a local kicbase image and switches source code to point to it
$(SED) 's|Version = .*|Version = \"$(KIC_VERSION)-$(COMMIT_SHORT)\"|;s|baseImageSHA = .*|baseImageSHA = \"\"|;s|gcrRepo = .*|gcrRepo = \"local/kicbase\"|;s|dockerhubRepo = .*|dockerhubRepo = \"local/kicbase\"|' pkg/drivers/kic/types.go
.PHONY: build-kic-base-image
-build-kic-base-image: docker-multi-arch-builder ## Build multi-arch local/kicbase:latest
- env $(X_BUILD_ENV) docker buildx build -f ./deploy/kicbase/Dockerfile --builder $(X_DOCKER_BUILDER) --platform $(KICBASE_ARCH) $(addprefix -t ,$(KICBASE_IMAGE_REGISTRIES)) --load --build-arg COMMIT_SHA=${VERSION}-$(COMMIT) .
+build-kic-base-image: docker-multi-arch-build ## Build multi-arch local/kicbase:latest
+ docker buildx build -f ./deploy/kicbase/Dockerfile --platform $(KICBASE_ARCH) $(addprefix -t ,$(KICBASE_IMAGE_REGISTRIES)) --build-arg VERSION_JSON=$(VERSION_JSON) --build-arg COMMIT_SHA=${VERSION}-$(COMMIT_NOQUOTES) .
-.PHONY: push-kic-base-image
-push-kic-base-image: docker-multi-arch-builder ## Push multi-arch local/kicbase:latest to all remote registries
+.PHONY: push-kic-base-image
+push-kic-base-image: docker-multi-arch-build ## Push multi-arch local/kicbase:latest to all remote registries
ifdef AUTOPUSH
docker login gcr.io/k8s-minikube
docker login docker.pkg.github.com
@@ -718,18 +705,28 @@ endif
ifndef CIBUILD
$(call user_confirm, 'Are you sure you want to push $(KICBASE_IMAGE_REGISTRIES) ?')
endif
- env $(X_BUILD_ENV) docker buildx build -f ./deploy/kicbase/Dockerfile --builder $(X_DOCKER_BUILDER) --platform $(KICBASE_ARCH) $(addprefix -t ,$(KICBASE_IMAGE_REGISTRIES)) --push --build-arg COMMIT_SHA=${VERSION}-$(COMMIT) .
+ ./deploy/kicbase/build_auto_pause.sh $(KICBASE_ARCH)
+ docker buildx build -f ./deploy/kicbase/Dockerfile --platform $(KICBASE_ARCH) $(addprefix -t ,$(KICBASE_IMAGE_REGISTRIES)) --push --build-arg VERSION_JSON=$(VERSION_JSON) --build-arg COMMIT_SHA=${VERSION}-$(COMMIT_NOQUOTES) --build-arg PREBUILT_AUTO_PAUSE=true .
-out/preload-tool:
- go build -ldflags="$(MINIKUBE_LDFLAGS)" -o $@ ./hack/preload-images/*.go
+# preload scripts been moved to https://github.com/kubernetes-sigs/minikube-preloads/tree/main/cmd/preload-generator
+# in order to be able to publish them as github assets
+PRELOAD_GENERATOR_REPO ?= https://github.com/kubernetes-sigs/minikube-preloads.git
+PRELOAD_GENERATOR_DIR := $(BUILD_DIR)/preload-generator-src
+
+$(PRELOAD_GENERATOR_DIR):
+ rm -rf $(PRELOAD_GENERATOR_DIR)
+ git clone --depth=1 --branch main $(PRELOAD_GENERATOR_REPO) $(PRELOAD_GENERATOR_DIR)
+
+out/preload-generator: $(PRELOAD_GENERATOR_DIR)
+ cd $(PRELOAD_GENERATOR_DIR) && GOWORK=off GOBIN=$(BUILD_DIR) go install -ldflags="$(MINIKUBE_LDFLAGS)" ./cmd/preload-generator
.PHONY: upload-preloaded-images-tar
-upload-preloaded-images-tar: out/minikube out/preload-tool ## Upload the preloaded images for oldest supported, newest supported, and default kubernetes versions to GCS.
- out/preload-tool
+upload-preloaded-images-tar: out/minikube out/preload-generator ## Upload the preloaded images for oldest supported, newest supported, and default kubernetes versions to GCS.
+ out/preload-generator
.PHONY: generate-preloaded-images-tar
-generate-preloaded-images-tar: out/minikube out/preload-tool ## Generates the preloaded images for oldest supported, newest supported, and default kubernetes versions
- out/preload-tool --no-upload
+generate-preloaded-images-tar: out/minikube out/preload-generator ## Generates the preloaded images for oldest supported, newest supported, and default kubernetes versions
+ out/preload-generator --no-upload
ALL_ARCH = amd64 arm arm64 ppc64le s390x
IMAGE = $(REGISTRY)/storage-provisioner
@@ -741,9 +738,9 @@ ifndef CIBUILD
docker login gcr.io/k8s-minikube
endif
set -x; for arch in $(ALL_ARCH); do docker push ${IMAGE}-$${arch}:${TAG}; done
- $(X_BUILD_ENV) docker manifest create --amend $(IMAGE):$(TAG) $(shell echo $(ALL_ARCH) | sed -e "s~[^ ]*~$(IMAGE)\-&:$(TAG)~g")
- set -x; for arch in $(ALL_ARCH); do $(X_BUILD_ENV) docker manifest annotate --arch $${arch} ${IMAGE}:${TAG} ${IMAGE}-$${arch}:${TAG}; done
- $(X_BUILD_ENV) docker manifest push $(STORAGE_PROVISIONER_MANIFEST)
+ docker manifest create --amend $(IMAGE):$(TAG) $(shell echo $(ALL_ARCH) | sed -e "s~[^ ]*~$(IMAGE)\-&:$(TAG)~g")
+ set -x; for arch in $(ALL_ARCH); do docker manifest annotate --arch $${arch} ${IMAGE}:${TAG} ${IMAGE}-$${arch}:${TAG}; done
+ docker manifest push $(STORAGE_PROVISIONER_MANIFEST)
.PHONY: push-docker
push-docker: # Push docker image base on to IMAGE variable (used internally by other targets)
@@ -756,21 +753,25 @@ endif
.PHONY: out/gvisor-addon
out/gvisor-addon: ## Build gvisor addon
$(if $(quiet),@echo " GO $@")
- $(Q)GOOS=linux CGO_ENABLED=0 go build -o $@ cmd/gvisor/gvisor.go
+ $(Q)GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o $@ cmd/gvisor/gvisor.go
.PHONY: gvisor-addon-image
-gvisor-addon-image: out/gvisor-addon ## Build docker image for gvisor
+gvisor-addon-image:
docker build -t $(REGISTRY)/gvisor-addon:$(GVISOR_TAG) -f deploy/gvisor/Dockerfile .
.PHONY: push-gvisor-addon-image
-push-gvisor-addon-image: gvisor-addon-image
+push-gvisor-addon-image: docker-multi-arch-build
docker login gcr.io/k8s-minikube
- $(MAKE) push-docker IMAGE=$(REGISTRY)/gvisor-addon:$(GVISOR_TAG)
+ docker buildx create --name multiarch --bootstrap
+ docker buildx build --push --builder multiarch --platform linux/amd64,linux/arm64 -t $(REGISTRY)/gvisor-addon:$(GVISOR_TAG) -t $(REGISTRY)/gvisor-addon:latest -f deploy/gvisor/Dockerfile .
+ docker buildx rm multiarch
.PHONY: release-iso
-release-iso: minikube_iso checksum ## Build and release .iso file
- gsutil cp out/minikube.iso gs://$(ISO_BUCKET)/minikube-$(ISO_VERSION).iso
- gsutil cp out/minikube.iso.sha256 gs://$(ISO_BUCKET)/minikube-$(ISO_VERSION).iso.sha256
+release-iso: minikube-iso-aarch64 minikube-iso-x86_64 checksum ## Build and release .iso files
+ gsutil cp out/minikube-amd64.iso gs://$(ISO_BUCKET)/minikube-$(ISO_VERSION)-amd64.iso
+ gsutil cp out/minikube-amd64.iso.sha256 gs://$(ISO_BUCKET)/minikube-$(ISO_VERSION)-amd64.iso.sha256
+ gsutil cp out/minikube-arm64.iso gs://$(ISO_BUCKET)/minikube-$(ISO_VERSION)-arm64.iso
+ gsutil cp out/minikube-arm64.iso.sha256 gs://$(ISO_BUCKET)/minikube-$(ISO_VERSION)-arm64.iso.sha256
.PHONY: release-minikube
release-minikube: out/minikube checksum ## Minikube release
@@ -785,115 +786,19 @@ release-notes:
update-leaderboard:
hack/update_contributions.sh
-out/docker-machine-driver-kvm2: out/docker-machine-driver-kvm2-amd64
- $(if $(quiet),@echo " CP $@")
- $(Q)cp $< $@
-
-out/docker-machine-driver-kvm2-x86_64: out/docker-machine-driver-kvm2-amd64
- $(if $(quiet),@echo " CP $@")
- $(Q)cp $< $@
-
-out/docker-machine-driver-kvm2-aarch64: out/docker-machine-driver-kvm2-arm64
- $(if $(quiet),@echo " CP $@")
- $(Q)cp $< $@
-
-
-out/docker-machine-driver-kvm2_$(DEB_VERSION).deb: out/docker-machine-driver-kvm2_$(DEB_VERSION)-0_amd64.deb
- cp $< $@
-
-out/docker-machine-driver-kvm2_$(DEB_VERSION)-0_%.deb: out/docker-machine-driver-kvm2-%
- cp -r installers/linux/deb/kvm2_deb_template out/docker-machine-driver-kvm2_$(DEB_VERSION)
- chmod 0755 out/docker-machine-driver-kvm2_$(DEB_VERSION)/DEBIAN
- sed -E -i -e 's/--VERSION--/$(DEB_VERSION)/g' out/docker-machine-driver-kvm2_$(DEB_VERSION)/DEBIAN/control
- sed -E -i -e 's/--ARCH--/'$*'/g' out/docker-machine-driver-kvm2_$(DEB_VERSION)/DEBIAN/control
- mkdir -p out/docker-machine-driver-kvm2_$(DEB_VERSION)/usr/bin
- cp $< out/docker-machine-driver-kvm2_$(DEB_VERSION)/usr/bin/docker-machine-driver-kvm2
- fakeroot dpkg-deb --build out/docker-machine-driver-kvm2_$(DEB_VERSION) $@
- rm -rf out/docker-machine-driver-kvm2_$(DEB_VERSION)
-
-out/docker-machine-driver-kvm2-$(RPM_VERSION).rpm: out/docker-machine-driver-kvm2-$(RPM_VERSION)-0.x86_64.rpm
- cp $< $@
-
-out/docker-machine-driver-kvm2_$(RPM_VERSION).amd64.rpm: out/docker-machine-driver-kvm2-$(RPM_VERSION)-0.x86_64.rpm
- cp $< $@
-
-out/docker-machine-driver-kvm2_$(RPM_VERSION).arm64.rpm: out/docker-machine-driver-kvm2-$(RPM_VERSION)-0.aarch64.rpm
- cp $< $@
-
-out/docker-machine-driver-kvm2-$(RPM_VERSION)-0.%.rpm: out/docker-machine-driver-kvm2-%
- cp -r installers/linux/rpm/kvm2_rpm_template out/docker-machine-driver-kvm2-$(RPM_VERSION)
- sed -E -i -e 's/--VERSION--/'$(RPM_VERSION)'/g' out/docker-machine-driver-kvm2-$(RPM_VERSION)/docker-machine-driver-kvm2.spec
- sed -E -i -e 's|--OUT--|'$(PWD)/out'|g' out/docker-machine-driver-kvm2-$(RPM_VERSION)/docker-machine-driver-kvm2.spec
- rpmbuild -bb -D "_rpmdir $(PWD)/out" --target $* \
- out/docker-machine-driver-kvm2-$(RPM_VERSION)/docker-machine-driver-kvm2.spec
- @mv out/$*/docker-machine-driver-kvm2-$(RPM_VERSION)-0.$*.rpm out/ && rmdir out/$*
- rm -rf out/docker-machine-driver-kvm2-$(RPM_VERSION)
-
-.PHONY: kvm-image-amd64
-kvm-image-amd64: installers/linux/kvm/Dockerfile.amd64 ## Convenient alias to build the docker container
- docker build --build-arg "GO_VERSION=$(KVM_GO_VERSION)" -t $(KVM_BUILD_IMAGE_AMD64) -f $< $(dir $<)
- @echo ""
- @echo "$(@) successfully built"
-
-.PHONY: kvm-image-arm64
-kvm-image-arm64: installers/linux/kvm/Dockerfile.arm64 ## Convenient alias to build the docker container
- docker build --build-arg "GO_VERSION=$(KVM_GO_VERSION)" -t $(KVM_BUILD_IMAGE_ARM64) -f $< $(dir $<)
- @echo ""
- @echo "$(@) successfully built"
-
-kvm_in_docker:
- docker image inspect -f '{{.Id}} {{.RepoTags}}' $(KVM_BUILD_IMAGE_AMD64) || $(MAKE) kvm-image-amd64
- rm -f out/docker-machine-driver-kvm2
- $(call DOCKER,$(KVM_BUILD_IMAGE_AMD64),/usr/bin/make out/docker-machine-driver-kvm2 COMMIT=$(COMMIT))
-
-.PHONY: install-kvm-driver
-install-kvm-driver: out/docker-machine-driver-kvm2 ## Install KVM Driver
- mkdir -p $(GOBIN)
- cp out/docker-machine-driver-kvm2 $(GOBIN)/docker-machine-driver-kvm2
-
-
-out/docker-machine-driver-kvm2-arm64:
-ifeq ($(MINIKUBE_BUILD_IN_DOCKER),y)
- docker image inspect -f '{{.Id}} {{.RepoTags}}' $(KVM_BUILD_IMAGE_ARM64) || $(MAKE) kvm-image-arm64
- $(call DOCKER,$(KVM_BUILD_IMAGE_ARM64),/usr/bin/make $@ COMMIT=$(COMMIT))
-else
- $(if $(quiet),@echo " GO $@")
- $(Q)GOARCH=arm64 \
- go build \
- -installsuffix "static" \
- -ldflags="$(KVM2_LDFLAGS)" \
- -tags "libvirt.1.3.1 without_lxc" \
- -o $@ \
- k8s.io/minikube/cmd/drivers/kvm
-endif
- chmod +X $@
-
-out/docker-machine-driver-kvm2-%:
-ifeq ($(MINIKUBE_BUILD_IN_DOCKER),y)
- docker image inspect -f '{{.Id}} {{.RepoTags}}' $(KVM_BUILD_IMAGE_AMD64) || $(MAKE) kvm-image-amd64
- $(call DOCKER,$(KVM_BUILD_IMAGE_AMD64),/usr/bin/make $@ COMMIT=$(COMMIT))
- # make extra sure that we are linking with the older version of libvirt (1.3.1)
- test "`strings $@ | grep '^LIBVIRT_[0-9]' | sort | tail -n 1`" = "LIBVIRT_1.2.9"
-else
- $(if $(quiet),@echo " GO $@")
- $(Q)GOARCH=$* \
- go build \
- -installsuffix "static" \
- -ldflags="$(KVM2_LDFLAGS)" \
- -tags "libvirt.1.3.1 without_lxc" \
- -o $@ \
- k8s.io/minikube/cmd/drivers/kvm
-endif
- chmod +X $@
+.PHONY: update-yearly-leaderboard
+update-yearly-leaderboard:
+ hack/yearly-leaderboard.sh
+site/themes/docsy/assets/vendor/bootstrap/package.js: ## update the website docsy theme git submodule
+ git submodule update -f --init
-site/themes/docsy/assets/vendor/bootstrap/package.js: ## update the website docsy theme git submodule
- git submodule update -f --init --recursive
-
+.PHONY: out/hugo/hugo
out/hugo/hugo:
mkdir -p out
+ (cd site/themes/docsy && npm install)
test -d out/hugo || git clone https://github.com/gohugoio/hugo.git out/hugo
- (cd out/hugo && go build --tags extended)
+ (cd out/hugo && git fetch origin && git checkout $(HUGO_VERSION) && go build --tags extended)
.PHONY: site
site: site/themes/docsy/assets/vendor/bootstrap/package.js out/hugo/hugo ## Serve the documentation site to localhost
@@ -909,8 +814,9 @@ out/mkcmp:
# auto pause binary to be used for ISO
-deploy/iso/minikube-iso/board/coreos/minikube/rootfs-overlay/usr/bin/auto-pause: $(SOURCE_FILES) $(ASSET_FILES)
- GOOS=linux GOARCH=$(GOARCH) go build -o $@ cmd/auto-pause/auto-pause.go
+deploy/iso/minikube-iso/board/minikube/%/rootfs-overlay/usr/bin/auto-pause: $(SOURCE_FILES) $(ASSET_FILES)
+ @if [ "$*" != "x86_64" ] && [ "$*" != "aarch64" ]; then echo "Please enter a valid architecture. Choices are x86_64 and aarch64."; exit 1; fi
+ GOOS=linux GOARCH=$(subst x86_64,amd64,$(subst aarch64,arm64,$*)) go build -o $@ cmd/auto-pause/auto-pause.go
.PHONY: deploy/addons/auto-pause/auto-pause-hook
@@ -923,18 +829,11 @@ auto-pause-hook-image: deploy/addons/auto-pause/auto-pause-hook ## Build docker
docker build -t $(REGISTRY)/auto-pause-hook:$(AUTOPAUSE_HOOK_TAG) ./deploy/addons/auto-pause
.PHONY: push-auto-pause-hook-image
-push-auto-pause-hook-image: auto-pause-hook-image
- docker login gcr.io/k8s-minikube
- $(MAKE) push-docker IMAGE=$(REGISTRY)/auto-pause-hook:$(AUTOPAUSE_HOOK_TAG)
-
-.PHONY: prow-test-image
-prow-test-image:
- docker build --build-arg "GO_VERSION=$(GO_VERSION)" -t $(REGISTRY)/prow-test:$(PROW_TEST_TAG) ./deploy/prow
-
-.PHONY: push-prow-test-image
-push-prow-test-image: prow-test-image
+push-auto-pause-hook-image: docker-multi-arch-build
docker login gcr.io/k8s-minikube
- $(MAKE) push-docker IMAGE=$(REGISTRY)/prow-test:$(PROW_TEST_TAG)
+ docker buildx create --name multiarch --bootstrap
+ docker buildx build --push --builder multiarch --platform $(KICBASE_ARCH) -t $(REGISTRY)/auto-pause-hook:$(AUTOPAUSE_HOOK_TAG) -f ./deploy/addons/auto-pause/Dockerfile .
+ docker buildx rm multiarch
.PHONY: out/performance-bot
out/performance-bot:
@@ -942,7 +841,7 @@ out/performance-bot:
.PHONY: out/metrics-collector
out/metrics-collector:
- GOOS=$(GOOS) GOARCH=$(GOARCH) go build -o $@ hack/metrics/*.go
+ cd hack && GOOS=$(GOOS) GOARCH=$(GOARCH) go build -o ../$@ metrics/*.go
.PHONY: compare
@@ -953,7 +852,18 @@ compare: out/mkcmp out/minikube
mv out/minikube out/master.minikube
git checkout $(CURRENT_GIT_BRANCH)
out/mkcmp out/master.minikube out/$(CURRENT_GIT_BRANCH).minikube
-
+
+
+.PHONY: generate-licenses
+generate-licenses:
+ ./hack/generate_licenses.sh
+
+.PHONY: gomodtidy
+gomodtidy: ## run go mod tidy everywhere needed
+ go mod tidy
+ cd hack && go mod tidy
+ cd hack/prow/minitest && env -u GOTOOLCHAIN go mod tidy
+
.PHONY: help
help:
@@ -962,28 +872,6 @@ help:
@grep -h -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
-
-.PHONY: update-golang-version
-update-golang-version:
- (cd hack/update/golang_version && \
- go run update_golang_version.go)
-
-.PHONY: update-kubernetes-version
-update-kubernetes-version:
- (cd hack/update/kubernetes_version && \
- go run update_kubernetes_version.go)
-
-.PHONY: update-kubernetes-version-pr
-update-kubernetes-version-pr:
-ifndef GITHUB_TOKEN
- @echo "⚠️ please set GITHUB_TOKEN environment variable with your GitHub token"
- @echo "you can use https://github.com/settings/tokens/new?scopes=repo,write:packages to create new one"
-else
- (cd hack/update/kubernetes_version && \
- export UPDATE_TARGET="all" && \
- go run update_kubernetes_version.go)
-endif
-
.PHONY: stress
stress: ## run the stress tests
go test -test.v -test.timeout=2h ./test/stress -loops=10 | tee "./out/testout_$(COMMIT_SHORT).txt"
@@ -1000,7 +888,211 @@ cpu-benchmark-autopause: ## run the cpu usage auto-pause benchmark
time-to-k8s-benchmark:
./hack/benchmark/time-to-k8s/time-to-k8s.sh
+.PHONY: update-golang-version
+update-golang-version:
+ cd hack && go run update/golang_version/golang_version.go
+ make gomodtidy
+.PHONY: update-kubernetes-version
+update-kubernetes-version:
+ @(cd hack && go run update/kubernetes_version/kubernetes_version.go)
+
+.PHONY: update-golint-version
+update-golint-version:
+ cd hack && go run update/golint_version/golint_version.go
+
+.PHONY: update-preload-version
+update-preload-version:
+ cd hack && go run update/preload_version/preload_version.go
+
+.PHONY: update-kubeadm-constants
+update-kubeadm-constants:
+ cd hack && go run update/kubeadm_constants/kubeadm_constants.go
+ gofmt -w pkg/minikube/constants/constants_kubeadm_images.go
.PHONY: update-gopogh-version
update-gopogh-version: ## update gopogh version
- (cd hack/update/gopogh_version && \
- go run update_gopogh_version.go)
+ cd hack && go run update/gopogh_version/gopogh_version.go
+
+.PHONY: update-gotestsum-version
+update-gotestsum-version:
+ cd hack && go run update/gotestsum_version/gotestsum_version.go
+
+.PHONY: update-gh-version
+update-gh-version:
+ cd hack && go run update/gh_version/gh_version.go
+
+.PHONY: update-docsy-version
+update-docsy-version:
+ cd hack && go run update/docsy_version/docsy_version.go
+
+.PHONY: update-hugo-version
+update-hugo-version:
+ cd hack && go run update/hugo_version/hugo_version.go
+
+.PHONY: update-cloud-spanner-emulator-version
+update-cloud-spanner-emulator-version:
+ cd hack && go run update/cloud_spanner_emulator_version/cloud_spanner_emulator_version.go
+
+.PHONY: update-containerd-version
+update-containerd-version:
+ cd hack && go run update/containerd_version/containerd_version.go
+
+.PHONY: update-buildkit-version
+update-buildkit-version:
+ cd hack && go run update/buildkit_version/buildkit_version.go
+
+.PHONY: update-cri-o-version
+update-cri-o-version:
+ cd hack && go run update/cri_o_version/cri_o_version.go
+
+.PHONY: update-crun-version
+update-crun-version:
+ cd hack && go run update/crun_version/crun_version.go
+
+.PHONY: update-metrics-server-version
+update-metrics-server-version:
+ cd hack && go run update/metrics_server_version/metrics_server_version.go
+
+.PHONY: update-runc-version
+update-runc-version:
+ cd hack && go run update/runc_version/runc_version.go
+
+.PHONY: update-docker-version
+update-docker-version:
+ cd hack && go run update/docker_version/docker_version.go
+
+.PHONY: update-debian-version
+update-debian-version:
+ cd hack && go run update/debian_version/debian_version.go
+
+.PHONY: update-cni-plugins-version
+update-cni-plugins-version:
+ cd hack && go run update/cni_plugins_version/cni_plugins_version.go
+
+.PHONY: update-gcp-auth-version
+update-gcp-auth-version:
+ cd hack && go run update/gcp_auth_version/gcp_auth_version.go
+
+.PHONY: update-kubernetes-versions-list
+update-kubernetes-versions-list:
+ cd hack && go run update/kubernetes_versions_list/kubernetes_versions_list.go
+
+.PHONY: update-ingress-version
+update-ingress-version:
+ cd hack && go run update/ingress_version/ingress_version.go
+
+.PHONY: update-flannel-version
+update-flannel-version:
+ cd hack && go run update/flannel_version/flannel_version.go
+
+.PHONY: update-inspektor-gadget-version
+update-inspektor-gadget-version:
+ cd hack && go run update/inspektor_gadget_version/inspektor_gadget_version.go
+
+.PHONY: update-calico-version
+update-calico-version:
+ cd hack && go run update/calico_version/calico_version.go
+
+.PHONY: update-cri-dockerd-version
+update-cri-dockerd-version:
+ cd hack && go run update/cri_dockerd_version/cri_dockerd_version.go
+
+.PHONY: update-go-github-version
+update-go-github-version:
+ cd hack && go run update/go_github_version/go_github_version.go
+
+.PHONY: update-docker-buildx-version
+update-docker-buildx-version:
+ cd hack && go run update/docker_buildx_version/docker_buildx_version.go
+
+.PHONY: update-nerdctl-version
+update-nerdctl-version:
+ cd hack && go run update/nerdctl_version/nerdctl_version.go
+
+.PHONY: update-crictl-version
+update-crictl-version:
+ cd hack && go run update/crictl_version/crictl_version.go
+
+.PHONY: update-kindnetd-version
+update-kindnetd-version:
+ cd hack && go run update/kindnetd_version/kindnetd_version.go
+
+.PHONY: update-istio-operator-version
+update-istio-operator-version:
+ cd hack && go run update/istio_operator_version/istio_operator_version.go
+
+.PHONY: update-registry-version
+update-registry-version:
+ cd hack && go run update/registry_version/registry_version.go
+
+.PHONY: update-volcano-version
+update-volcano-version:
+ cd hack && go run update/volcano_version/volcano_version.go
+
+.PHONY: update-kong-version
+update-kong-version:
+ cd hack && go run update/kong_version/kong_version.go
+
+.PHONY: update-kong-ingress-controller-version
+update-kong-ingress-controller-version:
+ cd hack && go run update/kong_ingress_controller_version/kong_ingress_controller_version.go
+
+.PHONY: update-nvidia-device-plugin-version
+update-nvidia-device-plugin-version:
+ cd hack && go run update/nvidia_device_plugin_version/nvidia_device_plugin_version.go
+
+# for amd gpu
+.PHONY: update-amd-device-plugin-version
+update-amd-device-plugin-version:
+ cd hack && go run update/amd_device_gpu_plugin_version/amd_device_gpu_plugin_version.go
+
+.PHONY: update-nerdctld-version
+update-nerdctld-version:
+ cd hack && go run update/nerdctld_version/nerdctld_version.go
+
+## used by kubevirt addon, disabled until we find a replacement for bitnami/kubectl image
+# .PHONY: update-kubectl-version
+# update-kubectl-version:
+# cd hack && go run update/kubectl_version/kubectl_version.go
+
+.PHONY: update-site-node-version
+update-site-node-version:
+ cd hack && go run update/site_node_version/site_node_version.go
+
+.PHONY: update-cilium-version
+update-cilium-version:
+ cd hack && go run update/cilium_version/cilium_version.go
+
+.PHONY: update-yakd-version
+update-yakd-version:
+ cd hack && go run update/yakd_version/yakd_version.go
+
+.PHONY: update-kube-registry-proxy-version
+update-kube-registry-proxy-version:
+ cd hack && go run update/kube_registry_proxy_version/kube_registry_proxy_version.go
+
+.PHONY: update-headlamp-version
+update-headlamp-version:
+ cd hack && go run update/headlamp_version/headlamp_version.go
+
+.PHONY: update-kube-vip-version
+update-kube-vip-version:
+ cd hack && go run update/kube_vip_version/kube_vip_version.go
+
+.PHONY: update-portainer-version
+update-portainer-version:
+ cd hack && go run update/portainer_version/update_portainer_version.go
+
+# used by update- Targets to get before/after versions of tools it updates
+# example usage echo "OLD_VERSION=$(DEP=node make get-dependency-version)" >> "$GITHUB_OUTPUT"
+.PHONY: get-dependency-verison
+get-dependency-version:
+ @(cd hack && go run update/get_version/get_version.go)
+
+# runs update on all hack/update/components only used for debugging purposes, not meant to be used regularly
+.PHONY: _update-all
+_update-all:
+ @(cd hack && go run update/update_all/update_all.go)
+
+
+# targets for tests on prow
+include ./hack/prow/prow.mk
diff --git a/OWNERS b/OWNERS
index b5400a2f9107..5efe00ac9c34 100644
--- a/OWNERS
+++ b/OWNERS
@@ -1,19 +1,14 @@
# See the OWNERS docs at https://go.k8s.io/owners
reviewers:
- - afbjorklund
- - sharifelgamal
- medyagh
- - blueelvis
- - prasadkatti
- - prezha
- - spowelljr
+ - prezha
+ - comradeprogrammer
+ - nirs
approvers:
- - afbjorklund
- - sharifelgamal
- medyagh
- - spowelljr
- - prezha
+ - prezha
+ - comradeprogrammer
emeritus_approvers:
- dlorenc
- luxas
@@ -23,3 +18,6 @@ emeritus_approvers:
- priyawadhwa
- josedonizetti
- tstromberg
+ - sharifelgamal
+ - afbjorklund
+ - spowelljr
diff --git a/README.md b/README.md
index a42a6b16a9f0..66abc3804636 100644
--- a/README.md
+++ b/README.md
@@ -2,9 +2,9 @@
[](https://github.com/kubernetes/minikube/actions)
[![GoReport Widget]][GoReport Status]
-[](https://github.com/kubernetes/minikube/releases/latest)
+[](https://github.com/kubernetes/minikube/releases/latest)
[](https://github.com/kubernetes/minikube/releases/latest)
-
+[](https://codespaces.new/kubernetes/minikube?quickstart=1)
[GoReport Status]: https://goreportcard.com/report/github.com/kubernetes/minikube
[GoReport Widget]: https://goreportcard.com/badge/github.com/kubernetes/minikube
@@ -21,17 +21,19 @@ minikube runs the latest stable release of Kubernetes, with support for standard
* [LoadBalancer](https://minikube.sigs.k8s.io/docs/handbook/accessing/#loadbalancer-access) - using `minikube tunnel`
* Multi-cluster - using `minikube start -p `
-* NodePorts - using `minikube service`
+* [NodePorts](https://minikube.sigs.k8s.io/docs/handbook/accessing/#nodeport-access) - using `minikube service`
* [Persistent Volumes](https://minikube.sigs.k8s.io/docs/handbook/persistent_volumes/)
* [Ingress](https://kubernetes.io/docs/tasks/access-application-cluster/ingress-minikube/)
* [Dashboard](https://minikube.sigs.k8s.io/docs/handbook/dashboard/) - `minikube dashboard`
* [Container runtimes](https://minikube.sigs.k8s.io/docs/handbook/config/#runtime-configuration) - `minikube start --container-runtime`
* [Configure apiserver and kubelet options](https://minikube.sigs.k8s.io/docs/handbook/config/#modifying-kubernetes-defaults) via command-line flags
+* Supports common [CI environments](https://github.com/minikube-ci/examples)
As well as developer-friendly features:
* [Addons](https://minikube.sigs.k8s.io/docs/handbook/deploying/#addons) - a marketplace for developers to share configurations for running services on minikube
-* [NVIDIA GPU support](https://minikube.sigs.k8s.io/docs/tutorials/nvidia_gpu/) - for machine learning
+* [NVIDIA GPU support](https://minikube.sigs.k8s.io/docs/tutorials/nvidia/) - for machine learning
+* [AMD GPU support](https://minikube.sigs.k8s.io/docs/tutorials/amd/) - for machine learning
* [Filesystem mounts](https://minikube.sigs.k8s.io/docs/handbook/mount/)
**For more information, see the official [minikube website](https://minikube.sigs.k8s.io)**
@@ -42,6 +44,15 @@ See the [Getting Started Guide](https://minikube.sigs.k8s.io/docs/start/)
:mega: **Please fill out our [fast 5-question survey](https://forms.gle/Gg3hG5ZySw8c1C24A)** so that we can learn how & why you use minikube, and what improvements we should make. Thank you! :dancers:
+## GitHub Codespace
+
+You can run minikube in a GitHub Codespace by clicking here:
+[](https://codespaces.new/kubernetes/minikube?quickstart=1)
+
+This will launch a Github Codespace. You can then run `minikube start` and `minikube dashboard` - You can then open Minikube Dashboard by clicking opening the link displayed in the terminal.
+
+You can also run Minikube in a Dev Container locally using your favorite IDE, for more information see Dev Containers https://code.visualstudio.com/docs/devcontainers/containers
+
## Documentation
See https://minikube.sigs.k8s.io/docs/
@@ -50,17 +61,25 @@ See https://minikube.sigs.k8s.io/docs/
See minikube in action [here](https://minikube.sigs.k8s.io/docs/handbook/controls/)
+## Governance
+
+Kubernetes project is governed by a framework of principles, values, policies and processes to help our community and constituents towards our shared goals.
+
+The [Kubernetes Community](https://github.com/kubernetes/community/blob/master/governance.md) is the launching point for learning about how we organize ourselves.
+
+The [Kubernetes Steering community repo](https://github.com/kubernetes/steering) is used by the Kubernetes Steering Committee, which oversees governance of the Kubernetes project.
+
## Community
minikube is a Kubernetes [#sig-cluster-lifecycle](https://github.com/kubernetes/community/tree/master/sig-cluster-lifecycle) project.
-* [**#minikube on Kubernetes Slack**](https://kubernetes.slack.com) - Live chat with minikube developers!
+* [**#minikube on Kubernetes Slack**](https://kubernetes.slack.com/messages/minikube) - Live chat with minikube developers!
* [minikube-users mailing list](https://groups.google.com/g/minikube-users)
* [minikube-dev mailing list](https://groups.google.com/g/minikube-dev)
* [Contributing](https://minikube.sigs.k8s.io/docs/contrib/)
* [Development Roadmap](https://minikube.sigs.k8s.io/docs/contrib/roadmap/)
-Join our meetings:
+Join our community meetings:
* [Bi-weekly office hours, Mondays @ 11am PST](https://tinyurl.com/minikube-oh)
* [Triage Party](https://minikube.sigs.k8s.io/docs/contrib/triage/)
diff --git a/SECURITY-INSIGHTS.yml b/SECURITY-INSIGHTS.yml
new file mode 100644
index 000000000000..35b26f413d73
--- /dev/null
+++ b/SECURITY-INSIGHTS.yml
@@ -0,0 +1,80 @@
+header:
+ schema-version: 1.0.0
+ expiration-date: '2024-12-17T01:00:00.000Z'
+ last-updated: '2023-12-17'
+ last-reviewed: '2023-12-17'
+ commit-hash: 8220a6eb95f0a4d75f7f2d7b14cef975f050512d
+ project-url: https://github.com/kubernetes/minikube
+ project-release: '1.32.0'
+ changelog: https://github.com/kubernetes/minikube/blob/master/CHANGELOG.md
+ license: https://github.com/kubernetes/minikube/blob/master/LICENSE
+project-lifecycle:
+ status: active
+ roadmap: https://minikube.sigs.k8s.io/docs/contrib/roadmap/
+ bug-fixes-only: false
+ core-maintainers:
+ - https://github.com/kubernetes/minikube/blob/master/OWNERS
+ release-cycle: https://minikube.sigs.k8s.io/docs/contrib/release_schedule/
+ release-process: https://minikube.sigs.k8s.io/docs/contrib/releasing/
+contribution-policy:
+ accepts-pull-requests: true
+ accepts-automated-pull-requests: true
+ automated-tools-list:
+ - automated-tool: dependabot
+ action: allowed
+ path:
+ - /
+ - automated-tool: minikube-bot
+ action: allowed
+ path:
+ - /
+ - automated-tool: k8s-ci-robot
+ action: allowed
+ path:
+ - /
+ contributing-policy: https://minikube.sigs.k8s.io/docs/contrib/guide/
+ code-of-conduct: https://github.com/kubernetes/minikube/blob/master/code-of-conduct.md
+documentation:
+ - https://minikube.sigs.k8s.io/docs/
+distribution-points:
+ - https://github.com/kubernetes/minikube/releases
+security-artifacts:
+ threat-model:
+ threat-model-created: false
+ self-assessment:
+ self-assessment-created: false
+security-testing:
+ - tool-type: sca
+ tool-name: Dependabot
+ tool-version: "2"
+ tool-url: https://github.com/dependabot
+ integration:
+ ad-hoc: false
+ ci: true
+ before-release: true
+ tool-rulesets:
+ - https://github.com/kubernetes/minikube/blob/master/.github/dependabot.yml
+ - tool-type: sca
+ tool-name: minikube-bot
+ tool-version: latest
+ tool-url: https://github.com/minikube-bot
+ tool-rulesets:
+ - built-in
+ integration:
+ ad-hoc: false
+ ci: true
+ before-release: true
+security-contacts:
+ - type: email
+ value: security@kubernetes.io
+ primary: true
+vulnerability-reporting:
+ accepts-vulnerability-reports: true
+ email-contact: security@kubernetes.io
+ security-policy: https://github.com/kubernetes/minikube/blob/master/SECURITY.md
+ bug-bounty-available: true
+ bug-bounty-url: https://hackerone.com/kubernetes
+dependencies:
+ third-party-packages: true
+ dependencies-lists:
+ - https://github.com/kubernetes/minikube/blob/master/go.mod
diff --git a/SECURITY.md b/SECURITY.md
index 2083d44cdf90..2f3c2143523d 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -4,8 +4,6 @@
Join the [kubernetes-security-announce] group for security and vulnerability announcements.
-You can also subscribe to an RSS feed of the above using [this link][kubernetes-security-announce-rss].
-
## Reporting a Vulnerability
Instructions for reporting a vulnerability can be found on the
@@ -17,6 +15,5 @@ Information about supported Kubernetes versions can be found on the
[Kubernetes version and version skew support policy] page on the Kubernetes website.
[kubernetes-security-announce]: https://groups.google.com/forum/#!forum/kubernetes-security-announce
-[kubernetes-security-announce-rss]: https://groups.google.com/forum/feed/kubernetes-security-announce/msgs/rss_v2_0.xml?num=50
[Kubernetes version and version skew support policy]: https://kubernetes.io/docs/setup/release/version-skew-policy/#supported-versions
[Kubernetes Security and Disclosure Information]: https://kubernetes.io/docs/reference/issues-security/security/#report-a-vulnerability
diff --git a/SECURITY_CONTACTS b/SECURITY_CONTACTS
index d9a7f75be561..77f2ab4fa452 100644
--- a/SECURITY_CONTACTS
+++ b/SECURITY_CONTACTS
@@ -10,7 +10,5 @@
# DO NOT REPORT SECURITY VULNERABILITIES DIRECTLY TO THESE NAMES, FOLLOW THE
# INSTRUCTIONS AT https://kubernetes.io/security/
-tstromberg
-afbjorklund
medyagh
-sharifelgamal
+prezha
diff --git a/cmd/auto-pause/auto-pause-hook/config.go b/cmd/auto-pause/auto-pause-hook/config.go
index 0f25e3f041c7..5b92437eeaa0 100644
--- a/cmd/auto-pause/auto-pause-hook/config.go
+++ b/cmd/auto-pause/auto-pause-hook/config.go
@@ -20,7 +20,6 @@ import (
"context"
"crypto/tls"
"crypto/x509"
- "fmt"
"log"
v1 "k8s.io/api/admissionregistration/v1"
@@ -59,7 +58,7 @@ func apiServerCert(clientset *kubernetes.Clientset) []byte {
pem, ok := c.Data["requestheader-client-ca-file"]
if !ok {
- klog.Fatalf(fmt.Sprintf("cannot find the ca.crt in the configmap, configMap.Data is %#v", c.Data))
+ klog.Fatalf("cannot find the ca.crt in the configmap, configMap.Data is %#v", c.Data)
}
klog.Info("client-ca-file=", pem)
return []byte(pem)
@@ -91,8 +90,8 @@ func selfRegistration(clientset *kubernetes.Clientset, caCert []byte) {
klog.Fatal(err2)
}
}
- var failurePolicy v1.FailurePolicyType = v1.Fail
- var sideEffects v1.SideEffectClass = v1.SideEffectClassNone
+ var failurePolicy = v1.Fail
+ var sideEffects = v1.SideEffectClassNone
webhookConfig := &v1.MutatingWebhookConfiguration{
ObjectMeta: metav1.ObjectMeta{
diff --git a/cmd/auto-pause/auto-pause-hook/main.go b/cmd/auto-pause/auto-pause-hook/main.go
index 57cd14d600ca..cd61ed47df3f 100644
--- a/cmd/auto-pause/auto-pause-hook/main.go
+++ b/cmd/auto-pause/auto-pause-hook/main.go
@@ -20,7 +20,7 @@ import (
"encoding/json"
"flag"
"fmt"
- "io/ioutil"
+ "io"
"log"
"net/http"
"strconv"
@@ -47,7 +47,7 @@ var targetIP *string
func handler(w http.ResponseWriter, r *http.Request) {
log.Println("Handling a request")
- body, err := ioutil.ReadAll(r.Body)
+ body, err := io.ReadAll(r.Body)
if err != nil {
log.Printf("error: %v", err)
return
diff --git a/cmd/auto-pause/auto-pause.go b/cmd/auto-pause/auto-pause.go
index 1fe405d3e9f1..906a37515987 100644
--- a/cmd/auto-pause/auto-pause.go
+++ b/cmd/auto-pause/auto-pause.go
@@ -28,25 +28,24 @@ import (
"k8s.io/minikube/pkg/minikube/command"
"k8s.io/minikube/pkg/minikube/cruntime"
"k8s.io/minikube/pkg/minikube/exit"
- "k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
- "k8s.io/minikube/pkg/minikube/style"
)
-var unpauseRequests = make(chan struct{})
-var done = make(chan struct{})
-var mu sync.Mutex
+var (
+ unpauseRequests = make(chan struct{})
+ done = make(chan struct{})
+ mu sync.Mutex
+ runtimePaused bool
+ version = "0.0.1"
-var runtimePaused bool
-var version = "0.0.1"
-
-var runtime = flag.String("container-runtime", "docker", "Container runtime to use for (un)pausing")
+ runtime = flag.String("container-runtime", "docker", "Container runtime to use for (un)pausing")
+ interval = flag.Duration("interval", time.Minute*1, "Interval of inactivity for pause to occur")
+)
func main() {
flag.Parse()
- // TODO: #10595 make this configurable
- const interval = time.Minute * 1
+ tickerChannel := time.NewTicker(*interval)
// Check current state
alreadyPaused()
@@ -54,16 +53,15 @@ func main() {
// channel for incoming messages
go func() {
for {
- // On each iteration new timer is created
select {
- // TODO: #10596 make it memory-leak proof
- case <-time.After(interval):
+ case <-tickerChannel.C:
+ tickerChannel.Stop()
runPause()
case <-unpauseRequests:
- fmt.Printf("Got request\n")
- if runtimePaused {
- runUnpause()
- }
+ tickerChannel.Stop()
+ log.Println("Got request")
+ runUnpause()
+ tickerChannel.Reset(*interval)
done <- struct{}{}
}
@@ -76,7 +74,7 @@ func main() {
}
// handler echoes the Path component of the requested URL.
-func handler(w http.ResponseWriter, r *http.Request) {
+func handler(w http.ResponseWriter, _ *http.Request) {
unpauseRequests <- struct{}{}
<-done
fmt.Fprintf(w, "allow")
@@ -86,8 +84,10 @@ func runPause() {
mu.Lock()
defer mu.Unlock()
if runtimePaused {
+ log.Println("Already paused, skipping")
return
}
+ log.Println("Pausing...")
r := command.NewExecRunner(true)
@@ -103,13 +103,17 @@ func runPause() {
runtimePaused = true
- out.Step(style.Unpause, "Paused {{.count}} containers", out.V{"count": len(uids)})
+ log.Printf("Paused %d containers", len(uids))
}
func runUnpause() {
- fmt.Println("unpausing...")
mu.Lock()
defer mu.Unlock()
+ if !runtimePaused {
+ log.Println("Already unpaused, skipping")
+ return
+ }
+ log.Println("Unpausing...")
r := command.NewExecRunner(true)
@@ -124,7 +128,7 @@ func runUnpause() {
}
runtimePaused = false
- out.Step(style.Unpause, "Unpaused {{.count}} containers", out.V{"count": len(uids)})
+ log.Printf("Unpaused %d containers", len(uids))
}
func alreadyPaused() {
@@ -141,5 +145,5 @@ func alreadyPaused() {
if err != nil {
exit.Error(reason.GuestCheckPaused, "Fail check if container paused", err)
}
- out.Step(style.Check, "containers paused status: {{.paused}}", out.V{"paused": runtimePaused})
+ log.Printf("containers paused status: %t", runtimePaused)
}
diff --git a/cmd/drivers/hyperkit/main.go b/cmd/drivers/hyperkit/main.go
index ca8f90ce6a48..4bff1b3d622e 100644
--- a/cmd/drivers/hyperkit/main.go
+++ b/cmd/drivers/hyperkit/main.go
@@ -1,4 +1,4 @@
-// +build darwin,!arm64
+//go:build darwin && !arm64
/*
Copyright 2016 The Kubernetes Authors All rights reserved.
diff --git a/cmd/minikube/cmd/cache.go b/cmd/minikube/cmd/cache.go
index df260cfb47f9..9d0a79dcc478 100644
--- a/cmd/minikube/cmd/cache.go
+++ b/cmd/minikube/cmd/cache.go
@@ -21,6 +21,7 @@ import (
"github.com/spf13/viper"
"k8s.io/klog/v2"
cmdConfig "k8s.io/minikube/cmd/minikube/cmd/config"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/image"
@@ -33,15 +34,13 @@ import (
// cacheImageConfigKey is the config field name used to store which images we have previously cached
const cacheImageConfigKey = "cache"
-var (
- all string
-)
+const allFlag = "all"
// cacheCmd represents the cache command
var cacheCmd = &cobra.Command{
Use: "cache",
- Short: "Add, delete, or push a local image into minikube",
- Long: "Add, delete, or push a local image into minikube",
+ Short: "Manage cache for images",
+ Long: "Add an image into minikube as a local cache, or delete, reload the cached images",
}
// addCacheCmd represents the cache add command
@@ -49,10 +48,11 @@ var addCacheCmd = &cobra.Command{
Use: "add",
Short: "Add an image to local cache.",
Long: "Add an image to local cache.",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
out.WarningT("\"minikube cache\" will be deprecated in upcoming versions, please switch to \"minikube image load\"")
+ options := flags.CommandOptions()
// Cache and load images into docker daemon
- if err := machine.CacheAndLoadImages(args, cacheAddProfiles(), false); err != nil {
+ if err := machine.CacheAndLoadImages(args, cacheAddProfiles(), false, options); err != nil {
exit.Error(reason.InternalCacheLoad, "Failed to cache and load images", err)
}
// Add images to config file
@@ -63,11 +63,11 @@ var addCacheCmd = &cobra.Command{
}
func addCacheCmdFlags() {
- addCacheCmd.Flags().Bool(all, false, "Add image to cache for all running minikube clusters")
+ addCacheCmd.Flags().Bool(allFlag, false, "Add image to cache for all running minikube clusters")
}
func cacheAddProfiles() []*config.Profile {
- if viper.GetBool(all) {
+ if viper.GetBool(allFlag) {
validProfiles, _, err := config.ListProfiles() // need to load image to all profiles
if err != nil {
klog.Warningf("error listing profiles: %v", err)
@@ -87,7 +87,7 @@ var deleteCacheCmd = &cobra.Command{
Use: "delete",
Short: "Delete an image from the local cache.",
Long: "Delete an image from the local cache.",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
// Delete images from config file
if err := cmdConfig.DeleteFromConfigMap(cacheImageConfigKey, args); err != nil {
exit.Error(reason.InternalDelConfig, "Failed to delete images from config", err)
@@ -104,8 +104,9 @@ var reloadCacheCmd = &cobra.Command{
Use: "reload",
Short: "reload cached images.",
Long: "reloads images previously added using the 'cache add' subcommand",
- Run: func(cmd *cobra.Command, args []string) {
- err := node.CacheAndLoadImagesInConfig(cacheAddProfiles())
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
+ err := node.CacheAndLoadImagesInConfig(cacheAddProfiles(), options)
if err != nil {
exit.Error(reason.GuestCacheLoad, "Failed to reload cached images", err)
}
diff --git a/cmd/minikube/cmd/cache_list.go b/cmd/minikube/cmd/cache_list.go
index 1c7341c267cd..11053f66a5e6 100644
--- a/cmd/minikube/cmd/cache_list.go
+++ b/cmd/minikube/cmd/cache_list.go
@@ -40,7 +40,7 @@ var listCacheCmd = &cobra.Command{
Use: "list",
Short: "List all available images from the local cache.",
Long: "List all available images from the local cache.",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
images, err := cmdConfig.ListConfigMap(cacheImageConfigKey)
if err != nil {
exit.Error(reason.InternalListConfig, "Failed to get image map", err)
@@ -53,8 +53,8 @@ var listCacheCmd = &cobra.Command{
func init() {
listCacheCmd.Flags().StringVar(&cacheListFormat, "format", defaultCacheListFormat,
- `Go template format string for the cache list output. The format for Go templates can be found here: https://golang.org/pkg/text/template/
-For the list of accessible variables for the template, see the struct values here: https://godoc.org/k8s.io/minikube/cmd/minikube/cmd#CacheListTemplate`)
+ `Go template format string for the cache list output. The format for Go templates can be found here: https://pkg.go.dev/text/template
+For the list of accessible variables for the template, see the struct values here: https://pkg.go.dev/k8s.io/minikube/cmd/minikube/cmd#CacheListTemplate`)
cacheCmd.AddCommand(listCacheCmd)
}
diff --git a/cmd/minikube/cmd/completion.go b/cmd/minikube/cmd/completion.go
index f7d9dec0fc53..b85d4e9a590b 100644
--- a/cmd/minikube/cmd/completion.go
+++ b/cmd/minikube/cmd/completion.go
@@ -28,7 +28,7 @@ import (
"k8s.io/minikube/pkg/minikube/reason"
)
-const longDescription = `Outputs minikube shell completion for the given shell (bash, zsh or fish)
+const longDescription = `Outputs minikube shell completion for the given shell (bash, zsh, fish or powershell)
This depends on the bash-completion binary. Example installation instructions:
OS X:
@@ -47,6 +47,16 @@ const longDescription = `Outputs minikube shell completion for the given shell (
Additionally, you may want to output the completion to a file and source in your .bashrc
+ Windows:
+ ## Save completion code to a script and execute in the profile
+ PS> minikube completion powershell > $HOME\.minikube-completion.ps1
+ PS> Add-Content $PROFILE '. $HOME\.minikube-completion.ps1'
+
+ ## Execute completion code in the profile
+ PS> Add-Content $PROFILE 'if (Get-Command minikube -ErrorAction SilentlyContinue) {
+ minikube completion powershell | Out-String | Invoke-Expression
+ }'
+
Note for zsh users: [1] zsh completions are only supported in versions of zsh >= 5.2
Note for fish users: [2] please refer to this docs for more details https://fishshell.com/docs/current/#tab-completion
`
@@ -71,11 +81,11 @@ var completionCmd = &cobra.Command{
Use: "completion SHELL",
Short: "Generate command completion for a shell",
Long: longDescription,
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) != 1 {
exit.Message(reason.Usage, "Usage: minikube completion SHELL")
}
- if args[0] != "bash" && args[0] != "zsh" && args[0] != "fish" {
+ if args[0] != "bash" && args[0] != "zsh" && args[0] != "fish" && args[0] != "powershell" {
exit.Message(reason.Usage, "Sorry, completion support is not yet implemented for {{.name}}", out.V{"name": args[0]})
}
},
@@ -85,7 +95,7 @@ var bashCmd = &cobra.Command{
Use: "bash",
Short: "bash completion.",
Long: "Generate command completion for bash.",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(cmd *cobra.Command, _ []string) {
err := GenerateBashCompletion(os.Stdout, cmd.Root())
if err != nil {
exit.Error(reason.InternalCompletion, "bash completion failed", err)
@@ -97,7 +107,7 @@ var zshCmd = &cobra.Command{
Use: "zsh",
Short: "zsh completion.",
Long: "Generate command completion for zsh.",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(cmd *cobra.Command, _ []string) {
err := GenerateZshCompletion(os.Stdout, cmd.Root())
if err != nil {
exit.Error(reason.InternalCompletion, "zsh completion failed", err)
@@ -109,7 +119,7 @@ var fishCmd = &cobra.Command{
Use: "fish",
Short: "fish completion.",
Long: "Generate command completion for fish .",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(cmd *cobra.Command, _ []string) {
err := GenerateFishCompletion(os.Stdout, cmd.Root())
if err != nil {
exit.Error(reason.InternalCompletion, "fish completion failed", err)
@@ -117,10 +127,23 @@ var fishCmd = &cobra.Command{
},
}
+var powershellCmd = &cobra.Command{
+ Use: "powershell",
+ Short: "powershell completion.",
+ Long: "Generate command completion for PowerShell.",
+ Run: func(cmd *cobra.Command, _ []string) {
+ err := GeneratePowerShellCompletion(os.Stdout, cmd.Root())
+ if err != nil {
+ exit.Error(reason.InternalCompletion, "powershell completion failed", err)
+ }
+ },
+}
+
func init() {
completionCmd.AddCommand(bashCmd)
completionCmd.AddCommand(zshCmd)
completionCmd.AddCommand(fishCmd)
+ completionCmd.AddCommand(powershellCmd)
}
// GenerateBashCompletion generates the completion for the bash shell
@@ -139,7 +162,7 @@ func GenerateBashCompletion(w io.Writer, cmd *cobra.Command) error {
}
// GenerateZshCompletion generates the completion for the zsh shell
-func GenerateZshCompletion(out io.Writer, cmd *cobra.Command) error {
+func GenerateZshCompletion(w io.Writer, cmd *cobra.Command) error {
zshAutoloadTag := `#compdef minikube
`
@@ -273,20 +296,21 @@ __minikube_convert_bash_to_zsh() {
-e "s/${LWORD}compopt${RWORD}/__minikube_compopt/g" \
-e "s/${LWORD}declare${RWORD}/__minikube_declare/g" \
-e "s/\\\$(type${RWORD}/\$(__minikube_type/g" \
+ -e "s/aliashash\[\"\([a-z]*\)\"\]/aliashash[\1]/g" \
<<'BASH_COMPLETION_EOF'
`
- _, err := out.Write([]byte(zshAutoloadTag))
+ _, err := w.Write([]byte(zshAutoloadTag))
if err != nil {
return err
}
- _, err = out.Write([]byte(boilerPlate))
+ _, err = w.Write([]byte(boilerPlate))
if err != nil {
return err
}
- _, err = out.Write([]byte(zshInitialization))
+ _, err = w.Write([]byte(zshInitialization))
if err != nil {
return err
}
@@ -296,7 +320,7 @@ __minikube_convert_bash_to_zsh() {
if err != nil {
return errors.Wrap(err, "Error generating zsh completion")
}
- _, err = out.Write(buf.Bytes())
+ _, err = w.Write(buf.Bytes())
if err != nil {
return err
}
@@ -306,7 +330,7 @@ BASH_COMPLETION_EOF
}
__minikube_bash_source <(__minikube_convert_bash_to_zsh)
`
- _, err = out.Write([]byte(zshTail))
+ _, err = w.Write([]byte(zshTail))
if err != nil {
return err
}
@@ -328,3 +352,18 @@ func GenerateFishCompletion(w io.Writer, cmd *cobra.Command) error {
return nil
}
+
+// GeneratePowerShellCompletion generates the completion for the PowerShell
+func GeneratePowerShellCompletion(w io.Writer, cmd *cobra.Command) error {
+ _, err := w.Write([]byte(boilerPlate))
+ if err != nil {
+ return err
+ }
+
+ err = cmd.GenPowerShellCompletionWithDesc(w)
+ if err != nil {
+ return errors.Wrap(err, "Error generating powershell completion")
+ }
+
+ return nil
+}
diff --git a/cmd/minikube/cmd/config/addons.go b/cmd/minikube/cmd/config/addons.go
index ffb5a1fa217e..415a523d93f1 100644
--- a/cmd/minikube/cmd/config/addons.go
+++ b/cmd/minikube/cmd/config/addons.go
@@ -27,7 +27,7 @@ var AddonsCmd = &cobra.Command{
Use: "addons SUBCOMMAND [flags]",
Short: "Enable or disable a minikube addon",
Long: `addons modifies minikube addons files using subcommands like "minikube addons enable dashboard"`,
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(cmd *cobra.Command, _ []string) {
if err := cmd.Help(); err != nil {
klog.Errorf("help: %v", err)
}
diff --git a/cmd/minikube/cmd/config/addons_list.go b/cmd/minikube/cmd/config/addons_list.go
index 4ee0a19a7576..c373cb0c6fd4 100644
--- a/cmd/minikube/cmd/config/addons_list.go
+++ b/cmd/minikube/cmd/config/addons_list.go
@@ -19,13 +19,16 @@ package config
import (
"encoding/json"
"fmt"
+ "maps"
"os"
- "sort"
+ "slices"
"strings"
"github.com/olekukonko/tablewriter"
+ "github.com/olekukonko/tablewriter/tw"
"github.com/spf13/cobra"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/assets"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/exit"
@@ -36,6 +39,7 @@ import (
)
var addonListOutput string
+var addonPrintDocs bool
// AddonListTemplate represents the addon list template
type AddonListTemplate struct {
@@ -47,15 +51,19 @@ var addonsListCmd = &cobra.Command{
Use: "list",
Short: "Lists all available minikube addons as well as their current statuses (enabled/disabled)",
Long: "Lists all available minikube addons as well as their current statuses (enabled/disabled)",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) != 0 {
exit.Message(reason.Usage, "usage: minikube addons list")
}
- _, cc := mustload.Partial(ClusterFlagValue())
+ options := flags.CommandOptions()
+ var cc *config.ClusterConfig
+ if config.ProfileExists(ClusterFlagValue()) {
+ _, cc = mustload.Partial(ClusterFlagValue(), options)
+ }
switch strings.ToLower(addonListOutput) {
case "list":
- printAddonsList(cc)
+ printAddonsList(cc, addonPrintDocs)
case "json":
printAddonsJSON(cc)
default:
@@ -65,13 +73,8 @@ var addonsListCmd = &cobra.Command{
}
func init() {
- addonsListCmd.Flags().StringVarP(
- &addonListOutput,
- "output",
- "o",
- "list",
- `minikube addons list --output OUTPUT. json, list`)
-
+ addonsListCmd.Flags().StringVarP(&addonListOutput, "output", "o", "list", "minikube addons list --output OUTPUT. json, list")
+ addonsListCmd.Flags().BoolVarP(&addonPrintDocs, "docs", "d", false, "If true, print web links to addons' documentation if using --output=list (default).")
AddonsCmd.AddCommand(addonsListCmd)
}
@@ -89,33 +92,56 @@ var stringFromStatus = func(addonStatus bool) string {
return "disabled"
}
-var printAddonsList = func(cc *config.ClusterConfig) {
- addonNames := make([]string, 0, len(assets.Addons))
- for addonName := range assets.Addons {
- addonNames = append(addonNames, addonName)
+var printAddonsList = func(cc *config.ClusterConfig, printDocs bool) {
+ addonNames := slices.Sorted(maps.Keys(assets.Addons))
+ table := tablewriter.NewWriter(os.Stdout)
+
+ table.Options(
+ tablewriter.WithHeaderAutoFormat(tw.On),
+ )
+
+ // Create table header
+ var tHeader []string
+ if cc == nil {
+ tHeader = []string{"Addon Name", "Maintainer"}
+ } else {
+ tHeader = []string{"Addon Name", "Profile", "Status", "Maintainer"}
+ }
+ if printDocs {
+ tHeader = append(tHeader, "Docs")
}
- sort.Strings(addonNames)
+ table.Header(tHeader)
+ // Create table data
var tData [][]string
- table := tablewriter.NewWriter(os.Stdout)
- table.SetHeader([]string{"Addon Name", "Profile", "Status", "Maintainer"})
- table.SetAutoFormatHeaders(true)
- table.SetBorders(tablewriter.Border{Left: true, Top: true, Right: true, Bottom: true})
- table.SetCenterSeparator("|")
-
+ var temp []string
for _, addonName := range addonNames {
addonBundle := assets.Addons[addonName]
- enabled := addonBundle.IsEnabled(cc)
maintainer := addonBundle.Maintainer
if maintainer == "" {
- maintainer = "unknown (third-party)"
+ maintainer = "3rd party (unknown)"
+ }
+ docs := addonBundle.Docs
+ if docs == "" {
+ docs = "n/a"
}
- tData = append(tData, []string{addonName, cc.Name, fmt.Sprintf("%s %s", stringFromStatus(enabled), iconFromStatus(enabled)), maintainer})
+ if cc == nil {
+ temp = []string{addonName, maintainer}
+ } else {
+ enabled := addonBundle.IsEnabled(cc)
+ temp = []string{addonName, cc.Name, fmt.Sprintf("%s %s", stringFromStatus(enabled), iconFromStatus(enabled)), maintainer}
+ }
+ if printDocs {
+ temp = append(temp, docs)
+ }
+ tData = append(tData, temp)
+ }
+ if err := table.Bulk(tData); err != nil {
+ klog.Error("Error rendering table (bulk)", err)
+ }
+ if err := table.Render(); err != nil {
+ klog.Error("Error rendering table", err)
}
-
- table.AppendBulk(tData)
- table.Render()
-
v, _, err := config.ListProfiles()
if err != nil {
klog.Errorf("list profiles returned error: %v", err)
@@ -126,24 +152,28 @@ var printAddonsList = func(cc *config.ClusterConfig) {
}
var printAddonsJSON = func(cc *config.ClusterConfig) {
- addonNames := make([]string, 0, len(assets.Addons))
- for addonName := range assets.Addons {
- addonNames = append(addonNames, addonName)
- }
- sort.Strings(addonNames)
-
+ addonNames := slices.Sorted(maps.Keys(assets.Addons))
addonsMap := map[string]map[string]interface{}{}
for _, addonName := range addonNames {
+ if cc == nil {
+ addonsMap[addonName] = map[string]interface{}{}
+ continue
+ }
+
addonBundle := assets.Addons[addonName]
enabled := addonBundle.IsEnabled(cc)
-
addonsMap[addonName] = map[string]interface{}{
"Status": stringFromStatus(enabled),
"Profile": cc.Name,
}
+ if addonPrintDocs {
+ addonsMap[addonName]["Maintainer"] = addonBundle.Maintainer
+ addonsMap[addonName]["Docs"] = addonBundle.Docs
+ }
}
- jsonString, _ := json.Marshal(addonsMap)
+ jsonString, _ := json.Marshal(addonsMap)
out.String(string(jsonString))
+
}
diff --git a/cmd/minikube/cmd/config/addons_list_test.go b/cmd/minikube/cmd/config/addons_list_test.go
new file mode 100644
index 000000000000..976e4c83a82c
--- /dev/null
+++ b/cmd/minikube/cmd/config/addons_list_test.go
@@ -0,0 +1,121 @@
+/*
+Copyright 2021 The Kubernetes Authors All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package config
+
+import (
+ "encoding/json"
+ "io"
+ "os"
+ "strings"
+ "testing"
+
+ "k8s.io/minikube/pkg/minikube/out"
+)
+
+func TestAddonsList(t *testing.T) {
+ tests := []struct {
+ name string
+ printDocs bool
+ want int
+ }{
+ {"DisabledDocs", false, 3},
+ {"EnabledDocs", true, 4},
+ }
+
+ for _, tt := range tests {
+ t.Run("NonExistingClusterTable"+tt.name, func(t *testing.T) {
+ r, w, err := os.Pipe()
+ if err != nil {
+ t.Fatalf("failed to create pipe: %v", err)
+ }
+ defer r.Close()
+ old := os.Stdout
+ defer func() {
+ os.Stdout = old
+ out.SetOutFile(old)
+ }()
+ os.Stdout = w
+ out.SetOutFile(w)
+
+ done := make(chan string, 1)
+ go func() {
+ b, _ := io.ReadAll(r)
+ done <- string(b)
+ }()
+
+ printAddonsList(nil, tt.printDocs)
+
+ if err := w.Close(); err != nil {
+ t.Fatalf("failed to close pipe: %v", err)
+ }
+
+ s := <-done
+ lines := strings.Split(s, "\n")
+ if len(lines) < 3 {
+ t.Fatalf("failed to read stdout: got %d lines: %q", len(lines), s)
+ }
+
+ pipeCount := 0
+ got := ""
+ for i := 0; i < 3; i++ {
+ pipeCount += strings.Count(lines[i], "│")
+ got += lines[i]
+ }
+ // ┌─────────────────────────────┬────────────────────────────────────────┐
+ // │ ADDON NAME │ MAINTAINER │
+ // ├─────────────────────────────┼────────────────────────────────────────┤
+ // ┌─────────────────────────────┬────────────────────────────────────────┬───────────────────────────────────────────────────────────────────────────────┐
+ // │ ADDON NAME │ MAINTAINER │ DOCS │
+ // ├─────────────────────────────┼────────────────────────────────────────┼───────────────────────────────────────────────────────────────────────────────┤
+
+ expected := tt.want
+ if pipeCount != expected {
+ t.Errorf("Expected header to have %d pipes; got = %d: %q", expected, pipeCount, got)
+ }
+ })
+ }
+
+ t.Run("NonExistingClusterJSON", func(t *testing.T) {
+ type addons struct {
+ Ambassador *interface{} `json:"ambassador"`
+ }
+
+ r, w, err := os.Pipe()
+ if err != nil {
+ t.Fatalf("failed to create pipe: %v", err)
+ }
+ old := os.Stdout
+ defer func() {
+ os.Stdout = old
+ out.SetOutFile(os.Stdout)
+ }()
+ os.Stdout = w
+ out.SetOutFile(os.Stdout)
+ printAddonsJSON(nil)
+ if err := w.Close(); err != nil {
+ t.Fatalf("failed to close pipe: %v", err)
+ }
+ got := addons{}
+ dec := json.NewDecoder(r)
+ if err := dec.Decode(&got); err != nil {
+ t.Fatalf("failed to decode: %v", err)
+ }
+ if got.Ambassador == nil {
+ t.Errorf("expected `ambassador` field to not be nil, but was")
+ }
+ })
+}
diff --git a/cmd/minikube/cmd/config/config.go b/cmd/minikube/cmd/config/config.go
index 738ac8badc40..a98d72bb13bd 100644
--- a/cmd/minikube/cmd/config/config.go
+++ b/cmd/minikube/cmd/config/config.go
@@ -75,7 +75,7 @@ var settings = []Setting{
},
{
name: "cpus",
- set: SetInt,
+ set: SetString,
validations: []setFn{IsValidCPUs},
callbacks: []setFn{RequiresRestartMsg},
},
@@ -102,8 +102,9 @@ var settings = []Setting{
validations: []setFn{IsValidPath},
},
{
- name: "kubernetes-version",
- set: SetString,
+ name: "kubernetes-version",
+ set: SetString,
+ validDefaults: supportedKubernetesVersions,
},
{
name: "iso-url",
@@ -163,6 +164,14 @@ var settings = []Setting{
name: "native-ssh",
set: SetBool,
},
+ {
+ name: config.Rootless,
+ set: SetBool,
+ },
+ {
+ name: config.MaxAuditEntries,
+ set: SetInt,
+ },
}
// ConfigCmd represents the config command
@@ -171,7 +180,7 @@ var ConfigCmd = &cobra.Command{
Short: "Modify persistent configuration values",
Long: `config modifies minikube config files using subcommands like "minikube config set driver kvm2"
Configurable fields: ` + "\n\n" + configurableFields(),
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(cmd *cobra.Command, _ []string) {
if err := cmd.Help(); err != nil {
klog.ErrorS(err, "help")
}
diff --git a/cmd/minikube/cmd/config/config_test.go b/cmd/minikube/cmd/config/config_test.go
index 56a84b28d04f..e211e78b7ead 100644
--- a/cmd/minikube/cmd/config/config_test.go
+++ b/cmd/minikube/cmd/config/config_test.go
@@ -38,7 +38,7 @@ func TestHiddenPrint(t *testing.T) {
}
for _, test := range testCases {
b := new(bytes.Buffer)
- _, err := b.WriteString(fmt.Sprintf("%s\r\n", test.TestString)) // you need the \r!
+ _, err := fmt.Fprintf(b, "%s\r\n", test.TestString) // you need the \r!
if err != nil {
t.Errorf("Could not prepare bytestring")
}
diff --git a/cmd/minikube/cmd/config/configure.go b/cmd/minikube/cmd/config/configure.go
index cfa7dc7a7962..7e7fa646704d 100644
--- a/cmd/minikube/cmd/config/configure.go
+++ b/cmd/minikube/cmd/config/configure.go
@@ -17,230 +17,260 @@ limitations under the License.
package config
import (
- "io/ioutil"
+ "encoding/json"
+ "errors"
+ "fmt"
"net"
+ "os"
"regexp"
+ "time"
"github.com/spf13/cobra"
+ "k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/addons"
+ "k8s.io/minikube/pkg/minikube/assets"
+ "k8s.io/minikube/pkg/minikube/cluster"
"k8s.io/minikube/pkg/minikube/config"
+ "k8s.io/minikube/pkg/minikube/cruntime"
"k8s.io/minikube/pkg/minikube/exit"
+ "k8s.io/minikube/pkg/minikube/machine"
"k8s.io/minikube/pkg/minikube/mustload"
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
- "k8s.io/minikube/pkg/minikube/service"
+ "k8s.io/minikube/pkg/minikube/run"
"k8s.io/minikube/pkg/minikube/style"
+ "k8s.io/minikube/pkg/minikube/sysinit"
)
+var addonConfigFile = ""
+var posResponses = []string{"yes", "y"}
+var negResponses = []string{"no", "n"}
+
+// Typed addon configs
+type addonConfig struct {
+ RegistryCreds registryCredsAddonConfig `json:"registry-creds"`
+}
+
var addonsConfigureCmd = &cobra.Command{
Use: "configure ADDON_NAME",
Short: "Configures the addon w/ADDON_NAME within minikube (example: minikube addons configure registry-creds). For a list of available addons use: minikube addons list",
Long: "Configures the addon w/ADDON_NAME within minikube (example: minikube addons configure registry-creds). For a list of available addons use: minikube addons list",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) != 1 {
exit.Message(reason.Usage, "usage: minikube addons configure ADDON_NAME")
}
+ options := flags.CommandOptions()
+ profile := ClusterFlagValue()
addon := args[0]
+ addonConfig := loadAddonConfigFile(addon, addonConfigFile)
+
// allows for additional prompting of information when enabling addons
switch addon {
case "registry-creds":
- posResponses := []string{"yes", "y"}
- negResponses := []string{"no", "n"}
-
- // Default values
- awsAccessID := "changeme"
- awsAccessKey := "changeme"
- awsSessionToken := ""
- awsRegion := "changeme"
- awsAccount := "changeme"
- awsRole := "changeme"
- gcrApplicationDefaultCredentials := "changeme"
- dockerServer := "changeme"
- dockerUser := "changeme"
- dockerPass := "changeme"
- gcrURL := "https://gcr.io"
- acrURL := "changeme"
- acrClientID := "changeme"
- acrPassword := "changeme"
-
- enableAWSECR := AskForYesNoConfirmation("\nDo you want to enable AWS Elastic Container Registry?", posResponses, negResponses)
- if enableAWSECR {
- awsAccessID = AskForStaticValue("-- Enter AWS Access Key ID: ")
- awsAccessKey = AskForStaticValue("-- Enter AWS Secret Access Key: ")
- awsSessionToken = AskForStaticValueOptional("-- (Optional) Enter AWS Session Token: ")
- awsRegion = AskForStaticValue("-- Enter AWS Region: ")
- awsAccount = AskForStaticValue("-- Enter 12 digit AWS Account ID (Comma separated list): ")
- awsRole = AskForStaticValueOptional("-- (Optional) Enter ARN of AWS role to assume: ")
- }
+ processRegistryCredsConfig(profile, addonConfig)
- enableGCR := AskForYesNoConfirmation("\nDo you want to enable Google Container Registry?", posResponses, negResponses)
- if enableGCR {
- gcrPath := AskForStaticValue("-- Enter path to credentials (e.g. /home/user/.config/gcloud/application_default_credentials.json):")
- gcrchangeURL := AskForYesNoConfirmation("-- Do you want to change the GCR URL (Default https://gcr.io)?", posResponses, negResponses)
+ case "metallb":
+ processMetalLBConfig(profile, addonConfig, options)
- if gcrchangeURL {
- gcrURL = AskForStaticValue("-- Enter GCR URL (e.g. https://asia.gcr.io):")
- }
+ case "ingress":
+ processIngressConfig(profile, addonConfig, options)
- // Read file from disk
- dat, err := ioutil.ReadFile(gcrPath)
+ case "registry-aliases":
+ processRegistryAliasesConfig(profile, addonConfig, options)
- if err != nil {
- out.FailureT("Error reading {{.path}}: {{.error}}", out.V{"path": gcrPath, "error": err})
- } else {
- gcrApplicationDefaultCredentials = string(dat)
- }
- }
+ case "auto-pause":
+ processAutoPauseConfig(profile, addonConfig, options)
- enableDR := AskForYesNoConfirmation("\nDo you want to enable Docker Registry?", posResponses, negResponses)
- if enableDR {
- dockerServer = AskForStaticValue("-- Enter docker registry server url: ")
- dockerUser = AskForStaticValue("-- Enter docker registry username: ")
- dockerPass = AskForPasswordValue("-- Enter docker registry password: ")
- }
+ default:
+ out.FailureT("{{.name}} has no available configuration options", out.V{"name": addon})
+ return
+ }
- enableACR := AskForYesNoConfirmation("\nDo you want to enable Azure Container Registry?", posResponses, negResponses)
- if enableACR {
- acrURL = AskForStaticValue("-- Enter Azure Container Registry (ACR) URL: ")
- acrClientID = AskForStaticValue("-- Enter client ID (service principal ID) to access ACR: ")
- acrPassword = AskForPasswordValue("-- Enter service principal password to access Azure Container Registry: ")
- }
+ out.SuccessT("{{.name}} was successfully configured", out.V{"name": addon})
+ },
+}
- cname := ClusterFlagValue()
- namespace := "kube-system"
-
- // Create ECR Secret
- err := service.CreateSecret(
- cname,
- namespace,
- "registry-creds-ecr",
- map[string]string{
- "AWS_ACCESS_KEY_ID": awsAccessID,
- "AWS_SECRET_ACCESS_KEY": awsAccessKey,
- "AWS_SESSION_TOKEN": awsSessionToken,
- "aws-account": awsAccount,
- "aws-region": awsRegion,
- "aws-assume-role": awsRole,
- },
- map[string]string{
- "app": "registry-creds",
- "cloud": "ecr",
- "kubernetes.io/minikube-addons": "registry-creds",
- })
- if err != nil {
- out.FailureT("ERROR creating `registry-creds-ecr` secret: {{.error}}", out.V{"error": err})
- }
+func unpauseWholeCluster(co mustload.ClusterController) {
+ for _, n := range co.Config.Nodes {
- // Create GCR Secret
- err = service.CreateSecret(
- cname,
- namespace,
- "registry-creds-gcr",
- map[string]string{
- "application_default_credentials.json": gcrApplicationDefaultCredentials,
- "gcrurl": gcrURL,
- },
- map[string]string{
- "app": "registry-creds",
- "cloud": "gcr",
- "kubernetes.io/minikube-addons": "registry-creds",
- })
-
- if err != nil {
- out.FailureT("ERROR creating `registry-creds-gcr` secret: {{.error}}", out.V{"error": err})
- }
+ // Use node-name if available, falling back to cluster name
+ name := n.Name
+ if n.Name == "" {
+ name = co.Config.Name
+ }
- // Create Docker Secret
- err = service.CreateSecret(
- cname,
- namespace,
- "registry-creds-dpr",
- map[string]string{
- "DOCKER_PRIVATE_REGISTRY_SERVER": dockerServer,
- "DOCKER_PRIVATE_REGISTRY_USER": dockerUser,
- "DOCKER_PRIVATE_REGISTRY_PASSWORD": dockerPass,
- },
- map[string]string{
- "app": "registry-creds",
- "cloud": "dpr",
- "kubernetes.io/minikube-addons": "registry-creds",
- })
-
- if err != nil {
- out.WarningT("ERROR creating `registry-creds-dpr` secret")
- }
+ out.Step(style.Pause, "Unpausing node {{.name}} ... ", out.V{"name": name})
- // Create Azure Container Registry Secret
- err = service.CreateSecret(
- cname,
- namespace,
- "registry-creds-acr",
- map[string]string{
- "ACR_URL": acrURL,
- "ACR_CLIENT_ID": acrClientID,
- "ACR_PASSWORD": acrPassword,
- },
- map[string]string{
- "app": "registry-creds",
- "cloud": "acr",
- "kubernetes.io/minikube-addons": "registry-creds",
- })
-
- if err != nil {
- out.WarningT("ERROR creating `registry-creds-acr` secret")
- }
+ machineName := config.MachineName(*co.Config, n)
+ host, err := machine.LoadHost(co.API, machineName)
+ if err != nil {
+ exit.Error(reason.GuestLoadHost, "Error getting host", err)
+ }
- case "metallb":
- profile := ClusterFlagValue()
- _, cfg := mustload.Partial(profile)
+ r, err := machine.CommandRunner(host)
+ if err != nil {
+ exit.Error(reason.InternalCommandRunner, "Failed to get command runner", err)
+ }
- validator := func(s string) bool {
- return net.ParseIP(s) != nil
- }
+ cr, err := cruntime.New(cruntime.Config{Type: co.Config.KubernetesConfig.ContainerRuntime, Runner: r})
+ if err != nil {
+ exit.Error(reason.InternalNewRuntime, "Failed runtime", err)
+ }
- if cfg.KubernetesConfig.LoadBalancerStartIP == "" {
- cfg.KubernetesConfig.LoadBalancerStartIP = AskForStaticValidatedValue("-- Enter Load Balancer Start IP: ", validator)
- }
+ _, err = cluster.Unpause(cr, r, nil) // nil means all namespaces
+ if err != nil {
+ exit.Error(reason.GuestUnpause, "Pause", err)
+ }
+ }
+}
- if cfg.KubernetesConfig.LoadBalancerEndIP == "" {
- cfg.KubernetesConfig.LoadBalancerEndIP = AskForStaticValidatedValue("-- Enter Load Balancer End IP: ", validator)
- }
+func init() {
+ addonsConfigureCmd.Flags().StringVarP(&addonConfigFile, "config-file", "f", "", "An optional configuration file to read addon specific configs from instead of being prompted each time.")
+ AddonsCmd.AddCommand(addonsConfigureCmd)
+}
- if err := config.SaveProfile(profile, cfg); err != nil {
- out.ErrT(style.Fatal, "Failed to save config {{.profile}}", out.V{"profile": profile})
- }
+// Helper method to load a config file for addons
+func loadAddonConfigFile(addon, configFilePath string) (ac *addonConfig) {
+ type configFile struct {
+ Addons addonConfig `json:"addons"`
+ }
+ var cf configFile
+
+ if configFilePath != "" {
+ out.Ln("Reading %s configs from %s", addon, configFilePath)
+ confData, err := os.ReadFile(configFilePath)
+ if err != nil && errors.Is(err, os.ErrNotExist) { // file does not exist
+ klog.Warningf("config file (%s) does not exist: %v", configFilePath, err)
+ exit.Message(reason.Usage, "config file does not exist")
+ }
- // Re-enable metallb addon in order to generate template manifest files with Load Balancer Start/End IP
- if err := addons.EnableOrDisableAddon(cfg, "metallb", "true"); err != nil {
- out.ErrT(style.Fatal, "Failed to configure metallb IP {{.profile}}", out.V{"profile": profile})
- }
- case "ingress":
- profile := ClusterFlagValue()
- _, cfg := mustload.Partial(profile)
+ if err != nil { // file cannot be opened
+ klog.Errorf("error opening config file (%s): %v", configFilePath, err)
+ // err = errors2.Wrapf(err, "config file (%s) does not exist", configFilePath)
+ exit.Message(reason.Kind{ExitCode: reason.ExProgramConfig, Advice: "provide a valid config file"},
+ fmt.Sprintf("error opening config file: %s", configFilePath))
+ }
- validator := func(s string) bool {
- format := regexp.MustCompile("^.+/.+$")
- return format.MatchString(s)
- }
+ if err = json.Unmarshal(confData, &cf); err != nil {
+ // err = errors2.Wrapf(err, "error reading config file (%s)", configFilePath)
+ klog.Errorf("error reading config file (%s): %v", configFilePath, err)
+ exit.Message(reason.Kind{ExitCode: reason.ExProgramConfig, Advice: "provide a valid config file"},
+ fmt.Sprintf("error reading config file: %v", err))
+ }
+ }
- if cfg.KubernetesConfig.CustomIngressCert == "" {
- cfg.KubernetesConfig.CustomIngressCert = AskForStaticValidatedValue("-- Enter custom cert(format is \"namespace/secret\"): ", validator)
- }
+ return &cf.Addons
+}
- if err := config.SaveProfile(profile, cfg); err != nil {
- out.ErrT(style.Fatal, "Failed to save config {{.profile}}", out.V{"profile": profile})
- }
+// Processes metallb addon config from configFile if it exists otherwise resorts to default behavior
+func processMetalLBConfig(profile string, _ *addonConfig, options *run.CommandOptions) {
+ _, cfg := mustload.Partial(profile, options)
- default:
- out.FailureT("{{.name}} has no available configuration options", out.V{"name": addon})
+ validator := func(s string) bool {
+ return net.ParseIP(s) != nil
+ }
+
+ cfg.KubernetesConfig.LoadBalancerStartIP = AskForStaticValidatedValue("-- Enter Load Balancer Start IP: ", validator)
+
+ cfg.KubernetesConfig.LoadBalancerEndIP = AskForStaticValidatedValue("-- Enter Load Balancer End IP: ", validator)
+
+ if err := config.SaveProfile(profile, cfg); err != nil {
+ out.ErrT(style.Fatal, "Failed to save config {{.profile}}", out.V{"profile": profile})
+ }
+
+ // Re-enable metallb addon in order to generate template manifest files with Load Balancer Start/End IP
+ if err := addons.EnableOrDisableAddon(cfg, "metallb", "true", options); err != nil {
+ out.ErrT(style.Fatal, "Failed to configure metallb IP {{.profile}}", out.V{"profile": profile})
+ }
+}
+
+// Processes ingress addon config from configFile if it exists otherwise resorts to default behavior
+func processIngressConfig(profile string, _ *addonConfig, options *run.CommandOptions) {
+ _, cfg := mustload.Partial(profile, options)
+
+ validator := func(s string) bool {
+ format := regexp.MustCompile("^.+/.+$")
+ return format.MatchString(s)
+ }
+
+ customCert := AskForStaticValidatedValue("-- Enter custom cert (format is \"namespace/secret\"): ", validator)
+ if cfg.KubernetesConfig.CustomIngressCert != "" {
+ overwrite := AskForYesNoConfirmation("A custom cert for ingress has already been set. Do you want overwrite it?", posResponses, negResponses)
+ if !overwrite {
return
}
+ }
- out.SuccessT("{{.name}} was successfully configured", out.V{"name": addon})
- },
+ cfg.KubernetesConfig.CustomIngressCert = customCert
+
+ if err := config.SaveProfile(profile, cfg); err != nil {
+ out.ErrT(style.Fatal, "Failed to save config {{.profile}}", out.V{"profile": profile})
+ }
}
-func init() {
- AddonsCmd.AddCommand(addonsConfigureCmd)
+// Processes auto-pause addon config from configFile if it exists otherwise resorts to default behavior
+func processAutoPauseConfig(profile string, _ *addonConfig, options *run.CommandOptions) {
+ lapi, cfg := mustload.Partial(profile, options)
+ intervalInput := AskForStaticValue("-- Enter interval time of auto-pause-interval (ex. 1m0s): ")
+ intervalTime, err := time.ParseDuration(intervalInput)
+ if err != nil {
+ out.ErrT(style.Fatal, "Interval is an invalid duration: {{.error}}", out.V{"error": err})
+ }
+
+ if intervalTime != intervalTime.Abs() || intervalTime.String() == "0s" {
+ out.ErrT(style.Fatal, "Interval must be greater than 0s")
+ }
+
+ cfg.AutoPauseInterval = intervalTime
+ if err = config.SaveProfile(profile, cfg); err != nil {
+ out.ErrT(style.Fatal, "Failed to save config {{.profile}}", out.V{"profile": profile})
+ }
+
+ addon := assets.Addons["auto-pause"]
+ if addon.IsEnabled(cfg) {
+
+ // see #17945: restart auto-pause service
+ p, err := config.LoadProfile(profile)
+ if err != nil {
+ out.ErrT(style.Fatal, "failed to load profile: {{.error}}", out.V{"error": err})
+ }
+ if profileStatus(p, lapi).StatusCode/100 == 2 { // 2xx code
+ co := mustload.Running(profile, options)
+ // first unpause all nodes cluster immediately
+ unpauseWholeCluster(co)
+ // Re-enable auto-pause addon in order to update interval time
+ if err := addons.EnableOrDisableAddon(cfg, "auto-pause", "true", options); err != nil {
+ out.ErrT(style.Fatal, "Failed to configure auto-pause {{.profile}}", out.V{"profile": profile})
+ }
+ // restart auto-pause service
+ if err := sysinit.New(co.CP.Runner).Restart("auto-pause"); err != nil {
+ out.ErrT(style.Fatal, "failed to restart auto-pause: {{.error}}", out.V{"error": err})
+ }
+ }
+ }
+}
+
+// Processes registry-aliases addon config from configFile if it exists otherwise resorts to default behavior
+func processRegistryAliasesConfig(profile string, _ *addonConfig, options *run.CommandOptions) {
+ _, cfg := mustload.Partial(profile, options)
+ validator := func(s string) bool {
+ format := regexp.MustCompile(`^([a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+)+(\ [a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+)*$`)
+ return format.MatchString(s)
+ }
+ registryAliases := AskForStaticValidatedValue("-- Enter registry aliases separated by space: ", validator)
+ cfg.KubernetesConfig.RegistryAliases = registryAliases
+
+ if err := config.SaveProfile(profile, cfg); err != nil {
+ out.ErrT(style.Fatal, "Failed to save config {{.profile}}", out.V{"profile": profile})
+ }
+
+ addon := assets.Addons["registry-aliases"]
+ if addon.IsEnabled(cfg) {
+ // Re-enable registry-aliases addon in order to generate template manifest files with custom hosts
+ if err := addons.EnableOrDisableAddon(cfg, "registry-aliases", "true", options); err != nil {
+ out.ErrT(style.Fatal, "Failed to configure registry-aliases {{.profile}}", out.V{"profile": profile})
+ }
+ }
}
diff --git a/cmd/minikube/cmd/config/configure_registry_creds.go b/cmd/minikube/cmd/config/configure_registry_creds.go
new file mode 100644
index 000000000000..8a6da86eabf9
--- /dev/null
+++ b/cmd/minikube/cmd/config/configure_registry_creds.go
@@ -0,0 +1,281 @@
+/*
+Copyright 2025 The Kubernetes Authors All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package config
+
+import (
+ "os"
+
+ "k8s.io/minikube/pkg/minikube/exit"
+ "k8s.io/minikube/pkg/minikube/out"
+ "k8s.io/minikube/pkg/minikube/reason"
+ "k8s.io/minikube/pkg/minikube/service"
+)
+
+const configDefaultValue = "changeme"
+
+// Top level configs for RegistryCreds addons
+type registryCredsAddonConfig struct {
+ EnableAWSEcr string `json:"enableAWSEcr"`
+ EcrConfigs registryCredsAddonConfigAWSEcr `json:"awsEcrConfigs"`
+
+ EnableGCR string `json:"enableGCR"`
+ GcrConfigs registryCredsAddonConfigGCR `json:"gcrConfigs"`
+
+ EnableDockerRegistry string `json:"enableDockerRegistry"`
+ DockerConfigs registryCredsAddonConfigDocker `json:"dockerConfigs"`
+
+ EnableACR string `json:"enableACR"`
+ AcrConfigs registryCredsAddonConfigACR `json:"acrConfigs"`
+}
+
+// Registry Creds addon config for AWS ECR
+type registryCredsAddonConfigAWSEcr struct {
+ AccessID string `json:"awsAccessID"`
+ AccessKey string `json:"awsAccessKey"`
+ SessionToken string `json:"awsSessionToken"`
+ Region string `json:"awsRegion"`
+ Account string `json:"awsAccount"`
+ Role string `json:"awsRole"`
+}
+
+// Registry Creds addon config for GCR
+type registryCredsAddonConfigGCR struct {
+ GcrPath string `json:"gcrPath"`
+ GcrURL string `json:"gcrURL"`
+}
+
+// Registry Creds addon config for Docker Registry
+type registryCredsAddonConfigDocker struct {
+ DockerServer string `json:"dockerServer"`
+ DockerUser string `json:"dockerUser"`
+ DockerPass string `json:"dockerPass"`
+}
+
+// Registry Creds addon config for Docker Azure container registry
+type registryCredsAddonConfigACR struct {
+ AcrURL string `json:"acrURL"`
+ AcrClientID string `json:"acrClientID"`
+ AcrPassword string `json:"acrPassword"`
+}
+
+// Processes registry-creds addon config from configFile if it exists otherwise resorts to default behavior
+func processRegistryCredsConfig(profile string, ac *addonConfig) {
+ // Default values
+ awsAccessID := configDefaultValue
+ awsAccessKey := configDefaultValue
+ awsSessionToken := ""
+ awsRegion := configDefaultValue
+ awsAccount := configDefaultValue
+ awsRole := configDefaultValue
+ gcrApplicationDefaultCredentials := configDefaultValue
+ dockerServer := configDefaultValue
+ dockerUser := configDefaultValue
+ dockerPass := configDefaultValue
+ gcrURL := "https://gcr.io"
+ acrURL := configDefaultValue
+ acrClientID := configDefaultValue
+ acrPassword := configDefaultValue
+
+ regCredsConf := &ac.RegistryCreds
+ awsEcrAction := regCredsConf.EnableAWSEcr // regCredsConf. "enableAWSEcr")
+
+ switch awsEcrAction {
+ case "prompt", "":
+ enableAWSECR := AskForYesNoConfirmation("\nDo you want to enable AWS Elastic Container Registry?", posResponses, negResponses)
+ if enableAWSECR {
+ awsAccessID = AskForStaticValue("-- Enter AWS Access Key ID: ")
+ awsAccessKey = AskForStaticValue("-- Enter AWS Secret Access Key: ")
+ awsSessionToken = AskForStaticValueOptional("-- (Optional) Enter AWS Session Token: ")
+ awsRegion = AskForStaticValue("-- Enter AWS Region: ")
+ awsAccount = AskForStaticValue("-- Enter 12 digit AWS Account ID (Comma separated list): ")
+ awsRole = AskForStaticValueOptional("-- (Optional) Enter ARN of AWS role to assume: ")
+ }
+ case "enable":
+ out.Ln("Loading AWS ECR configs from: %s", addonConfigFile)
+ // Then read the configs
+ awsAccessID = regCredsConf.EcrConfigs.AccessID
+ awsAccessKey = regCredsConf.EcrConfigs.AccessKey
+ awsSessionToken = regCredsConf.EcrConfigs.SessionToken
+ awsRegion = regCredsConf.EcrConfigs.Region
+ awsAccount = regCredsConf.EcrConfigs.Account
+ awsRole = regCredsConf.EcrConfigs.Role
+ case "disable":
+ out.Ln("Ignoring AWS ECR configs")
+ default:
+ out.Ln("Disabling AWS ECR. Invalid value for enableAWSEcr (%s). Must be one of 'disable', 'enable' or 'prompt'", awsEcrAction)
+ }
+
+ gcrPath := ""
+ gcrAction := regCredsConf.EnableGCR
+
+ switch gcrAction {
+ case "prompt", "":
+ enableGCR := AskForYesNoConfirmation("\nDo you want to enable Google Container Registry?", posResponses, negResponses)
+ if enableGCR {
+ gcrPath = AskForStaticValue("-- Enter path to credentials (e.g. /home/user/.config/gcloud/application_default_credentials.json):")
+ gcrchangeURL := AskForYesNoConfirmation("-- Do you want to change the GCR URL (Default https://gcr.io)?", posResponses, negResponses)
+
+ if gcrchangeURL {
+ gcrURL = AskForStaticValue("-- Enter GCR URL (e.g. https://asia.gcr.io):")
+ }
+ }
+ case "enable":
+ out.Ln("Loading GCR configs from: %s", addonConfigFile)
+ // Then read the configs
+ gcrPath = regCredsConf.GcrConfigs.GcrPath
+ gcrURL = regCredsConf.GcrConfigs.GcrURL
+ case "disable":
+ out.Ln("Ignoring GCR configs")
+ default:
+ out.Ln("Disabling GCR. Invalid value for enableGCR (%s). Must be one of 'disable', 'enable' or 'prompt'", gcrAction)
+ }
+
+ if gcrPath != "" {
+ // Read file from disk
+ dat, err := os.ReadFile(gcrPath)
+
+ if err != nil {
+ exit.Message(reason.Usage, "Error reading {{.path}}: {{.error}}", out.V{"path": gcrPath, "error": err})
+ } else {
+ gcrApplicationDefaultCredentials = string(dat)
+ }
+ }
+
+ dockerRegistryAction := regCredsConf.EnableDockerRegistry
+
+ switch dockerRegistryAction {
+ case "prompt", "":
+ enableDR := AskForYesNoConfirmation("\nDo you want to enable Docker Registry?", posResponses, negResponses)
+ if enableDR {
+ dockerServer = AskForStaticValue("-- Enter docker registry server url: ")
+ dockerUser = AskForStaticValue("-- Enter docker registry username: ")
+ dockerPass = AskForPasswordValue("-- Enter docker registry password: ")
+ }
+ case "enable":
+ out.Ln("Loading Docker Registry configs from: %s", addonConfigFile)
+ dockerServer = regCredsConf.DockerConfigs.DockerServer
+ dockerUser = regCredsConf.DockerConfigs.DockerUser
+ dockerPass = regCredsConf.DockerConfigs.DockerPass
+ case "disable":
+ out.Ln("Ignoring Docker Registry configs")
+ default:
+ out.Ln("Disabling Docker Registry. Invalid value for enableDockerRegistry (%s). Must be one of 'disable', 'enable' or 'prompt'", dockerRegistryAction)
+ }
+
+ acrAction := regCredsConf.EnableACR
+
+ switch acrAction {
+ case "prompt", "":
+ enableACR := AskForYesNoConfirmation("\nDo you want to enable Azure Container Registry?", posResponses, negResponses)
+ if enableACR {
+ acrURL = AskForStaticValue("-- Enter Azure Container Registry (ACR) URL: ")
+ acrClientID = AskForStaticValue("-- Enter client ID (service principal ID) to access ACR: ")
+ acrPassword = AskForPasswordValue("-- Enter service principal password to access Azure Container Registry: ")
+ }
+ case "enable":
+ out.Ln("Loading ACR configs from: ", addonConfigFile)
+ acrURL = regCredsConf.AcrConfigs.AcrURL
+ acrClientID = regCredsConf.AcrConfigs.AcrClientID
+ acrPassword = regCredsConf.AcrConfigs.AcrPassword
+ case "disable":
+ out.Ln("Ignoring ACR configs")
+ default:
+ out.Stringf("Disabling ACR. Invalid value for enableACR (%s). Must be one of 'disable', 'enable' or 'prompt'", acrAction)
+ }
+
+ namespace := "kube-system"
+
+ // Create ECR Secret
+ err := service.CreateSecret(
+ profile,
+ namespace,
+ "registry-creds-ecr",
+ map[string]string{
+ "AWS_ACCESS_KEY_ID": awsAccessID,
+ "AWS_SECRET_ACCESS_KEY": awsAccessKey,
+ "AWS_SESSION_TOKEN": awsSessionToken,
+ "aws-account": awsAccount,
+ "aws-region": awsRegion,
+ "aws-assume-role": awsRole,
+ },
+ map[string]string{
+ "app": "registry-creds",
+ "cloud": "ecr",
+ "kubernetes.io/minikube-addons": "registry-creds",
+ })
+ if err != nil {
+ exit.Message(reason.InternalCommandRunner, "ERROR creating `registry-creds-ecr` secret: {{.error}}", out.V{"error": err})
+ }
+
+ // Create GCR Secret
+ err = service.CreateSecret(
+ profile,
+ namespace,
+ "registry-creds-gcr",
+ map[string]string{
+ "application_default_credentials.json": gcrApplicationDefaultCredentials,
+ "gcrurl": gcrURL,
+ },
+ map[string]string{
+ "app": "registry-creds",
+ "cloud": "gcr",
+ "kubernetes.io/minikube-addons": "registry-creds",
+ })
+
+ if err != nil {
+ exit.Message(reason.InternalCommandRunner, "ERROR creating `registry-creds-gcr` secret: {{.error}}", out.V{"error": err})
+ }
+
+ // Create Docker Secret
+ err = service.CreateSecret(
+ profile,
+ namespace,
+ "registry-creds-dpr",
+ map[string]string{
+ "DOCKER_PRIVATE_REGISTRY_SERVER": dockerServer,
+ "DOCKER_PRIVATE_REGISTRY_USER": dockerUser,
+ "DOCKER_PRIVATE_REGISTRY_PASSWORD": dockerPass,
+ },
+ map[string]string{
+ "app": "registry-creds",
+ "cloud": "dpr",
+ "kubernetes.io/minikube-addons": "registry-creds",
+ })
+
+ if err != nil {
+ out.WarningT("ERROR creating `registry-creds-dpr` secret")
+ }
+
+ // Create Azure Container Registry Secret
+ err = service.CreateSecret(
+ profile,
+ namespace,
+ "registry-creds-acr",
+ map[string]string{
+ "ACR_URL": acrURL,
+ "ACR_CLIENT_ID": acrClientID,
+ "ACR_PASSWORD": acrPassword,
+ },
+ map[string]string{
+ "app": "registry-creds",
+ "cloud": "acr",
+ "kubernetes.io/minikube-addons": "registry-creds",
+ })
+ if err != nil {
+ out.WarningT("ERROR creating `registry-creds-acr` secret")
+ }
+}
diff --git a/cmd/minikube/cmd/config/defaults.go b/cmd/minikube/cmd/config/defaults.go
index 180747088007..b21733d66a6e 100644
--- a/cmd/minikube/cmd/config/defaults.go
+++ b/cmd/minikube/cmd/config/defaults.go
@@ -21,32 +21,31 @@ import (
"fmt"
"strings"
- "github.com/pkg/errors"
"github.com/spf13/cobra"
+ "gopkg.in/yaml.v2"
+ "k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/out"
+ "k8s.io/minikube/pkg/minikube/reason"
)
+var defaultsOutput string
+
var configDefaultsCommand = &cobra.Command{
Use: "defaults PROPERTY_NAME",
Short: "Lists all valid default values for PROPERTY_NAME",
Long: `list displays all valid default settings for PROPERTY_NAME
Acceptable fields: ` + "\n\n" + fieldsWithDefaults(),
- RunE: func(cmd *cobra.Command, args []string) error {
- if len(args) == 0 {
- cmd.SilenceErrors = true
- return errors.New("not enough arguments.\nusage: minikube config list PROPERTY_NAME")
- }
- if len(args) > 1 {
+ Run: func(cmd *cobra.Command, args []string) {
+ if len(args) != 1 {
cmd.SilenceErrors = true
- return fmt.Errorf("too many arguments (%d)\nusage: minikube config list PROPERTY_NAME", len(args))
+ exit.Message(reason.Usage, "usage: minikube config list PROPERTY_NAME")
}
-
property := args[0]
defaults, err := getDefaults(property)
if err != nil {
- return err
+ exit.Message(reason.Usage, "error getting defaults: {{.error}}", out.V{"error": err})
}
- return printDefaults(defaults)
+ printDefaults(defaults)
},
}
@@ -61,19 +60,27 @@ func getDefaults(property string) ([]string, error) {
return setting.validDefaults(), nil
}
-func printDefaults(defaults []string) error {
- if output == "json" {
+func printDefaults(defaults []string) {
+ switch strings.ToLower(defaultsOutput) {
+ case "":
+ for _, d := range defaults {
+ out.Ln("* %s", d)
+ }
+ case "json":
encoding, err := json.Marshal(defaults)
if err != nil {
- return errors.Wrap(err, "encoding json")
+ exit.Error(reason.InternalJSONMarshal, "json encoding failure", err)
}
out.Ln(string(encoding))
- return nil
- }
- for _, d := range defaults {
- out.Ln("* %s", d)
+ case "yaml":
+ encoding, err := yaml.Marshal(defaults)
+ if err != nil {
+ exit.Error(reason.InternalYamlMarshal, "yaml encoding failure", err)
+ }
+ out.Ln(string(encoding))
+ default:
+ exit.Message(reason.InternalOutputUsage, "error: --output must be 'yaml' or 'json'")
}
- return nil
}
func fieldsWithDefaults() string {
@@ -87,6 +94,6 @@ func fieldsWithDefaults() string {
}
func init() {
- configDefaultsCommand.Flags().StringVar(&output, "output", "", "Output format. Accepted values: [json]")
+ configDefaultsCommand.Flags().StringVarP(&defaultsOutput, "output", "o", "", "Output format. Accepted values: [json, yaml]")
ConfigCmd.AddCommand(configDefaultsCommand)
}
diff --git a/cmd/minikube/cmd/config/defaults_test.go b/cmd/minikube/cmd/config/defaults_test.go
index e87b214e2738..5fbc69fca4b0 100644
--- a/cmd/minikube/cmd/config/defaults_test.go
+++ b/cmd/minikube/cmd/config/defaults_test.go
@@ -77,12 +77,10 @@ func TestPrintDefaults(t *testing.T) {
}
for _, tc := range tcs {
t.Run(tc.description, func(t *testing.T) {
- output = tc.format
+ defaultsOutput = tc.format
f := tests.NewFakeFile()
out.SetOutFile(f)
- if err := printDefaults(defaults); err != nil {
- t.Fatalf("error printing defaults: %v", err)
- }
+ printDefaults(defaults)
if f.String() != tc.expected {
t.Fatalf("Expected: %v\n Actual: %v\n", tc.expected, f.String())
}
diff --git a/cmd/minikube/cmd/config/disable.go b/cmd/minikube/cmd/config/disable.go
index cdf31b934da2..5c7293189336 100644
--- a/cmd/minikube/cmd/config/disable.go
+++ b/cmd/minikube/cmd/config/disable.go
@@ -18,8 +18,11 @@ package config
import (
"github.com/spf13/cobra"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/addons"
+ "k8s.io/minikube/pkg/minikube/assets"
"k8s.io/minikube/pkg/minikube/exit"
+ "k8s.io/minikube/pkg/minikube/mustload"
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
"k8s.io/minikube/pkg/minikube/style"
@@ -29,20 +32,32 @@ var addonsDisableCmd = &cobra.Command{
Use: "disable ADDON_NAME",
Short: "Disables the addon w/ADDON_NAME within minikube (example: minikube addons disable dashboard). For a list of available addons use: minikube addons list ",
Long: "Disables the addon w/ADDON_NAME within minikube (example: minikube addons disable dashboard). For a list of available addons use: minikube addons list ",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) != 1 {
exit.Message(reason.Usage, "usage: minikube addons disable ADDON_NAME")
}
+ options := flags.CommandOptions()
+ _, cc := mustload.Partial(ClusterFlagValue(), options)
+ err := addons.VerifyNotPaused(ClusterFlagValue(), false, options)
+ if err != nil {
+ exit.Error(reason.InternalAddonDisablePaused, "disable failed", err)
+ }
addon := args[0]
if addon == "heapster" {
exit.Message(reason.AddonUnsupported, "The heapster addon is depreciated. please try to disable metrics-server instead")
}
- err := addons.SetAndSave(ClusterFlagValue(), addon, "false")
- if err != nil {
- exit.Error(reason.InternalAddonDisable, "disable failed", err)
+ validAddon, ok := assets.Addons[addon]
+ if !ok {
+ exit.Message(reason.AddonUnsupported, `"'{{.minikube_addon}}' is not a valid minikube addon`, out.V{"minikube_addon": addon})
+ }
+ if validAddon.IsEnabled(cc) {
+ err = addons.SetAndSave(ClusterFlagValue(), addon, "false", options)
+ if err != nil {
+ exit.Error(reason.InternalAddonDisable, "disable failed", err)
+ }
}
- out.Step(style.AddonDisable, `"The '{{.minikube_addon}}' addon is disabled`, out.V{"minikube_addon": addon})
+ out.Styled(style.AddonDisable, `"The '{{.minikube_addon}}' addon is disabled`, out.V{"minikube_addon": addon})
},
}
diff --git a/cmd/minikube/cmd/config/enable.go b/cmd/minikube/cmd/config/enable.go
index 788a9477ae91..9ce2cd043959 100644
--- a/cmd/minikube/cmd/config/enable.go
+++ b/cmd/minikube/cmd/config/enable.go
@@ -17,14 +17,17 @@ limitations under the License.
package config
import (
- "fmt"
+ "errors"
"github.com/spf13/cobra"
"github.com/spf13/viper"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/addons"
+ "k8s.io/minikube/pkg/minikube/assets"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/constants"
"k8s.io/minikube/pkg/minikube/exit"
+ "k8s.io/minikube/pkg/minikube/mustload"
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
"k8s.io/minikube/pkg/minikube/style"
@@ -35,39 +38,71 @@ var addonsEnableCmd = &cobra.Command{
Short: "Enables the addon w/ADDON_NAME within minikube. For a list of available addons use: minikube addons list ",
Long: "Enables the addon w/ADDON_NAME within minikube. For a list of available addons use: minikube addons list ",
Example: "minikube addons enable dashboard",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) != 1 {
exit.Message(reason.Usage, "usage: minikube addons enable ADDON_NAME")
}
- addon := args[0]
- // replace heapster as metrics-server because heapster is deprecated
- if addon == "heapster" {
- out.Styled(style.Waiting, "using metrics-server addon, heapster is deprecated")
- addon = "metrics-server"
+
+ options := flags.CommandOptions()
+ _, cc := mustload.Partial(ClusterFlagValue(), options)
+ if cc.KubernetesConfig.KubernetesVersion == constants.NoKubernetesVersion {
+ exit.Message(reason.Usage, "You cannot enable addons on a cluster without Kubernetes, to enable Kubernetes on your cluster, run: minikube start --kubernetes-version=stable")
}
- viper.Set(config.AddonImages, images)
- viper.Set(config.AddonRegistries, registries)
- err := addons.SetAndSave(ClusterFlagValue(), addon, "true")
+
+ err := addons.VerifyNotPaused(ClusterFlagValue(), true, options)
if err != nil {
- exit.Error(reason.InternalAddonEnable, "enable failed", err)
+ exit.Error(reason.InternalAddonEnablePaused, "enabled failed", err)
}
- if addon == "dashboard" {
- tipProfileArg := ""
- if ClusterFlagValue() != constants.DefaultClusterName {
- tipProfileArg = fmt.Sprintf(" -p %s", ClusterFlagValue())
+ addon := args[0]
+ isDeprecated, replacement, msg := addons.Deprecations(addon)
+ if isDeprecated && replacement == "" {
+ exit.Message(reason.InternalAddonEnable, msg)
+ } else if isDeprecated {
+ out.Styled(style.Waiting, msg)
+ addon = replacement
+ }
+ addonBundle, ok := assets.Addons[addon]
+ if ok {
+ maintainer := addonBundle.Maintainer
+ if isOfficialMaintainer(maintainer) {
+ out.Styled(style.Tip, `{{.addon}} is an addon maintained by {{.maintainer}}. For any concerns contact minikube on GitHub.
+You can view the list of minikube maintainers at: https://github.com/kubernetes/minikube/blob/master/OWNERS`,
+ out.V{"addon": addon, "maintainer": maintainer})
+ } else {
+ out.Styled(style.Warning, `{{.addon}} is a 3rd party addon and is not maintained or verified by minikube maintainers, enable at your own risk.`,
+ out.V{"addon": addon})
+ if addonBundle.VerifiedMaintainer != "" {
+ out.Styled(style.Tip, `{{.addon}} is maintained by {{.maintainer}} for any concerns contact {{.verifiedMaintainer}} on GitHub.`,
+ out.V{"addon": addon, "maintainer": maintainer, "verifiedMaintainer": addonBundle.VerifiedMaintainer})
+ } else {
+ out.Styled(style.Warning, `{{.addon}} does not currently have an associated maintainer.`,
+ out.V{"addon": addon})
+ }
}
- out.Styled(style.Tip, `Some dashboard features require the metrics-server addon. To enable all features please run:
-
- minikube{{.profileArg}} addons enable metrics-server
-
-`, out.V{"profileArg": tipProfileArg})
-
}
-
- out.Step(style.AddonEnable, "The '{{.addonName}}' addon is enabled", out.V{"addonName": addon})
+ if images != "" {
+ viper.Set(config.AddonImages, images)
+ }
+ if registries != "" {
+ viper.Set(config.AddonRegistries, registries)
+ }
+ err = addons.SetAndSave(ClusterFlagValue(), addon, "true", options)
+ if err != nil && !errors.Is(err, addons.ErrSkipThisAddon) {
+ exit.Error(reason.InternalAddonEnable, "enable failed", err)
+ }
+ if err == nil {
+ out.Step(style.AddonEnable, "The '{{.addonName}}' addon is enabled", out.V{"addonName": addon})
+ }
},
}
+func isOfficialMaintainer(maintainer string) bool {
+ // using map[string]struct{} as an empty struct occupies 0 bytes in memory
+ officialMaintainers := map[string]struct{}{"Google": {}, "Kubernetes": {}, "minikube": {}}
+ _, ok := officialMaintainers[maintainer]
+ return ok
+}
+
var (
images string
registries string
diff --git a/cmd/minikube/cmd/config/get_test.go b/cmd/minikube/cmd/config/get_test.go
index 34d5b0ffac39..56a199e21cf0 100644
--- a/cmd/minikube/cmd/config/get_test.go
+++ b/cmd/minikube/cmd/config/get_test.go
@@ -31,7 +31,7 @@ func TestGetNotFound(t *testing.T) {
func TestGetOK(t *testing.T) {
createTestConfig(t)
name := "driver"
- err := Set(name, "virtualbox")
+ err := Set(name, "ssh")
if err != nil {
t.Fatalf("Set returned error for property %s, %+v", name, err)
}
@@ -39,7 +39,7 @@ func TestGetOK(t *testing.T) {
if err != nil {
t.Fatalf("Get returned error for property %s, %+v", name, err)
}
- if val != "virtualbox" {
- t.Fatalf("Get returned %s, expected virtualbox", val)
+ if val != "ssh" {
+ t.Fatalf("Get returned %s, expected ssh", val)
}
}
diff --git a/cmd/minikube/cmd/config/images.go b/cmd/minikube/cmd/config/images.go
index c18ab35d7c85..97a7b9b7f081 100644
--- a/cmd/minikube/cmd/config/images.go
+++ b/cmd/minikube/cmd/config/images.go
@@ -17,54 +17,98 @@ limitations under the License.
package config
import (
+ "encoding/json"
+ "fmt"
"os"
+ "strings"
"github.com/olekukonko/tablewriter"
+ "github.com/olekukonko/tablewriter/tw"
"github.com/spf13/cobra"
+ "k8s.io/klog/v2"
"k8s.io/minikube/pkg/minikube/assets"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
)
+var addonImagesOutput string
+
var addonsImagesCmd = &cobra.Command{
Use: "images ADDON_NAME",
Short: "List image names the addon w/ADDON_NAME used. For a list of available addons use: minikube addons list",
Long: "List image names the addon w/ADDON_NAME used. For a list of available addons use: minikube addons list",
Example: "minikube addons images ingress",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) != 1 {
exit.Message(reason.Usage, "usage: minikube addons images ADDON_NAME")
}
addon := args[0]
- // allows for additional prompting of information when enabling addons
- if conf, ok := assets.Addons[addon]; ok {
- if conf.Images != nil {
- out.Infof("{{.name}} has following images:", out.V{"name": addon})
-
- var tData [][]string
- table := tablewriter.NewWriter(os.Stdout)
- table.SetHeader([]string{"Image Name", "Default Image", "Default Registry"})
- table.SetAutoFormatHeaders(true)
- table.SetBorders(tablewriter.Border{Left: true, Top: true, Right: true, Bottom: true})
- table.SetCenterSeparator("|")
-
- for imageName, defaultImage := range conf.Images {
- tData = append(tData, []string{imageName, defaultImage, conf.Registries[imageName]})
- }
-
- table.AppendBulk(tData)
- table.Render()
- } else {
- out.Infof("{{.name}} doesn't have images.", out.V{"name": addon})
+
+ switch strings.ToLower(addonImagesOutput) {
+ case "table":
+ printAddonImagesTable(addon)
+ case "json":
+ printAddonImagesJSON(addon)
+ default:
+ exit.Message(reason.Usage, fmt.Sprintf("invalid output format: %s. Valid values: 'table', 'json'", addonImagesOutput))
+ }
+ },
+}
+
+func printAddonImagesTable(addon string) {
+ // allows for additional prompting of information when enabling addons
+ if conf, ok := assets.Addons[addon]; ok {
+ if conf.Images != nil {
+ out.Infof("{{.name}} has the following images:", out.V{"name": addon})
+
+ var tData [][]string
+ table := tablewriter.NewWriter(os.Stdout)
+ table.Header([]string{"Image Name", "Default Image", "Default Registry"})
+ table.Header("Image Name", "Default Image", "Default Registry")
+ table.Options(
+ tablewriter.WithHeaderAutoFormat(tw.On),
+ )
+
+ for imageName, defaultImage := range conf.Images {
+ tData = append(tData, []string{imageName, defaultImage, conf.Registries[imageName]})
+ }
+
+ if err := table.Bulk(tData); err != nil {
+ klog.Error("Error rendering table (bulk)", err)
+ }
+ if err := table.Render(); err != nil {
+ klog.Error("Error rendering table", err)
}
} else {
- out.FailureT("No such addon {{.name}}", out.V{"name": addon})
+ out.Infof("{{.name}} doesn't have images.", out.V{"name": addon})
}
- },
+ } else {
+ out.FailureT("No such addon {{.name}}", out.V{"name": addon})
+ }
+}
+
+func printAddonImagesJSON(addon string) {
+ if conf, ok := assets.Addons[addon]; ok {
+ if conf.Images != nil {
+ var data []string
+
+ for imageName, defaultImage := range conf.Images {
+ data = append(data, conf.Registries[imageName]+"/"+defaultImage)
+ }
+
+ jsonString, _ := json.Marshal(data)
+ out.String(string(jsonString))
+ } else {
+ out.String("[]")
+ }
+ } else {
+ out.FailureT("No such addon {{.name}}", out.V{"name": addon})
+ }
}
func init() {
+ addonsImagesCmd.Flags().StringVarP(&addonImagesOutput, "output", "o", "table", "minikube addons images ADDON_NAME --output OUTPUT. table, json")
AddonsCmd.AddCommand(addonsImagesCmd)
}
diff --git a/cmd/minikube/cmd/config/kubernetes_version.go b/cmd/minikube/cmd/config/kubernetes_version.go
new file mode 100644
index 000000000000..c968dfc39f3d
--- /dev/null
+++ b/cmd/minikube/cmd/config/kubernetes_version.go
@@ -0,0 +1,54 @@
+/*
+Copyright 2022 The Kubernetes Authors All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package config
+
+import (
+ "context"
+ "net/http"
+
+ "github.com/google/go-github/v80/github"
+ "golang.org/x/mod/semver"
+ "k8s.io/minikube/pkg/minikube/constants"
+)
+
+// supportedKubernetesVersions returns reverse-sort supported Kubernetes releases that are in [constants.OldestKubernetesVersion, constants.NewestKubernetesVersion] range, including prereleases.
+func supportedKubernetesVersions() (releases []string) {
+ minver := constants.OldestKubernetesVersion
+ maxver := constants.NewestKubernetesVersion
+
+ for _, ver := range constants.ValidKubernetesVersions {
+ if (minver != "" && semver.Compare(minver, ver) == 1) || (maxver != "" && semver.Compare(ver, maxver) == 1) {
+ continue
+ }
+ releases = append(releases, ver)
+ }
+ return releases
+}
+
+// IsInGitHubKubernetesVersions checks whether ver is in the GitHub list of K8s versions
+func IsInGitHubKubernetesVersions(ver string) (bool, error) {
+ ghc := github.NewClient(nil)
+
+ _, resp, err := ghc.Repositories.GetReleaseByTag(context.Background(), "kubernetes", "kubernetes", ver)
+ if err != nil {
+ if resp != nil && resp.StatusCode == http.StatusNotFound {
+ return false, nil
+ }
+ return false, err
+ }
+ return true, nil
+}
diff --git a/cmd/minikube/cmd/config/open.go b/cmd/minikube/cmd/config/open.go
index 09e22eb5a82d..3db8897b46b1 100644
--- a/cmd/minikube/cmd/config/open.go
+++ b/cmd/minikube/cmd/config/open.go
@@ -21,6 +21,7 @@ import (
"text/template"
"github.com/spf13/cobra"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/assets"
"k8s.io/minikube/pkg/minikube/browser"
"k8s.io/minikube/pkg/minikube/exit"
@@ -46,21 +47,23 @@ var addonsOpenCmd = &cobra.Command{
Use: "open ADDON_NAME",
Short: "Opens the addon w/ADDON_NAME within minikube (example: minikube addons open dashboard). For a list of available addons use: minikube addons list ",
Long: "Opens the addon w/ADDON_NAME within minikube (example: minikube addons open dashboard). For a list of available addons use: minikube addons list ",
- PreRun: func(cmd *cobra.Command, args []string) {
+ PreRun: func(_ *cobra.Command, _ []string) {
t, err := template.New("addonsURL").Parse(addonsURLFormat)
if err != nil {
exit.Message(reason.Usage, "The value passed to --format is invalid: {{.error}}", out.V{"error": err})
}
addonsURLTemplate = t
},
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) != 1 {
exit.Message(reason.Usage, "usage: minikube addons open ADDON_NAME")
}
+
+ options := flags.CommandOptions()
addonName := args[0]
cname := ClusterFlagValue()
- co := mustload.Healthy(cname)
+ co := mustload.Healthy(cname, options)
addon, ok := assets.Addons[addonName] // validate addon input
if !ok {
@@ -88,7 +91,7 @@ minikube addons enable {{.name}}`, out.V{"name": addonName})
You can add one by annotating a service with the label {{.labelName}}:{{.addonName}}`, out.V{"labelName": key, "addonName": addonName})
}
for i := range serviceList.Items {
- svc := serviceList.Items[i].ObjectMeta.Name
+ svc := serviceList.Items[i].Name
var urlString []string
if urlString, err = service.WaitForService(co.API, co.Config.Name, namespace, svc, addonsURLTemplate, addonsURLMode, https, wait, interval); err != nil {
diff --git a/cmd/minikube/cmd/config/profile.go b/cmd/minikube/cmd/config/profile.go
index d0a8e5e8ea81..aa569f596148 100644
--- a/cmd/minikube/cmd/config/profile.go
+++ b/cmd/minikube/cmd/config/profile.go
@@ -34,7 +34,7 @@ var ProfileCmd = &cobra.Command{
Use: "profile [MINIKUBE_PROFILE_NAME]. You can return to the default minikube profile by running `minikube profile default`",
Short: "Get or list the current profiles (clusters)",
Long: "profile sets the current minikube profile, or gets the current profile if no arguments are provided. This is used to run and manage multiple minikube instance. You can return to the default minikube profile by running `minikube profile default`",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) == 0 {
profile := ClusterFlagValue()
out.Styled(style.Empty, profile)
diff --git a/cmd/minikube/cmd/config/profile_list.go b/cmd/minikube/cmd/config/profile_list.go
index a1c86449473a..36fb8294726e 100644
--- a/cmd/minikube/cmd/config/profile_list.go
+++ b/cmd/minikube/cmd/config/profile_list.go
@@ -23,38 +23,49 @@ import (
"strconv"
"strings"
- "k8s.io/minikube/pkg/minikube/bootstrapper/bsutil/kverify"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
+ "k8s.io/minikube/pkg/minikube/cluster"
"k8s.io/minikube/pkg/minikube/config"
- "k8s.io/minikube/pkg/minikube/driver"
+ "k8s.io/minikube/pkg/minikube/constants"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/machine"
+ "k8s.io/minikube/pkg/minikube/notify"
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
+ "k8s.io/minikube/pkg/minikube/run"
"k8s.io/minikube/pkg/minikube/style"
"github.com/docker/machine/libmachine"
- "github.com/docker/machine/libmachine/state"
"github.com/olekukonko/tablewriter"
+ "github.com/olekukonko/tablewriter/tw"
"github.com/spf13/cobra"
"k8s.io/klog/v2"
)
-var output string
-var isLight bool
+var (
+ profileOutput string
+ isLight bool
+ isDetailed bool
+)
var profileListCmd = &cobra.Command{
Use: "list",
Short: "Lists all minikube profiles.",
Long: "Lists all valid minikube profiles and detects all possible invalid profiles.",
- Run: func(cmd *cobra.Command, args []string) {
- switch strings.ToLower(output) {
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
+ output := strings.ToLower(profileOutput)
+ out.SetJSON(output == "json")
+ go notify.MaybePrintUpdateTextFromGithub(options)
+
+ switch output {
case "json":
- printProfilesJSON()
+ printProfilesJSON(options)
case "table":
- printProfilesTable()
+ printProfilesTable(options)
default:
- exit.Message(reason.Usage, fmt.Sprintf("invalid output format: %s. Valid values: 'table', 'json'", output))
+ exit.Message(reason.Usage, fmt.Sprintf("invalid output format: %s. Valid values: 'table', 'json'", profileOutput))
}
},
}
@@ -69,7 +80,7 @@ func listProfiles() (validProfiles, invalidProfiles []*config.Profile, err error
return validProfiles, invalidProfiles, err
}
-func printProfilesTable() {
+func printProfilesTable(options *run.CommandOptions) {
validProfiles, invalidProfiles, err := listProfiles()
if err != nil {
@@ -77,15 +88,15 @@ func printProfilesTable() {
}
if len(validProfiles) == 0 {
- exit.Message(reason.UsageNoProfileRunning, "No minikube profile was found. ")
+ exit.Message(reason.UsageNoProfileRunning, "No minikube profile was found.")
}
- updateProfilesStatus(validProfiles)
+ updateProfilesStatus(validProfiles, options)
renderProfilesTable(profilesToTableData(validProfiles))
warnInvalidProfiles(invalidProfiles)
}
-func updateProfilesStatus(profiles []*config.Profile) {
+func updateProfilesStatus(profiles []*config.Profile, options *run.CommandOptions) {
if isLight {
for _, p := range profiles {
p.Status = "Skipped"
@@ -93,78 +104,90 @@ func updateProfilesStatus(profiles []*config.Profile) {
return
}
- api, err := machine.NewAPIClient()
+ api, err := machine.NewAPIClient(options)
if err != nil {
klog.Errorf("failed to get machine api client %v", err)
}
defer api.Close()
for _, p := range profiles {
- p.Status = profileStatus(p, api)
+ p.Status = profileStatus(p, api).StatusName
}
}
-func profileStatus(p *config.Profile, api libmachine.API) string {
- cp, err := config.PrimaryControlPlane(p.Config)
- if err != nil {
- exit.Error(reason.GuestCpConfig, "error getting primary control plane", err)
- }
-
- host, err := machine.LoadHost(api, config.MachineName(*p.Config, cp))
- if err != nil {
- klog.Warningf("error loading profiles: %v", err)
- return "Unknown"
+func profileStatus(p *config.Profile, api libmachine.API) cluster.State {
+ cps := config.ControlPlanes(*p.Config)
+ if len(cps) == 0 {
+ exit.Message(reason.GuestCpConfig, "No control-plane nodes found.")
}
-
- // The machine isn't running, no need to check inside
- s, err := host.Driver.GetState()
+ statuses, err := cluster.GetStatus(api, p.Config)
if err != nil {
- klog.Warningf("error getting host state: %v", err)
- return "Unknown"
- }
- if s != state.Running {
- return s.String()
- }
-
- cr, err := machine.CommandRunner(host)
- if err != nil {
- klog.Warningf("error loading profiles: %v", err)
- return "Unknown"
- }
-
- hostname, _, port, err := driver.ControlPlaneEndpoint(p.Config, &cp, host.DriverName)
- if err != nil {
- klog.Warningf("error loading profiles: %v", err)
- return "Unknown"
+ klog.Errorf("error getting statuses: %v", err)
+ return cluster.State{
+ BaseState: cluster.BaseState{
+ Name: "Unknown",
+ StatusCode: 520,
+ },
+ }
}
+ clusterStatus := cluster.GetState(statuses, ClusterFlagValue(), p.Config)
- status, err := kverify.APIServerStatus(cr, hostname, port)
- if err != nil {
- klog.Warningf("error getting apiserver status for %s: %v", p.Name, err)
- return "Unknown"
- }
- return status.String()
+ return clusterStatus
}
func renderProfilesTable(ps [][]string) {
table := tablewriter.NewWriter(os.Stdout)
- table.SetHeader([]string{"Profile", "VM Driver", "Runtime", "IP", "Port", "Version", "Status", "Nodes"})
- table.SetAutoFormatHeaders(false)
- table.SetBorders(tablewriter.Border{Left: true, Top: true, Right: true, Bottom: true})
- table.SetCenterSeparator("|")
- table.AppendBulk(ps)
- table.Render()
+ if isDetailed {
+ table.Header("Profile", "Driver", "Runtime", "IP", "Port", "Version",
+ "Status", "Nodes", "Active Profile", "Active Kubecontext")
+ } else {
+ table.Header("Profile", "Driver", "Runtime", "IP", "Version", "Status",
+ "Nodes", "Active Profile", "Active Kubecontext")
+ }
+ table.Options(
+ tablewriter.WithHeaderAutoFormat(tw.Off),
+ )
+ if err := table.Bulk(ps); err != nil {
+ klog.Error("Error while bulk render table: ", err)
+ }
+ if err := table.Render(); err != nil {
+ klog.Error("Error while rendering profile table: ", err)
+ }
}
func profilesToTableData(profiles []*config.Profile) [][]string {
var data [][]string
+ currentProfile := ClusterFlagValue()
for _, p := range profiles {
- cp, err := config.PrimaryControlPlane(p.Config)
- if err != nil {
- exit.Error(reason.GuestCpConfig, "error getting primary control plane", err)
+ cpIP := p.Config.KubernetesConfig.APIServerHAVIP
+ cpPort := p.Config.APIServerPort
+ if !config.IsHA(*p.Config) {
+ cp, err := config.ControlPlane(*p.Config)
+ if err != nil {
+ exit.Error(reason.GuestCpConfig, "error getting control-plane node", err)
+ }
+ cpIP = cp.IP
+ cpPort = cp.Port
}
- data = append(data, []string{p.Name, p.Config.Driver, p.Config.KubernetesConfig.ContainerRuntime, cp.IP, strconv.Itoa(cp.Port), p.Config.KubernetesConfig.KubernetesVersion, p.Status, strconv.Itoa(len(p.Config.Nodes))})
+ k8sVersion := p.Config.KubernetesConfig.KubernetesVersion
+ if k8sVersion == constants.NoKubernetesVersion { // for --no-kubernetes flag
+ k8sVersion = "N/A"
+ }
+ var c, k string
+ if p.Name == currentProfile {
+ c = "*"
+ }
+ if p.ActiveKubeContext {
+ k = "*"
+ }
+ if isDetailed {
+ data = append(data, []string{p.Name, p.Config.Driver, p.Config.KubernetesConfig.ContainerRuntime,
+ cpIP, strconv.Itoa(cpPort), k8sVersion, p.Status, strconv.Itoa(len(p.Config.Nodes)), c, k})
+ } else {
+ data = append(data, []string{p.Name, p.Config.Driver, p.Config.KubernetesConfig.ContainerRuntime,
+ cpIP, k8sVersion, p.Status, strconv.Itoa(len(p.Config.Nodes)), c, k})
+ }
}
return data
}
@@ -181,25 +204,24 @@ func warnInvalidProfiles(invalidProfiles []*config.Profile) {
out.ErrT(style.Tip, "You can delete them using the following command(s): ")
for _, p := range invalidProfiles {
- out.Err(fmt.Sprintf("\t $ minikube delete -p %s \n", p.Name))
+ out.Errf("\t $ minikube delete -p %s \n", p.Name)
}
}
-func printProfilesJSON() {
+func printProfilesJSON(options *run.CommandOptions) {
validProfiles, invalidProfiles, err := listProfiles()
-
- updateProfilesStatus(validProfiles)
+ updateProfilesStatus(validProfiles, options)
var body = map[string]interface{}{}
if err == nil || config.IsNotExist(err) {
body["valid"] = profilesOrDefault(validProfiles)
body["invalid"] = profilesOrDefault(invalidProfiles)
jsonString, _ := json.Marshal(body)
- out.String(string(jsonString))
+ os.Stdout.Write(jsonString)
} else {
body["error"] = err
jsonString, _ := json.Marshal(body)
- out.String(string(jsonString))
+ os.Stdout.Write(jsonString)
os.Exit(reason.ExGuestError)
}
}
@@ -212,7 +234,8 @@ func profilesOrDefault(profiles []*config.Profile) []*config.Profile {
}
func init() {
- profileListCmd.Flags().StringVarP(&output, "output", "o", "table", "The output format. One of 'json', 'table'")
+ profileListCmd.Flags().StringVarP(&profileOutput, "output", "o", "table", "The output format. One of 'json', 'table'")
profileListCmd.Flags().BoolVarP(&isLight, "light", "l", false, "If true, returns list of profiles faster by skipping validating the status of the cluster.")
+ profileListCmd.Flags().BoolVarP(&isDetailed, "detailed", "d", false, "If true, returns a detailed list of profiles.")
ProfileCmd.AddCommand(profileListCmd)
}
diff --git a/cmd/minikube/cmd/config/prompt.go b/cmd/minikube/cmd/config/prompt.go
index 1a8b49821dff..bd8a62c7db69 100644
--- a/cmd/minikube/cmd/config/prompt.go
+++ b/cmd/minikube/cmd/config/prompt.go
@@ -21,6 +21,7 @@ import (
"io"
"log"
"os"
+ "slices"
"strings"
"golang.org/x/term"
@@ -36,7 +37,7 @@ func AskForYesNoConfirmation(s string, posResponses, negResponses []string) bool
reader := bufio.NewReader(os.Stdin)
for {
- out.String("%s [y/n]: ", s)
+ out.Stringf("%s [y/n]: ", s)
response, err := reader.ReadString('\n')
if err != nil {
@@ -44,9 +45,9 @@ func AskForYesNoConfirmation(s string, posResponses, negResponses []string) bool
}
switch r := strings.ToLower(strings.TrimSpace(response)); {
- case containsString(posResponses, r):
+ case slices.Contains(posResponses, r):
return true
- case containsString(negResponses, r):
+ case slices.Contains(negResponses, r):
return false
default:
out.Err("Please type yes or no:")
@@ -78,7 +79,7 @@ func AskForStaticValueOptional(s string) string {
}
func getStaticValue(reader *bufio.Reader, s string) string {
- out.String("%s", s)
+ out.String(s)
response, err := reader.ReadString('\n')
if err != nil {
@@ -137,22 +138,6 @@ func AskForPasswordValue(s string) string {
return result
}
-// posString returns the first index of element in slice.
-// If slice does not contain element, returns -1.
-func posString(slice []string, element string) int {
- for index, elem := range slice {
- if elem == element {
- return index
- }
- }
- return -1
-}
-
-// containsString returns true if slice contains element
-func containsString(slice []string, element string) bool {
- return posString(slice, element) != -1
-}
-
// AskForStaticValidatedValue asks for a single value to enter and check for valid input
func AskForStaticValidatedValue(s string, validator func(s string) bool) string {
reader := bufio.NewReader(os.Stdin)
diff --git a/cmd/minikube/cmd/config/set.go b/cmd/minikube/cmd/config/set.go
index b7422c9e9502..41ae18c9e79a 100644
--- a/cmd/minikube/cmd/config/set.go
+++ b/cmd/minikube/cmd/config/set.go
@@ -31,12 +31,12 @@ var configSetCmd = &cobra.Command{
Short: "Sets an individual value in a minikube config file",
Long: `Sets the PROPERTY_NAME config value to PROPERTY_VALUE
These values can be overwritten by flags or environment variables at runtime.`,
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) < 2 {
exit.Message(reason.Usage, "not enough arguments ({{.ArgCount}}).\nusage: minikube config set PROPERTY_NAME PROPERTY_VALUE", out.V{"ArgCount": len(args)})
}
if len(args) > 2 {
- exit.Message(reason.Usage, "toom any arguments ({{.ArgCount}}).\nusage: minikube config set PROPERTY_NAME PROPERTY_VALUE", out.V{"ArgCount": len(args)})
+ exit.Message(reason.Usage, "too many arguments ({{.ArgCount}}).\nusage: minikube config set PROPERTY_NAME PROPERTY_VALUE", out.V{"ArgCount": len(args)})
}
err := Set(args[0], args[1])
if err != nil {
@@ -56,7 +56,7 @@ func Set(name string, value string) error {
return errors.Wrapf(err, "find settings for %q value of %q", name, value)
}
// Validate the new value
- err = run(name, value, s.validations)
+ err = invoke(name, value, s.validations)
if err != nil {
return errors.Wrapf(err, "run validations for %q with value of %q", name, value)
}
@@ -72,7 +72,7 @@ func Set(name string, value string) error {
}
// Run any callbacks for this property
- err = run(name, value, s.callbacks)
+ err = invoke(name, value, s.callbacks)
if err != nil {
return errors.Wrapf(err, "run callbacks for %q with value of %q", name, value)
}
diff --git a/cmd/minikube/cmd/config/set_test.go b/cmd/minikube/cmd/config/set_test.go
index e54ebdc0e0ab..fd1b068af8a8 100644
--- a/cmd/minikube/cmd/config/set_test.go
+++ b/cmd/minikube/cmd/config/set_test.go
@@ -17,7 +17,6 @@ limitations under the License.
package config
import (
- "io/ioutil"
"os"
"testing"
@@ -39,14 +38,14 @@ func TestSetNotAllowed(t *testing.T) {
t.Fatalf("Set did not return error for unallowed value: %+v", err)
}
err = Set("memory", "10a")
- if err == nil || err.Error() != "run validations for \"memory\" with value of \"10a\": [invalid memory size: invalid size: '10a']" {
+ if err == nil || err.Error() != "run validations for \"memory\" with value of \"10a\": [invalid memory size: invalid suffix: 'a']" {
t.Fatalf("Set did not return error for unallowed value: %+v", err)
}
}
func TestSetOK(t *testing.T) {
createTestConfig(t)
- err := Set("driver", "virtualbox")
+ err := Set("driver", "ssh")
defer func() {
err = Unset("driver")
if err != nil {
@@ -60,36 +59,23 @@ func TestSetOK(t *testing.T) {
if err != nil {
t.Fatalf("Get returned error for valid property: %+v", err)
}
- if val != "virtualbox" {
- t.Fatalf("Get returned %s, expected \"virtualbox\"", val)
+ if val != "ssh" {
+ t.Fatalf("Get returned %s, expected \"ssh\"", val)
}
}
func createTestConfig(t *testing.T) {
t.Helper()
- td, err := ioutil.TempDir("", "config")
- if err != nil {
- t.Fatalf("tempdir: %v", err)
- }
+ td := t.TempDir()
- err = os.Setenv(localpath.MinikubeHome, td)
- if err != nil {
- t.Fatalf("error setting up test environment. could not set %s due to %+v", localpath.MinikubeHome, err)
- }
+ t.Setenv(localpath.MinikubeHome, td)
// Not necessary, but it is a handy random alphanumeric
- if err = os.MkdirAll(localpath.MakeMiniPath("config"), 0777); err != nil {
+ if err := os.MkdirAll(localpath.MakeMiniPath("config"), 0777); err != nil {
t.Fatalf("error creating temporary directory: %+v", err)
}
- if err = os.MkdirAll(localpath.MakeMiniPath("profiles"), 0777); err != nil {
+ if err := os.MkdirAll(localpath.MakeMiniPath("profiles"), 0777); err != nil {
t.Fatalf("error creating temporary profiles directory: %+v", err)
}
-
- t.Cleanup(func() {
- err := os.RemoveAll(td)
- if err != nil {
- t.Errorf("failed to clean up temp folder %q", td)
- }
- })
}
diff --git a/cmd/minikube/cmd/config/unset.go b/cmd/minikube/cmd/config/unset.go
index b3581abd3732..bce6da57842f 100644
--- a/cmd/minikube/cmd/config/unset.go
+++ b/cmd/minikube/cmd/config/unset.go
@@ -28,7 +28,7 @@ var configUnsetCmd = &cobra.Command{
Use: "unset PROPERTY_NAME",
Short: "unsets an individual value in a minikube config file",
Long: "unsets PROPERTY_NAME from the minikube config file. Can be overwritten by flags or environmental variables",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) != 1 {
exit.Message(reason.Usage, "usage: minikube config unset PROPERTY_NAME")
}
diff --git a/cmd/minikube/cmd/config/util.go b/cmd/minikube/cmd/config/util.go
index 0546590d5d94..14a4a67f4450 100644
--- a/cmd/minikube/cmd/config/util.go
+++ b/cmd/minikube/cmd/config/util.go
@@ -25,8 +25,8 @@ import (
"k8s.io/minikube/pkg/minikube/out"
)
-// Runs all the validation or callback functions and collects errors
-func run(name string, value string, fns []setFn) error {
+// Invoke all the validation or callback functions and collects errors
+func invoke(name string, value string, fns []setFn) error {
var errors []error
for _, fn := range fns {
err := fn(name, value)
diff --git a/cmd/minikube/cmd/config/validations.go b/cmd/minikube/cmd/config/validations.go
index 5a06786cd988..27362ac8b984 100644
--- a/cmd/minikube/cmd/config/validations.go
+++ b/cmd/minikube/cmd/config/validations.go
@@ -32,7 +32,7 @@ import (
)
// IsValidDriver checks if a driver is supported
-func IsValidDriver(string, name string) error {
+func IsValidDriver(_, name string) error {
if driver.Supported(name) {
return nil
}
@@ -40,13 +40,13 @@ func IsValidDriver(string, name string) error {
}
// RequiresRestartMsg returns the "requires restart" message
-func RequiresRestartMsg(string, string) error {
+func RequiresRestartMsg(_, _ string) error {
out.WarningT("These changes will take effect upon a minikube delete and then a minikube start")
return nil
}
// IsValidDiskSize checks if a string is a valid disk size
-func IsValidDiskSize(name string, disksize string) error {
+func IsValidDiskSize(_, disksize string) error {
_, err := units.FromHumanSize(disksize)
if err != nil {
return fmt.Errorf("invalid disk size: %v", err)
@@ -55,16 +55,16 @@ func IsValidDiskSize(name string, disksize string) error {
}
// IsValidCPUs checks if a string is a valid number of CPUs
-func IsValidCPUs(name string, cpus string) error {
- if cpus == constants.MaxResources {
+func IsValidCPUs(name, cpus string) error {
+ if cpus == constants.MaxResources || cpus == constants.NoLimit {
return nil
}
return IsPositive(name, cpus)
}
// IsValidMemory checks if a string is a valid memory size
-func IsValidMemory(name string, memsize string) error {
- if memsize == constants.MaxResources {
+func IsValidMemory(_, memsize string) error {
+ if memsize == constants.MaxResources || memsize == constants.NoLimit {
return nil
}
_, err := units.FromHumanSize(memsize)
@@ -75,7 +75,7 @@ func IsValidMemory(name string, memsize string) error {
}
// IsValidURL checks if a location is a valid URL
-func IsValidURL(name string, location string) error {
+func IsValidURL(_, location string) error {
_, err := url.Parse(location)
if err != nil {
return fmt.Errorf("%s is not a valid URL", location)
@@ -84,7 +84,7 @@ func IsValidURL(name string, location string) error {
}
// IsURLExists checks if a location actually exists
-func IsURLExists(name string, location string) error {
+func IsURLExists(_, location string) error {
parsed, err := url.Parse(location)
if err != nil {
return fmt.Errorf("%s is not a valid URL", location)
@@ -118,7 +118,7 @@ func IsURLExists(name string, location string) error {
}
// IsPositive checks if an integer is positive
-func IsPositive(name string, val string) error {
+func IsPositive(name, val string) error {
i, err := strconv.Atoi(val)
if err != nil {
return fmt.Errorf("%s:%v", name, err)
@@ -130,7 +130,7 @@ func IsPositive(name string, val string) error {
}
// IsValidCIDR checks if a string parses as a CIDR
-func IsValidCIDR(name string, cidr string) error {
+func IsValidCIDR(_, cidr string) error {
_, _, err := net.ParseCIDR(cidr)
if err != nil {
return fmt.Errorf("invalid CIDR: %v", err)
@@ -139,7 +139,7 @@ func IsValidCIDR(name string, cidr string) error {
}
// IsValidPath checks if a string is a valid path
-func IsValidPath(name string, path string) error {
+func IsValidPath(name, path string) error {
_, err := os.Stat(path)
if err != nil {
return fmt.Errorf("%s path is not valid: %v", name, err)
@@ -148,7 +148,7 @@ func IsValidPath(name string, path string) error {
}
// IsValidRuntime checks if a string is a valid runtime
-func IsValidRuntime(name string, runtime string) error {
+func IsValidRuntime(_, runtime string) error {
_, err := cruntime.New(cruntime.Config{Type: runtime})
if err != nil {
return fmt.Errorf("invalid runtime: %v", err)
diff --git a/cmd/minikube/cmd/config/validations_test.go b/cmd/minikube/cmd/config/validations_test.go
index 0cfc87f5c7a7..a1a0d839314c 100644
--- a/cmd/minikube/cmd/config/validations_test.go
+++ b/cmd/minikube/cmd/config/validations_test.go
@@ -17,7 +17,9 @@ limitations under the License.
package config
import (
+ "net/url"
"os"
+ "path/filepath"
"testing"
)
@@ -126,23 +128,54 @@ func TestValidRuntime(t *testing.T) {
}
func TestIsURLExists(t *testing.T) {
-
self, err := os.Executable()
if err != nil {
t.Error(err)
}
+ u := (&url.URL{
+ Scheme: "file",
+ Path: filepath.ToSlash(self),
+ }).String()
+
tests := []validationTest{
{
- value: "file://" + self,
+ value: u,
shouldErr: false,
},
-
{
- value: "file://" + self + "/subpath-of-file",
+ value: u + "/subpath-of-file",
shouldErr: true,
},
}
runValidations(t, tests, "url", IsURLExists)
}
+
+func TestIsValidCPUs(t *testing.T) {
+ tests := []validationTest{
+ {"2", false},
+ {"16", false},
+ {"max", false},
+ {"no-limit", false},
+ {"abc", true},
+ {"-2", true},
+ {"", true},
+ }
+
+ runValidations(t, tests, "cpus", IsValidCPUs)
+}
+
+func TestIsValidMemory(t *testing.T) {
+ tests := []validationTest{
+ {"4000mb", false},
+ {"8gb", false},
+ {"max", false},
+ {"no-limit", false},
+ {"-4000", true},
+ {"abc", true},
+ {"", true},
+ }
+
+ runValidations(t, tests, "memory", IsValidMemory)
+}
diff --git a/cmd/minikube/cmd/config/view.go b/cmd/minikube/cmd/config/view.go
index a65574079dde..836aef11fc79 100644
--- a/cmd/minikube/cmd/config/view.go
+++ b/cmd/minikube/cmd/config/view.go
@@ -40,8 +40,10 @@ type ViewTemplate struct {
var configViewCmd = &cobra.Command{
Use: "view",
Short: "Display values currently set in the minikube config file",
- Long: "Display values currently set in the minikube config file.",
- Run: func(cmd *cobra.Command, args []string) {
+ Long: `Display values currently set in the minikube config file.
+ The output format can be customized using the --format flag, which accepts a Go template.
+ The config file is typically located at "~/.minikube/config/config.json".`,
+ Run: func(_ *cobra.Command, _ []string) {
err := View()
if err != nil {
exit.Error(reason.InternalConfigView, "config view failed", err)
@@ -51,8 +53,8 @@ var configViewCmd = &cobra.Command{
func init() {
configViewCmd.Flags().StringVar(&viewFormat, "format", defaultConfigViewFormat,
- `Go template format string for the config view output. The format for Go templates can be found here: https://golang.org/pkg/text/template/
-For the list of accessible variables for the template, see the struct values here: https://godoc.org/k8s.io/minikube/cmd/minikube/cmd/config#ConfigViewTemplate`)
+ `Go template format string for the config view output. The format for Go templates can be found here: https://pkg.go.dev/text/template
+For the list of accessible variables for the template, see the struct values here: https://pkg.go.dev/k8s.io/minikube/cmd/minikube/cmd/config#ConfigViewTemplate`)
ConfigCmd.AddCommand(configViewCmd)
}
diff --git a/cmd/minikube/cmd/cp.go b/cmd/minikube/cmd/cp.go
index 2ad6290085e5..ca0cf70033f0 100644
--- a/cmd/minikube/cmd/cp.go
+++ b/cmd/minikube/cmd/cp.go
@@ -17,6 +17,8 @@ limitations under the License.
package cmd
import (
+ "path/filepath"
+
"github.com/pkg/errors"
"github.com/spf13/cobra"
@@ -25,7 +27,7 @@ import (
pt "path"
"strings"
- "k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/assets"
"k8s.io/minikube/pkg/minikube/command"
"k8s.io/minikube/pkg/minikube/exit"
@@ -36,98 +38,180 @@ import (
"k8s.io/minikube/pkg/minikube/reason"
)
-// placeholders for flag values
-var (
- srcPath string
- dstPath string
- dstNode string
-)
+type remotePath struct {
+ node string
+ path string
+}
// cpCmd represents the cp command, similar to docker cp
var cpCmd = &cobra.Command{
- Use: "cp :",
+ Use: "cp : :",
Short: "Copy the specified file into minikube",
- Long: "Copy the specified file into minikube, it will be saved at path in your minikube.\n" +
- "Example Command : \"minikube cp a.txt /home/docker/b.txt\"\n" +
- " \"minikube cp a.txt minikube-m02:/home/docker/b.txt\"\n",
- Run: func(cmd *cobra.Command, args []string) {
+ Long: `Copy the specified file into minikube, it will be saved at path in your minikube.
+Default target node controlplane and If is omitted, It will trying to copy from host.
+
+Example Command : "minikube cp a.txt /home/docker/b.txt" +
+ "minikube cp a.txt minikube-m02:/home/docker/b.txt"
+ "minikube cp minikube-m01:a.txt minikube-m02:/home/docker/b.txt"`,
+ Run: func(_ *cobra.Command, args []string) {
if len(args) != 2 {
- exit.Message(reason.Usage, `Please specify the path to copy:
+ exit.Message(reason.Usage, `Please specify the path to copy:
minikube cp (example: "minikube cp a/b.txt /copied.txt")`)
}
- srcPath = args[0]
- dstPath = args[1]
-
- // if destination path is not a absolute path, trying to parse with : format
- if !strings.HasPrefix(dstPath, "/") {
- if sp := strings.SplitN(dstPath, ":", 2); len(sp) == 2 {
- dstNode = sp[0]
- dstPath = sp[1]
- }
- }
-
- validateArgs(srcPath, dstPath)
-
- fa, err := assets.NewFileAsset(srcPath, pt.Dir(dstPath), pt.Base(dstPath), "0644")
- if err != nil {
- out.ErrLn("%v", errors.Wrap(err, "getting file asset"))
- os.Exit(1)
- }
- defer func() {
- if err := fa.Close(); err != nil {
- klog.Warningf("error closing the file %s: %v", fa.GetSourcePath(), err)
- }
- }()
+ options := flags.CommandOptions()
+ srcPath := args[0]
+ dstPath := setDstFileNameFromSrc(args[1], srcPath)
+ src := newRemotePath(srcPath)
+ dst := newRemotePath(dstPath)
+ validateArgs(src, dst)
- co := mustload.Running(ClusterFlagValue())
+ co := mustload.Running(ClusterFlagValue(), options)
var runner command.Runner
- if dstNode == "" {
+
+ if dst.node != "" {
+ runner = remoteCommandRunner(&co, dst.node)
+ } else if src.node == "" {
+ // if node name not explicitly specified in both of source and target,
+ // consider target is control-plane node for backward compatibility.
runner = co.CP.Runner
} else {
- n, _, err := node.Retrieve(*co.Config, dstNode)
- if err != nil {
- exit.Message(reason.GuestNodeRetrieve, "Node {{.nodeName}} does not exist.", out.V{"nodeName": dstNode})
- }
-
- h, err := machine.GetHost(co.API, *co.Config, *n)
- if err != nil {
- exit.Error(reason.GuestLoadHost, "Error getting host", err)
- }
-
- runner, err = machine.CommandRunner(h)
- if err != nil {
- exit.Error(reason.InternalCommandRunner, "Failed to get command runner", err)
- }
+ runner = command.NewExecRunner(false)
}
- if err = runner.Copy(fa); err != nil {
+ fa := copyableFile(&co, src, dst)
+ if err := runner.Copy(fa); err != nil {
exit.Error(reason.InternalCommandRunner, fmt.Sprintf("Fail to copy file %s", fa.GetSourcePath()), err)
}
},
}
-func init() {
+// setDstFileNameFromSrc sets the src filename as dst filename
+// when the dst file name is not provided and ends with a `/`.
+// Otherwise this function is a no-op and returns the passed dst.
+func setDstFileNameFromSrc(dst, src string) string {
+ srcPath := newRemotePath(src)
+ dstPath := newRemotePath(dst)
+ guestToHost := srcPath.node != "" && dstPath.node == ""
+ guestToGuest := srcPath.node != "" && dstPath.node != ""
+
+ // Since Host can be any OS and Guest can only be linux, use
+ // filepath and path respectively
+ var dd, df, sf string
+ switch {
+ case guestToHost:
+ _, sf = pt.Split(src)
+ dd, df = filepath.Split(dst)
+ case guestToGuest:
+ _, sf = pt.Split(src)
+ dd, df = pt.Split(dst)
+ default:
+ _, sf = filepath.Split(src)
+ dd, df = pt.Split(dst)
+ }
+
+ // if dst is empty, dd and df will be empty, so return dst
+ // validation will be happening in `validateArgs`
+ if dd == "" && df == "" {
+ return ""
+ }
+
+ // if filename is already provided, return dst
+ if df != "" {
+ return dst
+ }
+
+ // if src filename is empty, return dst
+ if sf == "" {
+ return dst
+ }
+
+ // https://github.com/kubernetes/minikube/pull/15519/files#r1261750910
+ if guestToHost {
+ return filepath.Join(dd, sf)
+ }
+
+ return pt.Join(dd, sf)
+}
+
+// split path to node name and file path
+func newRemotePath(path string) *remotePath {
+ // if destination path is not a absolute path, trying to parse with : format
+ sp := strings.SplitN(path, ":", 2)
+ if len(sp) == 2 && len(sp[0]) > 0 && !strings.Contains(sp[0], "/") && strings.HasPrefix(sp[1], "/") {
+ return &remotePath{node: sp[0], path: sp[1]}
+ }
+
+ return &remotePath{node: "", path: path}
}
-func validateArgs(srcPath string, dstPath string) {
- if srcPath == "" {
- exit.Message(reason.Usage, "Source {{.path}} can not be empty", out.V{"path": srcPath})
+func remoteCommandRunner(co *mustload.ClusterController, nodeName string) command.Runner {
+ n, _, err := node.Retrieve(*co.Config, nodeName)
+ if err != nil {
+ exit.Message(reason.GuestNodeRetrieve, "Node {{.nodeName}} does not exist.", out.V{"nodeName": nodeName})
}
- if dstPath == "" {
- exit.Message(reason.Usage, "Target {{.path}} can not be empty", out.V{"path": dstPath})
+ h, err := machine.GetHost(co.API, *co.Config, *n)
+ if err != nil {
+ out.ErrLn("%v", errors.Wrap(err, "getting host"))
+ os.Exit(1)
}
- if _, err := os.Stat(srcPath); err != nil {
+ runner, err := machine.CommandRunner(h)
+ if err != nil {
+ out.ErrLn("%v", errors.Wrap(err, "getting command runner"))
+ os.Exit(1)
+ }
+
+ return runner
+}
+
+func copyableFile(co *mustload.ClusterController, src, dst *remotePath) assets.CopyableFile {
+ // get assets.CopyableFile from minikube node
+ if src.node != "" {
+ runner := remoteCommandRunner(co, src.node)
+ f, err := runner.ReadableFile(src.path)
+ if err != nil {
+ out.ErrLn("%v", errors.Wrapf(err, "getting file from %s node", src.node))
+ os.Exit(1)
+ }
+
+ fakeWriter := func(_ []byte) (n int, err error) {
+ return 0, nil
+ }
+
+ return assets.NewBaseCopyableFile(f, fakeWriter, pt.Dir(dst.path), pt.Base(dst.path))
+ }
+
+ if _, err := os.Stat(src.path); err != nil {
if os.IsNotExist(err) {
- exit.Message(reason.HostPathMissing, "Cannot find directory {{.path}} for copy", out.V{"path": srcPath})
+ exit.Message(reason.HostPathMissing, "Cannot find directory {{.path}} for copy", out.V{"path": src})
} else {
exit.Error(reason.HostPathStat, "stat failed", err)
}
}
- if !strings.HasPrefix(dstPath, "/") {
- exit.Message(reason.Usage, ` must be an absolute Path. Relative Path is not allowed (example: "/home/docker/copied.txt")`)
+ fa, err := assets.NewFileAsset(src.path, pt.Dir(dst.path), pt.Base(dst.path), "0644")
+ if err != nil {
+ out.ErrLn("%v", errors.Wrap(err, "getting file asset"))
+ os.Exit(1)
+ }
+
+ return fa
+}
+
+func validateArgs(src, dst *remotePath) {
+ if src.path == "" {
+ exit.Message(reason.Usage, "Source {{.path}} can not be empty", out.V{"path": src.path})
+ }
+
+ if dst.path == "" {
+ exit.Message(reason.Usage, "Target {{.path}} can not be empty", out.V{"path": dst.path})
+ }
+
+ // if node name not explicitly specified in both of source and target,
+ // consider target node is control-plane for backward compatibility.
+ if src.node == "" && dst.node == "" && !strings.HasPrefix(dst.path, "/") {
+ exit.Message(reason.Usage, `Target must be an absolute Path. Relative Path is not allowed (example: "minikube:/home/docker/copied.txt")`)
}
}
diff --git a/cmd/minikube/cmd/cp_test.go b/cmd/minikube/cmd/cp_test.go
new file mode 100644
index 000000000000..1ec319f9ea20
--- /dev/null
+++ b/cmd/minikube/cmd/cp_test.go
@@ -0,0 +1,85 @@
+/*
+Copyright 2021 The Kubernetes Authors All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cmd
+
+import (
+ "testing"
+)
+
+func TestParsePath(t *testing.T) {
+ var passedCases = []struct {
+ path string
+ expectedNode string
+ expectedPath string
+ }{
+
+ {"", "", ""},
+ {":", "", ":"},
+ {":/a", "", ":/a"},
+ {":a", "", ":a"},
+ {"minikube:", "", "minikube:"},
+ {"minikube:./a", "", "minikube:./a"},
+ {"minikube:a", "", "minikube:a"},
+ {"minikube::a", "", "minikube::a"},
+ {"./a", "", "./a"},
+ {"./a/b", "", "./a/b"},
+ {"a", "", "a"},
+ {"a/b", "", "a/b"},
+ {"/a", "", "/a"},
+ {"/a/b", "", "/a/b"},
+ {"./:a/b", "", "./:a/b"},
+ {"c:\\a", "", "c:\\a"},
+ {"c:\\a\\b", "", "c:\\a\\b"},
+ {"minikube:/a", "minikube", "/a"},
+ {"minikube:/a/b", "minikube", "/a/b"},
+ {"minikube:/a/b:c", "minikube", "/a/b:c"},
+ }
+
+ for _, c := range passedCases {
+ rp := newRemotePath(c.path)
+ expected := remotePath{
+ node: c.expectedNode,
+ path: c.expectedPath,
+ }
+ if *rp != expected {
+ t.Errorf("parsePath \"%s\" expected: %q, got: %q", c.path, expected, *rp)
+ }
+ }
+}
+
+func TestSetDstFileNameFromSrc(t *testing.T) {
+ cases := []struct {
+ src string
+ dst string
+ want string
+ }{
+ {"./a/b", "/c/", "/c/b"},
+ {"./a/b", "node:/c/", "node:/c/b"},
+ {"./a", "/c/", "/c/a"},
+ {"", "/c/", "/c/"},
+ {"./a/b", "", ""},
+ {"./a/b", "/c", "/c"},
+ {"./a/", "/c/", "/c/"},
+ }
+
+ for _, c := range cases {
+ got := setDstFileNameFromSrc(c.dst, c.src)
+ if c.want != got {
+ t.Fatalf("wrong dst path for src=%s & dst=%s. want: %q, got: %q", c.src, c.dst, c.want, got)
+ }
+ }
+}
diff --git a/cmd/minikube/cmd/dashboard.go b/cmd/minikube/cmd/dashboard.go
index 141b3ab212e6..5afbcca26ff6 100644
--- a/cmd/minikube/cmd/dashboard.go
+++ b/cmd/minikube/cmd/dashboard.go
@@ -30,6 +30,7 @@ import (
"github.com/pkg/errors"
"github.com/spf13/cobra"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/addons"
"k8s.io/minikube/pkg/minikube/assets"
"k8s.io/minikube/pkg/minikube/style"
@@ -47,9 +48,9 @@ import (
var (
dashboardURLMode bool
dashboardExposedPort int
- // Matches: 127.0.0.1:8001
+ // Matches: "127.0.0.1:8001" or "127.0.0.1 40012" etc.
// TODO(tstromberg): Get kubectl to implement a stable supported output format.
- hostPortRe = regexp.MustCompile(`127.0.0.1:\d{4,}`)
+ hostPortRe = regexp.MustCompile(`127\.0\.0\.1(:| )\d{4,}`)
)
// dashboardCmd represents the dashboard command
@@ -57,9 +58,10 @@ var dashboardCmd = &cobra.Command{
Use: "dashboard",
Short: "Access the Kubernetes dashboard running within the minikube cluster",
Long: `Access the Kubernetes dashboard running within the minikube cluster`,
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
cname := ClusterFlagValue()
- co := mustload.Healthy(cname)
+ co := mustload.Healthy(cname, options)
for _, n := range co.Config.Nodes {
if err := proxy.ExcludeIP(n.IP); err != nil {
@@ -79,10 +81,10 @@ var dashboardCmd = &cobra.Command{
enabled := addon.IsEnabled(co.Config)
if !enabled {
- // Send status messages to stderr for folks re-using this output.
+ // Send status messages to stderr for folks reusing this output.
out.ErrT(style.Enabling, "Enabling dashboard ...")
// Enable the dashboard add-on
- err = addons.SetAndSave(cname, "dashboard", "true")
+ err = addons.SetAndSave(cname, "dashboard", "true", options)
if err != nil {
exit.Error(reason.InternalAddonEnable, "Unable to enable dashboard", err)
}
@@ -98,7 +100,7 @@ var dashboardCmd = &cobra.Command{
}
out.ErrT(style.Launch, "Launching proxy ...")
- p, hostPort, err := kubectlProxy(kubectlVersion, cname, dashboardExposedPort)
+ p, hostPort, err := kubectlProxy(kubectlVersion, co.Config.BinaryMirror, cname, dashboardExposedPort)
if err != nil {
exit.Error(reason.HostKubectlProxy, "kubectl proxy", err)
}
@@ -132,7 +134,7 @@ var dashboardCmd = &cobra.Command{
}
// kubectlProxy runs "kubectl proxy", returning host:port
-func kubectlProxy(kubectlVersion string, contextName string, port int) (*exec.Cmd, string, error) {
+func kubectlProxy(kubectlVersion string, binaryURL string, contextName string, port int) (*exec.Cmd, string, error) {
// port=0 picks a random system port
kubectlArgs := []string{"--context", contextName, "proxy", "--port", strconv.Itoa(port)}
@@ -140,7 +142,7 @@ func kubectlProxy(kubectlVersion string, contextName string, port int) (*exec.Cm
var cmd *exec.Cmd
if kubectl, err := exec.LookPath("kubectl"); err == nil {
cmd = exec.Command(kubectl, kubectlArgs...)
- } else if cmd, err = KubectlCommand(kubectlVersion, kubectlArgs...); err != nil {
+ } else if cmd, err = KubectlCommand(kubectlVersion, binaryURL, kubectlArgs...); err != nil {
return nil, "", err
}
@@ -157,7 +159,7 @@ func kubectlProxy(kubectlVersion string, contextName string, port int) (*exec.Cm
klog.Infof("Waiting for kubectl to output host:port ...")
reader := bufio.NewReader(stdoutPipe)
- var out []byte
+ var outData []byte
for {
r, timedOut, err := readByteWithTimeout(reader, 5*time.Second)
if err != nil {
@@ -170,16 +172,20 @@ func kubectlProxy(kubectlVersion string, contextName string, port int) (*exec.Cm
klog.Infof("timed out waiting for input: possibly due to an old kubectl version.")
break
}
- out = append(out, r)
+ outData = append(outData, r)
}
- klog.Infof("proxy stdout: %s", string(out))
- return cmd, hostPortRe.FindString(string(out)), nil
+ klog.Infof("proxy stdout: %s", string(outData))
+ return cmd, hostPortRe.FindString(string(outData)), nil
}
// readByteWithTimeout returns a byte from a reader or an indicator that a timeout has occurred.
func readByteWithTimeout(r io.ByteReader, timeout time.Duration) (byte, bool, error) {
bc := make(chan byte, 1)
ec := make(chan error, 1)
+ defer func() {
+ close(bc)
+ close(ec)
+ }()
go func() {
b, err := r.ReadByte()
if err != nil {
@@ -187,8 +193,6 @@ func readByteWithTimeout(r io.ByteReader, timeout time.Duration) (byte, bool, er
} else {
bc <- b
}
- close(bc)
- close(ec)
}()
select {
case b := <-bc:
@@ -201,17 +205,16 @@ func readByteWithTimeout(r io.ByteReader, timeout time.Duration) (byte, bool, er
}
// dashboardURL generates a URL for accessing the dashboard service
-func dashboardURL(proxy string, ns string, svc string) string {
+func dashboardURL(addr string, ns string, svc string) string {
// Reference: https://github.com/kubernetes/dashboard/wiki/Accessing-Dashboard---1.7.X-and-above
- return fmt.Sprintf("http://%s/api/v1/namespaces/%s/services/http:%s:/proxy/", proxy, ns, svc)
+ return fmt.Sprintf("http://%s/api/v1/namespaces/%s/services/http:%s:/proxy/", addr, ns, svc)
}
// checkURL checks if a URL returns 200 HTTP OK
func checkURL(url string) error {
resp, err := http.Get(url)
- klog.Infof("%s response: %v %+v", url, err, resp)
if err != nil {
- return errors.Wrap(err, "checkURL")
+ return errors.Wrapf(err, "hitting URL:%q\n response: %+v", url, resp)
}
if resp.StatusCode != http.StatusOK {
return &retry.RetriableError{
diff --git a/cmd/minikube/cmd/delete.go b/cmd/minikube/cmd/delete.go
index ec657fe817a6..2f59daf4a06f 100644
--- a/cmd/minikube/cmd/delete.go
+++ b/cmd/minikube/cmd/delete.go
@@ -19,11 +19,11 @@ package cmd
import (
"context"
"fmt"
- "io/ioutil"
"os"
"os/exec"
"path/filepath"
"strconv"
+ "strings"
"time"
"github.com/docker/machine/libmachine/mcnerror"
@@ -35,12 +35,15 @@ import (
"github.com/spf13/viper"
"k8s.io/klog/v2"
cmdcfg "k8s.io/minikube/cmd/minikube/cmd/config"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
+ "k8s.io/minikube/pkg/drivers/kic"
"k8s.io/minikube/pkg/drivers/kic/oci"
"k8s.io/minikube/pkg/minikube/cluster"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/constants"
"k8s.io/minikube/pkg/minikube/cruntime"
"k8s.io/minikube/pkg/minikube/delete"
+ "k8s.io/minikube/pkg/minikube/download"
"k8s.io/minikube/pkg/minikube/driver"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/kubeconfig"
@@ -49,6 +52,8 @@ import (
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/out/register"
"k8s.io/minikube/pkg/minikube/reason"
+ "k8s.io/minikube/pkg/minikube/run"
+ "k8s.io/minikube/pkg/minikube/sshagent"
"k8s.io/minikube/pkg/minikube/style"
)
@@ -83,14 +88,17 @@ type DeletionError struct {
Errtype typeOfError
}
-func (error DeletionError) Error() string {
- return error.Err.Error()
+func (deletionError DeletionError) Error() string {
+ return deletionError.Err.Error()
}
var hostAndDirsDeleter = func(api libmachine.API, cc *config.ClusterConfig, profileName string) error {
if err := killMountProcess(); err != nil {
out.FailureT("Failed to kill mount process: {{.error}}", out.V{"error": err})
}
+ if err := sshagent.Stop(profileName); err != nil && !config.IsNotExist(err) {
+ out.FailureT("Failed to stop ssh-agent process: {{.error}}", out.V{"error": err})
+ }
deleteHosts(api, cc)
@@ -108,6 +116,7 @@ var hostAndDirsDeleter = func(api libmachine.API, cc *config.ClusterConfig, prof
func init() {
deleteCmd.Flags().BoolVar(&deleteAll, "all", false, "Set flag to delete all profiles")
deleteCmd.Flags().BoolVar(&purge, "purge", false, "Set this flag to delete the '.minikube' folder from your user directory.")
+ deleteCmd.Flags().StringVarP(&outputFormat, "output", "o", "text", "Format to print stdout in. Options include: [text,json]")
if err := viper.BindPFlags(deleteCmd.Flags()); err != nil {
exit.Error(reason.InternalBindFlags, "unable to bind flags", err)
@@ -145,19 +154,76 @@ func deleteContainersAndVolumes(ctx context.Context, ociBin string) {
}
}
+// kicbaseImages returns kicbase images
+func kicbaseImages(ctx context.Context, ociBin string) ([]string, error) {
+ if _, err := exec.LookPath(ociBin); err != nil {
+ return nil, nil
+ }
+
+ // create list of possible kicbase images
+ kicImages := []string{kic.BaseImage}
+ kicImages = append(kicImages, kic.FallbackImages...)
+
+ kicImagesRepo := []string{}
+ for _, img := range kicImages {
+ kicImagesRepo = append(kicImagesRepo, strings.Split(img, ":")[0])
+ }
+
+ allImages, err := oci.ListImagesRepository(ctx, ociBin)
+ if err != nil {
+ return nil, err
+ }
+
+ var result []string
+ for _, img := range allImages {
+ for _, kicImg := range kicImagesRepo {
+ if kicImg == strings.Split(img, ":")[0] {
+ result = append(result, img)
+ break
+ }
+ }
+ }
+ return result, nil
+}
+
+// printDeleteImagesCommand prints command which remove images
+func printDeleteImagesCommand(ociBin string, imageNames []string) {
+ if _, err := exec.LookPath(ociBin); err != nil {
+ return
+ }
+
+ if len(imageNames) > 0 {
+ out.Styled(style.Command, `{{.ociBin}} rmi {{.images}}`, out.V{"ociBin": ociBin, "images": strings.Join(imageNames, " ")})
+ }
+}
+
+// printDeleteImageInfo prints info about removing kicbase images
+func printDeleteImageInfo(dockerImageNames, podmanImageNames []string) {
+ if len(dockerImageNames) == 0 && len(podmanImageNames) == 0 {
+ return
+ }
+
+ out.Styled(style.Notice, `Kicbase images have not been deleted. To delete images run:`)
+ printDeleteImagesCommand(oci.Docker, dockerImageNames)
+ printDeleteImagesCommand(oci.Podman, podmanImageNames)
+}
+
// runDelete handles the executes the flow of "minikube delete"
-func runDelete(cmd *cobra.Command, args []string) {
+func runDelete(_ *cobra.Command, args []string) {
if len(args) > 0 {
exit.Message(reason.Usage, "Usage: minikube delete")
}
- // register.SetEventLogPath(localpath.EventLog(ClusterFlagValue()))
- register.Reg.SetStep(register.Deleting)
+ options := flags.CommandOptions()
+ out.SetJSON(outputFormat == "json")
+ register.Reg.SetStep(register.Deleting)
+ download.CleanUpOlderPreloads()
validProfiles, invalidProfiles, err := config.ListProfiles()
if err != nil {
klog.Warningf("'error loading profiles in minikube home %q: %v", localpath.MiniPath(), err)
}
- profilesToDelete := append(validProfiles, invalidProfiles...)
+ profilesToDelete := validProfiles
+ profilesToDelete = append(profilesToDelete, invalidProfiles...)
// in the case user has more than 1 profile and runs --purge
// to prevent abandoned VMs/containers, force user to run with delete --all
if purge && len(profilesToDelete) > 1 && !deleteAll {
@@ -174,7 +240,7 @@ func runDelete(cmd *cobra.Command, args []string) {
deleteContainersAndVolumes(delCtx, oci.Docker)
deleteContainersAndVolumes(delCtx, oci.Podman)
- errs := DeleteProfiles(profilesToDelete)
+ errs := DeleteProfiles(profilesToDelete, options)
register.Reg.SetStep(register.Done)
if len(errs) > 0 {
@@ -196,7 +262,7 @@ func runDelete(cmd *cobra.Command, args []string) {
orphan = true
}
- errs := DeleteProfiles([]*config.Profile{profile})
+ errs := DeleteProfiles([]*config.Profile{profile}, options)
register.Reg.SetStep(register.Done)
if len(errs) > 0 {
@@ -212,6 +278,16 @@ func runDelete(cmd *cobra.Command, args []string) {
// If the purge flag is set, go ahead and delete the .minikube directory.
if purge {
purgeMinikubeDirectory()
+
+ dockerImageNames, err := kicbaseImages(delCtx, oci.Docker)
+ if err != nil {
+ klog.Warningf("error fetching docker images: %v", err)
+ }
+ podmanImageNames, err := kicbaseImages(delCtx, oci.Podman)
+ if err != nil {
+ klog.Warningf("error fetching podman images: %v", err)
+ }
+ printDeleteImageInfo(dockerImageNames, podmanImageNames)
}
}
@@ -220,26 +296,27 @@ func purgeMinikubeDirectory() {
if err := os.RemoveAll(localpath.MiniPath()); err != nil {
exit.Error(reason.HostPurge, "unable to delete minikube config folder", err)
}
+ register.Reg.SetStep(register.Purging)
out.Step(style.Deleted, "Successfully purged minikube directory located at - [{{.minikubeDirectory}}]", out.V{"minikubeDirectory": localpath.MiniPath()})
}
// DeleteProfiles deletes one or more profiles
-func DeleteProfiles(profiles []*config.Profile) []error {
+func DeleteProfiles(profiles []*config.Profile, options *run.CommandOptions) []error {
klog.Infof("DeleteProfiles")
var errs []error
for _, profile := range profiles {
- errs = append(errs, deleteProfileTimeout(profile)...)
+ errs = append(errs, deleteProfileTimeout(profile, options)...)
}
return errs
}
-func deleteProfileTimeout(profile *config.Profile) []error {
+func deleteProfileTimeout(profile *config.Profile, options *run.CommandOptions) []error {
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
defer cancel()
- if err := deleteProfile(ctx, profile); err != nil {
+ if err := deleteProfile(ctx, profile, options); err != nil {
- mm, loadErr := machine.LoadMachine(profile.Name)
+ mm, loadErr := machine.LoadMachine(profile.Name, options)
if !profile.IsValid() || (loadErr != nil || !mm.IsValid()) {
invalidProfileDeletionErrs := deleteInvalidProfile(profile)
if len(invalidProfileDeletionErrs) > 0 {
@@ -252,7 +329,7 @@ func deleteProfileTimeout(profile *config.Profile) []error {
return nil
}
-func deleteProfile(ctx context.Context, profile *config.Profile) error {
+func deleteProfile(ctx context.Context, profile *config.Profile, options *run.CommandOptions) error {
klog.Infof("Deleting %s", profile.Name)
register.Reg.SetStep(register.Deleting)
@@ -262,10 +339,10 @@ func deleteProfile(ctx context.Context, profile *config.Profile) error {
// if driver is oci driver, delete containers and volumes
if driver.IsKIC(profile.Config.Driver) {
- if err := unpauseIfNeeded(profile); err != nil {
+ if err := unpauseIfNeeded(profile, options); err != nil {
klog.Warningf("failed to unpause %s : %v", profile.Name, err)
}
- out.Step(style.DeletingHost, `Deleting "{{.profile_name}}" in {{.driver_name}} ...`, out.V{"profile_name": profile.Name, "driver_name": profile.Config.Driver})
+ out.Styled(style.DeletingHost, `Deleting "{{.profile_name}}" in {{.driver_name}} ...`, out.V{"profile_name": profile.Name, "driver_name": profile.Config.Driver})
for _, n := range profile.Config.Nodes {
machineName := config.MachineName(*profile.Config, n)
delete.PossibleLeftOvers(ctx, machineName, profile.Config.Driver)
@@ -275,7 +352,7 @@ func deleteProfile(ctx context.Context, profile *config.Profile) error {
klog.Infof("%s has no configuration, will try to make it work anyways", profile.Name)
}
- api, err := machine.NewAPIClient()
+ api, err := machine.NewAPIClient(options)
if err != nil {
delErr := profileDeletionErr(profile.Name, fmt.Sprintf("error getting client %v", err))
return DeletionError{Err: delErr, Errtype: Fatal}
@@ -304,11 +381,11 @@ func deleteProfile(ctx context.Context, profile *config.Profile) error {
return err
}
- out.Step(style.Deleted, `Removed all traces of the "{{.name}}" cluster.`, out.V{"name": profile.Name})
+ out.Styled(style.Deleted, `Removed all traces of the "{{.name}}" cluster.`, out.V{"name": profile.Name})
return nil
}
-func unpauseIfNeeded(profile *config.Profile) error {
+func unpauseIfNeeded(profile *config.Profile, options *run.CommandOptions) error {
// there is a known issue with removing kicbase container with paused containerd/crio containers inside
// unpause it before we delete it
crName := profile.Config.KubernetesConfig.ContainerRuntime
@@ -316,7 +393,7 @@ func unpauseIfNeeded(profile *config.Profile) error {
return nil
}
- api, err := machine.NewAPIClient()
+ api, err := machine.NewAPIClient(options)
if err != nil {
return err
}
@@ -334,7 +411,7 @@ func unpauseIfNeeded(profile *config.Profile) error {
cr, err := cruntime.New(cruntime.Config{Type: crName, Runner: r})
if err != nil {
- exit.Error(reason.InternalNewRuntime, "Failed to create runtime", err)
+ return err
}
paused, err := cluster.CheckIfPaused(cr, nil)
@@ -394,7 +471,7 @@ func deleteContext(machineName string) error {
}
func deleteInvalidProfile(profile *config.Profile) []error {
- out.Step(style.DeletingHost, "Trying to delete invalid profile {{.profile}}", out.V{"profile": profile.Name})
+ out.Styled(style.DeletingHost, "Trying to delete invalid profile {{.profile}}", out.V{"profile": profile.Name})
var errs []error
pathToProfile := config.ProfileFolderPath(profile.Name, localpath.MiniPath())
@@ -420,7 +497,7 @@ func profileDeletionErr(cname string, additionalInfo string) error {
}
func uninstallKubernetes(api libmachine.API, cc config.ClusterConfig, n config.Node, bsName string) error {
- out.Step(style.Resetting, "Uninstalling Kubernetes {{.kubernetes_version}} using {{.bootstrapper_name}} ...", out.V{"kubernetes_version": cc.KubernetesConfig.KubernetesVersion, "bootstrapper_name": bsName})
+ out.Styled(style.Resetting, "Uninstalling Kubernetes {{.kubernetes_version}} using {{.bootstrapper_name}} ...", out.V{"kubernetes_version": cc.KubernetesConfig.KubernetesVersion, "bootstrapper_name": bsName})
host, err := machine.LoadHost(api, config.MachineName(cc, n))
if err != nil {
return DeletionError{Err: fmt.Errorf("unable to load host: %v", err), Errtype: MissingCluster}
@@ -454,11 +531,11 @@ func uninstallKubernetes(api libmachine.API, cc config.ClusterConfig, n config.N
}
// HandleDeletionErrors handles deletion errors from DeleteProfiles
-func HandleDeletionErrors(errors []error) {
- if len(errors) == 1 {
- handleSingleDeletionError(errors[0])
+func HandleDeletionErrors(errs []error) {
+ if len(errs) == 1 {
+ handleSingleDeletionError(errs[0])
} else {
- handleMultipleDeletionErrors(errors)
+ handleMultipleDeletionErrors(errs)
}
}
@@ -468,23 +545,25 @@ func handleSingleDeletionError(err error) {
if ok {
switch deletionError.Errtype {
case Fatal:
- out.FatalT(deletionError.Error())
+ out.ErrT(style.Fatal, "Failed to delete profile(s): {{.error}}", out.V{"error": deletionError.Error()})
+ os.Exit(reason.ExGuestError)
case MissingProfile:
out.ErrT(style.Sad, deletionError.Error())
case MissingCluster:
out.ErrT(style.Meh, deletionError.Error())
default:
- out.FatalT(deletionError.Error())
+ out.ErrT(style.Fatal, "Unable to delete profile(s): {{.error}}", out.V{"error": deletionError.Error()})
+ os.Exit(reason.ExGuestError)
}
} else {
exit.Error(reason.GuestDeletion, "Could not process error from failed deletion", err)
}
}
-func handleMultipleDeletionErrors(errors []error) {
+func handleMultipleDeletionErrors(errs []error) {
out.ErrT(style.Sad, "Multiple errors deleting profiles")
- for _, err := range errors {
+ for _, err := range errs {
deletionError, ok := err.(DeletionError)
if ok {
@@ -498,7 +577,7 @@ func handleMultipleDeletionErrors(errors []error) {
func deleteProfileDirectory(profile string) {
machineDir := filepath.Join(localpath.MiniPath(), "machines", profile)
if _, err := os.Stat(machineDir); err == nil {
- out.Step(style.DeletingHost, `Removing {{.directory}} ...`, out.V{"directory": machineDir})
+ out.Styled(style.DeletingHost, `Removing {{.directory}} ...`, out.V{"directory": machineDir})
err := os.RemoveAll(machineDir)
if err != nil {
exit.Error(reason.GuestProfileDeletion, "Unable to remove machine directory", err)
@@ -515,50 +594,138 @@ func deleteMachineDirectories(cc *config.ClusterConfig) {
}
}
-// killMountProcess kills the mount process, if it is running
+// killMountProcess looks for the legacy path and for profile path for a pidfile,
+// it then tries to kill all the pids listed in the pidfile (one or more)
func killMountProcess() error {
- pidPath := filepath.Join(localpath.MiniPath(), constants.MountProcessFileName)
+ profile := ClusterFlagValue()
+ paths := []string{
+ localpath.MiniPath(), // legacy mount-process path for backwards compatibility
+ localpath.Profile(profile),
+ }
+
+ for _, path := range paths {
+ if err := killProcess(path); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+// killProcess takes a path to look for a pidfile (space-separated),
+// it reads the file and converts it to a bunch of pid ints,
+// then it tries to kill each one of them.
+// If no errors were encountered, it cleans the pidfile
+func killProcess(path string) error {
+ pidPath := filepath.Join(path, constants.MountProcessFileName)
if _, err := os.Stat(pidPath); os.IsNotExist(err) {
return nil
}
-
klog.Infof("Found %s ...", pidPath)
- out, err := ioutil.ReadFile(pidPath)
+
+ ppp, err := getPids(pidPath)
if err != nil {
- return errors.Wrap(err, "ReadFile")
+ return err
}
- klog.Infof("pidfile contents: %s", out)
- pid, err := strconv.Atoi(string(out))
- if err != nil {
- return errors.Wrap(err, "error parsing pid")
+
+ // we're trying to kill each process, without stopping at first error encountered
+ // error handling is done below
+ var errs []error
+ for _, pp := range ppp {
+ err := trySigKillProcess(pp)
+ if err != nil {
+ errs = append(errs, err)
+ }
+
}
- // os.FindProcess does not check if pid is running :(
- entry, err := ps.FindProcess(pid)
+
+ if len(errs) == 1 {
+ // if we've encountered only one error, we're returning it:
+ return errs[0]
+ } else if len(errs) != 0 {
+ // if multiple errors were encountered, combine them into a single error
+ out.Styled(style.Failure, "Multiple errors encountered:")
+ for _, e := range errs {
+ out.Errf("%v\n", e)
+ }
+ return errors.New("multiple errors encountered while closing mount processes")
+ }
+
+ // if no errors were encountered, it's safe to delete pidFile
+ if err := os.Remove(pidPath); err != nil {
+ return errors.Wrap(err, "while closing mount-pids file")
+ }
+
+ return nil
+}
+
+// trySigKillProcess takes a PID as argument and tries to SIGKILL it.
+// It performs an ownership check of the pid,
+// before trying to send a sigkill signal to it
+func trySigKillProcess(pid int) error {
+ itDoes, err := isMinikubeProcess(pid)
if err != nil {
- return errors.Wrap(err, "ps.FindProcess")
+ return err
}
- if entry == nil {
- klog.Infof("Stale pid: %d", pid)
- if err := os.Remove(pidPath); err != nil {
- return errors.Wrap(err, "Removing stale pid")
- }
- return nil
+
+ if !itDoes {
+ return fmt.Errorf("stale pid: %d", pid)
}
- // We found a process, but it still may not be ours.
- klog.Infof("Found process %d: %s", pid, entry.Executable())
proc, err := os.FindProcess(pid)
if err != nil {
- return errors.Wrap(err, "os.FindProcess")
+ return errors.Wrapf(err, "os.FindProcess: %d", pid)
}
klog.Infof("Killing pid %d ...", pid)
if err := proc.Kill(); err != nil {
klog.Infof("Kill failed with %v - removing probably stale pid...", err)
- if err := os.Remove(pidPath); err != nil {
- return errors.Wrap(err, "Removing likely stale unkillable pid")
- }
- return errors.Wrap(err, fmt.Sprintf("Kill(%d/%s)", pid, entry.Executable()))
+ return errors.Wrapf(err, "removing likely stale unkillable pid: %d", pid)
}
+
return nil
}
+
+// doesPIDBelongToMinikube tries to find the process with that PID
+// and checks if the executable name contains the string "minikube"
+var isMinikubeProcess = func(pid int) (bool, error) {
+ entry, err := ps.FindProcess(pid)
+ if err != nil {
+ return false, errors.Wrapf(err, "ps.FindProcess for %d", pid)
+ }
+ if entry == nil {
+ klog.Infof("Process not found. pid %d", pid)
+ return false, nil
+ }
+
+ klog.Infof("Found process %d", pid)
+ if !strings.Contains(entry.Executable(), "minikube") {
+ klog.Infof("process %d was not started by minikube", pid)
+ return false, nil
+ }
+
+ return true, nil
+}
+
+// getPids opens the file at PATH and tries to read
+// one or more space separated pids
+func getPids(path string) ([]int, error) {
+ data, err := os.ReadFile(path)
+ if err != nil {
+ return nil, errors.Wrap(err, "ReadFile")
+ }
+ klog.Infof("pidfile contents: %s", data)
+
+ pids := []int{}
+ strPids := strings.Fields(string(data))
+ for _, p := range strPids {
+ intPid, err := strconv.Atoi(p)
+ if err != nil {
+ return nil, err
+ }
+
+ pids = append(pids, intPid)
+ }
+
+ return pids, nil
+}
diff --git a/cmd/minikube/cmd/delete_test.go b/cmd/minikube/cmd/delete_test.go
index fff2ffabf88c..360258ae080c 100644
--- a/cmd/minikube/cmd/delete_test.go
+++ b/cmd/minikube/cmd/delete_test.go
@@ -18,10 +18,11 @@ package cmd
import (
"fmt"
- "io/ioutil"
"os"
+ "os/exec"
"path/filepath"
"testing"
+ "time"
"github.com/docker/machine/libmachine"
"github.com/google/go-cmp/cmp"
@@ -31,9 +32,10 @@ import (
cmdcfg "k8s.io/minikube/cmd/minikube/cmd/config"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/localpath"
+ "k8s.io/minikube/pkg/minikube/run"
)
-// except returns a list of strings, minus the excluded ones
+// exclude returns a list of strings, minus the excluded ones
func exclude(vals []string, exclude []string) []string {
result := []string{}
for _, v := range vals {
@@ -53,7 +55,7 @@ func exclude(vals []string, exclude []string) []string {
func fileNames(path string) ([]string, error) {
result := []string{}
- fis, err := ioutil.ReadDir(path)
+ fis, err := os.ReadDir(path)
if err != nil {
return result, err
}
@@ -64,20 +66,9 @@ func fileNames(path string) ([]string, error) {
}
func TestDeleteProfile(t *testing.T) {
- td, err := ioutil.TempDir("", "single")
- if err != nil {
- t.Fatalf("tempdir: %v", err)
- }
-
- t.Cleanup(func() {
- err := os.RemoveAll(td)
- if err != nil {
- t.Errorf("failed to clean up temp folder %q", td)
- }
- })
+ td := t.TempDir()
- err = copy.Copy("../../../pkg/minikube/config/testdata/delete-single", td)
- if err != nil {
+ if err := copy.Copy("../../../pkg/minikube/config/testdata/delete-single", td); err != nil {
t.Fatalf("copy: %v", err)
}
@@ -96,12 +87,10 @@ func TestDeleteProfile(t *testing.T) {
{"partial-mach", "p8_partial_machine_config", []string{"p8_partial_machine_config"}},
}
+ options := &run.CommandOptions{}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
- err = os.Setenv(localpath.MinikubeHome, td)
- if err != nil {
- t.Errorf("setenv: %v", err)
- }
+ t.Setenv(localpath.MinikubeHome, td)
beforeProfiles, err := fileNames(filepath.Join(localpath.MiniPath(), "profiles"))
if err != nil {
@@ -118,7 +107,7 @@ func TestDeleteProfile(t *testing.T) {
}
hostAndDirsDeleter = hostAndDirsDeleterMock
- errs := DeleteProfiles([]*config.Profile{profile})
+ errs := DeleteProfiles([]*config.Profile{profile}, options)
if len(errs) > 0 {
HandleDeletionErrors(errs)
t.Errorf("Errors while deleting profiles: %v", errs)
@@ -158,9 +147,7 @@ func TestDeleteProfile(t *testing.T) {
}
}
-var hostAndDirsDeleterMock = func(api libmachine.API, cc *config.ClusterConfig, profileName string) error {
- return deleteContextTest()
-}
+var hostAndDirsDeleterMock = func(_ libmachine.API, _ *config.ClusterConfig, _ string) error { return deleteContextTest() }
func deleteContextTest() error {
if err := cmdcfg.Unset(config.ProfileName); err != nil {
@@ -170,26 +157,13 @@ func deleteContextTest() error {
}
func TestDeleteAllProfiles(t *testing.T) {
- td, err := ioutil.TempDir("", "all")
- if err != nil {
- t.Fatalf("tempdir: %v", err)
- }
- defer func() { // clean up tempdir
- err := os.RemoveAll(td)
- if err != nil {
- t.Errorf("failed to clean up temp folder %q", td)
- }
- }()
+ td := t.TempDir()
- err = copy.Copy("../../../pkg/minikube/config/testdata/delete-all", td)
- if err != nil {
+ if err := copy.Copy("../../../pkg/minikube/config/testdata/delete-all", td); err != nil {
t.Fatalf("copy: %v", err)
}
- err = os.Setenv(localpath.MinikubeHome, td)
- if err != nil {
- t.Errorf("error setting up test environment. could not set %s", localpath.MinikubeHome)
- }
+ t.Setenv(localpath.MinikubeHome, td)
pFiles, err := fileNames(filepath.Join(localpath.MiniPath(), "profiles"))
if err != nil {
@@ -221,9 +195,10 @@ func TestDeleteAllProfiles(t *testing.T) {
t.Errorf("ListProfiles length = %d, expected %d\nvalid: %v\ninvalid: %v\n", len(validProfiles)+len(inValidProfiles), numberOfTotalProfileDirs, validProfiles, inValidProfiles)
}
- profiles := append(validProfiles, inValidProfiles...)
+ profiles := validProfiles
+ profiles = append(profiles, inValidProfiles...)
hostAndDirsDeleter = hostAndDirsDeleterMock
- errs := DeleteProfiles(profiles)
+ errs := DeleteProfiles(profiles, &run.CommandOptions{})
if errs != nil {
t.Errorf("errors while deleting all profiles: %v", errs)
@@ -233,7 +208,7 @@ func TestDeleteAllProfiles(t *testing.T) {
if err != nil {
t.Errorf("profiles: %v", err)
}
- afterMachines, err := ioutil.ReadDir(filepath.Join(localpath.MiniPath(), "machines"))
+ afterMachines, err := os.ReadDir(filepath.Join(localpath.MiniPath(), "machines"))
if err != nil {
t.Errorf("machines: %v", err)
}
@@ -247,3 +222,71 @@ func TestDeleteAllProfiles(t *testing.T) {
viper.Set(config.ProfileName, "")
}
+
+// TestTryKillOne spawns a go child process that waits to be SIGKILLed,
+// then tries to execute the tryKillOne function on it;
+// if after tryKillOne the process still exists, we consider it a failure
+func TestTryKillOne(t *testing.T) {
+
+ var waitForSig = []byte(`
+package main
+
+import (
+ "os"
+ "os/signal"
+ "syscall"
+)
+
+// This is used to unit test functions that send termination
+// signals to processes, in a cross-platform way.
+func main() {
+ ch := make(chan os.Signal, 1)
+ done := make(chan struct{})
+ defer close(ch)
+
+ signal.Notify(ch, syscall.SIGTERM)
+ defer signal.Stop(ch)
+
+ go func() {
+ <-ch
+ close(done)
+ }()
+
+ <-done
+}
+`)
+ td := t.TempDir()
+ tmpfile := filepath.Join(td, "waitForSig.go")
+
+ if err := os.WriteFile(tmpfile, waitForSig, 0o600); err != nil {
+ t.Fatalf("copying source to %s: %v\n", tmpfile, err)
+ }
+
+ processToKill := exec.Command("go", "run", tmpfile)
+ err := processToKill.Start()
+ if err != nil {
+ t.Fatalf("while executing child process: %v\n", err)
+ }
+ pid := processToKill.Process.Pid
+
+ isMinikubeProcess = func(int) (bool, error) {
+ return true, nil
+ }
+
+ err = trySigKillProcess(pid)
+ if err != nil {
+ t.Fatalf("while trying to kill child proc %d: %v\n", pid, err)
+ }
+
+ done := make(chan error, 1)
+ go func() { done <- processToKill.Wait() }()
+
+ var waitErr error
+ select {
+ case waitErr = <-done:
+ t.Logf("child process wait result: %v", waitErr)
+ case <-time.After(1 * time.Second):
+ t.Fatalf("timed out waiting for process %d to exit", pid)
+ }
+
+}
diff --git a/cmd/minikube/cmd/docker-env.go b/cmd/minikube/cmd/docker-env.go
index 83858724b600..6107788155b5 100644
--- a/cmd/minikube/cmd/docker-env.go
+++ b/cmd/minikube/cmd/docker-env.go
@@ -14,12 +14,11 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-// Part of this code is heavily inspired/copied by the following file:
-// github.com/docker/machine/commands/env.go
-
package cmd
import (
+ "context"
+ "encoding/json"
"fmt"
"io"
"net"
@@ -33,10 +32,12 @@ import (
apiWait "k8s.io/apimachinery/pkg/util/wait"
"github.com/spf13/cobra"
+ "gopkg.in/yaml.v2"
"k8s.io/klog/v2"
- kconst "k8s.io/kubernetes/cmd/kubeadm/app/constants"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/drivers/kic/oci"
+ "k8s.io/minikube/pkg/drivers/qemu"
"k8s.io/minikube/pkg/minikube/bootstrapper/bsutil/kverify"
"k8s.io/minikube/pkg/minikube/command"
"k8s.io/minikube/pkg/minikube/constants"
@@ -47,7 +48,10 @@ import (
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
"k8s.io/minikube/pkg/minikube/shell"
+ "k8s.io/minikube/pkg/minikube/sshagent"
"k8s.io/minikube/pkg/minikube/sysinit"
+ pkgnetwork "k8s.io/minikube/pkg/network"
+ kconst "k8s.io/minikube/third_party/kubeadm/app/constants"
)
const minLogCheckTime = 60 * time.Second
@@ -69,6 +73,12 @@ var dockerEnvTCPTmpl = fmt.Sprintf(
"{{ if .NoProxyVar }}"+
"{{ .Prefix }}{{ .NoProxyVar }}{{ .Delimiter }}{{ .NoProxyValue }}{{ .Suffix }}"+
"{{ end }}"+
+ "{{ if .SSHAuthSock }}"+
+ "{{ .Prefix }}%s{{ .Delimiter }}{{ .SSHAuthSock }}{{ .Suffix }}"+
+ "{{ end }}"+
+ "{{ if .SSHAgentPID }}"+
+ "{{ .Prefix }}%s{{ .Delimiter }}{{ .SSHAgentPID }}{{ .Suffix }}"+
+ "{{ end }}"+
"{{ .UsageHint }}",
constants.DockerTLSVerifyEnv,
constants.DockerHostEnv,
@@ -76,13 +86,23 @@ var dockerEnvTCPTmpl = fmt.Sprintf(
constants.ExistingDockerTLSVerifyEnv,
constants.ExistingDockerHostEnv,
constants.ExistingDockerCertPathEnv,
- constants.MinikubeActiveDockerdEnv)
+ constants.MinikubeActiveDockerdEnv,
+ constants.SSHAuthSock,
+ constants.SSHAgentPID)
var dockerEnvSSHTmpl = fmt.Sprintf(
"{{ .Prefix }}%s{{ .Delimiter }}{{ .DockerHost }}{{ .Suffix }}"+
"{{ .Prefix }}%s{{ .Delimiter }}{{ .MinikubeDockerdProfile }}{{ .Suffix }}"+
+ "{{ if .SSHAuthSock }}"+
+ "{{ .Prefix }}%s{{ .Delimiter }}{{ .SSHAuthSock }}{{ .Suffix }}"+
+ "{{ end }}"+
+ "{{ if .SSHAgentPID }}"+
+ "{{ .Prefix }}%s{{ .Delimiter }}{{ .SSHAgentPID }}{{ .Suffix }}"+
+ "{{ end }}"+
"{{ .UsageHint }}",
constants.DockerHostEnv,
- constants.MinikubeActiveDockerdEnv)
+ constants.MinikubeActiveDockerdEnv,
+ constants.SSHAuthSock,
+ constants.SSHAgentPID)
// DockerShellConfig represents the shell config for Docker
type DockerShellConfig struct {
@@ -97,6 +117,9 @@ type DockerShellConfig struct {
ExistingDockerCertPath string
ExistingDockerHost string
ExistingDockerTLSVerify string
+
+ SSHAuthSock string
+ SSHAgentPID string
}
var (
@@ -140,6 +163,9 @@ func dockerShellCfgSet(ec DockerEnvConfig, envMap map[string]string) *DockerShel
s.MinikubeDockerdProfile = envMap[constants.MinikubeActiveDockerdEnv]
+ s.SSHAuthSock = envMap[constants.SSHAuthSock]
+ s.SSHAgentPID = envMap[constants.SSHAgentPID]
+
if ec.noProxy {
noProxyVar, noProxyValue := defaultNoProxyGetter.GetNoProxyVar()
@@ -195,15 +221,14 @@ func mustRestartDockerd(name string, runner command.Runner) {
if err := sysinit.New(runner).Reload("docker"); err != nil {
klog.Warningf("will try to restart dockerd because reload failed: %v", err)
if err := sysinit.New(runner).Restart("docker"); err != nil {
- klog.Warningf("Couldn't restart docker inside minikbue within '%v' because: %v", name, err)
+ klog.Warningf("Couldn't restart docker inside minikube within '%v' because: %v", name, err)
return
}
// if we get to the point that we have to restart docker (instead of reload)
// will need to wait for apisever container to come up, this usually takes 5 seconds
// verifying apisever using kverify would add code complexity for a rare case.
klog.Warningf("waiting to ensure apisever container is up...")
- startTime := time.Now()
- if err = waitForAPIServerProcess(runner, startTime, time.Second*30); err != nil {
+ if err = waitForAPIServerProcess(runner, time.Now(), time.Second*30); err != nil {
klog.Warningf("apiserver container isn't up, error: %v", err)
}
}
@@ -211,7 +236,7 @@ func mustRestartDockerd(name string, runner command.Runner) {
func waitForAPIServerProcess(cr command.Runner, start time.Time, timeout time.Duration) error {
klog.Infof("waiting for apiserver process to appear ...")
- err := apiWait.PollImmediate(time.Millisecond*500, timeout, func() (bool, error) {
+ err := apiWait.PollUntilContextTimeout(context.Background(), time.Millisecond*500, timeout, true, func(_ context.Context) (bool, error) {
if time.Since(start) > timeout {
return false, fmt.Errorf("cluster wait timed out during process check")
}
@@ -237,11 +262,17 @@ func waitForAPIServerProcess(cr command.Runner, start time.Time, timeout time.Du
// dockerEnvCmd represents the docker-env command
var dockerEnvCmd = &cobra.Command{
Use: "docker-env",
- Short: "Configure environment to use minikube's Docker daemon",
- Long: `Sets up docker env variables; similar to '$(docker-machine env)'.`,
- Run: func(cmd *cobra.Command, args []string) {
+ Short: "Provides instructions to point your terminal's docker-cli to the Docker Engine inside minikube. (Useful for building docker images directly inside minikube)",
+ Long: `Provides instructions to point your terminal's docker-cli to the Docker Engine inside minikube. (Useful for building docker images directly inside minikube)
+
+For example, you can do all docker operations such as docker build, docker run, and docker ps directly on the docker inside minikube.
+
+Note: You need the docker-cli to be installed on your machine.
+docker-cli install instructions: https://minikube.sigs.k8s.io/docs/tutorials/docker_desktop_replacement/#steps`,
+ Run: func(_ *cobra.Command, _ []string) {
var err error
+ options := flags.CommandOptions()
shl := shell.ForceShell
if shl == "" {
shl, err = shell.Detect()
@@ -266,7 +297,8 @@ var dockerEnvCmd = &cobra.Command{
}
cname := ClusterFlagValue()
- co := mustload.Running(cname)
+
+ co := mustload.Running(cname, options)
driverName := co.CP.Host.DriverName
@@ -277,14 +309,41 @@ var dockerEnvCmd = &cobra.Command{
if len(co.Config.Nodes) > 1 {
exit.Message(reason.EnvMultiConflict, `The docker-env command is incompatible with multi-node clusters. Use the 'registry' add-on: https://minikube.sigs.k8s.io/docs/handbook/registry/`)
}
+ cr := co.Config.KubernetesConfig.ContainerRuntime
+ if err := dockerEnvSupported(cr, driverName); err != nil {
+ exit.Message(reason.Usage, err.Error())
+ }
+
+ // for the sake of docker-env command, start nerdctl and nerdctld
+ if cr == constants.Containerd {
+ out.WarningT("Using the docker-env command with the containerd runtime is a highly experimental feature, please provide feedback or contribute to make it better")
- if co.Config.KubernetesConfig.ContainerRuntime != "docker" {
- exit.Message(reason.Usage, `The docker-env command is only compatible with the "docker" runtime, but this cluster was configured to use the "{{.runtime}}" runtime.`,
- out.V{"runtime": co.Config.KubernetesConfig.ContainerRuntime})
+ startNerdctld(options)
+
+ // docker-env on containerd depends on nerdctld (https://github.com/afbjorklund/nerdctld) as "docker" daeomn
+ // and nerdctld daemon must be used with ssh connection (it is set in kicbase image's Dockerfile)
+ // so directly set --ssh-host --ssh-add to true, even user didn't specify them
+ sshAdd = true
+ sshHost = true
+
+ // start the ssh-agent
+ if err := sshagent.Start(cname); err != nil {
+ exit.Message(reason.SSHAgentStart, err.Error())
+ }
+ // cluster config must be reloaded
+ // otherwise we won't be able to get SSH_AUTH_SOCK and SSH_AGENT_PID from cluster config.
+ co = mustload.Running(cname, options)
+
+ // set the ssh-agent envs for current process
+ os.Setenv("SSH_AUTH_SOCK", co.Config.SSHAuthSock)
+ os.Setenv("SSH_AGENT_PID", strconv.Itoa(co.Config.SSHAgentPID))
}
r := co.CP.Runner
- ensureDockerd(cname, r)
+
+ if cr == constants.Docker {
+ ensureDockerd(cname, r)
+ }
d := co.CP.Host.Driver
port := constants.DockerDaemonPort
@@ -293,6 +352,8 @@ var dockerEnvCmd = &cobra.Command{
if err != nil {
exit.Message(reason.DrvPortForward, "Error getting port binding for '{{.driver_name}} driver: {{.error}}", out.V{"driver_name": driverName, "error": err})
}
+ } else if driver.IsQEMU(driverName) && pkgnetwork.IsBuiltinQEMU(co.Config.Network) {
+ port = d.(*qemu.Driver).EnginePort
}
hostname, err := d.GetSSHHostname()
@@ -307,18 +368,20 @@ var dockerEnvCmd = &cobra.Command{
hostIP := co.CP.IP.String()
ec := DockerEnvConfig{
- EnvConfig: sh,
- profile: cname,
- driver: driverName,
- ssh: sshHost,
- hostIP: hostIP,
- port: port,
- certsDir: localpath.MakeMiniPath("certs"),
- noProxy: noProxy,
- username: d.GetSSHUsername(),
- hostname: hostname,
- sshport: sshport,
- keypath: d.GetSSHKeyPath(),
+ EnvConfig: sh,
+ profile: cname,
+ driver: driverName,
+ ssh: sshHost,
+ hostIP: hostIP,
+ port: port,
+ certsDir: localpath.MakeMiniPath("certs"),
+ noProxy: noProxy,
+ username: d.GetSSHUsername(),
+ hostname: hostname,
+ sshport: sshport,
+ keypath: d.GetSSHKeyPath(),
+ sshAuthSock: co.Config.SSHAuthSock,
+ sshAgentPID: co.Config.SSHAgentPID,
}
dockerPath, err := exec.LookPath("docker")
@@ -348,13 +411,24 @@ var dockerEnvCmd = &cobra.Command{
if err != nil {
exit.Error(reason.IfSSHClient, "Error with ssh-add", err)
}
-
cmd := exec.Command(path, d.GetSSHKeyPath())
cmd.Stderr = os.Stderr
+
+ // TODO: refactor to work with docker, temp fix to resolve regression
+ if cr == constants.Containerd {
+ cmd.Env = append(cmd.Env, fmt.Sprintf("SSH_AUTH_SOCK=%s", co.Config.SSHAuthSock))
+ cmd.Env = append(cmd.Env, fmt.Sprintf("SSH_AGENT_PID=%d", co.Config.SSHAgentPID))
+ }
err = cmd.Run()
if err != nil {
exit.Error(reason.IfSSHClient, "Error with ssh-add", err)
}
+
+ // TODO: refactor to work with docker, temp fix to resolve regression
+ if cr == constants.Containerd {
+ // eventually, run something similar to ssh --append-known
+ appendKnownHelper(nodeName, true)
+ }
}
},
}
@@ -362,17 +436,19 @@ var dockerEnvCmd = &cobra.Command{
// DockerEnvConfig encapsulates all external inputs into shell generation for Docker
type DockerEnvConfig struct {
shell.EnvConfig
- profile string
- driver string
- ssh bool
- hostIP string
- port int
- certsDir string
- noProxy bool
- username string
- hostname string
- sshport int
- keypath string
+ profile string
+ driver string
+ ssh bool
+ hostIP string
+ port int
+ certsDir string
+ noProxy bool
+ username string
+ hostname string
+ sshport int
+ keypath string
+ sshAuthSock string
+ sshAgentPID int
}
// dockerSetScript writes out a shell-compatible 'docker-env' script
@@ -384,12 +460,92 @@ func dockerSetScript(ec DockerEnvConfig, w io.Writer) error {
dockerSetEnvTmpl = dockerEnvTCPTmpl
}
envVars := dockerEnvVars(ec)
- return shell.SetScript(ec.EnvConfig, w, dockerSetEnvTmpl, dockerShellCfgSet(ec, envVars))
+ if ec.Shell == "none" {
+ switch outputFormat {
+ case "":
+ // shell "none"
+ case "text":
+ for k, v := range envVars {
+ _, err := fmt.Fprintf(w, "%s=%s\n", k, v)
+ if err != nil {
+ return err
+ }
+ }
+ return nil
+ case "json":
+ jsondata, err := json.Marshal(envVars)
+ if err != nil {
+ return err
+ }
+ _, err = w.Write(jsondata)
+ if err != nil {
+ return err
+ }
+ _, err = w.Write([]byte{'\n'})
+ if err != nil {
+ return err
+ }
+ return nil
+ case "yaml":
+ yamldata, err := yaml.Marshal(envVars)
+ if err != nil {
+ return err
+ }
+ _, err = w.Write(yamldata)
+ if err != nil {
+ return err
+ }
+ return nil
+ default:
+ exit.Message(reason.InternalOutputUsage, "error: --output must be 'text', 'yaml' or 'json'")
+ }
+ }
+ return shell.SetScript(w, dockerSetEnvTmpl, dockerShellCfgSet(ec, envVars))
}
-// dockerSetScript writes out a shell-compatible 'docker-env unset' script
+// dockerUnsetScript writes out a shell-compatible 'docker-env unset' script
func dockerUnsetScript(ec DockerEnvConfig, w io.Writer) error {
vars := dockerEnvNames(ec)
+ if ec.Shell == "none" {
+ switch outputFormat {
+ case "":
+ // shell "none"
+ case "text":
+ for _, n := range vars {
+ _, err := fmt.Fprintf(w, "%s\n", n)
+ if err != nil {
+ return err
+ }
+ }
+ return nil
+ case "json":
+ jsondata, err := json.Marshal(vars)
+ if err != nil {
+ return err
+ }
+ _, err = w.Write(jsondata)
+ if err != nil {
+ return err
+ }
+ _, err = w.Write([]byte{'\n'})
+ if err != nil {
+ return err
+ }
+ return nil
+ case "yaml":
+ yamldata, err := yaml.Marshal(vars)
+ if err != nil {
+ return err
+ }
+ _, err = w.Write(yamldata)
+ if err != nil {
+ return err
+ }
+ return nil
+ default:
+ exit.Message(reason.InternalOutputUsage, "error: --output must be 'text', 'yaml' or 'json'")
+ }
+ }
return shell.UnsetScript(ec.EnvConfig, w, vars)
}
@@ -406,15 +562,24 @@ func sshURL(username string, hostname string, port int) string {
// dockerEnvVars gets the necessary docker env variables to allow the use of minikube's docker daemon
func dockerEnvVars(ec DockerEnvConfig) map[string]string {
+ agentPID := strconv.Itoa(ec.sshAgentPID)
+ // set agentPID to nil value if not set
+ if agentPID == "0" {
+ agentPID = ""
+ }
envTCP := map[string]string{
constants.DockerTLSVerifyEnv: "1",
constants.DockerHostEnv: dockerURL(ec.hostIP, ec.port),
constants.DockerCertPathEnv: ec.certsDir,
constants.MinikubeActiveDockerdEnv: ec.profile,
+ constants.SSHAuthSock: ec.sshAuthSock,
+ constants.SSHAgentPID: agentPID,
}
envSSH := map[string]string{
constants.DockerHostEnv: sshURL(ec.username, ec.hostname, ec.sshport),
constants.MinikubeActiveDockerdEnv: ec.profile,
+ constants.SSHAuthSock: ec.sshAuthSock,
+ constants.SSHAgentPID: agentPID,
}
var rt map[string]string
@@ -441,6 +606,8 @@ func dockerEnvNames(ec DockerEnvConfig) []string {
constants.DockerHostEnv,
constants.DockerCertPathEnv,
constants.MinikubeActiveDockerdEnv,
+ constants.SSHAuthSock,
+ constants.SSHAgentPID,
}
if ec.noProxy {
@@ -459,6 +626,8 @@ func dockerEnvVarsList(ec DockerEnvConfig) []string {
fmt.Sprintf("%s=%s", constants.DockerHostEnv, dockerURL(ec.hostIP, ec.port)),
fmt.Sprintf("%s=%s", constants.DockerCertPathEnv, ec.certsDir),
fmt.Sprintf("%s=%s", constants.MinikubeActiveDockerdEnv, ec.profile),
+ fmt.Sprintf("%s=%s", constants.SSHAuthSock, ec.sshAuthSock),
+ fmt.Sprintf("%s=%d", constants.SSHAgentPID, ec.sshAgentPID),
}
}
@@ -502,11 +671,23 @@ func tryDockerConnectivity(bin string, ec DockerEnvConfig) ([]byte, error) {
return c.CombinedOutput()
}
+func dockerEnvSupported(containerRuntime, driverName string) error {
+ if containerRuntime != constants.Docker && containerRuntime != constants.Containerd {
+ return fmt.Errorf("the docker-env command only supports the docker and containerd runtimes")
+ }
+ // we only support containerd-env on the Docker driver
+ if containerRuntime == constants.Containerd && driverName != driver.Docker {
+ return fmt.Errorf("the docker-env command only supports the containerd runtime with the docker driver")
+ }
+ return nil
+}
+
func init() {
defaultNoProxyGetter = &EnvNoProxyGetter{}
dockerEnvCmd.Flags().BoolVar(&noProxy, "no-proxy", false, "Add machine IP to NO_PROXY environment variable")
dockerEnvCmd.Flags().BoolVar(&sshHost, "ssh-host", false, "Use SSH connection instead of HTTPS (port 2376)")
dockerEnvCmd.Flags().BoolVar(&sshAdd, "ssh-add", false, "Add SSH identity key to SSH authentication agent")
dockerEnvCmd.Flags().StringVar(&shell.ForceShell, "shell", "", "Force environment to be configured for a specified shell: [fish, cmd, powershell, tcsh, bash, zsh], default is auto-detect")
+ dockerEnvCmd.Flags().StringVarP(&outputFormat, "output", "o", "", "One of 'text', 'yaml' or 'json'.")
dockerEnvCmd.Flags().BoolVarP(&dockerUnset, "unset", "u", false, "Unset variables instead of setting them")
}
diff --git a/cmd/minikube/cmd/docker-env_test.go b/cmd/minikube/cmd/docker-env_test.go
index 915b3da622b9..8ef535a81af5 100644
--- a/cmd/minikube/cmd/docker-env_test.go
+++ b/cmd/minikube/cmd/docker-env_test.go
@@ -18,10 +18,13 @@ package cmd
import (
"bytes"
- "os"
+ "encoding/json"
+ "strings"
"testing"
"github.com/google/go-cmp/cmp"
+ "github.com/google/go-cmp/cmp/cmpopts"
+ "gopkg.in/yaml.v2"
)
type FakeNoProxyGetter struct {
@@ -36,13 +39,16 @@ func (f FakeNoProxyGetter) GetNoProxyVar() (string, string) {
func TestGenerateDockerScripts(t *testing.T) {
var tests = []struct {
shell string
+ output string
config DockerEnvConfig
noProxyGetter *FakeNoProxyGetter
wantSet string
wantUnset string
+ diffOpts []cmp.Option
}{
{
"bash",
+ "",
DockerEnvConfig{profile: "dockerdriver", driver: "docker", hostIP: "127.0.0.1", port: 32842, certsDir: "/certs"},
nil,
`export DOCKER_TLS_VERIFY="1"
@@ -57,10 +63,14 @@ export MINIKUBE_ACTIVE_DOCKERD="dockerdriver"
unset DOCKER_HOST;
unset DOCKER_CERT_PATH;
unset MINIKUBE_ACTIVE_DOCKERD;
+unset SSH_AUTH_SOCK;
+unset SSH_AGENT_PID;
`,
+ nil,
},
{
"bash",
+ "",
DockerEnvConfig{profile: "dockerdriver", driver: "docker", ssh: true, username: "root", hostname: "host", sshport: 22},
nil,
`export DOCKER_HOST="ssh://root@host:22"
@@ -73,10 +83,14 @@ export MINIKUBE_ACTIVE_DOCKERD="dockerdriver"
unset DOCKER_HOST;
unset DOCKER_CERT_PATH;
unset MINIKUBE_ACTIVE_DOCKERD;
+unset SSH_AUTH_SOCK;
+unset SSH_AGENT_PID;
`,
+ nil,
},
{
"bash",
+ "",
DockerEnvConfig{profile: "bash", driver: "kvm2", hostIP: "127.0.0.1", port: 2376, certsDir: "/certs"},
nil,
`export DOCKER_TLS_VERIFY="1"
@@ -91,10 +105,14 @@ export MINIKUBE_ACTIVE_DOCKERD="bash"
unset DOCKER_HOST;
unset DOCKER_CERT_PATH;
unset MINIKUBE_ACTIVE_DOCKERD;
+unset SSH_AUTH_SOCK;
+unset SSH_AGENT_PID;
`,
+ nil,
},
{
"bash",
+ "",
DockerEnvConfig{profile: "ipv6", driver: "kvm2", hostIP: "fe80::215:5dff:fe00:a903", port: 2376, certsDir: "/certs"},
nil,
`export DOCKER_TLS_VERIFY="1"
@@ -109,10 +127,14 @@ export MINIKUBE_ACTIVE_DOCKERD="ipv6"
unset DOCKER_HOST;
unset DOCKER_CERT_PATH;
unset MINIKUBE_ACTIVE_DOCKERD;
+unset SSH_AUTH_SOCK;
+unset SSH_AGENT_PID;
`,
+ nil,
},
{
"fish",
+ "",
DockerEnvConfig{profile: "fish", driver: "kvm2", hostIP: "127.0.0.1", port: 2376, certsDir: "/certs"},
nil,
`set -gx DOCKER_TLS_VERIFY "1";
@@ -127,10 +149,14 @@ set -gx MINIKUBE_ACTIVE_DOCKERD "fish";
set -e DOCKER_HOST;
set -e DOCKER_CERT_PATH;
set -e MINIKUBE_ACTIVE_DOCKERD;
+set -e SSH_AUTH_SOCK;
+set -e SSH_AGENT_PID;
`,
+ nil,
},
{
"powershell",
+ "",
DockerEnvConfig{profile: "powershell", driver: "hyperv", hostIP: "192.168.0.1", port: 2376, certsDir: "/certs"},
nil,
`$Env:DOCKER_TLS_VERIFY = "1"
@@ -138,17 +164,21 @@ $Env:DOCKER_HOST = "tcp://192.168.0.1:2376"
$Env:DOCKER_CERT_PATH = "/certs"
$Env:MINIKUBE_ACTIVE_DOCKERD = "powershell"
# To point your shell to minikube's docker-daemon, run:
-# & minikube -p powershell docker-env | Invoke-Expression
+# & minikube -p powershell docker-env --shell powershell | Invoke-Expression
`,
`Remove-Item Env:\\DOCKER_TLS_VERIFY
Remove-Item Env:\\DOCKER_HOST
Remove-Item Env:\\DOCKER_CERT_PATH
Remove-Item Env:\\MINIKUBE_ACTIVE_DOCKERD
+Remove-Item Env:\\SSH_AUTH_SOCK
+Remove-Item Env:\\SSH_AGENT_PID
`,
+ nil,
},
{
"cmd",
+ "",
DockerEnvConfig{profile: "cmd", driver: "hyperv", hostIP: "192.168.0.1", port: 2376, certsDir: "/certs"},
nil,
`SET DOCKER_TLS_VERIFY=1
@@ -156,17 +186,21 @@ SET DOCKER_HOST=tcp://192.168.0.1:2376
SET DOCKER_CERT_PATH=/certs
SET MINIKUBE_ACTIVE_DOCKERD=cmd
REM To point your shell to minikube's docker-daemon, run:
-REM @FOR /f "tokens=*" %i IN ('minikube -p cmd docker-env') DO @%i
+REM @FOR /f "tokens=*" %i IN ('minikube -p cmd docker-env --shell cmd') DO @%i
`,
`SET DOCKER_TLS_VERIFY=
SET DOCKER_HOST=
SET DOCKER_CERT_PATH=
SET MINIKUBE_ACTIVE_DOCKERD=
+SET SSH_AUTH_SOCK=
+SET SSH_AGENT_PID=
`,
+ nil,
},
{
"emacs",
+ "",
DockerEnvConfig{profile: "emacs", driver: "hyperv", hostIP: "192.168.0.1", port: 2376, certsDir: "/certs"},
nil,
`(setenv "DOCKER_TLS_VERIFY" "1")
@@ -180,10 +214,14 @@ SET MINIKUBE_ACTIVE_DOCKERD=
(setenv "DOCKER_HOST" nil)
(setenv "DOCKER_CERT_PATH" nil)
(setenv "MINIKUBE_ACTIVE_DOCKERD" nil)
+(setenv "SSH_AUTH_SOCK" nil)
+(setenv "SSH_AGENT_PID" nil)
`,
+ nil,
},
{
"bash",
+ "",
DockerEnvConfig{profile: "bash-no-proxy", driver: "kvm2", hostIP: "127.0.0.1", port: 2376, certsDir: "/certs", noProxy: true},
&FakeNoProxyGetter{"NO_PROXY", "127.0.0.1"},
`export DOCKER_TLS_VERIFY="1"
@@ -200,11 +238,15 @@ export NO_PROXY="127.0.0.1"
unset DOCKER_HOST;
unset DOCKER_CERT_PATH;
unset MINIKUBE_ACTIVE_DOCKERD;
+unset SSH_AUTH_SOCK;
+unset SSH_AGENT_PID;
unset NO_PROXY;
`,
+ nil,
},
{
"bash",
+ "",
DockerEnvConfig{profile: "bash-no-proxy-lower", driver: "kvm2", hostIP: "127.0.0.1", port: 2376, certsDir: "/certs", noProxy: true},
&FakeNoProxyGetter{"no_proxy", "127.0.0.1"},
`export DOCKER_TLS_VERIFY="1"
@@ -221,11 +263,15 @@ export no_proxy="127.0.0.1"
unset DOCKER_HOST;
unset DOCKER_CERT_PATH;
unset MINIKUBE_ACTIVE_DOCKERD;
+unset SSH_AUTH_SOCK;
+unset SSH_AGENT_PID;
unset no_proxy;
`,
+ nil,
},
{
"powershell",
+ "",
DockerEnvConfig{profile: "powershell-no-proxy-idempotent", driver: "hyperv", hostIP: "192.168.0.1", port: 2376, certsDir: "/certs", noProxy: true},
&FakeNoProxyGetter{"no_proxy", "192.168.0.1"},
`$Env:DOCKER_TLS_VERIFY = "1"
@@ -234,18 +280,22 @@ $Env:DOCKER_CERT_PATH = "/certs"
$Env:MINIKUBE_ACTIVE_DOCKERD = "powershell-no-proxy-idempotent"
$Env:no_proxy = "192.168.0.1"
# To point your shell to minikube's docker-daemon, run:
-# & minikube -p powershell-no-proxy-idempotent docker-env | Invoke-Expression
+# & minikube -p powershell-no-proxy-idempotent docker-env --shell powershell | Invoke-Expression
`,
`Remove-Item Env:\\DOCKER_TLS_VERIFY
Remove-Item Env:\\DOCKER_HOST
Remove-Item Env:\\DOCKER_CERT_PATH
Remove-Item Env:\\MINIKUBE_ACTIVE_DOCKERD
+Remove-Item Env:\\SSH_AUTH_SOCK
+Remove-Item Env:\\SSH_AGENT_PID
Remove-Item Env:\\no_proxy
`,
+ nil,
},
{
"bash",
+ "",
DockerEnvConfig{profile: "sh-no-proxy-add", driver: "kvm2", hostIP: "127.0.0.1", port: 2376, certsDir: "/certs", noProxy: true},
&FakeNoProxyGetter{"NO_PROXY", "192.168.0.1,10.0.0.4"},
`export DOCKER_TLS_VERIFY="1"
@@ -262,11 +312,15 @@ export NO_PROXY="192.168.0.1,10.0.0.4,127.0.0.1"
unset DOCKER_HOST;
unset DOCKER_CERT_PATH;
unset MINIKUBE_ACTIVE_DOCKERD;
+unset SSH_AUTH_SOCK;
+unset SSH_AGENT_PID;
unset NO_PROXY;
`,
+ nil,
},
{
"none",
+ "",
DockerEnvConfig{profile: "noneshell", driver: "docker", hostIP: "127.0.0.1", port: 32842, certsDir: "/certs"},
nil,
`DOCKER_TLS_VERIFY=1
@@ -278,12 +332,106 @@ MINIKUBE_ACTIVE_DOCKERD=noneshell
DOCKER_HOST
DOCKER_CERT_PATH
MINIKUBE_ACTIVE_DOCKERD
+SSH_AUTH_SOCK
+SSH_AGENT_PID
+`,
+ nil,
+ },
+ {
+ "none",
+ "text",
+ DockerEnvConfig{profile: "nonetext", driver: "docker", hostIP: "127.0.0.1", port: 32842, certsDir: "/certs", sshAuthSock: "/var/folders/9l/6wpxv6wd1b901m1146r579wc00rqw3/T//ssh-KCQt1sNqrCPI/agent.29227", sshAgentPID: 29228},
+ nil,
+ `DOCKER_TLS_VERIFY=1
+DOCKER_HOST=tcp://127.0.0.1:32842
+DOCKER_CERT_PATH=/certs
+MINIKUBE_ACTIVE_DOCKERD=nonetext
+SSH_AUTH_SOCK=/var/folders/9l/6wpxv6wd1b901m1146r579wc00rqw3/T//ssh-KCQt1sNqrCPI/agent.29227
+SSH_AGENT_PID=29228
+`,
+ `DOCKER_TLS_VERIFY
+DOCKER_HOST
+DOCKER_CERT_PATH
+MINIKUBE_ACTIVE_DOCKERD
+SSH_AUTH_SOCK
+SSH_AGENT_PID
+`,
+ []cmp.Option{
+ cmpopts.AcyclicTransformer("SplitLines", func(s string) []string {
+ return strings.Split(s, "\n")
+ }),
+ cmpopts.SortSlices(func(a, b string) bool {
+ return a < b
+ }),
+ },
+ },
+ {
+ "none",
+ "json",
+ DockerEnvConfig{profile: "nonejson", driver: "docker", hostIP: "127.0.0.1", port: 32842, certsDir: "/certs", sshAuthSock: "/var/folders/9l/6wpxv6wd1b901m1146r579wc00rqw3/T//ssh-KCQt1sNqrCPI/agent.29227", sshAgentPID: 29228},
+ nil,
+ `{
+ "DOCKER_TLS_VERIFY": "1",
+ "DOCKER_HOST": "tcp://127.0.0.1:32842",
+ "DOCKER_CERT_PATH": "/certs",
+ "MINIKUBE_ACTIVE_DOCKERD": "nonejson",
+ "SSH_AUTH_SOCK": "/var/folders/9l/6wpxv6wd1b901m1146r579wc00rqw3/T//ssh-KCQt1sNqrCPI/agent.29227",
+ "SSH_AGENT_PID": "29228"
+ }`,
+ `[
+ "DOCKER_TLS_VERIFY",
+ "DOCKER_HOST",
+ "DOCKER_CERT_PATH",
+ "MINIKUBE_ACTIVE_DOCKERD",
+ "SSH_AUTH_SOCK",
+ "SSH_AGENT_PID"
+ ]`,
+ []cmp.Option{
+ cmp.FilterValues(func(x, y string) bool {
+ return json.Valid([]byte(x)) && json.Valid([]byte(y))
+ },
+ cmp.Transformer("ParseJSON", func(in string) (out interface{}) {
+ if err := json.Unmarshal([]byte(in), &out); err != nil {
+ panic(err) // should never occur given previous filter to ensure valid JSON
+ }
+ return out
+ })),
+ },
+ },
+ {
+ "none",
+ "yaml",
+ DockerEnvConfig{profile: "noneyaml", driver: "docker", hostIP: "127.0.0.1", port: 32842, certsDir: "/certs", sshAuthSock: "/var/folders/9l/6wpxv6wd1b901m1146r579wc00rqw3/T//ssh-KCQt1sNqrCPI/agent.29227", sshAgentPID: 29228},
+ nil,
+ `DOCKER_TLS_VERIFY: "1"
+DOCKER_HOST: tcp://127.0.0.1:32842
+DOCKER_CERT_PATH: /certs
+MINIKUBE_ACTIVE_DOCKERD: noneyaml
+SSH_AUTH_SOCK: /var/folders/9l/6wpxv6wd1b901m1146r579wc00rqw3/T//ssh-KCQt1sNqrCPI/agent.29227
+SSH_AGENT_PID: "29228"
+`,
+ `- DOCKER_TLS_VERIFY
+- DOCKER_HOST
+- DOCKER_CERT_PATH
+- MINIKUBE_ACTIVE_DOCKERD
+- SSH_AUTH_SOCK
+- SSH_AGENT_PID
`,
+ []cmp.Option{
+ cmpopts.AcyclicTransformer("ParseYAML", func(in string) (out interface{}) {
+ if err := yaml.Unmarshal([]byte(in), &out); err != nil {
+ return nil
+ }
+ return out
+ }),
+ },
},
}
for _, tc := range tests {
t.Run(tc.config.profile, func(t *testing.T) {
- tc.config.EnvConfig.Shell = tc.shell
+ tc.config.Shell = tc.shell
+ // set global variable
+ outputFormat = tc.output
defaultNoProxyGetter = tc.noProxyGetter
var b []byte
buf := bytes.NewBuffer(b)
@@ -291,7 +439,7 @@ MINIKUBE_ACTIVE_DOCKERD
t.Errorf("setScript(%+v) error: %v", tc.config, err)
}
got := buf.String()
- if diff := cmp.Diff(tc.wantSet, got); diff != "" {
+ if diff := cmp.Diff(tc.wantSet, got, tc.diffOpts...); diff != "" {
t.Errorf("setScript(%+v) mismatch (-want +got):\n%s\n\nraw output:\n%s\nquoted: %q", tc.config, diff, got, got)
}
@@ -300,7 +448,7 @@ MINIKUBE_ACTIVE_DOCKERD
t.Errorf("unsetScript(%+v) error: %v", tc.config, err)
}
got = buf.String()
- if diff := cmp.Diff(tc.wantUnset, got); diff != "" {
+ if diff := cmp.Diff(tc.wantUnset, got, tc.diffOpts...); diff != "" {
t.Errorf("unsetScript(%+v) mismatch (-want +got):\n%s\n\nraw output:\n%s\nquoted: %q", tc.config, diff, got, got)
}
@@ -332,7 +480,7 @@ func TestValidDockerProxy(t *testing.T) {
}
for _, tc := range tests {
- os.Setenv("ALL_PROXY", tc.proxy)
+ t.Setenv("ALL_PROXY", tc.proxy)
valid := isValidDockerProxy("ALL_PROXY")
if tc.isValid && valid != tc.isValid {
t.Errorf("Expect %#v to be valid docker proxy", tc.proxy)
diff --git a/cmd/minikube/cmd/flags/flags.go b/cmd/minikube/cmd/flags/flags.go
new file mode 100644
index 000000000000..e6d928a2305b
--- /dev/null
+++ b/cmd/minikube/cmd/flags/flags.go
@@ -0,0 +1,38 @@
+/*
+Copyright 2025 The Kubernetes Authors All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package flags
+
+import (
+ "github.com/spf13/viper"
+ "k8s.io/minikube/pkg/minikube/run"
+)
+
+// Flag names passed to minikube via run.CommandOptions.
+const (
+ Interactive = "interactive"
+ DownloadOnly = "download-only"
+)
+
+// CommandOptions returns minikube runtime options from command line flags.
+// Flags that must be handled outside of the cmd package must be added to
+// run.CommandOptions.
+func CommandOptions() *run.CommandOptions {
+ return &run.CommandOptions{
+ NonInteractive: !viper.GetBool(Interactive),
+ DownloadOnly: viper.GetBool(DownloadOnly),
+ }
+}
diff --git a/cmd/minikube/cmd/generate-docs.go b/cmd/minikube/cmd/generate-docs.go
index 8b9a847c7bf9..0cd4c89116cb 100644
--- a/cmd/minikube/cmd/generate-docs.go
+++ b/cmd/minikube/cmd/generate-docs.go
@@ -38,7 +38,7 @@ var generateDocs = &cobra.Command{
Long: "Populates the specified folder with documentation in markdown about minikube",
Example: "minikube generate-docs --path ",
Hidden: true,
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
// if directory does not exist
st, err := os.Stat(docsPath)
if err != nil || !st.IsDir() {
diff --git a/cmd/minikube/cmd/generate-docs_test.go b/cmd/minikube/cmd/generate-docs_test.go
index 91ce515de66e..412c6a0c0f76 100644
--- a/cmd/minikube/cmd/generate-docs_test.go
+++ b/cmd/minikube/cmd/generate-docs_test.go
@@ -17,7 +17,6 @@ limitations under the License.
package cmd
import (
- "io/ioutil"
"os"
"path/filepath"
"strings"
@@ -27,18 +26,13 @@ import (
)
func TestGenerateTestDocs(t *testing.T) {
- tempdir, err := ioutil.TempDir("", "")
- if err != nil {
- t.Fatalf("creating temp dir failed: %v", err)
- }
- defer os.RemoveAll(tempdir)
+ tempdir := t.TempDir()
docPath := filepath.Join(tempdir, "tests.md")
- err = generate.TestDocs(docPath, "../../../test/integration")
- if err != nil {
+ if err := generate.TestDocs(docPath, "../../../test/integration"); err != nil {
t.Fatalf("error generating test docs: %v", err)
}
- actualContents, err := ioutil.ReadFile(docPath)
+ actualContents, err := os.ReadFile(docPath)
if err != nil {
t.Fatalf("error reading generated file: %v", err)
}
diff --git a/cmd/minikube/cmd/image.go b/cmd/minikube/cmd/image.go
index 85616c09c49c..51e551ea47c7 100644
--- a/cmd/minikube/cmd/image.go
+++ b/cmd/minikube/cmd/image.go
@@ -18,7 +18,6 @@ package cmd
import (
"io"
- "io/ioutil"
"net/url"
"os"
"path/filepath"
@@ -27,14 +26,20 @@ import (
"github.com/spf13/cobra"
"github.com/spf13/viper"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/image"
"k8s.io/minikube/pkg/minikube/machine"
+ "k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
docker "k8s.io/minikube/third_party/go-dockerclient"
)
+var (
+ allNodes bool
+)
+
// imageCmd represents the image command
var imageCmd = &cobra.Command{
Use: "image COMMAND",
@@ -51,10 +56,11 @@ var (
dockerFile string
buildEnv []string
buildOpt []string
+ format string
)
func saveFile(r io.Reader) (string, error) {
- tmp, err := ioutil.TempFile("", "build.*.tar")
+ tmp, err := os.CreateTemp("", "build.*.tar")
if err != nil {
return "", err
}
@@ -72,13 +78,15 @@ func saveFile(r io.Reader) (string, error) {
// loadImageCmd represents the image load command
var loadImageCmd = &cobra.Command{
Use: "load IMAGE | ARCHIVE | -",
- Short: "Load a image into minikube",
- Long: "Load a image into minikube",
+ Short: "Load an image into minikube",
+ Long: "Load an image into minikube",
Example: "minikube image load image\nminikube image load image.tar",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) == 0 {
exit.Message(reason.Usage, "Please provide an image in your local daemon to load into minikube via ")
}
+
+ options := flags.CommandOptions()
// Cache and load images into container runtime
profile, err := config.LoadProfile(viper.GetString(config.ProfileName))
if err != nil {
@@ -88,7 +96,7 @@ var loadImageCmd = &cobra.Command{
if pull {
// Pull image from remote registry, without doing any caching except in container runtime.
// This is similar to daemon.Image but it is done by the container runtime in the cluster.
- if err := machine.PullImages(args, profile); err != nil {
+ if err := machine.PullImages(args, profile, options); err != nil {
exit.Error(reason.GuestImageLoad, "Failed to pull image", err)
}
return
@@ -131,19 +139,92 @@ var loadImageCmd = &cobra.Command{
if imgDaemon || imgRemote {
image.UseDaemon(imgDaemon)
image.UseRemote(imgRemote)
- if err := machine.CacheAndLoadImages(args, []*config.Profile{profile}, overwrite); err != nil {
+ if err := machine.CacheAndLoadImages(args, []*config.Profile{profile}, overwrite, options); err != nil {
exit.Error(reason.GuestImageLoad, "Failed to load image", err)
}
} else if local {
// Load images from local files, without doing any caching or checks in container runtime
// This is similar to tarball.Image but it is done by the container runtime in the cluster.
- if err := machine.DoLoadImages(args, []*config.Profile{profile}, "", overwrite); err != nil {
+ if err := machine.DoLoadImages(args, []*config.Profile{profile}, "", overwrite, options); err != nil {
exit.Error(reason.GuestImageLoad, "Failed to load image", err)
}
}
},
}
+func readFile(w io.Writer, tmp string) error {
+ r, err := os.Open(tmp)
+ if err != nil {
+ return err
+ }
+ _, err = io.Copy(w, r)
+ if err != nil {
+ return err
+ }
+ err = r.Close()
+ if err != nil {
+ return err
+ }
+ return nil
+}
+
+// saveImageCmd represents the image load command
+var saveImageCmd = &cobra.Command{
+ Use: "save IMAGE [ARCHIVE | -]",
+ Short: "Save a image from minikube",
+ Long: "Save a image from minikube",
+ Example: "minikube image save image\nminikube image save image image.tar",
+ Run: func(_ *cobra.Command, args []string) {
+ if len(args) == 0 {
+ exit.Message(reason.Usage, "Please provide an image in the container runtime to save from minikube via ")
+ }
+
+ options := flags.CommandOptions()
+ // Save images from container runtime
+ profile, err := config.LoadProfile(viper.GetString(config.ProfileName))
+ if err != nil {
+ exit.Error(reason.Usage, "loading profile", err)
+ }
+
+ if len(args) > 1 {
+ output = args[1]
+
+ if args[1] == "-" {
+ tmp, err := os.CreateTemp("", "image.*.tar")
+ if err != nil {
+ exit.Error(reason.GuestImageSave, "Failed to get temp", err)
+ }
+ tmp.Close()
+ output = tmp.Name()
+ }
+
+ if err := machine.DoSaveImages([]string{args[0]}, output, []*config.Profile{profile}, "", options); err != nil {
+ exit.Error(reason.GuestImageSave, "Failed to save image", err)
+ }
+
+ if args[1] == "-" {
+ err := readFile(os.Stdout, output)
+ if err != nil {
+ exit.Error(reason.GuestImageSave, "Failed to read temp", err)
+ }
+ os.Remove(output)
+ }
+ } else {
+ if err := machine.SaveAndCacheImages([]string{args[0]}, []*config.Profile{profile}, options); err != nil {
+ exit.Error(reason.GuestImageSave, "Failed to save image", err)
+ }
+ if imgDaemon || imgRemote {
+ image.UseDaemon(imgDaemon)
+ image.UseRemote(imgRemote)
+ err := image.UploadCachedImage(args[0])
+ if err != nil {
+ exit.Error(reason.GuestImageSave, "Failed to save image", err)
+ }
+ }
+ }
+ },
+}
+
var removeImageCmd = &cobra.Command{
Use: "rm IMAGE [IMAGE...]",
Short: "Remove one or more images",
@@ -154,17 +235,37 @@ $ minikube image unload image busybox
`,
Args: cobra.MinimumNArgs(1),
Aliases: []string{"remove", "unload"},
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
+ options := flags.CommandOptions()
profile, err := config.LoadProfile(viper.GetString(config.ProfileName))
if err != nil {
exit.Error(reason.Usage, "loading profile", err)
}
- if err := machine.RemoveImages(args, profile); err != nil {
+ if err := machine.RemoveImages(args, profile, options); err != nil {
exit.Error(reason.GuestImageRemove, "Failed to remove image", err)
}
},
}
+var pullImageCmd = &cobra.Command{
+ Use: "pull",
+ Short: "Pull images",
+ Example: `
+$ minikube image pull busybox
+`,
+ Run: func(_ *cobra.Command, args []string) {
+ options := flags.CommandOptions()
+ profile, err := config.LoadProfile(viper.GetString(config.ProfileName))
+ if err != nil {
+ exit.Error(reason.Usage, "loading profile", err)
+ }
+
+ if err := machine.PullImages(args, profile, options); err != nil {
+ exit.Error(reason.GuestImagePull, "Failed to pull images", err)
+ }
+ },
+}
+
func createTar(dir string) (string, error) {
tar, err := docker.CreateTarStream(dir, dockerFile)
if err != nil {
@@ -179,10 +280,12 @@ var buildImageCmd = &cobra.Command{
Short: "Build a container image in minikube",
Long: "Build a container image, using the container runtime.",
Example: `minikube image build .`,
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) < 1 {
exit.Message(reason.Usage, "Please provide a path or url to build")
}
+
+ options := flags.CommandOptions()
// Build images into container runtime
profile, err := config.LoadProfile(viper.GetString(config.ProfileName))
if err != nil {
@@ -217,7 +320,13 @@ var buildImageCmd = &cobra.Command{
// Otherwise, assume it's a tar
}
}
- if err := machine.BuildImage(img, dockerFile, tag, push, buildEnv, buildOpt, []*config.Profile{profile}); err != nil {
+ if runtime.GOOS == "windows" && strings.Contains(dockerFile, "\\") {
+ // if dockerFile is a DOS path, translate it into UNIX path
+ // because we are going to build this image in UNIX environment
+ out.Stringf("minikube detects that you are using DOS-style path %s. minikube will convert it to UNIX-style by replacing all \\ to /\n", dockerFile)
+ dockerFile = strings.ReplaceAll(dockerFile, "\\", "/")
+ }
+ if err := machine.BuildImage(img, dockerFile, tag, push, buildEnv, buildOpt, []*config.Profile{profile}, allNodes, nodeName, options); err != nil {
exit.Error(reason.GuestImageBuild, "Failed to build image", err)
}
if tmp != "" {
@@ -233,30 +342,83 @@ var listImageCmd = &cobra.Command{
$ minikube image ls
`,
Aliases: []string{"list"},
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
profile, err := config.LoadProfile(viper.GetString(config.ProfileName))
if err != nil {
exit.Error(reason.Usage, "loading profile", err)
}
- if err := machine.ListImages(profile); err != nil {
+ if err := machine.ListImages(profile, format, options); err != nil {
exit.Error(reason.GuestImageList, "Failed to list images", err)
}
},
}
+var tagImageCmd = &cobra.Command{
+ Use: "tag",
+ Short: "Tag images",
+ Example: `
+$ minikube image tag source target
+`,
+ Aliases: []string{"list"},
+ Run: func(_ *cobra.Command, args []string) {
+ if len(args) != 2 {
+ exit.Message(reason.Usage, "Please provide source and target image")
+ }
+
+ options := flags.CommandOptions()
+ profile, err := config.LoadProfile(viper.GetString(config.ProfileName))
+ if err != nil {
+ exit.Error(reason.Usage, "loading profile", err)
+ }
+
+ if err := machine.TagImage(profile, args[0], args[1], options); err != nil {
+ exit.Error(reason.GuestImageTag, "Failed to tag images", err)
+ }
+ },
+}
+
+var pushImageCmd = &cobra.Command{
+ Use: "push",
+ Short: "Push images",
+ Example: `
+$ minikube image push busybox
+`,
+ Run: func(_ *cobra.Command, args []string) {
+ options := flags.CommandOptions()
+ profile, err := config.LoadProfile(viper.GetString(config.ProfileName))
+ if err != nil {
+ exit.Error(reason.Usage, "loading profile", err)
+ }
+
+ if err := machine.PushImages(args, profile, options); err != nil {
+ exit.Error(reason.GuestImagePush, "Failed to push images", err)
+ }
+ },
+}
+
func init() {
- loadImageCmd.Flags().BoolVarP(&pull, "pull", "", false, "Pull the remote image (no caching)")
+ loadImageCmd.Flags().BoolVar(&pull, "pull", false, "Pull the remote image (no caching)")
loadImageCmd.Flags().BoolVar(&imgDaemon, "daemon", false, "Cache image from docker daemon")
loadImageCmd.Flags().BoolVar(&imgRemote, "remote", false, "Cache image from remote registry")
loadImageCmd.Flags().BoolVar(&overwrite, "overwrite", true, "Overwrite image even if same image:tag name exists")
imageCmd.AddCommand(loadImageCmd)
imageCmd.AddCommand(removeImageCmd)
+ imageCmd.AddCommand(pullImageCmd)
buildImageCmd.Flags().StringVarP(&tag, "tag", "t", "", "Tag to apply to the new image (optional)")
- buildImageCmd.Flags().BoolVarP(&push, "push", "", false, "Push the new image (requires tag)")
+ buildImageCmd.Flags().BoolVar(&push, "push", false, "Push the new image (requires tag)")
buildImageCmd.Flags().StringVarP(&dockerFile, "file", "f", "", "Path to the Dockerfile to use (optional)")
buildImageCmd.Flags().StringArrayVar(&buildEnv, "build-env", nil, "Environment variables to pass to the build. (format: key=value)")
buildImageCmd.Flags().StringArrayVar(&buildOpt, "build-opt", nil, "Specify arbitrary flags to pass to the build. (format: key=value)")
+ buildImageCmd.Flags().StringVarP(&nodeName, "node", "n", "", "The node to build on. Defaults to the primary control plane.")
+ buildImageCmd.Flags().BoolVar(&allNodes, "all", false, "Build image on all nodes.")
imageCmd.AddCommand(buildImageCmd)
+ saveImageCmd.Flags().BoolVar(&imgDaemon, "daemon", false, "Cache image to docker daemon")
+ saveImageCmd.Flags().BoolVar(&imgRemote, "remote", false, "Cache image to remote registry")
+ imageCmd.AddCommand(saveImageCmd)
+ listImageCmd.Flags().StringVar(&format, "format", "short", "Format output. One of: short|table|json|yaml")
imageCmd.AddCommand(listImageCmd)
+ imageCmd.AddCommand(tagImageCmd)
+ imageCmd.AddCommand(pushImageCmd)
}
diff --git a/cmd/minikube/cmd/ip.go b/cmd/minikube/cmd/ip.go
index 3a34fad294d0..5f0453368d5f 100644
--- a/cmd/minikube/cmd/ip.go
+++ b/cmd/minikube/cmd/ip.go
@@ -18,6 +18,7 @@ package cmd
import (
"github.com/spf13/cobra"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/mustload"
"k8s.io/minikube/pkg/minikube/node"
@@ -30,8 +31,9 @@ var ipCmd = &cobra.Command{
Use: "ip",
Short: "Retrieves the IP address of the specified node",
Long: `Retrieves the IP address of the specified node, and writes it to STDOUT.`,
- Run: func(cmd *cobra.Command, args []string) {
- co := mustload.Running(ClusterFlagValue())
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
+ co := mustload.Running(ClusterFlagValue(), options)
n, _, err := node.Retrieve(*co.Config, nodeName)
if err != nil {
exit.Error(reason.GuestNodeRetrieve, "retrieving node", err)
diff --git a/cmd/minikube/cmd/kubectl.go b/cmd/minikube/cmd/kubectl.go
index 35c776d0eba8..cd5fa6b27e11 100644
--- a/cmd/minikube/cmd/kubectl.go
+++ b/cmd/minikube/cmd/kubectl.go
@@ -21,10 +21,12 @@ import (
"os"
"os/exec"
"path"
+ "strings"
"syscall"
"github.com/spf13/cobra"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/constants"
"k8s.io/minikube/pkg/minikube/detect"
@@ -52,24 +54,27 @@ but optionally you can also run it directly on the control plane over the ssh co
This can be useful if you cannot run kubectl locally for some reason, like unsupported
host. Please be aware that when using --ssh all paths will apply to the remote machine.`,
Example: "minikube kubectl -- --help\nminikube kubectl -- get pods --namespace kube-system",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
+ options := flags.CommandOptions()
cc, err := config.Load(ClusterFlagValue())
version := constants.DefaultKubernetesVersion
+ binaryMirror := ""
if err == nil {
version = cc.KubernetesConfig.KubernetesVersion
+ binaryMirror = cc.BinaryMirror
}
cname := ClusterFlagValue()
if useSSH {
- co := mustload.Running(cname)
+ co := mustload.Running(cname, options)
n := co.CP.Node
kc := []string{"sudo"}
kc = append(kc, kubectlPath(*co.Config))
kc = append(kc, "--kubeconfig")
- kc = append(kc, kubeconfigPath(*co.Config))
+ kc = append(kc, kubeconfigPath())
args = append(kc, args...)
klog.Infof("Running SSH %v", args)
@@ -94,12 +99,27 @@ host. Please be aware that when using --ssh all paths will apply to the remote m
os.Exit(1)
}
- if len(args) > 1 && args[0] != "--help" {
- cluster := []string{"--cluster", cname}
- args = append(cluster, args...)
+ if len(args) > 0 {
+ insertIndex := 0
+ if args[0] == cobra.ShellCompRequestCmd || args[0] == cobra.ShellCompNoDescRequestCmd {
+ // Insert right after __complete to allow code completion from the correct cluster.
+ insertIndex = 1
+ } else {
+ // Add cluster argument before first flag, but after all commands.
+ // This improves error message of kubectl in case the command is wrong.
+ insertIndex = len(args)
+ for i, arg := range args {
+ if strings.HasPrefix(arg, "-") {
+ insertIndex = i
+ break
+ }
+ }
+ }
+ clusterArg := "--cluster=" + cname
+ args = append(append(append([]string{}, args[:insertIndex]...), clusterArg), args[insertIndex:]...)
}
- c, err := KubectlCommand(version, args...)
+ c, err := KubectlCommand(version, binaryMirror, args...)
if err != nil {
out.ErrLn("Error caching kubectl: %v", err)
os.Exit(1)
@@ -129,22 +149,22 @@ func kubectlPath(cfg config.ClusterConfig) string {
}
// kubeconfigPath returns the path to kubeconfig
-func kubeconfigPath(cfg config.ClusterConfig) string {
+func kubeconfigPath() string {
return "/etc/kubernetes/admin.conf"
}
// KubectlCommand will return kubectl command with a version matching the cluster
-func KubectlCommand(version string, args ...string) (*exec.Cmd, error) {
+func KubectlCommand(version, binaryURL string, args ...string) (*exec.Cmd, error) {
if version == "" {
version = constants.DefaultKubernetesVersion
}
- path, err := node.CacheKubectlBinary(version)
+ binary, err := node.CacheKubectlBinary(version, binaryURL)
if err != nil {
return nil, err
}
- return exec.Command(path, args...), nil
+ return exec.Command(binary, args...), nil
}
func init() {
diff --git a/cmd/minikube/cmd/license.go b/cmd/minikube/cmd/license.go
new file mode 100644
index 000000000000..986a7d58928b
--- /dev/null
+++ b/cmd/minikube/cmd/license.go
@@ -0,0 +1,42 @@
+/*
+Copyright 2022 The Kubernetes Authors All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cmd
+
+import (
+ "github.com/spf13/cobra"
+ "k8s.io/minikube/pkg/minikube/download"
+ "k8s.io/minikube/pkg/minikube/exit"
+ "k8s.io/minikube/pkg/minikube/reason"
+)
+
+var dir string
+
+// licenseCmd represents the credits command
+var licenseCmd = &cobra.Command{
+ Use: "license",
+ Short: "Outputs the licenses of dependencies to a directory",
+ Long: "Outputs the licenses of dependencies to a directory",
+ Run: func(_ *cobra.Command, _ []string) {
+ if err := download.Licenses(dir); err != nil {
+ exit.Error(reason.InetLicenses, "Failed to download licenses", err)
+ }
+ },
+}
+
+func init() {
+ licenseCmd.Flags().StringVarP(&dir, "dir", "d", ".", "Directory to output licenses to")
+}
diff --git a/cmd/minikube/cmd/logs.go b/cmd/minikube/cmd/logs.go
index 9bf434847982..e1fbc3c0971c 100644
--- a/cmd/minikube/cmd/logs.go
+++ b/cmd/minikube/cmd/logs.go
@@ -19,17 +19,23 @@ package cmd
import (
"os"
+ "github.com/docker/machine/libmachine/state"
"github.com/spf13/cobra"
"github.com/spf13/viper"
"k8s.io/klog/v2"
cmdcfg "k8s.io/minikube/cmd/minikube/cmd/config"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/cluster"
+ "k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/cruntime"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/logs"
+ "k8s.io/minikube/pkg/minikube/machine"
"k8s.io/minikube/pkg/minikube/mustload"
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
+ "k8s.io/minikube/pkg/minikube/run"
+ "k8s.io/minikube/pkg/minikube/style"
)
const (
@@ -47,6 +53,10 @@ var (
showProblems bool
// fileOutput is where to write logs to. If omitted, writes to stdout.
fileOutput string
+ // auditLogs only shows the audit logs
+ auditLogs bool
+ // lastStartOnly shows logs from last start
+ lastStartOnly bool
)
// logsCmd represents the logs command
@@ -54,8 +64,9 @@ var logsCmd = &cobra.Command{
Use: "logs",
Short: "Returns logs to debug a local Kubernetes cluster",
Long: `Gets the logs of the running instance, used for debugging minikube, not user code.`,
- Run: func(cmd *cobra.Command, args []string) {
- var logOutput *os.File = os.Stdout
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
+ logOutput := os.Stdout
var err error
if fileOutput != "" {
@@ -63,17 +74,34 @@ var logsCmd = &cobra.Command{
defer func() {
err := logOutput.Close()
if err != nil {
- klog.Warning("Failed to close file: %v", err)
+ klog.Warningf("Failed to close file: %v", err)
}
}()
if err != nil {
exit.Error(reason.Usage, "Failed to create file", err)
}
}
-
+ if lastStartOnly {
+ err := logs.OutputLastStart()
+ if err != nil {
+ klog.Errorf("failed to output last start logs: %v", err)
+ }
+ return
+ }
+ if auditLogs {
+ err := logs.OutputAudit(numberOfLines)
+ if err != nil {
+ klog.Errorf("failed to output audit logs: %v", err)
+ }
+ return
+ }
logs.OutputOffline(numberOfLines, logOutput)
- co := mustload.Running(ClusterFlagValue())
+ if shouldSilentFail(options) {
+ return
+ }
+
+ co := mustload.Running(ClusterFlagValue(), options)
bs, err := cluster.Bootstrapper(co.API, viper.GetString(cmdcfg.Bootstrapper), *co.Config, co.CP.Runner)
if err != nil {
@@ -84,7 +112,6 @@ var logsCmd = &cobra.Command{
if err != nil {
exit.Error(reason.InternalNewRuntime, "Unable to get runtime", err)
}
-
if followLogs {
err := logs.Follow(cr, bs, *co.Config, co.CP.Runner, logOutput)
if err != nil {
@@ -97,20 +124,43 @@ var logsCmd = &cobra.Command{
logs.OutputProblems(problems, numberOfProblems, logOutput)
return
}
- err = logs.Output(cr, bs, *co.Config, co.CP.Runner, numberOfLines, logOutput)
- if err != nil {
- out.Ln("")
- // Avoid exit.Error, since it outputs the issue URL
- out.WarningT("{{.error}}", out.V{"error": err})
- os.Exit(reason.ExSvcError)
+ logs.Output(cr, bs, *co.Config, co.CP.Runner, numberOfLines, logOutput)
+ if fileOutput != "" {
+ out.Styled(style.Success, "Logs file created ({{.logPath}}), remember to include it when reporting issues!", out.V{"logPath": fileOutput})
}
},
}
+// shouldSilentFail returns true if the user specifies the --file flag and the host isn't running
+// This is to prevent outputting the message 'The control plane node must be running for this command' which confuses
+// many users while gathering logs to report their issue as the message makes them think the log file wasn't generated
+func shouldSilentFail(options *run.CommandOptions) bool {
+ if fileOutput == "" {
+ return false
+ }
+
+ api, cc := mustload.Partial(ClusterFlagValue(), options)
+
+ cp, err := config.ControlPlane(*cc)
+ if err != nil {
+ return false
+ }
+
+ machineName := config.MachineName(*cc, cp)
+ hs, err := machine.Status(api, machineName)
+ if err != nil {
+ return false
+ }
+
+ return hs != state.Running.String()
+}
+
func init() {
logsCmd.Flags().BoolVarP(&followLogs, "follow", "f", false, "Show only the most recent journal entries, and continuously print new entries as they are appended to the journal.")
logsCmd.Flags().BoolVar(&showProblems, "problems", false, "Show only log entries which point to known problems")
logsCmd.Flags().IntVarP(&numberOfLines, "length", "n", 60, "Number of lines back to go within the log")
logsCmd.Flags().StringVar(&nodeName, "node", "", "The node to get logs from. Defaults to the primary control plane.")
logsCmd.Flags().StringVar(&fileOutput, "file", "", "If present, writes to the provided file instead of stdout.")
+ logsCmd.Flags().BoolVar(&auditLogs, "audit", false, "Show only the audit logs")
+ logsCmd.Flags().BoolVar(&lastStartOnly, "last-start-only", false, "Show only the last start logs.")
}
diff --git a/cmd/minikube/cmd/mount.go b/cmd/minikube/cmd/mount.go
index d1908b0e6398..a04f7fc09aeb 100644
--- a/cmd/minikube/cmd/mount.go
+++ b/cmd/minikube/cmd/mount.go
@@ -21,6 +21,7 @@ import (
"net"
"os"
"os/signal"
+ "path/filepath"
"runtime"
"strconv"
"strings"
@@ -30,35 +31,57 @@ import (
"github.com/pkg/errors"
"github.com/spf13/cobra"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/cluster"
+ "k8s.io/minikube/pkg/minikube/constants"
+ "k8s.io/minikube/pkg/minikube/detect"
"k8s.io/minikube/pkg/minikube/driver"
"k8s.io/minikube/pkg/minikube/exit"
+ "k8s.io/minikube/pkg/minikube/localpath"
"k8s.io/minikube/pkg/minikube/mustload"
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
"k8s.io/minikube/pkg/minikube/style"
+ pkgnetwork "k8s.io/minikube/pkg/network"
+ "k8s.io/minikube/pkg/util/lock"
"k8s.io/minikube/third_party/go9p/ufs"
)
const (
// nineP is the value of --type used for the 9p filesystem.
- nineP = "9p"
- defaultMountVersion = "9p2000.L"
- defaultMsize = 262144
+ nineP = "9p"
+ defaultMount9PVersion = "9p2000.L"
+ mount9PVersionDescription = "Specify the 9p version that the mount should use"
+ defaultMountGID = "docker"
+ mountGIDDescription = "Default group id used for the mount"
+ defaultMountIP = ""
+ mountIPDescription = "Specify the ip that the mount should be setup on"
+ defaultMountMSize = 262144
+ mountMSizeDescription = "The number of bytes to use for 9p packet payload"
+ mountOptionsDescription = "Additional mount options, such as cache=fscache"
+ defaultMountPort = 0
+ mountPortDescription = "Specify the port that the mount should be setup on, where 0 means any free port."
+ defaultMountType = nineP
+ mountTypeDescription = "Specify the mount filesystem type (supported types: 9p)"
+ defaultMountUID = "docker"
+ mountUIDDescription = "Default user id used for the mount"
)
+func defaultMountOptions() []string {
+ return []string{}
+}
+
// placeholders for flag values
var (
- mountIP string
- mountPort uint16
- mountVersion string
- mountType string
- isKill bool
- uid string
- gid string
- mSize int
- options []string
- mode uint
+ mountIP string
+ mountPort uint16
+ mountVersion string
+ mountType string
+ isKill bool
+ uid string
+ gid string
+ mSize int
+ mountOptionsValue []string
)
// supportedFilesystems is a map of filesystem types to not warn against.
@@ -69,7 +92,7 @@ var mountCmd = &cobra.Command{
Use: "mount [flags] :",
Short: "Mounts the specified directory into minikube",
Long: `Mounts the specified directory into minikube.`,
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if isKill {
if err := killMountProcess(); err != nil {
exit.Error(reason.HostKillMountProc, "Error killing mount process", err)
@@ -78,9 +101,11 @@ var mountCmd = &cobra.Command{
}
if len(args) != 1 {
- exit.Message(reason.Usage, `Please specify the directory to be mounted:
+ exit.Message(reason.Usage, `Please specify the directory to be mounted:
minikube mount : (example: "/host-home:/vm-home")`)
}
+
+ options := flags.CommandOptions()
mountString := args[0]
idx := strings.LastIndex(mountString, ":")
if idx == -1 { // no ":" was present
@@ -103,15 +128,34 @@ var mountCmd = &cobra.Command{
debugVal = 1 // ufs.StartServer takes int debug param
}
- co := mustload.Running(ClusterFlagValue())
+ co := mustload.Running(ClusterFlagValue(), options)
if co.CP.Host.Driver.DriverName() == driver.None {
exit.Message(reason.Usage, `'none' driver does not support 'minikube mount' command`)
}
+ if driver.IsQEMU(co.Config.Driver) && pkgnetwork.IsBuiltinQEMU(co.Config.Network) {
+ msg := "minikube mount is not currently implemented with the builtin network on QEMU"
+ if runtime.GOOS == "darwin" {
+ msg += ", try starting minikube with '--network=socket_vmnet'"
+ }
+ exit.Message(reason.Unimplemented, msg)
+ }
var ip net.IP
var err error
if mountIP == "" {
- ip, err = cluster.HostIP(co.CP.Host, co.Config.Name)
+ if detect.IsMicrosoftWSL() {
+ klog.Infof("Selecting IP for WSL. This may be incorrect...")
+ ip, err = func() (net.IP, error) {
+ conn, err := net.Dial("udp", "8.8.8.8:80")
+ if err != nil {
+ return nil, err
+ }
+ defer conn.Close()
+ return conn.LocalAddr().(*net.UDPAddr).IP, nil
+ }()
+ } else {
+ ip, err = cluster.HostIP(co.CP.Host, co.Config.Name)
+ }
if err != nil {
exit.Error(reason.IfHostIP, "Error getting the host IP address to use from within the VM", err)
}
@@ -133,11 +177,10 @@ var mountCmd = &cobra.Command{
Version: mountVersion,
MSize: mSize,
Port: port,
- Mode: os.FileMode(mode),
Options: map[string]string{},
}
- for _, o := range options {
+ for _, o := range mountOptionsValue {
if !strings.Contains(o, "=") {
cfg.Options[o] = ""
continue
@@ -146,6 +189,11 @@ var mountCmd = &cobra.Command{
cfg.Options[parts[0]] = parts[1]
}
+ if runtime.GOOS == "linux" && !detect.IsNinePSupported() {
+ exit.Message(reason.HostUnsupported, "The host does not support filesystem 9p.")
+
+ }
+
// An escape valve to allow future hackers to try NFS, VirtFS, or other FS types.
if !supportedFilesystems[cfg.Type] {
out.WarningT("{{.type}} is not yet a supported filesystem. We will try anyways!", out.V{"type": cfg.Type})
@@ -156,25 +204,27 @@ var mountCmd = &cobra.Command{
bindIP = "127.0.0.1"
}
out.Step(style.Mounting, "Mounting host path {{.sourcePath}} into VM as {{.destinationPath}} ...", out.V{"sourcePath": hostPath, "destinationPath": vmPath})
- out.Infof("Mount type: {{.name}}", out.V{"type": cfg.Type})
+ out.Infof("Mount type: {{.name}}", out.V{"name": cfg.Type})
out.Infof("User ID: {{.userID}}", out.V{"userID": cfg.UID})
out.Infof("Group ID: {{.groupID}}", out.V{"groupID": cfg.GID})
out.Infof("Version: {{.version}}", out.V{"version": cfg.Version})
out.Infof("Message Size: {{.size}}", out.V{"size": cfg.MSize})
- out.Infof("Permissions: {{.octalMode}} ({{.writtenMode}})", out.V{"octalMode": fmt.Sprintf("%o", cfg.Mode), "writtenMode": cfg.Mode})
out.Infof("Options: {{.options}}", out.V{"options": cfg.Options})
out.Infof("Bind Address: {{.Address}}", out.V{"Address": net.JoinHostPort(bindIP, fmt.Sprint(port))})
var wg sync.WaitGroup
+ pidchan := make(chan int)
if cfg.Type == nineP {
wg.Add(1)
- go func() {
+ go func(pid chan int) {
+ pid <- os.Getpid()
out.Styled(style.Fileserver, "Userspace file server: ")
ufs.StartServer(net.JoinHostPort(bindIP, strconv.Itoa(port)), debugVal, hostPath)
out.Step(style.Stopped, "Userspace file server is shutdown")
wg.Done()
- }()
+ }(pidchan)
}
+ pid := <-pidchan
// Unmount if Ctrl-C or kill request is received.
c := make(chan os.Signal, 1)
@@ -186,11 +236,17 @@ var mountCmd = &cobra.Command{
if err != nil {
out.FailureT("Failed unmount: {{.error}}", out.V{"error": err})
}
+
+ err = removePidFromFile(pid)
+ if err != nil {
+ out.FailureT("Failed removing pid from pidfile: {{.error}}", out.V{"error": err})
+ }
+
exit.Message(reason.Interrupted, "Received {{.name}} signal", out.V{"name": sig})
}
}()
- err = cluster.Mount(co.CP.Runner, ip.String(), vmPath, cfg)
+ err = cluster.Mount(co.CP.Runner, ip.String(), vmPath, cfg, pid)
if err != nil {
if rtErr, ok := err.(*cluster.MountError); ok && rtErr.ErrorType == cluster.MountErrorConnect {
exit.Error(reason.GuestMountCouldNotConnect, "mount could not connect", rtErr)
@@ -205,16 +261,15 @@ var mountCmd = &cobra.Command{
}
func init() {
- mountCmd.Flags().StringVar(&mountIP, "ip", "", "Specify the ip that the mount should be setup on")
- mountCmd.Flags().Uint16Var(&mountPort, "port", 0, "Specify the port that the mount should be setup on, where 0 means any free port.")
- mountCmd.Flags().StringVar(&mountType, "type", nineP, "Specify the mount filesystem type (supported types: 9p)")
- mountCmd.Flags().StringVar(&mountVersion, "9p-version", defaultMountVersion, "Specify the 9p version that the mount should use")
+ mountCmd.Flags().StringVar(&mountIP, constants.MountIPFlag, defaultMountIP, mountIPDescription)
+ mountCmd.Flags().Uint16Var(&mountPort, constants.MountPortFlag, defaultMountPort, mountPortDescription)
+ mountCmd.Flags().StringVar(&mountType, constants.MountTypeFlag, defaultMountType, mountTypeDescription)
+ mountCmd.Flags().StringVar(&mountVersion, constants.Mount9PVersionFlag, defaultMount9PVersion, mount9PVersionDescription)
mountCmd.Flags().BoolVar(&isKill, "kill", false, "Kill the mount process spawned by minikube start")
- mountCmd.Flags().StringVar(&uid, "uid", "docker", "Default user id used for the mount")
- mountCmd.Flags().StringVar(&gid, "gid", "docker", "Default group id used for the mount")
- mountCmd.Flags().UintVar(&mode, "mode", 0o755, "File permissions used for the mount")
- mountCmd.Flags().StringSliceVar(&options, "options", []string{}, "Additional mount options, such as cache=fscache")
- mountCmd.Flags().IntVar(&mSize, "msize", defaultMsize, "The number of bytes to use for 9p packet payload")
+ mountCmd.Flags().StringVar(&uid, constants.MountUIDFlag, defaultMountUID, mountUIDDescription)
+ mountCmd.Flags().StringVar(&gid, constants.MountGIDFlag, defaultMountGID, mountGIDDescription)
+ mountCmd.Flags().StringSliceVar(&mountOptionsValue, constants.MountOptionsFlag, defaultMountOptions(), mountOptionsDescription)
+ mountCmd.Flags().IntVar(&mSize, constants.MountMSizeFlag, defaultMountMSize, mountMSizeDescription)
}
// getPort uses the requested port or asks the kernel for a free open port that is ready to use
@@ -231,3 +286,56 @@ func getPort() (int, error) {
defer l.Close()
return l.Addr().(*net.TCPAddr).Port, nil
}
+
+// removePidFromFile looks at the default locations for the mount-pids file,
+// for the profile in use. If a file is found and its content shows PID, PID gets removed.
+func removePidFromFile(pid int) error {
+ profile := ClusterFlagValue()
+ paths := []string{
+ localpath.MiniPath(), // legacy mount-process path for backwards compatibility
+ localpath.Profile(profile),
+ }
+
+ for _, path := range paths {
+ err := removePid(path, strconv.Itoa(pid))
+ if err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+// removePid reads the file at PATH and tries to remove PID from it if found
+func removePid(path string, pid string) error {
+ // is it the file we're looking for?
+ pidPath := filepath.Join(path, constants.MountProcessFileName)
+ if _, err := os.Stat(pidPath); os.IsNotExist(err) {
+ return nil
+ }
+
+ // we found the correct file
+ // we're reading the pids...
+ data, err := os.ReadFile(pidPath)
+ if err != nil {
+ return errors.Wrap(err, "readFile")
+ }
+
+ pids := []string{}
+ // we're splitting the mount-pids file content into a slice of strings
+ // so that we can compare each to the PID we're looking for
+ strPids := strings.Fields(string(data))
+ for _, p := range strPids {
+ // If we find the PID, we don't add it to the slice
+ if p == pid {
+ continue
+ }
+
+ // if p doesn't correspond to PID, we add to a list
+ pids = append(pids, p)
+ }
+
+ // we write the slice that we obtained back to the mount-pids file
+ newPids := strings.Join(pids, " ")
+ return lock.WriteFile(pidPath, []byte(newPids), 0o644)
+}
diff --git a/cmd/minikube/cmd/node.go b/cmd/minikube/cmd/node.go
index 5b6fbb4c5b9d..f0883baeb1ec 100644
--- a/cmd/minikube/cmd/node.go
+++ b/cmd/minikube/cmd/node.go
@@ -27,7 +27,7 @@ var nodeCmd = &cobra.Command{
Use: "node",
Short: "Add, remove, or list additional nodes",
Long: "Operations on nodes",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
exit.Message(reason.Usage, "Usage: minikube node [add|start|stop|delete|list]")
},
}
diff --git a/cmd/minikube/cmd/node_add.go b/cmd/minikube/cmd/node_add.go
index 622a2d3d018d..bd53ce85cb30 100644
--- a/cmd/minikube/cmd/node_add.go
+++ b/cmd/minikube/cmd/node_add.go
@@ -19,6 +19,8 @@ package cmd
import (
"github.com/spf13/cobra"
"github.com/spf13/viper"
+
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/cni"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/driver"
@@ -26,36 +28,56 @@ import (
"k8s.io/minikube/pkg/minikube/mustload"
"k8s.io/minikube/pkg/minikube/node"
"k8s.io/minikube/pkg/minikube/out"
+ "k8s.io/minikube/pkg/minikube/out/register"
"k8s.io/minikube/pkg/minikube/reason"
"k8s.io/minikube/pkg/minikube/style"
)
var (
- cp bool
- worker bool
+ cpNode bool
+ workerNode bool
+ deleteNodeOnFailure bool
)
var nodeAddCmd = &cobra.Command{
Use: "add",
Short: "Adds a node to the given cluster.",
Long: "Adds a node to the given cluster config, and starts it.",
- Run: func(cmd *cobra.Command, args []string) {
- co := mustload.Healthy(ClusterFlagValue())
+ Run: func(cmd *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
+
+ co := mustload.Healthy(ClusterFlagValue(), options)
cc := co.Config
if driver.BareMetal(cc.Driver) {
out.FailureT("none driver does not support multi-node clusters")
}
- name := node.Name(len(cc.Nodes) + 1)
+ if cpNode && !config.IsHA(*cc) {
+ out.FailureT("Adding a control-plane node to a non-HA (non-multi-control plane) cluster is not currently supported. Please first delete the cluster and use 'minikube start --ha' to create new one.")
+ }
- out.Step(style.Happy, "Adding node {{.name}} to cluster {{.cluster}}", out.V{"name": name, "cluster": cc.Name})
+ roles := []string{}
+ if workerNode {
+ roles = append(roles, "worker")
+ }
+ if cpNode {
+ roles = append(roles, "control-plane")
+ }
+
+ // calculate appropriate new node name with id following the last existing one
+ lastID, err := node.ID(cc.Nodes[len(cc.Nodes)-1].Name)
+ if err != nil {
+ lastID = len(cc.Nodes)
+ out.ErrLn("determining last node index (will assume %d): %v", lastID, err)
+ }
+ name := node.Name(lastID + 1)
- // TODO: Deal with parameters better. Ideally we should be able to acceot any node-specific minikube start params here.
+ out.Step(style.Happy, "Adding node {{.name}} to cluster {{.cluster}} as {{.roles}}", out.V{"name": name, "cluster": cc.Name, "roles": roles})
n := config.Node{
Name: name,
- Worker: worker,
- ControlPlane: cp,
+ Worker: workerNode,
+ ControlPlane: cpNode,
KubernetesVersion: cc.KubernetesConfig.KubernetesVersion,
}
@@ -70,8 +92,9 @@ var nodeAddCmd = &cobra.Command{
}
}
- if err := node.Add(cc, n, false); err != nil {
- _, err := maybeDeleteAndRetry(cmd, *cc, n, nil, err)
+ register.Reg.SetStep(register.InitialSetup)
+ if err := node.Add(cc, n, deleteNodeOnFailure, options); err != nil {
+ _, err := maybeDeleteAndRetry(cmd, *cc, n, nil, err, options)
if err != nil {
exit.Error(reason.GuestNodeAdd, "failed to add node", err)
}
@@ -86,10 +109,9 @@ var nodeAddCmd = &cobra.Command{
}
func init() {
- // TODO(https://github.com/kubernetes/minikube/issues/7366): We should figure out which minikube start flags to actually import
- nodeAddCmd.Flags().BoolVar(&cp, "control-plane", false, "If true, the node added will also be a control plane in addition to a worker.")
- nodeAddCmd.Flags().BoolVar(&worker, "worker", true, "If true, the added node will be marked for work. Defaults to true.")
- nodeAddCmd.Flags().Bool(deleteOnFailure, false, "If set, delete the current cluster if start fails and try again. Defaults to false.")
+ nodeAddCmd.Flags().BoolVar(&cpNode, "control-plane", false, "If set, added node will become a control-plane. Defaults to false. Currently only supported for existing HA (multi-control plane) clusters.")
+ nodeAddCmd.Flags().BoolVar(&workerNode, "worker", true, "If set, added node will be available as worker. Defaults to true.")
+ nodeAddCmd.Flags().BoolVar(&deleteNodeOnFailure, "delete-on-failure", false, "If set, delete the current cluster if start fails and try again. Defaults to false.")
nodeCmd.AddCommand(nodeAddCmd)
}
diff --git a/cmd/minikube/cmd/node_delete.go b/cmd/minikube/cmd/node_delete.go
index 686fdf6a3881..3b817ab08670 100644
--- a/cmd/minikube/cmd/node_delete.go
+++ b/cmd/minikube/cmd/node_delete.go
@@ -21,6 +21,7 @@ import (
"time"
"github.com/spf13/cobra"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/delete"
"k8s.io/minikube/pkg/minikube/driver"
@@ -36,16 +37,18 @@ var nodeDeleteCmd = &cobra.Command{
Use: "delete",
Short: "Deletes a node from a cluster.",
Long: "Deletes a node from a cluster.",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) == 0 {
exit.Message(reason.Usage, "Usage: minikube node delete [name]")
}
+
+ options := flags.CommandOptions()
name := args[0]
- co := mustload.Healthy(ClusterFlagValue())
+ co := mustload.Healthy(ClusterFlagValue(), options)
out.Step(style.DeletingHost, "Deleting node {{.name}} from cluster {{.cluster}}", out.V{"name": name, "cluster": co.Config.Name})
- n, err := node.Delete(*co.Config, name)
+ n, err := node.Delete(*co.Config, name, options)
if err != nil {
exit.Error(reason.GuestNodeDelete, "deleting node", err)
}
diff --git a/cmd/minikube/cmd/node_list.go b/cmd/minikube/cmd/node_list.go
index 006366b8ccd9..429e3486ea61 100644
--- a/cmd/minikube/cmd/node_list.go
+++ b/cmd/minikube/cmd/node_list.go
@@ -22,6 +22,7 @@ import (
"github.com/spf13/cobra"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/mustload"
@@ -32,13 +33,14 @@ var nodeListCmd = &cobra.Command{
Use: "list",
Short: "List nodes.",
Long: "List existing minikube nodes.",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) != 0 {
exit.Message(reason.Usage, "Usage: minikube node list")
}
+ options := flags.CommandOptions()
cname := ClusterFlagValue()
- _, cc := mustload.Partial(cname)
+ _, cc := mustload.Partial(cname, options)
if len(cc.Nodes) < 1 {
klog.Warningf("Did not found any minikube node.")
diff --git a/cmd/minikube/cmd/node_start.go b/cmd/minikube/cmd/node_start.go
index 35ed190411c2..767c4ff18188 100644
--- a/cmd/minikube/cmd/node_start.go
+++ b/cmd/minikube/cmd/node_start.go
@@ -21,6 +21,7 @@ import (
"github.com/spf13/cobra"
"github.com/spf13/viper"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/machine"
@@ -41,7 +42,9 @@ var nodeStartCmd = &cobra.Command{
exit.Message(reason.Usage, "Usage: minikube node start [name]")
}
- api, cc := mustload.Partial(ClusterFlagValue())
+ options := flags.CommandOptions()
+
+ api, cc := mustload.Partial(ClusterFlagValue(), options)
name := args[0]
n, _, err := node.Retrieve(*cc, name)
@@ -56,7 +59,7 @@ var nodeStartCmd = &cobra.Command{
}
register.Reg.SetStep(register.InitialSetup)
- r, p, m, h, err := node.Provision(cc, n, n.ControlPlane, viper.GetBool(deleteOnFailure))
+ r, p, m, h, err := node.Provision(cc, n, viper.GetBool(deleteOnFailure), options)
if err != nil {
exit.Error(reason.GuestNodeProvision, "provisioning host for node", err)
}
@@ -68,14 +71,12 @@ var nodeStartCmd = &cobra.Command{
Host: h,
Cfg: cc,
Node: n,
- ExistingAddons: nil,
+ ExistingAddons: cc.Addons,
}
- _, err = node.Start(s, n.ControlPlane)
- if err != nil {
- _, err := maybeDeleteAndRetry(cmd, *cc, *n, nil, err)
- if err != nil {
- node.ExitIfFatal(err)
+ if _, err = node.Start(s, options); err != nil {
+ if _, err := maybeDeleteAndRetry(cmd, *cc, *n, nil, err, options); err != nil {
+ node.ExitIfFatal(err, false)
exit.Error(reason.GuestNodeStart, "failed to start node", err)
}
}
diff --git a/cmd/minikube/cmd/node_stop.go b/cmd/minikube/cmd/node_stop.go
index 65c92f71f8af..a9bc09b985d7 100644
--- a/cmd/minikube/cmd/node_stop.go
+++ b/cmd/minikube/cmd/node_stop.go
@@ -17,7 +17,10 @@ limitations under the License.
package cmd
import (
+ "os"
+
"github.com/spf13/cobra"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/machine"
@@ -32,13 +35,14 @@ var nodeStopCmd = &cobra.Command{
Use: "stop",
Short: "Stops a node in a cluster.",
Long: "Stops a node in a cluster.",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
if len(args) == 0 {
exit.Message(reason.Usage, "Usage: minikube node stop [name]")
}
+ options := flags.CommandOptions()
name := args[0]
- api, cc := mustload.Partial(ClusterFlagValue())
+ api, cc := mustload.Partial(ClusterFlagValue(), options)
n, _, err := node.Retrieve(*cc, name)
if err != nil {
@@ -49,7 +53,8 @@ var nodeStopCmd = &cobra.Command{
err = machine.StopHost(api, machineName)
if err != nil {
- out.FatalT("Failed to stop node {{.name}}", out.V{"name": name})
+ out.ErrT(style.Fatal, "Failed to stop node {{.name}}: {{.error}}", out.V{"name": name, "error": err})
+ os.Exit(reason.ExHostError)
}
out.Step(style.Stopped, "Successfully stopped node {{.name}}", out.V{"name": machineName})
},
diff --git a/cmd/minikube/cmd/options.go b/cmd/minikube/cmd/options.go
index 63211aefbbb9..395bd290ac71 100644
--- a/cmd/minikube/cmd/options.go
+++ b/cmd/minikube/cmd/options.go
@@ -31,12 +31,12 @@ var optionsCmd = &cobra.Command{
Use: "options",
Short: "Show a list of global command-line options (applies to all commands).",
Long: "Show a list of global command-line options (applies to all commands).",
- Hidden: true,
+ Hidden: false,
Run: runOptions,
}
// runOptions handles the executes the flow of "minikube options"
-func runOptions(cmd *cobra.Command, args []string) {
+func runOptions(cmd *cobra.Command, _ []string) {
out.String("The following options can be passed to any command:\n\n")
cmd.Root().PersistentFlags().VisitAll(func(flag *pflag.Flag) {
out.String(flagUsage(flag))
diff --git a/cmd/minikube/cmd/pause.go b/cmd/minikube/cmd/pause.go
index 4fd7ceefe2c7..c7a180c544c3 100644
--- a/cmd/minikube/cmd/pause.go
+++ b/cmd/minikube/cmd/pause.go
@@ -23,6 +23,7 @@ import (
"github.com/spf13/viper"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/cluster"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/constants"
@@ -49,9 +50,10 @@ var pauseCmd = &cobra.Command{
Run: runPause,
}
-func runPause(cmd *cobra.Command, args []string) {
+func runPause(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
out.SetJSON(outputFormat == "json")
- co := mustload.Running(ClusterFlagValue())
+ co := mustload.Running(ClusterFlagValue(), options)
register.SetEventLogPath(localpath.EventLog(ClusterFlagValue()))
register.Reg.SetStep(register.Pausing)
diff --git a/cmd/minikube/cmd/podman-env.go b/cmd/minikube/cmd/podman-env.go
index eacf79dd187c..95ff6ed7058e 100644
--- a/cmd/minikube/cmd/podman-env.go
+++ b/cmd/minikube/cmd/podman-env.go
@@ -14,9 +14,6 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-// Part of this code is heavily inspired/copied by the following file:
-// github.com/docker/machine/commands/env.go
-
package cmd
import (
@@ -29,6 +26,7 @@ import (
"github.com/docker/machine/libmachine/drivers"
"github.com/docker/machine/libmachine/ssh"
"github.com/spf13/cobra"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/drivers/kic/oci"
"k8s.io/minikube/pkg/minikube/command"
"k8s.io/minikube/pkg/minikube/constants"
@@ -141,7 +139,8 @@ var podmanEnvCmd = &cobra.Command{
Use: "podman-env",
Short: "Configure environment to use minikube's Podman service",
Long: `Sets up podman env variables; similar to '$(podman-machine env)'.`,
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
sh := shell.EnvConfig{
Shell: shell.ForceShell,
}
@@ -159,7 +158,7 @@ var podmanEnvCmd = &cobra.Command{
}
cname := ClusterFlagValue()
- co := mustload.Running(cname)
+ co := mustload.Running(cname, options)
driverName := co.CP.Host.DriverName
if driverName == driver.None {
@@ -170,6 +169,11 @@ var podmanEnvCmd = &cobra.Command{
exit.Message(reason.Usage, `The podman-env command is incompatible with multi-node clusters. Use the 'registry' add-on: https://minikube.sigs.k8s.io/docs/handbook/registry/`)
}
+ if co.Config.KubernetesConfig.ContainerRuntime != constants.CRIO {
+ exit.Message(reason.Usage, `The podman-env command is only compatible with the "crio" runtime, but this cluster was configured to use the "{{.runtime}}" runtime.`,
+ out.V{"runtime": co.Config.KubernetesConfig.ContainerRuntime})
+ }
+
r := co.CP.Runner
if ok := isPodmanAvailable(r); !ok {
exit.Message(reason.EnvPodmanUnavailable, `The podman service within '{{.cluster}}' is not active`, out.V{"cluster": cname})
@@ -240,7 +244,7 @@ func podmanSetScript(ec PodmanEnvConfig, w io.Writer) error {
podmanEnvTmpl = podmanEnv2Tmpl
}
envVars := podmanEnvVars(ec)
- return shell.SetScript(ec.EnvConfig, w, podmanEnvTmpl, podmanShellCfgSet(ec, envVars))
+ return shell.SetScript(w, podmanEnvTmpl, podmanShellCfgSet(ec, envVars))
}
// podmanUnsetScript writes out a shell-compatible 'podman-env unset' script
@@ -251,10 +255,10 @@ func podmanUnsetScript(ec PodmanEnvConfig, w io.Writer) error {
// podmanBridge returns the command to use in a var for accessing the podman varlink bridge over ssh
func podmanBridge(client *ssh.ExternalClient) string {
- command := []string{client.BinaryPath}
- command = append(command, client.BaseArgs...)
- command = append(command, "--", "sudo", "varlink", "-A", `\'podman varlink \\\$VARLINK_ADDRESS\'`, "bridge")
- return strings.Join(command, " ")
+ cmd := []string{client.BinaryPath}
+ cmd = append(cmd, client.BaseArgs...)
+ cmd = append(cmd, "--", "sudo", "varlink", "-A", `\'podman varlink \\\$VARLINK_ADDRESS\'`, "bridge")
+ return strings.Join(cmd, " ")
}
// podmanURL returns the url to use in a var for accessing the podman socket over ssh
diff --git a/cmd/minikube/cmd/podman-env_test.go b/cmd/minikube/cmd/podman-env_test.go
index 7215fe9a1fd0..097891dd694a 100644
--- a/cmd/minikube/cmd/podman-env_test.go
+++ b/cmd/minikube/cmd/podman-env_test.go
@@ -71,7 +71,7 @@ unset MINIKUBE_ACTIVE_PODMAN;
}
for _, tc := range tests {
t.Run(tc.config.profile, func(t *testing.T) {
- tc.config.EnvConfig.Shell = tc.shell
+ tc.config.Shell = tc.shell
defaultNoProxyGetter = tc.noProxyGetter
var b []byte
buf := bytes.NewBuffer(b)
diff --git a/cmd/minikube/cmd/root.go b/cmd/minikube/cmd/root.go
index 785a2db36bb5..0d35165d5d2b 100644
--- a/cmd/minikube/cmd/root.go
+++ b/cmd/minikube/cmd/root.go
@@ -23,7 +23,6 @@ import (
"path/filepath"
"runtime"
"strings"
- "time"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
@@ -45,23 +44,26 @@ import (
"k8s.io/minikube/pkg/version"
)
-var dirs = [...]string{
- localpath.MiniPath(),
- localpath.MakeMiniPath("certs"),
- localpath.MakeMiniPath("machines"),
- localpath.MakeMiniPath("cache"),
- localpath.MakeMiniPath("config"),
- localpath.MakeMiniPath("addons"),
- localpath.MakeMiniPath("files"),
- localpath.MakeMiniPath("logs"),
-}
+var (
+ dirs = [...]string{
+ localpath.MiniPath(),
+ localpath.MakeMiniPath("certs"),
+ localpath.MakeMiniPath("machines"),
+ localpath.MakeMiniPath("cache"),
+ localpath.MakeMiniPath("config"),
+ localpath.MakeMiniPath("addons"),
+ localpath.MakeMiniPath("files"),
+ localpath.MakeMiniPath("logs"),
+ }
+ auditID string
+)
// RootCmd represents the base command when called without any subcommands
var RootCmd = &cobra.Command{
Use: "minikube",
Short: "minikube quickly sets up a local Kubernetes cluster",
Long: `minikube provisions and manages local Kubernetes clusters optimized for development workflows.`,
- PersistentPreRun: func(cmd *cobra.Command, args []string) {
+ PersistentPreRun: func(_ *cobra.Command, _ []string) {
for _, path := range dirs {
if err := os.MkdirAll(path, 0777); err != nil {
exit.Error(reason.HostHomeMkdir, "Error creating minikube directory", err)
@@ -72,14 +74,28 @@ var RootCmd = &cobra.Command{
out.WarningT("User name '{{.username}}' is not valid", out.V{"username": userName})
exit.Message(reason.Usage, "User name must be 60 chars or less.")
}
+ var err error
+ auditID, err = audit.LogCommandStart()
+ if err != nil {
+ klog.Warningf("failed to log command start to audit: %v", err)
+ }
+ // viper maps $MINIKUBE_ROOTLESS to "rootless" property automatically, but it does not do vice versa,
+ // so we map "rootless" property to $MINIKUBE_ROOTLESS expliclity here.
+ // $MINIKUBE_ROOTLESS is referred by KIC runner, which is decoupled from viper.
+ if viper.GetBool(config.Rootless) {
+ os.Setenv(constants.MinikubeRootlessEnv, "true")
+ }
+ },
+ PersistentPostRun: func(_ *cobra.Command, _ []string) {
+ if err := audit.LogCommandEnd(auditID); err != nil {
+ klog.Warningf("failed to log command end to audit: %v", err)
+ }
},
}
// Execute adds all child commands to the root command sets flags appropriately.
// This is called by main.main(). It only needs to happen once to the rootCmd.
func Execute() {
- defer audit.Log(time.Now())
-
// Check whether this is a windows binary (.exe) running inisde WSL.
if runtime.GOOS == "windows" && detect.IsMicrosoftWSL() {
var found = false
@@ -95,7 +111,7 @@ func Execute() {
}
if runtime.GOOS == "darwin" && detect.IsAmd64M1Emulation() {
- out.Infof("You are trying to run amd64 binary on M1 system. Please consider running darwin/arm64 binary instead (Download at {{.url}}.)",
+ out.Boxed("You are trying to run the amd64 binary on an M1 system.\nPlease consider running the darwin/arm64 binary instead.\nDownload at {{.url}}",
out.V{"url": notify.DownloadURL(version.GetVersion(), "darwin", "arm64")})
}
@@ -107,7 +123,9 @@ func Execute() {
profile := ""
for i, a := range os.Args {
if a == "--context" {
- profile = fmt.Sprintf("--profile=%s", os.Args[i+1])
+ if len(os.Args) > i+1 {
+ profile = fmt.Sprintf("--profile=%s", os.Args[i+1])
+ }
break
} else if strings.HasPrefix(a, "--context=") {
context := strings.Split(a, "=")[1]
@@ -122,7 +140,7 @@ func Execute() {
}
}
- for _, c := range RootCmd.Commands() {
+ applyToAllCommands(RootCmd, func(c *cobra.Command) {
c.Short = translate.T(c.Short)
c.Long = translate.T(c.Long)
c.Flags().VisitAll(func(f *pflag.Flag) {
@@ -130,7 +148,8 @@ func Execute() {
})
c.SetUsageTemplate(usageTemplate())
- }
+ })
+
RootCmd.Short = translate.T(RootCmd.Short)
RootCmd.Long = translate.T(RootCmd.Long)
RootCmd.Flags().VisitAll(func(f *pflag.Flag) {
@@ -204,6 +223,10 @@ func init() {
RootCmd.PersistentFlags().StringP(config.ProfileName, "p", constants.DefaultClusterName, `The name of the minikube VM being used. This can be set to allow having multiple instances of minikube independently.`)
RootCmd.PersistentFlags().StringP(configCmd.Bootstrapper, "b", "kubeadm", "The name of the cluster bootstrapper that will set up the Kubernetes cluster.")
RootCmd.PersistentFlags().String(config.UserFlag, "", "Specifies the user executing the operation. Useful for auditing operations executed by 3rd party tools. Defaults to the operating system username.")
+ RootCmd.PersistentFlags().Bool(config.SkipAuditFlag, false, "Skip recording the current command in the audit logs.")
+ RootCmd.PersistentFlags().Bool(config.Rootless, false, "Force to use rootless driver (docker and podman driver only)")
+
+ translate.DetermineLocale()
groups := templates.CommandGroups{
{
@@ -270,13 +293,13 @@ func init() {
// Ungrouped commands will show up in the "Other Commands" section
RootCmd.AddCommand(completionCmd)
+ RootCmd.AddCommand(licenseCmd)
templates.ActsAsRootCommand(RootCmd, []string{"options"}, groups...)
if err := viper.BindPFlags(RootCmd.PersistentFlags()); err != nil {
exit.Error(reason.InternalBindFlags, "Unable to bind flags", err)
}
- translate.DetermineLocale()
cobra.OnInitialize(initConfig)
}
@@ -306,14 +329,26 @@ func setupViper() {
viper.SetDefault(config.ReminderWaitPeriodInHours, 24)
viper.SetDefault(config.WantNoneDriverWarning, true)
viper.SetDefault(config.WantVirtualBoxDriverWarning, true)
+ viper.SetDefault(config.MaxAuditEntries, 1000)
+ viper.SetDefault(config.SkipAuditFlag, false)
}
func addToPath(dir string) {
- new := fmt.Sprintf("%s:%s", dir, os.Getenv("PATH"))
+ path := fmt.Sprintf("%s:%s", dir, os.Getenv("PATH"))
klog.Infof("Updating PATH: %s", dir)
- os.Setenv("PATH", new)
+ os.Setenv("PATH", path)
}
func validateUsername(name string) bool {
return len(name) <= 60
}
+
+// applyToAllCommands applies the provided func to all commands including sub commands
+func applyToAllCommands(cmd *cobra.Command, f func(subCmd *cobra.Command)) {
+ for _, c := range cmd.Commands() {
+ f(c)
+ if c.HasSubCommands() {
+ applyToAllCommands(c, f)
+ }
+ }
+}
diff --git a/cmd/minikube/cmd/root_test.go b/cmd/minikube/cmd/root_test.go
index af7d34e254ed..328dd657531b 100644
--- a/cmd/minikube/cmd/root_test.go
+++ b/cmd/minikube/cmd/root_test.go
@@ -34,8 +34,7 @@ func runCommand(f func(*cobra.Command, []string)) {
func TestPreRunDirectories(t *testing.T) {
// Make sure we create the required directories.
- tempDir := tests.MakeTempDir()
- defer tests.RemoveTempDir(tempDir)
+ tests.MakeTempDir(t)
runCommand(RootCmd.PersistentPreRun)
diff --git a/cmd/minikube/cmd/service.go b/cmd/minikube/cmd/service.go
index e2a1626fc030..02c3c808e4a5 100644
--- a/cmd/minikube/cmd/service.go
+++ b/cmd/minikube/cmd/service.go
@@ -17,6 +17,7 @@ limitations under the License.
package cmd
import (
+ "bytes"
"errors"
"fmt"
"net/url"
@@ -30,8 +31,8 @@ import (
"time"
"github.com/spf13/cobra"
-
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/drivers/kic/oci"
"k8s.io/minikube/pkg/kapi"
"k8s.io/minikube/pkg/minikube/browser"
@@ -44,12 +45,14 @@ import (
"k8s.io/minikube/pkg/minikube/service"
"k8s.io/minikube/pkg/minikube/style"
"k8s.io/minikube/pkg/minikube/tunnel/kic"
+ pkgnetwork "k8s.io/minikube/pkg/network"
)
const defaultServiceFormatTemplate = "http://{{.IP}}:{{.Port}}"
var (
namespace string
+ all bool
https bool
serviceURLMode bool
serviceURLFormat string
@@ -62,7 +65,7 @@ var (
var serviceCmd = &cobra.Command{
Use: "service [flags] SERVICE",
Short: "Returns a URL to connect to a service",
- Long: `Returns the Kubernetes URL for a service in your local cluster. In the case of multiple URLs they will be printed one at a time.`,
+ Long: `Returns the Kubernetes URL(s) for service(s) in your local cluster. In the case of multiple URLs they will be printed one at a time.`,
PersistentPreRun: func(cmd *cobra.Command, args []string) {
t, err := template.New("serviceURL").Parse(serviceURLFormat)
if err != nil {
@@ -72,38 +75,118 @@ var serviceCmd = &cobra.Command{
RootCmd.PersistentPreRun(cmd, args)
},
- Run: func(cmd *cobra.Command, args []string) {
- if len(args) == 0 || len(args) > 1 {
- exit.Message(reason.Usage, "You must specify a service name")
+ Run: func(_ *cobra.Command, args []string) {
+ if len(args) == 0 && !all || (len(args) > 0 && all) {
+ exit.Message(reason.Usage, "You must specify service name(s) or --all")
}
- svc := args[0]
+ options := flags.CommandOptions()
+ svcArgs := make(map[string]bool)
+ for _, v := range args {
+ svcArgs[v] = true
+ }
cname := ClusterFlagValue()
- co := mustload.Healthy(cname)
+ co := mustload.Healthy(cname, options)
+
+ if driver.IsQEMU(co.Config.Driver) && pkgnetwork.IsBuiltinQEMU(co.Config.Network) {
+ msg := "minikube service is not currently implemented with the builtin network on QEMU"
+ if runtime.GOOS == "darwin" {
+ msg += ", try starting minikube with '--network=socket_vmnet'"
+ }
+ exit.Message(reason.Unimplemented, msg)
+ }
- urls, err := service.WaitForService(co.API, co.Config.Name, namespace, svc, serviceURLTemplate, serviceURLMode, https, wait, interval)
+ var services service.URLs
+ services, err := service.GetServiceURLs(co.API, co.Config.Name, namespace, serviceURLTemplate)
if err != nil {
- var s *service.SVCNotFoundError
- if errors.As(err, &s) {
- exit.Message(reason.SvcNotFound, `Service '{{.service}}' was not found in '{{.namespace}}' namespace.
+ out.ErrT(style.Fatal, "Failed to get service URL - check that minikube is running and that you have specified the correct namespace (-n flag) if required: {{.error}}", out.V{"error": err})
+ os.Exit(reason.ExSvcUnavailable)
+ }
+
+ if len(args) >= 1 {
+ var newServices service.URLs
+ for _, svc := range services {
+ if _, ok := svcArgs[svc.Name]; ok {
+ newServices = append(newServices, svc)
+ }
+ }
+ services = newServices
+ }
+
+ if len(services) == 0 && all {
+ exit.Message(reason.SvcNotFound, `No services were found in the '{{.namespace}}' namespace.
+You may select another namespace by using 'minikube service --all -n '`, out.V{"namespace": namespace})
+ } else if len(services) == 0 {
+ exit.Message(reason.SvcNotFound, `Service '{{.service}}' was not found in '{{.namespace}}' namespace.
+You may select another namespace by using 'minikube service {{.service}} -n '. Or list out all the services using 'minikube service list'`, out.V{"service": args[0], "namespace": namespace})
+ }
+
+ var data [][]string
+ var noNodePortServices service.URLs
+
+ for _, svc := range services {
+ openUrls, err := service.WaitForService(co.API, co.Config.Name, namespace, svc.Name, serviceURLTemplate, serviceURLMode, https, wait, interval)
+
+ if err != nil {
+ var s *service.SVCNotFoundError
+ if errors.As(err, &s) {
+ exit.Message(reason.SvcNotFound, `Service '{{.service}}' was not found in '{{.namespace}}' namespace.
You may select another namespace by using 'minikube service {{.service}} -n '. Or list out all the services using 'minikube service list'`, out.V{"service": svc, "namespace": namespace})
+ }
+ exit.Error(reason.SvcTimeout, "Error opening service", err)
+ }
+
+ if len(openUrls) == 0 {
+ data = append(data, []string{svc.Namespace, svc.Name, "No node port"})
+ noNodePortServices = append(noNodePortServices, svc)
+ } else {
+ servicePortNames := strings.Join(svc.PortNames, "\n")
+ serviceURLs := strings.Join(openUrls, "\n")
+
+ // if we are running Docker on OSX we empty the internal service URLs
+ if runtime.GOOS == "darwin" && co.Config.Driver == oci.Docker {
+ serviceURLs = ""
+ }
+
+ data = append(data, []string{svc.Namespace, svc.Name, servicePortNames, serviceURLs})
+
+ if serviceURLMode && !driver.NeedsPortForward(co.Config.Driver) {
+ out.Stringf("%s\n", serviceURLs)
+ }
+ }
+ // check whether there are running pods for this service
+ if err := service.CheckServicePods(cname, svc.Name, namespace); err != nil {
+ exit.Error(reason.SvcUnreachable, "service not available", err)
}
- exit.Error(reason.SvcTimeout, "Error opening service", err)
}
- if driver.NeedsPortForward(co.Config.Driver) {
- startKicServiceTunnel(svc, cname)
- return
+ noNodePortSvcNames := []string{}
+ for _, svc := range noNodePortServices {
+ noNodePortSvcNames = append(noNodePortSvcNames, fmt.Sprintf("%s/%s", svc.Namespace, svc.Name))
+ }
+ if len(noNodePortServices) > 0 {
+ out.WarningT("Services {{.svc_names}} have type \"ClusterIP\" not meant to be exposed, however for local development minikube allows you to access this !", out.V{"svc_names": noNodePortSvcNames})
}
- openURLs(svc, urls)
+ if driver.NeedsPortForward(co.Config.Driver) {
+ svcs := services
+ if len(svcs) == 0 && len(noNodePortServices) > 0 {
+ svcs = noNodePortServices
+ }
+ if len(svcs) > 0 {
+ startKicServiceTunnel(svcs, cname, co.Config.Driver)
+ }
+ } else if !serviceURLMode {
+ openURLs(data)
+ }
},
}
func init() {
serviceCmd.Flags().StringVarP(&namespace, "namespace", "n", "default", "The service namespace")
serviceCmd.Flags().BoolVar(&serviceURLMode, "url", false, "Display the Kubernetes service URL in the CLI instead of opening it in the default browser")
+ serviceCmd.Flags().BoolVar(&all, "all", false, "Forwards all services in a namespace (defaults to \"false\")")
serviceCmd.Flags().BoolVar(&https, "https", false, "Open the service URL with https instead of http (defaults to \"false\")")
serviceCmd.Flags().IntVar(&wait, "wait", service.DefaultWait, "Amount of time to wait for a service in seconds")
serviceCmd.Flags().IntVar(&interval, "interval", service.DefaultInterval, "The initial time interval for each check that wait performs in seconds")
@@ -111,7 +194,7 @@ func init() {
serviceCmd.PersistentFlags().StringVar(&serviceURLFormat, "format", defaultServiceFormatTemplate, "Format to output service URL in. This format will be applied to each url individually and they will be printed one at a time.")
}
-func startKicServiceTunnel(svc, configName string) {
+func startKicServiceTunnel(services service.URLs, configName, driverName string) {
ctrlC := make(chan os.Signal, 1)
signal.Notify(ctrlC, os.Interrupt)
@@ -120,52 +203,107 @@ func startKicServiceTunnel(svc, configName string) {
exit.Error(reason.InternalKubernetesClient, "error creating clientset", err)
}
- port, err := oci.ForwardedPort(oci.Docker, configName, 22)
- if err != nil {
- exit.Error(reason.DrvPortForward, "error getting ssh port", err)
- }
- sshPort := strconv.Itoa(port)
- sshKey := filepath.Join(localpath.MiniPath(), "machines", configName, "id_rsa")
+ var data [][]string
+ for _, svc := range services {
+ port, err := oci.ForwardedPort(driverName, configName, 22)
+ if err != nil {
+ exit.Error(reason.DrvPortForward, "error getting ssh port", err)
+ }
+ sshPort := strconv.Itoa(port)
+ sshKey := filepath.Join(localpath.MiniPath(), "machines", configName, "id_rsa")
- serviceTunnel := kic.NewServiceTunnel(sshPort, sshKey, clientset.CoreV1())
- urls, err := serviceTunnel.Start(svc, namespace)
- if err != nil {
- exit.Error(reason.SvcTunnelStart, "error starting tunnel", err)
+ serviceTunnel := kic.NewServiceTunnel(sshPort, sshKey, clientset.CoreV1(), serviceURLMode)
+ urls, err := serviceTunnel.Start(svc.Name, namespace)
+
+ if err != nil {
+ exit.Error(reason.SvcTunnelStart, "error starting tunnel", err)
+ }
+ // mutate response urls to HTTPS if needed
+ urls, err = mutateURLs(svc.Name, urls)
+
+ if err != nil {
+ exit.Error(reason.SvcTunnelStart, "error creating urls", err)
+ }
+
+ defer serviceTunnel.Stop()
+ svc.URLs = urls
+ data = append(data, []string{namespace, svc.Name, "", strings.Join(urls, "\n")})
}
- // wait for tunnel to come up
time.Sleep(1 * time.Second)
- data := [][]string{{namespace, svc, "", strings.Join(urls, "\n")}}
- service.PrintServiceList(os.Stdout, data)
+ if !serviceURLMode {
+ service.PrintServiceList(os.Stdout, data)
+ } else {
+ for _, row := range data {
+ out.Stringf("%s\n", row[3])
+ }
+ }
+
+ if !serviceURLMode {
+ openURLs(data)
+ }
- openURLs(svc, urls)
out.WarningT("Because you are using a Docker driver on {{.operating_system}}, the terminal needs to be open to run it.", out.V{"operating_system": runtime.GOOS})
<-ctrlC
+}
- err = serviceTunnel.Stop()
- if err != nil {
- exit.Error(reason.SvcTunnelStop, "error stopping tunnel", err)
+func mutateURLs(serviceName string, urls []string) ([]string, error) {
+ formattedUrls := make([]string, 0)
+ for _, rawURL := range urls {
+ var doc bytes.Buffer
+ parsedURL, err := url.Parse(rawURL)
+ if err != nil {
+ exit.Error(reason.SvcTunnelStart, "No valid URL found for tunnel.", err)
+ }
+ port, err := strconv.Atoi(parsedURL.Port())
+ if err != nil {
+ exit.Error(reason.SvcTunnelStart, "No valid port found for tunnel.", err)
+ }
+ err = serviceURLTemplate.Execute(&doc, struct {
+ IP string
+ Port int32
+ Name string
+ }{
+ parsedURL.Hostname(),
+ int32(port),
+ serviceName,
+ })
+
+ if err != nil {
+ return nil, err
+ }
+
+ httpsURL, _ := service.OptionallyHTTPSFormattedURLString(doc.String(), https)
+ formattedUrls = append(formattedUrls, httpsURL)
}
+
+ return formattedUrls, nil
}
-func openURLs(svc string, urls []string) {
+func openURLs(urls [][]string) {
for _, u := range urls {
- _, err := url.Parse(u)
+
+ if len(u) < 4 {
+ klog.Warning("No URL found")
+ continue
+ }
+
+ _, err := url.Parse(u[3])
if err != nil {
- klog.Warningf("failed to parse url %q: %v (will not open)", u, err)
- out.String(fmt.Sprintf("%s\n", u))
+ klog.Warningf("failed to parse url %q: %v (will not open)", u[3], err)
+ out.Stringf("%s\n", u)
continue
}
if serviceURLMode {
- out.String(fmt.Sprintf("%s\n", u))
+ out.Stringf("%s\n", u)
continue
}
- out.Styled(style.Celebrate, "Opening service {{.namespace_name}}/{{.service_name}} in default browser...", out.V{"namespace_name": namespace, "service_name": svc})
- if err := browser.OpenURL(u); err != nil {
+ out.Styled(style.Celebrate, "Opening service {{.namespace_name}}/{{.service_name}} in default browser...", out.V{"namespace_name": namespace, "service_name": u[1]})
+ if err := browser.OpenURL(u[3]); err != nil {
exit.Error(reason.HostBrowser, fmt.Sprintf("open url failed: %s", u), err)
}
}
diff --git a/cmd/minikube/cmd/service_list.go b/cmd/minikube/cmd/service_list.go
index 97df14d1564b..c6d477df5c42 100644
--- a/cmd/minikube/cmd/service_list.go
+++ b/cmd/minikube/cmd/service_list.go
@@ -17,13 +17,16 @@ limitations under the License.
package cmd
import (
+ "encoding/json"
+ "fmt"
"os"
- "runtime"
"strings"
"github.com/spf13/cobra"
core "k8s.io/api/core/v1"
- "k8s.io/minikube/pkg/drivers/kic/oci"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
+ "k8s.io/minikube/pkg/minikube/driver"
+ "k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/mustload"
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
@@ -32,44 +35,68 @@ import (
)
var serviceListNamespace string
+var profileOutput string
// serviceListCmd represents the service list command
var serviceListCmd = &cobra.Command{
Use: "list [flags]",
Short: "Lists the URLs for the services in your local cluster",
Long: `Lists the URLs for the services in your local cluster`,
- Run: func(cmd *cobra.Command, args []string) {
- co := mustload.Healthy(ClusterFlagValue())
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
+ co := mustload.Healthy(ClusterFlagValue(), options)
+ output := strings.ToLower(profileOutput)
serviceURLs, err := service.GetServiceURLs(co.API, co.Config.Name, serviceListNamespace, serviceURLTemplate)
if err != nil {
- out.FatalT("Failed to get service URL: {{.error}}", out.V{"error": err})
- out.ErrT(style.Notice, "Check that minikube is running and that you have specified the correct namespace (-n flag) if required.")
+ out.ErrT(style.Fatal, "Failed to get service URL - check that minikube is running and that you have specified the correct namespace (-n flag) if required: {{.error}}", out.V{"error": err})
os.Exit(reason.ExSvcUnavailable)
}
+ serviceURLs = updatePortsAndURLs(serviceURLs, co)
- var data [][]string
- for _, serviceURL := range serviceURLs {
- if len(serviceURL.URLs) == 0 {
- data = append(data, []string{serviceURL.Namespace, serviceURL.Name, "No node port"})
- } else {
- servicePortNames := strings.Join(serviceURL.PortNames, "\n")
- serviceURLs := strings.Join(serviceURL.URLs, "\n")
-
- // if we are running Docker on OSX we empty the internal service URLs
- if runtime.GOOS == "darwin" && co.Config.Driver == oci.Docker {
- serviceURLs = ""
- }
+ switch output {
+ case "table":
+ printServicesTable(serviceURLs)
+ case "json":
+ printServicesJSON(serviceURLs)
+ default:
+ exit.Message(reason.Usage, fmt.Sprintf("invalid output format: %s. Valid values: 'table', 'json'", output))
+ }
+ },
+}
- data = append(data, []string{serviceURL.Namespace, serviceURL.Name, servicePortNames, serviceURLs})
- }
+// updatePortsAndURLs sets the port name to "No node port" if a service has no URLs and removes the URLs
+// if the driver needs port forwarding as the user won't be able to hit the listed URLs which could confuse them
+func updatePortsAndURLs(serviceURLs service.URLs, co mustload.ClusterController) service.URLs {
+ needsPortForward := driver.NeedsPortForward(co.Config.Driver)
+ for i := range serviceURLs {
+ if len(serviceURLs[i].URLs) == 0 {
+ serviceURLs[i].PortNames = []string{"No node port"}
+ } else if needsPortForward {
+ serviceURLs[i].URLs = []string{}
}
+ }
+ return serviceURLs
+}
- service.PrintServiceList(os.Stdout, data)
- },
+func printServicesTable(serviceURLs service.URLs) {
+ var data [][]string
+ for _, serviceURL := range serviceURLs {
+ portNames := strings.Join(serviceURL.PortNames, "\n")
+ urls := strings.Join(serviceURL.URLs, "\n")
+ data = append(data, []string{serviceURL.Namespace, serviceURL.Name, portNames, urls})
+ }
+
+ service.PrintServiceList(os.Stdout, data)
+}
+
+func printServicesJSON(serviceURLs service.URLs) {
+ jsonString, _ := json.Marshal(serviceURLs)
+ os.Stdout.Write(jsonString)
}
func init() {
+ serviceListCmd.Flags().StringVarP(&profileOutput, "output", "o", "table", "The output format. One of 'json', 'table'")
serviceListCmd.Flags().StringVarP(&serviceListNamespace, "namespace", "n", core.NamespaceAll, "The services namespace")
serviceCmd.AddCommand(serviceListCmd)
}
diff --git a/cmd/minikube/cmd/ssh-host.go b/cmd/minikube/cmd/ssh-host.go
index 1755c30ea77a..97984a7e13b0 100644
--- a/cmd/minikube/cmd/ssh-host.go
+++ b/cmd/minikube/cmd/ssh-host.go
@@ -24,6 +24,7 @@ import (
"github.com/spf13/cobra"
"k8s.io/client-go/util/homedir"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/driver"
"k8s.io/minikube/pkg/minikube/exit"
@@ -44,70 +45,87 @@ var sshHostCmd = &cobra.Command{
Use: "ssh-host",
Short: "Retrieve the ssh host key of the specified node",
Long: "Retrieve the ssh host key of the specified node.",
- Run: func(cmd *cobra.Command, args []string) {
- cname := ClusterFlagValue()
- co := mustload.Running(cname)
- if co.CP.Host.DriverName == driver.None {
- exit.Message(reason.Usage, "'none' driver does not support 'minikube ssh-host' command")
+ Run: func(_ *cobra.Command, _ []string) {
+ appendKnownHelper(nodeName, appendKnown)
+ },
+}
+
+func appendKnownHelper(nodeName string, appendKnown bool) {
+ options := flags.CommandOptions()
+ cname := ClusterFlagValue()
+ co := mustload.Running(cname, options)
+ if co.CP.Host.DriverName == driver.None {
+ exit.Message(reason.Usage, "'none' driver does not support 'minikube ssh-host' command")
+ }
+
+ var err error
+ var n *config.Node
+ if nodeName == "" {
+ n = co.CP.Node
+ } else {
+ n, _, err = node.Retrieve(*co.Config, nodeName)
+ if err != nil {
+ exit.Message(reason.GuestNodeRetrieve, "Node {{.nodeName}} does not exist.", out.V{"nodeName": nodeName})
}
+ }
+
+ scanArgs := []string{"-t", "rsa"}
+
+ keys, err := machine.RunSSHHostCommand(co.API, *co.Config, *n, "ssh-keyscan", scanArgs)
+ if err != nil {
+ // This is typically due to a non-zero exit code, so no need for flourish.
+ out.ErrLn("ssh-keyscan: %v", err)
+ // It'd be nice if we could pass up the correct error code here :(
+ os.Exit(1)
+ }
- var err error
- var n *config.Node
- if nodeName == "" {
- n = co.CP.Node
- } else {
- n, _, err = node.Retrieve(*co.Config, nodeName)
- if err != nil {
- exit.Message(reason.GuestNodeRetrieve, "Node {{.nodeName}} does not exist.", out.V{"nodeName": nodeName})
- }
+ if appendKnown {
+ addr, port, err := machine.GetSSHHostAddrPort(co.API, *co.Config, *n)
+ if err != nil {
+ out.ErrLn("GetSSHHostAddrPort: %v", err)
+ os.Exit(1)
}
- scanArgs := []string{"-t", "rsa"}
+ host := addr
+ if port != 22 {
+ host = fmt.Sprintf("[%s]:%d", addr, port)
+ }
- keys, err := machine.RunSSHHostCommand(co.API, *co.Config, *n, "ssh-keyscan", scanArgs)
+ sshDir := filepath.Join(homedir.HomeDir(), ".ssh")
+ err = os.MkdirAll(sshDir, os.FileMode(0700)) // drwx------, to match ssh-keygen behavior
if err != nil {
- // This is typically due to a non-zero exit code, so no need for flourish.
- out.ErrLn("ssh-keyscan: %v", err)
- // It'd be nice if we could pass up the correct error code here :(
+ out.ErrLn("MkdirAll: %v", err)
os.Exit(1)
}
- if appendKnown {
- addr, port, err := machine.GetSSHHostAddrPort(co.API, *co.Config, *n)
- if err != nil {
- out.ErrLn("GetSSHHostAddrPort: %v", err)
- os.Exit(1)
- }
-
- host := addr
- if port != 22 {
- host = fmt.Sprintf("[%s]:%d", addr, port)
- }
- knownHosts := filepath.Join(homedir.HomeDir(), ".ssh", "known_hosts")
-
- fmt.Fprintf(os.Stderr, "Host added: %s (%s)\n", knownHosts, host)
- if sshutil.KnownHost(host, knownHosts) {
- return
- }
-
- f, err := os.OpenFile(knownHosts, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600)
- if err != nil {
- out.ErrLn("OpenFile: %v", err)
- os.Exit(1)
- }
- defer f.Close()
-
- _, err = f.WriteString(keys)
- if err != nil {
- out.ErrLn("WriteString: %v", err)
- os.Exit(1)
- }
+ knownHosts := filepath.Join(sshDir, "known_hosts")
+ if sshutil.KnownHost(host, knownHosts) {
return
}
- fmt.Printf("%s", keys)
- },
+ f, err := os.OpenFile(knownHosts, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600)
+ if err != nil {
+ out.ErrLn("OpenFile: %v", err)
+ os.Exit(1)
+ }
+
+ _, err = f.WriteString(keys)
+ if err != nil {
+ out.ErrLn("WriteString: %v", err)
+ f.Close()
+ os.Exit(1)
+ }
+
+ if err := f.Close(); err != nil {
+ out.ErrLn("Close: %v", err)
+ os.Exit(1)
+ }
+
+ fmt.Fprintf(os.Stderr, "Host added: %s (%s)\n", knownHosts, host)
+
+ return
+ }
}
func init() {
diff --git a/cmd/minikube/cmd/ssh-key.go b/cmd/minikube/cmd/ssh-key.go
index 7cdf6b564e1d..d7e389890de5 100644
--- a/cmd/minikube/cmd/ssh-key.go
+++ b/cmd/minikube/cmd/ssh-key.go
@@ -20,6 +20,7 @@ import (
"path/filepath"
"github.com/spf13/cobra"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/localpath"
@@ -34,8 +35,9 @@ var sshKeyCmd = &cobra.Command{
Use: "ssh-key",
Short: "Retrieve the ssh identity key path of the specified node",
Long: "Retrieve the ssh identity key path of the specified node, and writes it to STDOUT.",
- Run: func(cmd *cobra.Command, args []string) {
- _, cc := mustload.Partial(ClusterFlagValue())
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
+ _, cc := mustload.Partial(ClusterFlagValue(), options)
n, _, err := node.Retrieve(*cc, nodeName)
if err != nil {
exit.Error(reason.GuestNodeRetrieve, "retrieving node", err)
diff --git a/cmd/minikube/cmd/ssh.go b/cmd/minikube/cmd/ssh.go
index 15621092476b..f58b1f9f46e6 100644
--- a/cmd/minikube/cmd/ssh.go
+++ b/cmd/minikube/cmd/ssh.go
@@ -21,6 +21,7 @@ import (
"github.com/spf13/cobra"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/driver"
"k8s.io/minikube/pkg/minikube/exit"
@@ -38,9 +39,10 @@ var sshCmd = &cobra.Command{
Use: "ssh",
Short: "Log into the minikube environment (for debugging)",
Long: "Log into or run a command on a machine with SSH; similar to 'docker-machine ssh'.",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, args []string) {
+ options := flags.CommandOptions()
cname := ClusterFlagValue()
- co := mustload.Running(cname)
+ co := mustload.Running(cname, options)
if co.CP.Host.DriverName == driver.None {
exit.Message(reason.Usage, "'none' driver does not support 'minikube ssh' command")
}
diff --git a/cmd/minikube/cmd/start.go b/cmd/minikube/cmd/start.go
index d51fec280a0d..4dbcddbe95fd 100644
--- a/cmd/minikube/cmd/start.go
+++ b/cmd/minikube/cmd/start.go
@@ -28,26 +28,35 @@ import (
"os/user"
"regexp"
"runtime"
+ "slices"
"sort"
"strconv"
"strings"
+ "time"
+ "github.com/Delta456/box-cli-maker/v2"
"github.com/blang/semver/v4"
+ "github.com/docker/go-connections/nat"
"github.com/docker/machine/libmachine/ssh"
"github.com/google/go-containerregistry/pkg/authn"
"github.com/google/go-containerregistry/pkg/name"
"github.com/google/go-containerregistry/pkg/v1/remote"
"github.com/pkg/errors"
- "github.com/shirou/gopsutil/v3/cpu"
- gopshost "github.com/shirou/gopsutil/v3/host"
+ "github.com/shirou/gopsutil/v4/cpu"
+ gopshost "github.com/shirou/gopsutil/v4/host"
"github.com/spf13/cobra"
"github.com/spf13/viper"
-
+ "golang.org/x/text/cases"
+ "golang.org/x/text/language"
"k8s.io/klog/v2"
+
cmdcfg "k8s.io/minikube/cmd/minikube/cmd/config"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/drivers/kic/oci"
"k8s.io/minikube/pkg/minikube/bootstrapper/bsutil"
+ "k8s.io/minikube/pkg/minikube/bootstrapper/bsutil/kverify"
"k8s.io/minikube/pkg/minikube/bootstrapper/images"
+ "k8s.io/minikube/pkg/minikube/command"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/constants"
"k8s.io/minikube/pkg/minikube/cruntime"
@@ -56,6 +65,7 @@ import (
"k8s.io/minikube/pkg/minikube/driver"
"k8s.io/minikube/pkg/minikube/driver/auxdriver"
"k8s.io/minikube/pkg/minikube/exit"
+ "k8s.io/minikube/pkg/minikube/firewall"
"k8s.io/minikube/pkg/minikube/kubeconfig"
"k8s.io/minikube/pkg/minikube/localpath"
"k8s.io/minikube/pkg/minikube/machine"
@@ -64,22 +74,34 @@ import (
"k8s.io/minikube/pkg/minikube/notify"
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/out/register"
+ "k8s.io/minikube/pkg/minikube/pause"
"k8s.io/minikube/pkg/minikube/reason"
- "k8s.io/minikube/pkg/minikube/style"
- pkgtrace "k8s.io/minikube/pkg/trace"
-
"k8s.io/minikube/pkg/minikube/registry"
+ "k8s.io/minikube/pkg/minikube/run"
+ "k8s.io/minikube/pkg/minikube/style"
"k8s.io/minikube/pkg/minikube/translate"
+ netutil "k8s.io/minikube/pkg/network"
+ pkgtrace "k8s.io/minikube/pkg/trace"
"k8s.io/minikube/pkg/util"
"k8s.io/minikube/pkg/version"
+ kconst "k8s.io/minikube/third_party/kubeadm/app/constants"
)
+type versionJSON struct {
+ IsoVersion string `json:"iso_version"`
+ KicbaseVersion string `json:"kicbase_version"`
+ MinikubeVersion string `json:"minikube_version"`
+ Commit string `json:"commit"`
+}
+
var (
- registryMirror []string
- insecureRegistry []string
- apiServerNames []string
- apiServerIPs []net.IP
- hostRe = regexp.MustCompile(`^[^-][\w\.-]+$`)
+ // ErrKubernetesPatchNotFound is when a patch was not found for the given . version
+ ErrKubernetesPatchNotFound = errors.New("Unable to detect the latest patch release for specified Kubernetes version")
+ registryMirror []string
+ insecureRegistry []string
+ apiServerNames []string
+ apiServerIPs []net.IP
+ hostRe = regexp.MustCompile(`^[^-][\w\.-]+$`)
)
func init() {
@@ -107,7 +129,7 @@ func platform() string {
// Show the distro version if possible
hi, err := gopshost.Info()
if err == nil {
- s.WriteString(fmt.Sprintf("%s %s", strings.Title(hi.Platform), hi.PlatformVersion))
+ s.WriteString(fmt.Sprintf("%s %s", cases.Title(language.Und).String(hi.Platform), hi.PlatformVersion))
klog.Infof("hostinfo: %+v", hi)
} else {
klog.Warningf("gopshost.Info returned error: %v", err)
@@ -133,7 +155,9 @@ func platform() string {
}
// runStart handles the executes the flow of "minikube start"
-func runStart(cmd *cobra.Command, args []string) {
+func runStart(cmd *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
+
register.SetEventLogPath(localpath.EventLog(ClusterFlagValue()))
ctx := context.Background()
out.SetJSON(outputFormat == "json")
@@ -141,13 +165,12 @@ func runStart(cmd *cobra.Command, args []string) {
exit.Message(reason.Usage, "error initializing tracing: {{.Error}}", out.V{"Error": err.Error()})
}
defer pkgtrace.Cleanup()
+
displayVersion(version.GetVersion())
+ go download.CleanUpOlderPreloads()
- // No need to do the update check if no one is going to see it
- if !viper.GetBool(interactive) || !viper.GetBool(dryRun) {
- // Avoid blocking execution on optional HTTP fetches
- go notify.MaybePrintUpdateTextFromGithub()
- }
+ // Avoid blocking execution on optional HTTP fetches
+ go notify.MaybePrintUpdateTextFromGithub(options)
displayEnviron(os.Environ())
if viper.GetBool(force) {
@@ -184,10 +207,11 @@ func runStart(cmd *cobra.Command, args []string) {
validateProfileName()
}
- validateSpecifiedDriver(existing)
+ validateSpecifiedDriver(existing, options)
validateKubernetesVersion(existing)
+ validateContainerRuntime(existing)
- ds, alts, specified := selectDriver(existing)
+ ds, alts, specified := selectDriver(existing, options)
if cmd.Flag(kicBaseImage).Changed {
if !isBaseImageApplicable(ds.Name) {
exit.Message(reason.Usage,
@@ -204,9 +228,11 @@ func runStart(cmd *cobra.Command, args []string) {
}
}
- starter, err := provisionWithDriver(cmd, ds, existing)
+ useForce := viper.GetBool(force)
+
+ starter, err := provisionWithDriver(cmd, ds, existing, options)
if err != nil {
- node.ExitIfFatal(err)
+ node.ExitIfFatal(err, useForce)
machine.MaybeDisplayAdvice(err, ds.Name)
if specified {
// If the user specified a driver, don't fallback to anything else
@@ -227,18 +253,17 @@ func runStart(cmd *cobra.Command, args []string) {
klog.Warningf("%s profile does not exist, trying anyways.", ClusterFlagValue())
}
- err = deleteProfile(ctx, profile)
+ err = deleteProfile(ctx, profile, options)
if err != nil {
out.WarningT("Failed to delete cluster {{.name}}, proceeding with retry anyway.", out.V{"name": ClusterFlagValue()})
}
- starter, err = provisionWithDriver(cmd, ds, existing)
+ starter, err = provisionWithDriver(cmd, ds, existing, options)
if err != nil {
continue
- } else {
- // Success!
- success = true
- break
}
+ // Success!
+ success = true
+ break
}
if !success {
exitGuestProvision(err)
@@ -246,34 +271,40 @@ func runStart(cmd *cobra.Command, args []string) {
}
}
- if existing != nil && driver.IsKIC(existing.Driver) {
- if viper.GetBool(createMount) {
- old := ""
- if len(existing.ContainerVolumeMounts) > 0 {
- old = existing.ContainerVolumeMounts[0]
- }
- if mount := viper.GetString(mountString); old != mount {
- exit.Message(reason.GuestMountConflict, "Sorry, {{.driver}} does not allow mounts to be changed after container creation (previous mount: '{{.old}}', new mount: '{{.new}})'", out.V{
- "driver": existing.Driver,
- "new": mount,
- "old": old,
- })
- }
+ validateBuiltImageVersion(starter.Runner, ds.Name)
+
+ if existing != nil && driver.IsKIC(existing.Driver) && viper.GetString(mountString) != "" {
+ old := ""
+ if len(existing.ContainerVolumeMounts) > 0 {
+ old = existing.ContainerVolumeMounts[0]
+ }
+ if mount := viper.GetString(mountString); old != mount {
+ exit.Message(reason.GuestMountConflict, "Sorry, {{.driver}} does not allow mounts to be changed after container creation (previous mount: '{{.old}}', new mount: '{{.new}})'", out.V{
+ "driver": existing.Driver,
+ "new": mount,
+ "old": old,
+ })
}
}
- kubeconfig, err := startWithDriver(cmd, starter, existing)
+ configInfo, err := startWithDriver(cmd, starter, existing, options)
if err != nil {
- node.ExitIfFatal(err)
+ node.ExitIfFatal(err, useForce)
exit.Error(reason.GuestStart, "failed to start node", err)
}
- if err := showKubectlInfo(kubeconfig, starter.Node.KubernetesVersion, starter.Cfg.Name); err != nil {
+ if starter.Cfg.VerifyComponents[kverify.ExtraKey] {
+ if err := kverify.WaitExtra(ClusterFlagValue(), kverify.CorePodsLabels, kconst.DefaultControlPlaneTimeout); err != nil {
+ exit.Message(reason.GuestStart, "extra waiting: {{.error}}", out.V{"error": err})
+ }
+ }
+
+ if err := showKubectlInfo(configInfo, starter.Node.KubernetesVersion, starter.Node.ContainerRuntime, starter.Cfg.Name); err != nil {
klog.Errorf("kubectl info: %v", err)
}
}
-func provisionWithDriver(cmd *cobra.Command, ds registry.DriverState, existing *config.ClusterConfig) (node.Starter, error) {
+func provisionWithDriver(cmd *cobra.Command, ds registry.DriverState, existing *config.ClusterConfig, options *run.CommandOptions) (node.Starter, error) {
driverName := ds.Name
klog.Infof("selected driver: %s", driverName)
validateDriver(ds, existing)
@@ -282,21 +313,53 @@ func provisionWithDriver(cmd *cobra.Command, ds registry.DriverState, existing *
klog.Errorf("Error autoSetOptions : %v", err)
}
+ virtualBoxMacOS13PlusWarning(driverName)
+ hyperkitDeprecationWarning(driverName)
validateFlags(cmd, driverName)
validateUser(driverName)
if driverName == oci.Docker {
validateDockerStorageDriver(driverName)
}
+ k8sVersion, err := getKubernetesVersion(existing)
+ if err != nil {
+ klog.Warningf("failed getting Kubernetes version: %v", err)
+ }
+
+ // Disallow accepting addons flag without Kubernetes
+ // It places here because cluster config is required to get the old version.
+ if cmd.Flags().Changed(config.AddonListFlag) {
+ if k8sVersion == constants.NoKubernetesVersion || viper.GetBool(noKubernetes) {
+ exit.Message(reason.Usage, "You cannot enable addons on a cluster without Kubernetes, to enable Kubernetes on your cluster, run: minikube start --kubernetes-version=stable")
+ }
+ }
+
// Download & update the driver, even in --download-only mode
if !viper.GetBool(dryRun) {
updateDriver(driverName)
}
- k8sVersion := getKubernetesVersion(existing)
- cc, n, err := generateClusterConfig(cmd, existing, k8sVersion, driverName)
+ // Check whether we may need to stop Kubernetes.
+ var stopk8s bool
+ if existing != nil && viper.GetBool(noKubernetes) {
+ stopk8s = true
+ }
+
+ rtime := getContainerRuntime(existing)
+ cc, n, err := generateClusterConfig(cmd, existing, k8sVersion, rtime, driverName, options)
if err != nil {
- return node.Starter{}, errors.Wrap(err, "Failed to generate config")
+ return node.Starter{}, errors.Wrap(err, "Failed to generate cluster config")
+ }
+ klog.Infof("cluster config:\n%+v", cc)
+
+ if firewall.IsBootpdBlocked(cc) {
+ if err := firewall.UnblockBootpd(options); err != nil {
+ klog.Warningf("failed unblocking bootpd from firewall: %v", err)
+ }
+ }
+
+ if driver.IsVM(cc.Driver) && runtime.GOARCH == "arm64" && cc.KubernetesConfig.ContainerRuntime == "crio" {
+ exit.Message(reason.Unimplemented, "arm64 VM drivers do not currently support the crio container runtime. See https://github.com/kubernetes/minikube/issues/14146 for details.")
}
// This is about as far as we can go without overwriting config files
@@ -306,11 +369,11 @@ func provisionWithDriver(cmd *cobra.Command, ds registry.DriverState, existing *
}
if driver.IsVM(driverName) && !driver.IsSSH(driverName) {
- url, err := download.ISO(viper.GetStringSlice(isoURL), cmd.Flags().Changed(isoURL))
+ urlString, err := download.ISO(viper.GetStringSlice(isoURL), cmd.Flags().Changed(isoURL))
if err != nil {
return node.Starter{}, errors.Wrap(err, "Failed to cache ISO")
}
- cc.MinikubeISO = url
+ cc.MinikubeISO = urlString
}
var existingAddons map[string]bool
@@ -327,7 +390,7 @@ func provisionWithDriver(cmd *cobra.Command, ds registry.DriverState, existing *
ssh.SetDefaultClient(ssh.External)
}
- mRunner, preExists, mAPI, host, err := node.Provision(&cc, &n, true, viper.GetBool(deleteOnFailure))
+ mRunner, preExists, mAPI, host, err := node.Provision(&cc, &n, viper.GetBool(deleteOnFailure), options)
if err != nil {
return node.Starter{}, err
}
@@ -335,6 +398,7 @@ func provisionWithDriver(cmd *cobra.Command, ds registry.DriverState, existing *
return node.Starter{
Runner: mRunner,
PreExists: preExists,
+ StopK8s: stopk8s,
MachineAPI: mAPI,
Host: host,
ExistingAddons: existingAddons,
@@ -343,56 +407,127 @@ func provisionWithDriver(cmd *cobra.Command, ds registry.DriverState, existing *
}, nil
}
-func startWithDriver(cmd *cobra.Command, starter node.Starter, existing *config.ClusterConfig) (*kubeconfig.Settings, error) {
- kubeconfig, err := node.Start(starter, true)
+func virtualBoxMacOS13PlusWarning(driverName string) {
+ if !driver.IsVirtualBox(driverName) || !detect.MacOS13Plus() {
+ return
+ }
+ out.WarningT(`Due to changes in macOS 13+ minikube doesn't currently support VirtualBox. You can use alternative drivers such as 'vfkit', 'qemu', or 'docker'.
+ https://minikube.sigs.k8s.io/docs/drivers/vfkit/
+ https://minikube.sigs.k8s.io/docs/drivers/qemu/
+ https://minikube.sigs.k8s.io/docs/drivers/docker/
+ For more details on the issue see: https://github.com/kubernetes/minikube/issues/15274
+`)
+}
+
+// hyperkitDeprecationWarning prints a deprecation warning for the hyperkit driver
+func hyperkitDeprecationWarning(driverName string) {
+ if !driver.IsHyperKit(driverName) {
+ return
+ }
+ out.WarningT(`The 'hyperkit' driver is deprecated and will be removed in a future release.
+ You can use alternative drivers such as 'vfkit', 'qemu', or 'docker'.
+ https://minikube.sigs.k8s.io/docs/drivers/vfkit/
+ https://minikube.sigs.k8s.io/docs/drivers/qemu/
+ https://minikube.sigs.k8s.io/docs/drivers/docker/
+ `)
+}
+
+func validateBuiltImageVersion(r command.Runner, driverName string) {
+ if driver.IsNone(driverName) {
+ return
+ }
+ res, err := r.RunCmd(exec.Command("cat", "/version.json"))
+ if err != nil {
+ klog.Warningf("Unable to open version.json: %s", err)
+ return
+ }
+
+ var versionDetails versionJSON
+ if err := json.Unmarshal(res.Stdout.Bytes(), &versionDetails); err != nil {
+ out.WarningT("Unable to parse version.json: {{.error}}, json: {{.json}}", out.V{"error": err, "json": res.Stdout.String()})
+ return
+ }
+
+ if !imageMatchesBinaryVersion(versionDetails.MinikubeVersion, version.GetVersion()) {
+ out.WarningT("Image was not built for the current minikube version. To resolve this you can delete and recreate your minikube cluster using the latest images. Expected minikube version: {{.imageMinikubeVersion}} -> Actual minikube version: {{.minikubeVersion}}", out.V{"imageMinikubeVersion": versionDetails.MinikubeVersion, "minikubeVersion": version.GetVersion()})
+ }
+}
+
+func imageMatchesBinaryVersion(imageVersion, binaryVersion string) bool {
+ if binaryVersion == imageVersion {
+ return true
+ }
+
+ // the map below is used to map the binary version to the version the image expects
+ // this is usually done when a patch version is released but a new ISO/Kicbase is not needed
+ // that way a version mismatch warning won't be thrown
+ //
+ // ex.
+ // the v1.31.0 and v1.31.1 minikube binaries both use v1.31.0 ISO & Kicbase
+ // to prevent the v1.31.1 binary from throwing a version mismatch warning we use the map to change the binary version used in the comparison
+
+ mappedVersions := map[string]string{
+ "v1.31.1": "v1.31.0",
+ "v1.31.2": "v1.31.0",
+ }
+ binaryVersion, ok := mappedVersions[binaryVersion]
+
+ return ok && binaryVersion == imageVersion
+}
+
+func startWithDriver(cmd *cobra.Command, starter node.Starter, existing *config.ClusterConfig, options *run.CommandOptions) (*kubeconfig.Settings, error) {
+ // start primary control-plane node
+ configInfo, err := node.Start(starter, options)
if err != nil {
- kubeconfig, err = maybeDeleteAndRetry(cmd, *starter.Cfg, *starter.Node, starter.ExistingAddons, err)
+ configInfo, err = maybeDeleteAndRetry(cmd, *starter.Cfg, *starter.Node, starter.ExistingAddons, err, options)
if err != nil {
return nil, err
}
}
+ // target total and number of control-plane nodes
+ numCPNodes := 1
numNodes := viper.GetInt(nodes)
if existing != nil {
- if numNodes > 1 {
- // We ignore the --nodes parameter if we're restarting an existing cluster
- out.WarningT(`The cluster {{.cluster}} already exists which means the --nodes parameter will be ignored. Use "minikube node add" to add nodes to an existing cluster.`, out.V{"cluster": existing.Name})
+ numCPNodes = 0
+ for _, n := range existing.Nodes {
+ if n.ControlPlane {
+ numCPNodes++
+ }
}
numNodes = len(existing.Nodes)
+ } else if viper.GetBool(ha) {
+ numCPNodes = 3
}
- if numNodes > 1 {
- if driver.BareMetal(starter.Cfg.Driver) {
- exit.Message(reason.DrvUnsupportedMulti, "The none driver is not compatible with multi-node clusters.")
+
+ // apart from starter, add any additional existing or new nodes
+ for i := 1; i < numNodes; i++ {
+ var n config.Node
+ if existing != nil {
+ n = existing.Nodes[i]
} else {
- if existing == nil {
- for i := 1; i < numNodes; i++ {
- nodeName := node.Name(i + 1)
- n := config.Node{
- Name: nodeName,
- Worker: true,
- ControlPlane: false,
- KubernetesVersion: starter.Cfg.KubernetesConfig.KubernetesVersion,
- }
- out.Ln("") // extra newline for clarity on the command line
- err := node.Add(starter.Cfg, n, viper.GetBool(deleteOnFailure))
- if err != nil {
- return nil, errors.Wrap(err, "adding node")
- }
- }
- } else {
- for _, n := range existing.Nodes {
- if !n.ControlPlane {
- err := node.Add(starter.Cfg, n, viper.GetBool(deleteOnFailure))
- if err != nil {
- return nil, errors.Wrap(err, "adding node")
- }
- }
- }
+ nodeName := node.Name(i + 1)
+ n = config.Node{
+ Name: nodeName,
+ Port: starter.Cfg.APIServerPort,
+ KubernetesVersion: starter.Cfg.KubernetesConfig.KubernetesVersion,
+ ContainerRuntime: starter.Cfg.KubernetesConfig.ContainerRuntime,
+ Worker: true,
+ }
+ if i < numCPNodes { // starter node is also counted as (primary) cp node
+ n.ControlPlane = true
}
}
+
+ out.Ln("") // extra newline for clarity on the command line
+ if err := node.Add(starter.Cfg, n, viper.GetBool(deleteOnFailure), options); err != nil {
+ return nil, errors.Wrap(err, "adding node")
+ }
}
- return kubeconfig, nil
+ pause.RemovePausedFile(starter.Runner)
+
+ return configInfo, nil
}
func warnAboutMultiNodeCNI() {
@@ -400,28 +535,34 @@ func warnAboutMultiNodeCNI() {
}
func updateDriver(driverName string) {
- v, err := version.GetSemverVersion()
- if err != nil {
- out.WarningT("Error parsing minikube version: {{.error}}", out.V{"error": err})
- } else if err := auxdriver.InstallOrUpdate(driverName, localpath.MakeMiniPath("bin"), v, viper.GetBool(interactive), viper.GetBool(autoUpdate)); err != nil {
+ if err := auxdriver.InstallOrUpdate(driverName, localpath.MakeMiniPath("bin"), viper.GetBool(flags.Interactive), viper.GetBool(autoUpdate)); err != nil {
+ if errors.Is(err, auxdriver.ErrAuxDriverVersionCommandFailed) {
+ exit.Error(reason.DrvAuxNotHealthy, "Aux driver "+driverName, err)
+ }
+ if errors.Is(err, auxdriver.ErrAuxDriverVersionNotinPath) {
+ exit.Error(reason.DrvAuxNotHealthy, "Aux driver"+driverName, err)
+ } // if failed to update but not a fatal error, log it and continue (old version might still work)
out.WarningT("Unable to update {{.driver}} driver: {{.error}}", out.V{"driver": driverName, "error": err})
}
}
-func displayVersion(version string) {
+func displayVersion(ver string) {
prefix := ""
if ClusterFlagValue() != constants.DefaultClusterName {
prefix = fmt.Sprintf("[%s] ", ClusterFlagValue())
}
register.Reg.SetStep(register.InitialSetup)
- out.Step(style.Happy, "{{.prefix}}minikube {{.version}} on {{.platform}}", out.V{"prefix": prefix, "version": version, "platform": platform()})
+ out.Step(style.Happy, "{{.prefix}}minikube {{.version}} on {{.platform}}", out.V{"prefix": prefix, "version": ver, "platform": platform()})
}
// displayEnviron makes the user aware of environment variables that will affect how minikube operates
func displayEnviron(env []string) {
for _, kv := range env {
bits := strings.SplitN(kv, "=", 2)
+ if len(bits) < 2 {
+ continue
+ }
k := bits[0]
v := bits[1]
if strings.HasPrefix(k, "MINIKUBE_") || k == constants.KubeconfigEnvVar {
@@ -430,7 +571,29 @@ func displayEnviron(env []string) {
}
}
-func showKubectlInfo(kcs *kubeconfig.Settings, k8sVersion string, machineName string) error {
+func showKubectlInfo(kcs *kubeconfig.Settings, k8sVersion, rtime, machineName string) error {
+ if k8sVersion == constants.NoKubernetesVersion {
+ register.Reg.SetStep(register.Done)
+ out.Step(style.Ready, "Done! minikube is ready without Kubernetes!")
+
+ // Runtime message.
+ boxConfig := box.Config{Py: 1, Px: 4, Type: "Round", Color: "Green"}
+ switch rtime {
+ case constants.Docker:
+ out.BoxedWithConfig(boxConfig, style.Tip, "Things to try without Kubernetes ...", `- "minikube ssh" to SSH into minikube's node.
+- "minikube docker-env" to point your docker-cli to the docker inside minikube.
+- "minikube image" to build images without docker.`)
+ case constants.Containerd:
+ out.BoxedWithConfig(boxConfig, style.Tip, "Things to try without Kubernetes ...", `- "minikube ssh" to SSH into minikube's node.
+- "minikube image" to build images without docker.`)
+ case constants.CRIO:
+ out.BoxedWithConfig(boxConfig, style.Tip, "Things to try without Kubernetes ...", `- "minikube ssh" to SSH into minikube's node.
+- "minikube podman-env" to point your podman-cli to the podman inside minikube.
+- "minikube image" to build images without docker.`)
+ }
+ return nil
+ }
+
// To be shown at the end, regardless of exit path
defer func() {
register.Reg.SetStep(register.Done)
@@ -463,14 +626,14 @@ func showKubectlInfo(kcs *kubeconfig.Settings, k8sVersion string, machineName st
if client.Major != cluster.Major || minorSkew > 1 {
out.Ln("")
- out.WarningT("{{.path}} is version {{.client_version}}, which may have incompatibilites with Kubernetes {{.cluster_version}}.",
+ out.WarningT("{{.path}} is version {{.client_version}}, which may have incompatibilities with Kubernetes {{.cluster_version}}.",
out.V{"path": path, "client_version": client, "cluster_version": cluster})
out.Infof("Want kubectl {{.version}}? Try 'minikube kubectl -- get pods -A'", out.V{"version": k8sVersion})
}
return nil
}
-func maybeDeleteAndRetry(cmd *cobra.Command, existing config.ClusterConfig, n config.Node, existingAddons map[string]bool, originalErr error) (*kubeconfig.Settings, error) {
+func maybeDeleteAndRetry(cmd *cobra.Command, existing config.ClusterConfig, n config.Node, existingAddons map[string]bool, originalErr error, options *run.CommandOptions) (*kubeconfig.Settings, error) {
if viper.GetBool(deleteOnFailure) {
out.WarningT("Node {{.name}} failed to start, deleting and trying again.", out.V{"name": n.Name})
// Start failed, delete the cluster and try again
@@ -479,16 +642,17 @@ func maybeDeleteAndRetry(cmd *cobra.Command, existing config.ClusterConfig, n co
out.ErrT(style.Meh, `"{{.name}}" profile does not exist, trying anyways.`, out.V{"name": existing.Name})
}
- err = deleteProfile(context.Background(), profile)
+ err = deleteProfile(context.Background(), profile, options)
if err != nil {
out.WarningT("Failed to delete cluster {{.name}}, proceeding with retry anyway.", out.V{"name": existing.Name})
}
// Re-generate the cluster config, just in case the failure was related to an old config format
cc := updateExistingConfigFromFlags(cmd, &existing)
- var kubeconfig *kubeconfig.Settings
+ var configInfo *kubeconfig.Settings
+
for _, n := range cc.Nodes {
- r, p, m, h, err := node.Provision(&cc, &n, n.ControlPlane, false)
+ r, p, m, h, err := node.Provision(&cc, &n, false, options)
s := node.Starter{
Runner: r,
PreExists: p,
@@ -503,16 +667,16 @@ func maybeDeleteAndRetry(cmd *cobra.Command, existing config.ClusterConfig, n co
return nil, err
}
- k, err := node.Start(s, n.ControlPlane)
+ k, err := node.Start(s, options)
if n.ControlPlane {
- kubeconfig = k
+ configInfo = k
}
if err != nil {
// Ok we failed again, let's bail
return nil, err
}
}
- return kubeconfig, nil
+ return configInfo, nil
}
// Don't delete the cluster unless they ask
return nil, originalErr
@@ -544,14 +708,14 @@ func kubectlVersion(path string) (string, error) {
}
// returns (current_driver, suggested_drivers, "true, if the driver is set by command line arg or in the config file")
-func selectDriver(existing *config.ClusterConfig) (registry.DriverState, []registry.DriverState, bool) {
+func selectDriver(existing *config.ClusterConfig, options *run.CommandOptions) (registry.DriverState, []registry.DriverState, bool) {
// Technically unrelated, but important to perform before detection
driver.SetLibvirtURI(viper.GetString(kvmQemuURI))
register.Reg.SetStep(register.SelectingDriver)
// By default, the driver is whatever we used last time
if existing != nil {
- old := hostDriver(existing)
- ds := driver.Status(old)
+ old := hostDriver(existing, options)
+ ds := driver.Status(old, options)
out.Step(style.Sparkle, `Using the {{.driver}} driver based on existing profile`, out.V{"driver": ds.String()})
return ds, nil, true
}
@@ -568,7 +732,7 @@ func selectDriver(existing *config.ClusterConfig) (registry.DriverState, []regis
`
out.WarningT(warning, out.V{"driver": d, "vmd": vmd})
}
- ds := driver.Status(d)
+ ds := driver.Status(d, options)
if ds.Name == "" {
exit.Message(reason.DrvUnsupportedOS, "The driver '{{.driver}}' is not supported on {{.os}}/{{.arch}}", out.V{"driver": d, "os": runtime.GOOS, "arch": runtime.GOARCH})
}
@@ -578,7 +742,7 @@ func selectDriver(existing *config.ClusterConfig) (registry.DriverState, []regis
// Fallback to old driver parameter
if d := viper.GetString("vm-driver"); d != "" {
- ds := driver.Status(viper.GetString("vm-driver"))
+ ds := driver.Status(viper.GetString("vm-driver"), options)
if ds.Name == "" {
exit.Message(reason.DrvUnsupportedOS, "The driver '{{.driver}}' is not supported on {{.os}}/{{.arch}}", out.V{"driver": d, "os": runtime.GOOS, "arch": runtime.GOARCH})
}
@@ -586,7 +750,7 @@ func selectDriver(existing *config.ClusterConfig) (registry.DriverState, []regis
return ds, nil, true
}
- choices := driver.Choices(viper.GetBool("vm"))
+ choices := driver.Choices(viper.GetBool("vm"), options)
pick, alts, rejects := driver.Suggest(choices)
if pick.Name == "" {
out.Step(style.ThumbsDown, "Unable to pick a default driver. Here is what was considered, in preference order:")
@@ -596,8 +760,21 @@ func selectDriver(existing *config.ClusterConfig) (registry.DriverState, []regis
}
return rejects[i].Priority > rejects[j].Priority
})
+
+ // Display the issue for installed drivers
for _, r := range rejects {
- if !r.Default {
+ if r.Default && r.State.Installed {
+ out.Infof("{{ .name }}: {{ .rejection }}", out.V{"name": r.Name, "rejection": r.Rejection})
+ if r.Suggestion != "" {
+ out.Infof("{{ .name }}: Suggestion: {{ .suggestion}}", out.V{"name": r.Name, "suggestion": r.Suggestion})
+ }
+ }
+ }
+
+ // Display the other drivers users can install
+ out.Step(style.Tip, "Alternatively you could install one of these drivers:")
+ for _, r := range rejects {
+ if !r.Default || r.State.Installed {
continue
}
out.Infof("{{ .name }}: {{ .rejection }}", out.V{"name": r.Name, "rejection": r.Rejection})
@@ -616,11 +793,12 @@ func selectDriver(existing *config.ClusterConfig) (registry.DriverState, []regis
break
}
}
- if foundStoppedDocker {
+ switch {
+ case foundStoppedDocker:
exit.Message(reason.DrvDockerNotRunning, "Found docker, but the docker service isn't running. Try restarting the docker service.")
- } else if foundUnhealthy {
+ case foundUnhealthy:
exit.Message(reason.DrvNotHealthy, "Found driver(s) but none were healthy. See above for suggestions how to fix installed drivers.")
- } else {
+ default:
exit.Message(reason.DrvNotDetected, "No possible driver was detected. Try specifying --driver, or see https://minikube.sigs.k8s.io/docs/start/")
}
}
@@ -638,28 +816,27 @@ func selectDriver(existing *config.ClusterConfig) (registry.DriverState, []regis
}
// hostDriver returns the actual driver used by a libmachine host, which can differ from our config
-func hostDriver(existing *config.ClusterConfig) string {
+func hostDriver(existing *config.ClusterConfig, options *run.CommandOptions) string {
if existing == nil {
return ""
}
- api, err := machine.NewAPIClient()
+
+ api, err := machine.NewAPIClient(options)
if err != nil {
klog.Warningf("selectDriver NewAPIClient: %v", err)
return existing.Driver
}
- cp, err := config.PrimaryControlPlane(existing)
+ cp, err := config.ControlPlane(*existing)
if err != nil {
- klog.Warningf("Unable to get control plane from existing config: %v", err)
+ klog.Errorf("Unable to get primary control-plane node from existing config: %v", err)
return existing.Driver
}
+
machineName := config.MachineName(*existing, cp)
h, err := api.Load(machineName)
if err != nil {
- klog.Warningf("api.Load failed for %s: %v", machineName, err)
- if existing.VMDriver != "" {
- return existing.VMDriver
- }
+ klog.Errorf("api.Load failed for %s: %v", machineName, err)
return existing.Driver
}
@@ -687,7 +864,7 @@ func validateProfileName() {
// validateSpecifiedDriver makes sure that if a user has passed in a driver
// it matches the existing cluster if there is one
-func validateSpecifiedDriver(existing *config.ClusterConfig) {
+func validateSpecifiedDriver(existing *config.ClusterConfig, options *run.CommandOptions) {
if existing == nil {
return
}
@@ -704,7 +881,7 @@ func validateSpecifiedDriver(existing *config.ClusterConfig) {
return
}
- old := hostDriver(existing)
+ old := hostDriver(existing, options)
if requested == old {
return
}
@@ -715,15 +892,15 @@ func validateSpecifiedDriver(existing *config.ClusterConfig) {
return
}
- out.WarningT("Deleting existing cluster {{.name}} with different driver {{.driver_name}} due to --delete-on-failure flag set by the user. ", out.V{"name": existing.Name, "driver_name": old})
if viper.GetBool(deleteOnFailure) {
+ out.WarningT("Deleting existing cluster {{.name}} with different driver {{.driver_name}} due to --delete-on-failure flag set by the user. ", out.V{"name": existing.Name, "driver_name": old})
// Start failed, delete the cluster
profile, err := config.LoadProfile(existing.Name)
if err != nil {
out.ErrT(style.Meh, `"{{.name}}" profile does not exist, trying anyways.`, out.V{"name": existing.Name})
}
- err = deleteProfile(context.Background(), profile)
+ err = deleteProfile(context.Background(), profile, options)
if err != nil {
out.WarningT("Failed to delete cluster {{.name}}.", out.V{"name": existing.Name})
}
@@ -745,21 +922,21 @@ func validateSpecifiedDriver(existing *config.ClusterConfig) {
// validateDriver validates that the selected driver appears sane, exits if not
func validateDriver(ds registry.DriverState, existing *config.ClusterConfig) {
- name := ds.Name
- os := detect.RuntimeOS()
+ driverName := ds.Name
+ osName := detect.RuntimeOS()
arch := detect.RuntimeArch()
- klog.Infof("validating driver %q against %+v", name, existing)
- if !driver.Supported(name) {
- exit.Message(reason.DrvUnsupportedOS, "The driver '{{.driver}}' is not supported on {{.os}}/{{.arch}}", out.V{"driver": name, "os": os, "arch": arch})
+ klog.Infof("validating driver %q against %+v", driverName, existing)
+ if !driver.Supported(driverName) {
+ exit.Message(reason.DrvUnsupportedOS, "The driver '{{.driver}}' is not supported on {{.os}}/{{.arch}}", out.V{"driver": driverName, "os": osName, "arch": arch})
}
// if we are only downloading artifacts for a driver, we can stop validation here
- if viper.GetBool("download-only") {
+ if viper.GetBool(flags.DownloadOnly) {
return
}
st := ds.State
- klog.Infof("status for %s: %+v", name, st)
+ klog.Infof("status for %s: %+v", driverName, st)
if st.NeedsImprovement {
out.Styled(style.Improvement, `For improved {{.driver}} performance, {{.fix}}`, out.V{"driver": driver.FullName(ds.Name), "fix": translate.T(st.Fix)})
@@ -767,7 +944,7 @@ func validateDriver(ds registry.DriverState, existing *config.ClusterConfig) {
if ds.Priority == registry.Obsolete {
exit.Message(reason.Kind{
- ID: fmt.Sprintf("PROVIDER_%s_OBSOLETE", strings.ToUpper(name)),
+ ID: fmt.Sprintf("PROVIDER_%s_OBSOLETE", strings.ToUpper(driverName)),
Advice: translate.T(st.Fix),
ExitCode: reason.ExProviderUnsupported,
URL: st.Doc,
@@ -786,23 +963,23 @@ func validateDriver(ds registry.DriverState, existing *config.ClusterConfig) {
if !st.Installed {
exit.Message(reason.Kind{
- ID: fmt.Sprintf("PROVIDER_%s_NOT_FOUND", strings.ToUpper(name)),
+ ID: fmt.Sprintf("PROVIDER_%s_NOT_FOUND", strings.ToUpper(driverName)),
Advice: translate.T(st.Fix),
ExitCode: reason.ExProviderNotFound,
URL: st.Doc,
Style: style.Shrug,
- }, `The '{{.driver}}' provider was not found: {{.error}}`, out.V{"driver": name, "error": st.Error})
+ }, `The '{{.driver}}' provider was not found: {{.error}}`, out.V{"driver": driverName, "error": st.Error})
}
id := st.Reason
if id == "" {
- id = fmt.Sprintf("PROVIDER_%s_ERROR", strings.ToUpper(name))
+ id = fmt.Sprintf("PROVIDER_%s_ERROR", strings.ToUpper(driverName))
}
code := reason.ExProviderUnavailable
if !st.Running {
- id = fmt.Sprintf("PROVIDER_%s_NOT_RUNNING", strings.ToUpper(name))
+ id = fmt.Sprintf("PROVIDER_%s_NOT_RUNNING", strings.ToUpper(driverName))
code = reason.ExProviderNotRunning
}
@@ -878,7 +1055,7 @@ func validateUser(drvName string) {
// None driver works with root and without root on Linux
if runtime.GOOS == "linux" && drvName == driver.None {
- if !viper.GetBool(interactive) {
+ if !viper.GetBool(flags.Interactive) {
test := exec.Command("sudo", "-n", "echo", "-n")
if err := test.Run(); err != nil {
exit.Message(reason.DrvNeedsRoot, `sudo requires a password, and --interactive=false`)
@@ -892,7 +1069,7 @@ func validateUser(drvName string) {
return
}
- out.ErrT(style.Stopped, `The "{{.driver_name}}" driver should not be used with root privileges.`, out.V{"driver_name": drvName})
+ out.ErrT(style.Stopped, `The "{{.driver_name}}" driver should not be used with root privileges. If you wish to continue as root, use --force.`, out.V{"driver_name": drvName})
out.ErrT(style.Tip, "If you are running minikube within a VM, consider using --driver=none:")
out.ErrT(style.Documentation, " {{.url}}", out.V{"url": "https://minikube.sigs.k8s.io/docs/reference/drivers/none/"})
@@ -935,13 +1112,14 @@ func memoryLimits(drvName string) (int, int, error) {
return sysLimit, containerLimit, nil
}
-// suggestMemoryAllocation calculates the default memory footprint in MiB
-func suggestMemoryAllocation(sysLimit int, containerLimit int, nodes int) int {
- if mem := viper.GetInt(memory); mem != 0 {
+// suggestMemoryAllocation calculates the default memory footprint in MiB.
+func suggestMemoryAllocation(sysLimit, containerLimit, nodes int) int {
+ if mem := viper.GetInt(memory); mem != 0 && mem < sysLimit {
return mem
}
- fallback := 2200
- maximum := 6000
+
+ const fallback = 3072
+ maximum := 6144
if sysLimit > 0 && fallback > sysLimit {
return sysLimit
@@ -997,6 +1175,11 @@ func validateRequestedMemorySize(req int, drvName string) {
exitIfNotForced(reason.RsrcInsufficientSysMemory, "System only has {{.size}}MiB available, less than the required {{.req}}MiB for Kubernetes", out.V{"size": sysLimit, "req": minUsableMem})
}
+ // if --memory=no-limit, ignore remaining checks
+ if req == 0 && driver.IsKIC(drvName) {
+ return
+ }
+
if req < minUsableMem {
exitIfNotForced(reason.RsrcInsufficientReqMemory, "Requested memory allocation {{.requested}}MiB is less than the usable minimum of {{.minimum_memory}}MB", out.V{"requested": req, "minimum_memory": minUsableMem})
}
@@ -1026,6 +1209,10 @@ func validateRequestedMemorySize(req int, drvName string) {
`The requested memory allocation of {{.requested}}MiB does not leave room for system overhead (total system memory: {{.system_limit}}MiB). You may face stability issues.`,
out.V{"requested": req, "system_limit": sysLimit, "advised": advised})
}
+
+ if driver.IsHyperV(drvName) && req%2 == 1 {
+ exitIfNotForced(reason.RsrcInvalidHyperVMemory, "Hyper-V requires that memory MB be an even number, {{.memory}}MB was specified, try passing `--memory {{.suggestMemory}}`", out.V{"memory": req, "suggestMemory": req - 1})
+ }
}
// validateCPUCount validates the cpu count matches the minimum recommended & not exceeding the available cpu count
@@ -1052,6 +1239,23 @@ func validateCPUCount(drvName string) {
availableCPUs = ci
}
+ switch {
+ case availableCPUs < 2:
+ switch {
+ case drvName == oci.Docker && runtime.GOOS == "darwin":
+ exitIfNotForced(reason.RsrcInsufficientDarwinDockerCores, "Docker Desktop has less than 2 CPUs configured, but Kubernetes requires at least 2 to be available")
+ case drvName == oci.Docker && runtime.GOOS == "windows":
+ exitIfNotForced(reason.RsrcInsufficientWindowsDockerCores, "Docker Desktop has less than 2 CPUs configured, but Kubernetes requires at least 2 to be available")
+ default:
+ exitIfNotForced(reason.RsrcInsufficientCores, "{{.driver_name}} has less than 2 CPUs available, but Kubernetes requires at least 2 to be available", out.V{"driver_name": driver.FullName(viper.GetString("driver"))})
+ }
+ }
+
+ // if --cpus=no-limit, ignore remaining checks
+ if cpuCount == 0 && driver.IsKIC(drvName) {
+ return
+ }
+
if cpuCount < minimumCPUS {
exitIfNotForced(reason.RsrcInsufficientCores, "Requested cpu count {{.requested_cpus}} is less than the minimum allowed of {{.minimum_cpus}}", out.V{"requested_cpus": cpuCount, "minimum_cpus": minimumCPUS})
}
@@ -1070,31 +1274,14 @@ func validateCPUCount(drvName string) {
exitIfNotForced(reason.RsrcInsufficientCores, "Requested cpu count {{.requested_cpus}} is greater than the available cpus of {{.avail_cpus}}", out.V{"requested_cpus": cpuCount, "avail_cpus": availableCPUs})
}
-
- // looks good
- if availableCPUs >= 2 {
- return
- }
-
- if drvName == oci.Docker && runtime.GOOS == "darwin" {
- exitIfNotForced(reason.RsrcInsufficientDarwinDockerCores, "Docker Desktop has less than 2 CPUs configured, but Kubernetes requires at least 2 to be available")
- } else if drvName == oci.Docker && runtime.GOOS == "windows" {
- exitIfNotForced(reason.RsrcInsufficientWindowsDockerCores, "Docker Desktop has less than 2 CPUs configured, but Kubernetes requires at least 2 to be available")
- } else {
- exitIfNotForced(reason.RsrcInsufficientCores, "{{.driver_name}} has less than 2 CPUs available, but Kubernetes requires at least 2 to be available", out.V{"driver_name": driver.FullName(viper.GetString("driver"))})
- }
}
// validateFlags validates the supplied flags against known bad combinations
-func validateFlags(cmd *cobra.Command, drvName string) {
+func validateFlags(cmd *cobra.Command, drvName string) { //nolint:gocyclo
if cmd.Flags().Changed(humanReadableDiskSize) {
- diskSizeMB, err := util.CalculateSizeInMB(viper.GetString(humanReadableDiskSize))
+ err := validateDiskSize(viper.GetString(humanReadableDiskSize))
if err != nil {
- exitIfNotForced(reason.Usage, "Validation unable to parse disk size '{{.diskSize}}': {{.error}}", out.V{"diskSize": viper.GetString(humanReadableDiskSize), "error": err})
- }
-
- if diskSizeMB < minimumDiskSize {
- exitIfNotForced(reason.RsrcInsufficientStorage, "Requested disk size {{.requested_size}} is less than minimum of {{.minimum_size}}", out.V{"requested_size": diskSizeMB, "minimum_size": minimumDiskSize})
+ exitIfNotForced(reason.Usage, "{{.err}}", out.V{"err": err})
}
}
@@ -1106,6 +1293,10 @@ func validateFlags(cmd *cobra.Command, drvName string) {
validateCPUCount(drvName)
+ if drvName == driver.None && viper.GetBool(noKubernetes) {
+ exit.Message(reason.Usage, "Cannot use the option --no-kubernetes on the {{.name}} driver", out.V{"name": drvName})
+ }
+
if cmd.Flags().Changed(memory) {
validateChangedMemoryFlags(drvName)
}
@@ -1118,48 +1309,44 @@ func validateFlags(cmd *cobra.Command, drvName string) {
viper.Set(imageRepository, validateImageRepository(viper.GetString(imageRepository)))
}
- if cmd.Flags().Changed(containerRuntime) {
- runtime := strings.ToLower(viper.GetString(containerRuntime))
-
- validOptions := cruntime.ValidRuntimes()
- // `crio` is accepted as an alternative spelling to `cri-o`
- validOptions = append(validOptions, constants.CRIO)
+ if cmd.Flags().Changed(ports) {
+ err := validatePorts(viper.GetStringSlice(ports))
+ if err != nil {
+ exit.Message(reason.Usage, "{{.err}}", out.V{"err": err})
+ }
- var validRuntime bool
- for _, option := range validOptions {
- if runtime == option {
- validRuntime = true
- }
+ }
- // Convert `cri-o` to `crio` as the K8s config uses the `crio` spelling
- if runtime == "cri-o" {
- viper.Set(containerRuntime, constants.CRIO)
- }
+ if cmd.Flags().Changed(subnet) {
+ err := validateSubnet(viper.GetString(subnet))
+ if err != nil {
+ exit.Message(reason.Usage, "{{.err}}", out.V{"err": err})
}
+ }
- if !validRuntime {
- exit.Message(reason.Usage, `Invalid Container Runtime: "{{.runtime}}". Valid runtimes are: {{.validOptions}}`, out.V{"runtime": runtime, "validOptions": strings.Join(cruntime.ValidRuntimes(), ", ")})
+ if cmd.Flags().Changed(containerRuntime) {
+ err := validateRuntime(viper.GetString(containerRuntime))
+ if err != nil {
+ exit.Message(reason.Usage, "{{.err}}", out.V{"err": err})
}
-
- validateCNI(cmd, runtime)
+ validateCNI(cmd, viper.GetString(containerRuntime))
}
- if driver.BareMetal(drvName) {
- if ClusterFlagValue() != constants.DefaultClusterName {
- exit.Message(reason.DrvUnsupportedProfile, "The '{{.name}} driver does not support multiple profiles: https://minikube.sigs.k8s.io/docs/reference/drivers/none/", out.V{"name": drvName})
+ if cmd.Flags().Changed(staticIP) {
+ if err := validateStaticIP(viper.GetString(staticIP), drvName, viper.GetString(subnet)); err != nil {
+ exit.Message(reason.Usage, "{{.err}}", out.V{"err": err})
}
+ }
- runtime := viper.GetString(containerRuntime)
- if runtime != "docker" {
- out.WarningT("Using the '{{.runtime}}' runtime with the 'none' driver is an untested configuration!", out.V{"runtime": runtime})
+ if cmd.Flags().Changed(gpus) {
+ if err := validateGPUs(viper.GetString(gpus), drvName, viper.GetString(containerRuntime)); err != nil {
+ exit.Message(reason.Usage, "{{.err}}", out.V{"err": err})
}
+ }
- // conntrack is required starting with Kubernetes 1.18, include the release candidates for completion
- version, _ := util.ParseKubernetesVersion(getKubernetesVersion(nil))
- if version.GTE(semver.MustParse("1.18.0-beta.1")) {
- if _, err := exec.LookPath("conntrack"); err != nil {
- exit.Message(reason.GuestMissingConntrack, "Sorry, Kubernetes {{.k8sVersion}} requires conntrack to be installed in root's path", out.V{"k8sVersion": version.String()})
- }
+ if cmd.Flags().Changed(autoPauseInterval) {
+ if err := validateAutoPauseInterval(viper.GetDuration(autoPauseInterval)); err != nil {
+ exit.Message(reason.Usage, "{{.err}}", out.V{"err": err})
}
}
@@ -1192,8 +1379,8 @@ func validateFlags(cmd *cobra.Command, drvName string) {
// check that kubeadm extra args contain only allowed parameters
for param := range config.ExtraOptions.AsMap().Get(bsutil.Kubeadm) {
- if !config.ContainsParam(bsutil.KubeadmExtraArgsAllowed[bsutil.KubeadmCmdParam], param) &&
- !config.ContainsParam(bsutil.KubeadmExtraArgsAllowed[bsutil.KubeadmConfigParam], param) {
+ if !slices.Contains(bsutil.KubeadmExtraArgsAllowed[bsutil.KubeadmCmdParam], param) &&
+ !slices.Contains(bsutil.KubeadmExtraArgsAllowed[bsutil.KubeadmConfigParam], param) {
exit.Message(reason.Usage, "Sorry, the kubeadm.{{.parameter_name}} parameter is currently not supported by --extra-config", out.V{"parameter_name": param})
}
}
@@ -1202,20 +1389,163 @@ func validateFlags(cmd *cobra.Command, drvName string) {
exit.Message(reason.Usage, "Sorry, please set the --output flag to one of the following valid options: [text,json]")
}
+ validateBareMetal(drvName)
validateRegistryMirror()
validateInsecureRegistry()
}
+// validatePorts validates that the --ports are not outside range
+func validatePorts(ports []string) error {
+ var exposedPorts, hostPorts, portSpecs []string
+ for _, p := range ports {
+ if strings.Contains(p, ":") {
+ portSpecs = append(portSpecs, p)
+ } else {
+ exposedPorts = append(exposedPorts, p)
+ }
+ }
+ _, portBindingsMap, err := nat.ParsePortSpecs(portSpecs)
+ if err != nil {
+ return errors.Errorf("Sorry, one of the ports provided with --ports flag is not valid %s (%v)", ports, err)
+ }
+ for exposedPort, portBindings := range portBindingsMap {
+ exposedPorts = append(exposedPorts, exposedPort.Port())
+ for _, portBinding := range portBindings {
+ hostPorts = append(hostPorts, portBinding.HostPort)
+ }
+ }
+ for _, p := range exposedPorts {
+ if err := validatePort(p); err != nil {
+ return err
+ }
+ }
+ for _, p := range hostPorts {
+ if err := validatePort(p); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func validatePort(port string) error {
+ p, err := strconv.Atoi(port)
+ if err != nil {
+ return errors.Errorf("Sorry, one of the ports provided with --ports flag is not valid: %s", port)
+ }
+ if p > 65535 || p < 1 {
+ return errors.Errorf("Sorry, one of the ports provided with --ports flag is outside range: %s", port)
+ }
+ return nil
+}
+
+// validateDiskSize validates the supplied disk size
+func validateDiskSize(diskSize string) error {
+ diskSizeMB, err := util.CalculateSizeInMB(diskSize)
+ if err != nil {
+ return errors.Errorf("Validation unable to parse disk size %v: %v", diskSize, err)
+ }
+ if diskSizeMB < minimumDiskSize {
+ return errors.Errorf("Requested disk size %v is less than minimum of %v", diskSizeMB, minimumDiskSize)
+ }
+ return nil
+}
+
+// validateRuntime validates the supplied runtime
+func validateRuntime(rtime string) error {
+ validOptions := cruntime.ValidRuntimes()
+ // `crio` is accepted as an alternative spelling to `cri-o`
+ validOptions = append(validOptions, constants.CRIO)
+
+ if rtime == constants.DefaultContainerRuntime {
+ return nil
+ }
+
+ var validRuntime bool
+ for _, option := range validOptions {
+ if rtime == option {
+ validRuntime = true
+ }
+
+ // Convert `cri-o` to `crio` as the K8s config uses the `crio` spelling
+ if rtime == "cri-o" {
+ viper.Set(containerRuntime, constants.CRIO)
+ }
+
+ }
+
+ if (rtime == "crio" || rtime == "cri-o") && (strings.HasPrefix(runtime.GOARCH, "ppc64") || detect.RuntimeArch() == "arm" || strings.HasPrefix(detect.RuntimeArch(), "arm/")) {
+ return errors.Errorf("The %s runtime is not compatible with the %s architecture. See https://github.com/cri-o/cri-o/issues/2467 for more details", rtime, runtime.GOARCH)
+ }
+
+ if !validRuntime {
+ return errors.Errorf("Invalid Container Runtime: %s. Valid runtimes are: %s", rtime, cruntime.ValidRuntimes())
+ }
+ return nil
+}
+
+// validateGPUs validates that a valid option was given, and if so, can it be used with the given configuration
+func validateGPUs(value, drvName, rtime string) error {
+ if value == "" {
+ return nil
+ }
+ if err := validateGPUsArch(); err != nil {
+ return err
+ }
+ if value != "nvidia" && value != "all" && value != "amd" && value != "nvidia.com" {
+ return errors.Errorf(`The gpus flag must be passed a value of "nvidia", "nvidia.com", "amd" or "all"`)
+ }
+ if drvName == constants.Docker && (rtime == constants.Docker || rtime == constants.DefaultContainerRuntime) {
+ return nil
+ }
+ return errors.Errorf("The gpus flag can only be used with the docker driver and docker container-runtime")
+}
+
+func validateGPUsArch() error {
+ switch runtime.GOARCH {
+ case "amd64", "arm64", "ppc64le":
+ return nil
+ }
+ return errors.Errorf("The GPUs flag is only supported on amd64, arm64 & ppc64le, currently using %s", runtime.GOARCH)
+}
+
+func validateAutoPauseInterval(interval time.Duration) error {
+ if interval != interval.Abs() || interval.String() == "0s" {
+ return errors.New("auto-pause-interval must be greater than 0s")
+ }
+ return nil
+}
+
+func getContainerRuntime(old *config.ClusterConfig) string {
+ paramRuntime := viper.GetString(containerRuntime)
+
+ // try to load the old version first if the user didn't specify anything
+ if paramRuntime == constants.DefaultContainerRuntime && old != nil {
+ paramRuntime = old.KubernetesConfig.ContainerRuntime
+ }
+
+ if paramRuntime == constants.DefaultContainerRuntime {
+ paramRuntime = defaultRuntime()
+ }
+
+ return paramRuntime
+}
+
+// defaultRuntime returns the default container runtime
+func defaultRuntime() string {
+ // minikube default
+ return constants.Docker
+}
+
// if container runtime is not docker, check that cni is not disabled
-func validateCNI(cmd *cobra.Command, runtime string) {
- if runtime == "docker" {
+func validateCNI(cmd *cobra.Command, runtimeName string) {
+ if runtimeName == constants.Docker {
return
}
if cmd.Flags().Changed(cniFlag) && strings.ToLower(viper.GetString(cniFlag)) == "false" {
if viper.GetBool(force) {
- out.WarnReason(reason.Usage, "You have chosen to disable the CNI but the \"{{.name}}\" container runtime requires CNI", out.V{"name": runtime})
+ out.WarnReason(reason.Usage, "You have chosen to disable the CNI but the \"{{.name}}\" container runtime requires CNI", out.V{"name": runtimeName})
} else {
- exit.Message(reason.Usage, "The \"{{.name}}\" container runtime requires CNI", out.V{"name": runtime})
+ exit.Message(reason.Usage, "The \"{{.name}}\" container runtime requires CNI", out.V{"name": runtimeName})
}
}
}
@@ -1232,13 +1562,19 @@ func validateChangedMemoryFlags(drvName string) {
var req int
var err error
memString := viper.GetString(memory)
- if memString == constants.MaxResources {
+ switch {
+ case memString == constants.NoLimit && driver.IsKIC(drvName):
+ req = 0
+ case memString == constants.MaxResources:
sysLimit, containerLimit, err := memoryLimits(drvName)
if err != nil {
klog.Warningf("Unable to query memory limits: %+v", err)
}
- req = noLimitMemory(sysLimit, containerLimit)
- } else {
+ req = noLimitMemory(sysLimit, containerLimit, drvName)
+ default:
+ if memString == constants.NoLimit {
+ exit.Message(reason.Usage, "The '{{.name}}' driver does not support --memory=no-limit", out.V{"name": drvName})
+ }
req, err = util.CalculateSizeInMB(memString)
if err != nil {
exitIfNotForced(reason.Usage, "Unable to parse memory '{{.memory}}': {{.error}}", out.V{"memory": memString, "error": err})
@@ -1247,12 +1583,23 @@ func validateChangedMemoryFlags(drvName string) {
validateRequestedMemorySize(req, drvName)
}
-func noLimitMemory(sysLimit int, containerLimit int) int {
+func noLimitMemory(sysLimit, containerLimit int, drvName string) int {
if containerLimit != 0 {
return containerLimit
}
// Recommend 1GB to handle OS/VM overhead
- return sysLimit - 1024
+ sysOverhead := 1024
+ if driver.IsVirtualBox(drvName) {
+ // VirtualBox fully allocates all requested memory on start, it doesn't dynamically allocate when needed like other drivers
+ // Because of this allow more system overhead to prevent out of memory issues
+ sysOverhead = 1536
+ }
+ mem := sysLimit - sysOverhead
+ // Hyper-V requires an even number of MB, so if odd remove one MB
+ if driver.IsHyperV(drvName) && mem%2 == 1 {
+ mem--
+ }
+ return mem
}
// This function validates if the --registry-mirror
@@ -1276,32 +1623,39 @@ func validateRegistryMirror() {
// args match the format of registry.cn-hangzhou.aliyuncs.com/google_containers
// also "[:]"
func validateImageRepository(imageRepo string) (validImageRepo string) {
+ expression := regexp.MustCompile(`^(?:(\w+)\:\/\/)?([-a-zA-Z0-9]{1,}(?:\.[-a-zA-Z0-9]{1,}){0,})(?:\:(\d+))?(\/.*)?$`)
if strings.ToLower(imageRepo) == "auto" {
- validImageRepo = "auto"
+ imageRepo = "auto"
}
- URL, err := url.Parse(imageRepo)
- if err != nil {
- klog.Errorln("Error Parsing URL: ", err)
+ if !expression.MatchString(imageRepo) {
+ klog.Errorln("Provided repository is not a valid URL. Defaulting to \"auto\"")
+ imageRepo = "auto"
}
var imageRepoPort string
+ groups := expression.FindStringSubmatch(imageRepo)
- if URL.Port() != "" && strings.Contains(imageRepo, ":"+URL.Port()) {
- imageRepoPort = ":" + URL.Port()
+ scheme := groups[1]
+ hostname := groups[2]
+ port := groups[3]
+ path := groups[4]
+
+ if port != "" && strings.Contains(imageRepo, ":"+port) {
+ imageRepoPort = ":" + port
}
// tips when imageRepo ended with a trailing /.
if strings.HasSuffix(imageRepo, "/") {
- out.Infof("The --image-repository flag your provided ended with a trailing / that could cause conflict in kuberentes, removed automatically")
+ out.Infof("The --image-repository flag your provided ended with a trailing / that could cause conflict in kubernetes, removed automatically")
}
// tips when imageRepo started with scheme such as http(s).
- if URL.Scheme != "" {
- out.Infof("The --image-repository flag your provided contains Scheme: {{.scheme}}, which will be removed automatically", out.V{"scheme": URL.Scheme})
+ if scheme != "" {
+ out.Infof("The --image-repository flag you provided contains Scheme: {{.scheme}}, which will be removed automatically", out.V{"scheme": scheme})
}
- validImageRepo = URL.Hostname() + imageRepoPort + strings.TrimSuffix(URL.Path, "/")
+ validImageRepo = hostname + imageRepoPort + strings.TrimSuffix(path, "/")
return validImageRepo
}
@@ -1351,36 +1705,46 @@ func validateInsecureRegistry() {
}
}
-func createNode(cc config.ClusterConfig, kubeNodeName string, existing *config.ClusterConfig) (config.ClusterConfig, config.Node, error) {
- // Create the initial node, which will necessarily be a control plane
- if existing != nil {
- cp, err := config.PrimaryControlPlane(existing)
- cp.KubernetesVersion = getKubernetesVersion(&cc)
- if err != nil {
- return cc, config.Node{}, err
- }
+// configureNodes creates primary control-plane node config on first cluster start or updates existing cluster nodes configs on restart.
+// It will return updated cluster config and primary control-plane node or any error occurred.
+func configureNodes(cc config.ClusterConfig, existing *config.ClusterConfig) (config.ClusterConfig, config.Node, error) {
+ kv, err := getKubernetesVersion(&cc)
+ if err != nil {
+ return cc, config.Node{}, errors.Wrapf(err, "failed getting kubernetes version")
+ }
+ cr := getContainerRuntime(&cc)
- // Make sure that existing nodes honor if KubernetesVersion gets specified on restart
- // KubernetesVersion is the only attribute that the user can override in the Node object
- nodes := []config.Node{}
- for _, n := range existing.Nodes {
- n.KubernetesVersion = getKubernetesVersion(&cc)
- nodes = append(nodes, n)
+ // create the initial node, which will necessarily be primary control-plane node
+ if existing == nil {
+ pcp := config.Node{
+ Port: cc.APIServerPort,
+ KubernetesVersion: kv,
+ ContainerRuntime: cr,
+ ControlPlane: true,
+ Worker: true,
}
- cc.Nodes = nodes
+ cc.Nodes = []config.Node{pcp}
+ return cc, pcp, nil
+ }
- return cc, cp, nil
+ // Make sure that existing nodes honor if KubernetesVersion gets specified on restart
+ // KubernetesVersion is the only attribute that the user can override in the Node object
+ nodes := []config.Node{}
+ for _, n := range existing.Nodes {
+ n.KubernetesVersion = kv
+ n.ContainerRuntime = cr
+ nodes = append(nodes, n)
}
+ cc.Nodes = nodes
- cp := config.Node{
- Port: cc.KubernetesConfig.NodePort,
- KubernetesVersion: getKubernetesVersion(&cc),
- Name: kubeNodeName,
- ControlPlane: true,
- Worker: true,
+ pcp, err := config.ControlPlane(*existing)
+ if err != nil {
+ return cc, config.Node{}, errors.Wrapf(err, "failed getting control-plane node")
}
- cc.Nodes = []config.Node{cp}
- return cc, cp, nil
+ pcp.KubernetesVersion = kv
+ pcp.ContainerRuntime = cr
+
+ return cc, pcp, nil
}
// autoSetDriverOptions sets the options needed for specific driver automatically.
@@ -1421,19 +1785,59 @@ func autoSetDriverOptions(cmd *cobra.Command, drvName string) (err error) {
// validateKubernetesVersion ensures that the requested version is reasonable
func validateKubernetesVersion(old *config.ClusterConfig) {
- nvs, _ := semver.Make(strings.TrimPrefix(getKubernetesVersion(old), version.VersionPrefix))
-
- oldestVersion, err := semver.Make(strings.TrimPrefix(constants.OldestKubernetesVersion, version.VersionPrefix))
- if err != nil {
- exit.Message(reason.InternalSemverParse, "Unable to parse oldest Kubernetes version from constants: {{.error}}", out.V{"error": err})
- }
- defaultVersion, err := semver.Make(strings.TrimPrefix(constants.DefaultKubernetesVersion, version.VersionPrefix))
+ paramVersion := viper.GetString(kubernetesVersion)
+ paramVersion = strings.TrimPrefix(strings.ToLower(paramVersion), version.VersionPrefix)
+ kubernetesVer, err := getKubernetesVersion(old)
if err != nil {
- exit.Message(reason.InternalSemverParse, "Unable to parse default Kubernetes version from constants: {{.error}}", out.V{"error": err})
+ if errors.Is(err, ErrKubernetesPatchNotFound) {
+ exit.Message(reason.PatchNotFound, "Unable to detect the latest patch release for specified major.minor version v{{.majorminor}}",
+ out.V{"majorminor": paramVersion})
+ }
+ exit.Message(reason.Usage, `Unable to parse "{{.kubernetes_version}}": {{.error}}`, out.V{"kubernetes_version": paramVersion, "error": err})
+
}
+ nvs, _ := semver.Make(strings.TrimPrefix(kubernetesVer, version.VersionPrefix))
+ oldestVersion := semver.MustParse(strings.TrimPrefix(constants.OldestKubernetesVersion, version.VersionPrefix))
+ defaultVersion := semver.MustParse(strings.TrimPrefix(constants.DefaultKubernetesVersion, version.VersionPrefix))
+ newestVersion := semver.MustParse(strings.TrimPrefix(constants.NewestKubernetesVersion, version.VersionPrefix))
+ zeroVersion := semver.MustParse(strings.TrimPrefix(constants.NoKubernetesVersion, version.VersionPrefix))
+
+ if isTwoDigitSemver(paramVersion) && getLatestPatch(paramVersion) != "" {
+ out.Styled(style.Workaround, `Using Kubernetes {{.version}} since patch version was unspecified`, out.V{"version": nvs})
+ }
+ if nvs.Equals(zeroVersion) {
+ klog.Infof("No Kubernetes version set for minikube, setting Kubernetes version to %s", constants.NoKubernetesVersion)
+ return
+ }
+ if nvs.Major > newestVersion.Major {
+ out.WarningT("Specified Major version of Kubernetes {{.specifiedMajor}} is newer than the newest supported Major version: {{.newestMajor}}", out.V{"specifiedMajor": nvs.Major, "newestMajor": newestVersion.Major})
+ if !viper.GetBool(force) {
+ out.WarningT("You can force an unsupported Kubernetes version via the --force flag")
+ }
+ exitIfNotForced(reason.KubernetesTooNew, "Kubernetes {{.version}} is not supported by this release of minikube", out.V{"version": nvs})
+ }
+ if nvs.GT(newestVersion) {
+ out.WarningT("Specified Kubernetes version {{.specified}} is newer than the newest supported version: {{.newest}}. Use `minikube config defaults kubernetes-version` for details.", out.V{"specified": nvs, "newest": constants.NewestKubernetesVersion})
+ if slices.Contains(constants.ValidKubernetesVersions, kubernetesVer) {
+ out.Styled(style.Check, "Kubernetes version {{.specified}} found in version list", out.V{"specified": nvs})
+ } else {
+ out.WarningT("Specified Kubernetes version {{.specified}} not found in Kubernetes version list", out.V{"specified": nvs})
+ out.Styled(style.Verifying, "Searching the internet for Kubernetes version...")
+ found, err := cmdcfg.IsInGitHubKubernetesVersions(kubernetesVer)
+ if err != nil && !viper.GetBool(force) {
+ exit.Error(reason.KubernetesNotConnect, "error fetching Kubernetes version list from GitHub", err)
+ }
+ if found {
+ out.Styled(style.Check, "Kubernetes version {{.specified}} found in GitHub version list", out.V{"specified": nvs})
+ } else if !viper.GetBool(force) {
+ out.WarningT("Kubernetes version not found in GitHub version list. You can force a Kubernetes version via the --force flag")
+ exitIfNotForced(reason.KubernetesTooNew, "Kubernetes version {{.version}} is not supported by this release of minikube", out.V{"version": nvs})
+ }
+ }
+ }
if nvs.LT(oldestVersion) {
- out.WarningT("Specified Kubernetes version {{.specified}} is less than the oldest supported version: {{.oldest}}", out.V{"specified": nvs, "oldest": constants.OldestKubernetesVersion})
+ out.WarningT("Specified Kubernetes version {{.specified}} is less than the oldest supported version: {{.oldest}}. Use `minikube config defaults kubernetes-version` for details.", out.V{"specified": nvs, "oldest": constants.OldestKubernetesVersion})
if !viper.GetBool(force) {
out.WarningT("You can force an unsupported Kubernetes version via the --force flag")
}
@@ -1473,11 +1877,37 @@ func validateKubernetesVersion(old *config.ClusterConfig) {
}
}
+// validateContainerRuntime ensures that the container runtime is reasonable
+func validateContainerRuntime(old *config.ClusterConfig) {
+ if old == nil || old.KubernetesConfig.ContainerRuntime == "" {
+ return
+ }
+
+ if err := validateRuntime(old.KubernetesConfig.ContainerRuntime); err != nil {
+ klog.Errorf("Error parsing old runtime %q: %v", old.KubernetesConfig.ContainerRuntime, err)
+ }
+}
+
func isBaseImageApplicable(drv string) bool {
return registry.IsKIC(drv)
}
-func getKubernetesVersion(old *config.ClusterConfig) string {
+func getKubernetesVersion(old *config.ClusterConfig) (string, error) {
+ if viper.GetBool(noKubernetes) {
+ // Exit if --kubernetes-version is specified.
+ if viper.GetString(kubernetesVersion) != "" {
+ exit.Message(reason.Usage, `cannot specify --kubernetes-version with --no-kubernetes,
+to unset a global config run:
+
+$ minikube config unset kubernetes-version`)
+ }
+
+ klog.Infof("No Kubernetes flag is set, setting Kubernetes version to %s", constants.NoKubernetesVersion)
+ if old != nil {
+ old.KubernetesConfig.KubernetesVersion = constants.NoKubernetesVersion
+ }
+ }
+
paramVersion := viper.GetString(kubernetesVersion)
// try to load the old version first if the user didn't specify anything
@@ -1487,16 +1917,24 @@ func getKubernetesVersion(old *config.ClusterConfig) string {
if paramVersion == "" || strings.EqualFold(paramVersion, "stable") {
paramVersion = constants.DefaultKubernetesVersion
- } else if strings.EqualFold(paramVersion, "latest") {
+ } else if strings.EqualFold(strings.ToLower(paramVersion), "latest") || strings.EqualFold(strings.ToLower(paramVersion), "newest") {
paramVersion = constants.NewestKubernetesVersion
}
- nvs, err := semver.Make(strings.TrimPrefix(paramVersion, version.VersionPrefix))
+ kubernetesSemver := strings.TrimPrefix(strings.ToLower(paramVersion), version.VersionPrefix)
+ if isTwoDigitSemver(kubernetesSemver) {
+ potentialPatch := getLatestPatch(kubernetesSemver)
+ if potentialPatch == "" {
+ return "", ErrKubernetesPatchNotFound
+ }
+ kubernetesSemver = potentialPatch
+ }
+ nvs, err := semver.Make(kubernetesSemver)
if err != nil {
exit.Message(reason.Usage, `Unable to parse "{{.kubernetes_version}}": {{.error}}`, out.V{"kubernetes_version": paramVersion, "error": err})
}
- return version.VersionPrefix + nvs.String()
+ return version.VersionPrefix + nvs.String(), nil
}
// validateDockerStorageDriver checks that docker is using overlay2
@@ -1514,13 +1952,95 @@ func validateDockerStorageDriver(drvName string) {
viper.Set(preload, false)
return
}
- if si.StorageDriver == "overlay2" {
+ if si.StorageDriver == "overlay2" || si.StorageDriver == "overlayfs" {
return
}
- out.WarningT("{{.Driver}} is currently using the {{.StorageDriver}} storage driver, consider switching to overlay2 for better performance", out.V{"StorageDriver": si.StorageDriver, "Driver": drvName})
+ out.WarningT("{{.Driver}} is currently using the {{.StorageDriver}} storage driver, setting preload=false", out.V{"StorageDriver": si.StorageDriver, "Driver": drvName})
viper.Set(preload, false)
}
+// validateSubnet checks that the subnet provided has a private IP
+// and does not have a mask of more that /30
+func validateSubnet(subnet string) error {
+ ip, cidr, err := netutil.ParseAddr(subnet)
+ if err != nil {
+ return errors.Errorf("Sorry, unable to parse subnet: %v", err)
+ }
+ if !ip.IsPrivate() {
+ return errors.Errorf("Sorry, the subnet %s is not a private IP", ip)
+ }
+
+ if cidr != nil {
+ mask, _ := cidr.Mask.Size()
+ if mask > 30 {
+ return errors.Errorf("Sorry, the subnet provided does not have a mask less than or equal to /30")
+ }
+ }
+ return nil
+}
+
+func validateStaticIP(staticIP, drvName, subnet string) error {
+ if !driver.IsKIC(drvName) {
+ if staticIP != "" {
+ out.WarningT("--static-ip is only implemented on Docker and Podman drivers, flag will be ignored")
+ }
+ return nil
+ }
+ if subnet != "" {
+ out.WarningT("--static-ip overrides --subnet, --subnet will be ignored")
+ }
+ ip := net.ParseIP(staticIP)
+ if !ip.IsPrivate() {
+ return fmt.Errorf("static IP must be private")
+ }
+ if ip.To4() == nil {
+ return fmt.Errorf("static IP must be IPv4")
+ }
+ lastOctet, _ := strconv.Atoi(strings.Split(ip.String(), ".")[3])
+ if lastOctet < 2 || lastOctet > 254 {
+ return fmt.Errorf("static IPs last octet must be between 2 and 254 (X.X.X.2 - X.X.X.254), for example 192.168.200.200")
+ }
+ return nil
+}
+
+func validateBareMetal(drvName string) {
+ if !driver.BareMetal(drvName) {
+ return
+ }
+
+ if viper.GetInt(nodes) > 1 || viper.GetBool(ha) {
+ exit.Message(reason.DrvUnsupportedMulti, "The none driver is not compatible with multi-node clusters.")
+ }
+
+ if ClusterFlagValue() != constants.DefaultClusterName {
+ exit.Message(reason.DrvUnsupportedProfile, "The '{{.name}} driver does not support multiple profiles: https://minikube.sigs.k8s.io/docs/reference/drivers/none/", out.V{"name": drvName})
+ }
+
+ // default container runtime varies, starting with Kubernetes 1.24 - assume that only the default container runtime has been tested
+ rtime := viper.GetString(containerRuntime)
+ if rtime != constants.DefaultContainerRuntime && rtime != defaultRuntime() {
+ out.WarningT("Using the '{{.runtime}}' runtime with the 'none' driver is an untested configuration!", out.V{"runtime": rtime})
+ }
+
+ // conntrack is required starting with Kubernetes 1.18, include the release candidates for completion
+ kubeVer, err := getKubernetesVersion(nil)
+ if err != nil {
+ klog.Warningf("failed getting Kubernetes version: %v", err)
+ }
+ ver, _ := util.ParseKubernetesVersion(kubeVer)
+ if ver.GTE(semver.MustParse("1.18.0-beta.1")) {
+ if _, err := exec.LookPath("conntrack"); err != nil {
+ exit.Message(reason.GuestMissingConntrack, "Sorry, Kubernetes {{.k8sVersion}} requires conntrack to be installed in root's path", out.V{"k8sVersion": ver.String()})
+ }
+ }
+ // crictl is required starting with Kubernetes 1.24, for all runtimes since the removal of dockershim
+ if ver.GTE(semver.MustParse("1.24.0-alpha.0")) {
+ if _, err := exec.LookPath("crictl"); err != nil {
+ exit.Message(reason.GuestMissingConntrack, "Sorry, Kubernetes {{.k8sVersion}} requires crictl to be installed in root's path", out.V{"k8sVersion": ver.String()})
+ }
+ }
+}
+
func exitIfNotForced(r reason.Kind, message string, v ...out.V) {
if !viper.GetBool(force) {
exit.Message(r, message, v...)
@@ -1537,3 +2057,51 @@ func exitGuestProvision(err error) {
}
exit.Error(reason.GuestProvision, "error provisioning guest", err)
}
+
+// Example input = 1.26 => output = "1.26.5"
+// Example input = 1.26.5 => output = "1.26.5"
+// Example input = 1.26.999 => output = ""
+func getLatestPatch(majorMinorVer string) string {
+ for _, k := range constants.ValidKubernetesVersions {
+ if strings.HasPrefix(k, fmt.Sprintf("v%s.", majorMinorVer)) {
+ return strings.TrimPrefix(k, version.VersionPrefix)
+ }
+
+ }
+ return ""
+}
+
+func isTwoDigitSemver(ver string) bool {
+ majorMinorOnly := regexp.MustCompile(`^(?P0|[1-9]\d*)\.(?P0|[1-9]\d*)$`)
+ return majorMinorOnly.MatchString(ver)
+}
+
+func startNerdctld(options *run.CommandOptions) {
+ // for containerd runtime using ssh, we have installed nerdctld and nerdctl into kicbase
+ // These things will be included in the ISO/Base image in the future versions
+
+ // copy these binaries to the path of the containerd node
+ co := mustload.Running(ClusterFlagValue(), options)
+ runner := co.CP.Runner
+
+ // and set 777 to these files
+ if rest, err := runner.RunCmd(exec.Command("sudo", "chmod", "777", "/usr/local/bin/nerdctl", "/usr/local/bin/nerdctld")); err != nil {
+ exit.Error(reason.StartNerdctld, fmt.Sprintf("Failed setting permission for nerdctl: %s", rest.Output()), err)
+ }
+
+ // sudo systemctl start nerdctld.socket
+ if rest, err := runner.RunCmd(exec.Command("sudo", "systemctl", "start", "nerdctld.socket")); err != nil {
+ exit.Error(reason.StartNerdctld, fmt.Sprintf("Failed to enable nerdctld.socket: %s", rest.Output()), err)
+ }
+ // sudo systemctl start nerdctld.service
+ if rest, err := runner.RunCmd(exec.Command("sudo", "systemctl", "start", "nerdctld.service")); err != nil {
+ exit.Error(reason.StartNerdctld, fmt.Sprintf("Failed to enable nerdctld.service: %s", rest.Output()), err)
+ }
+
+ // set up environment variable on remote machine. docker client uses 'non-login & non-interactive shell' therefore the only way is to modify .bashrc file of user 'docker'
+ // insert this at 4th line
+ envSetupCommand := exec.Command("/bin/bash", "-c", "sed -i '4i export DOCKER_HOST=unix:///run/nerdctld.sock' .bashrc")
+ if rest, err := runner.RunCmd(envSetupCommand); err != nil {
+ exit.Error(reason.StartNerdctld, fmt.Sprintf("Failed to set up DOCKER_HOST: %s", rest.Output()), err)
+ }
+}
diff --git a/cmd/minikube/cmd/start_flags.go b/cmd/minikube/cmd/start_flags.go
index bfc39bda3a1f..b2ac8e8c3305 100644
--- a/cmd/minikube/cmd/start_flags.go
+++ b/cmd/minikube/cmd/start_flags.go
@@ -18,15 +18,18 @@ package cmd
import (
"fmt"
+ "runtime"
"strings"
"time"
"github.com/blang/semver/v4"
"github.com/pkg/errors"
- "github.com/shirou/gopsutil/v3/cpu"
+ "github.com/shirou/gopsutil/v4/cpu"
"github.com/spf13/cobra"
"github.com/spf13/viper"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
+ "k8s.io/minikube/pkg/drivers/common/vmnet"
"k8s.io/minikube/pkg/drivers/kic"
"k8s.io/minikube/pkg/drivers/kic/oci"
"k8s.io/minikube/pkg/minikube/bootstrapper/bsutil"
@@ -35,12 +38,14 @@ import (
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/constants"
"k8s.io/minikube/pkg/minikube/cruntime"
+ "k8s.io/minikube/pkg/minikube/detect"
"k8s.io/minikube/pkg/minikube/download"
"k8s.io/minikube/pkg/minikube/driver"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/proxy"
"k8s.io/minikube/pkg/minikube/reason"
+ "k8s.io/minikube/pkg/minikube/run"
"k8s.io/minikube/pkg/minikube/style"
pkgutil "k8s.io/minikube/pkg/util"
"k8s.io/minikube/pkg/version"
@@ -54,11 +59,12 @@ const (
nfsSharesRoot = "nfs-shares-root"
nfsShare = "nfs-share"
kubernetesVersion = "kubernetes-version"
+ noKubernetes = "no-kubernetes"
hostOnlyCIDR = "host-only-cidr"
containerRuntime = "container-runtime"
criSocket = "cri-socket"
- networkPlugin = "network-plugin"
- enableDefaultCNI = "enable-default-cni"
+ networkPlugin = "network-plugin" // deprecated, use --cni instead
+ enableDefaultCNI = "enable-default-cni" // deprecated, use --cni=bridge instead
cniFlag = "cni"
hypervVirtualSwitch = "hyperv-virtual-switch"
hypervUseExternalSwitch = "hyperv-use-external-switch"
@@ -81,6 +87,14 @@ const (
imageRepository = "image-repository"
imageMirrorCountry = "image-mirror-country"
mountString = "mount-string"
+ mount9PVersion = "mount-9p-version"
+ mountGID = "mount-gid"
+ mountIPFlag = "mount-ip"
+ mountMSize = "mount-msize"
+ mountOptions = "mount-options"
+ mountPortFlag = "mount-port"
+ mountTypeFlag = "mount-type"
+ mountUID = "mount-uid"
disableDriverMounts = "disable-driver-mounts"
cacheImages = "cache-images"
uuid = "uuid"
@@ -88,13 +102,11 @@ const (
vsockPorts = "hyperkit-vsock-ports"
embedCerts = "embed-certs"
noVTXCheck = "no-vtx-check"
- downloadOnly = "download-only"
dnsProxy = "dns-proxy"
hostDNSResolver = "host-dns-resolver"
waitComponents = "wait"
force = "force"
dryRun = "dry-run"
- interactive = "interactive"
waitTimeout = "wait-timeout"
nativeSSH = "native-ssh"
minUsableMem = 1800 // Kubernetes (kubeadm) will not start with less
@@ -104,6 +116,7 @@ const (
autoUpdate = "auto-update-drivers"
hostOnlyNicType = "host-only-nic-type"
natNicType = "nat-nic-type"
+ ha = "ha"
nodes = "nodes"
preload = "preload"
deleteOnFailure = "delete-on-failure"
@@ -111,6 +124,7 @@ const (
kicBaseImage = "base-image"
ports = "ports"
network = "network"
+ subnet = "subnet"
startNamespace = "namespace"
trace = "trace"
sshIPAddress = "ssh-ip-address"
@@ -121,6 +135,18 @@ const (
defaultSSHPort = 22
listenAddress = "listen-address"
extraDisks = "extra-disks"
+ certExpiration = "cert-expiration"
+ binaryMirror = "binary-mirror"
+ disableOptimizations = "disable-optimizations"
+ disableMetrics = "disable-metrics"
+ disableCoreDNSLog = "disable-coredns-log"
+ qemuFirmwarePath = "qemu-firmware-path"
+ socketVMnetClientPath = "socket-vmnet-client-path"
+ socketVMnetPath = "socket-vmnet-path"
+ staticIP = "static-ip"
+ gpus = "gpus"
+ autoPauseInterval = "auto-pause-interval"
+ preloadSrc = "preload-source"
)
var (
@@ -135,24 +161,32 @@ func initMinikubeFlags() {
viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
viper.AutomaticEnv()
startCmd.Flags().Bool(force, false, "Force minikube to perform possibly dangerous operations")
- startCmd.Flags().Bool(interactive, true, "Allow user prompts for more information")
+ startCmd.Flags().Bool(flags.Interactive, true, "Allow user prompts for more information")
startCmd.Flags().Bool(dryRun, false, "dry-run mode. Validates configuration, but does not mutate system state")
- startCmd.Flags().String(cpus, "2", fmt.Sprintf("Number of CPUs allocated to Kubernetes. Use %q to use the maximum number of CPUs.", constants.MaxResources))
- startCmd.Flags().String(memory, "", fmt.Sprintf("Amount of RAM to allocate to Kubernetes (format: [], where unit = b, k, m or g). Use %q to use the maximum amount of memory.", constants.MaxResources))
+ startCmd.Flags().String(cpus, "2", fmt.Sprintf("Number of CPUs allocated to Kubernetes. Use %q to use the maximum number of CPUs. Use %q to not specify a limit (Docker/Podman only)", constants.MaxResources, constants.NoLimit))
+ startCmd.Flags().StringP(memory, "m", "", fmt.Sprintf("Amount of RAM to allocate to Kubernetes (format: [], where unit = b, k, m or g). Use %q to use the maximum amount of memory. Use %q to not specify a limit (Docker/Podman only)", constants.MaxResources, constants.NoLimit))
startCmd.Flags().String(humanReadableDiskSize, defaultDiskSize, "Disk size allocated to the minikube VM (format: [], where unit = b, k, m or g).")
- startCmd.Flags().Bool(downloadOnly, false, "If true, only download and cache files for later use - don't install or start anything.")
+ startCmd.Flags().Bool(flags.DownloadOnly, false, "If true, only download and cache files for later use - don't install or start anything.")
startCmd.Flags().Bool(cacheImages, true, "If true, cache docker images for the current bootstrapper and load them into the machine. Always false with --driver=none.")
startCmd.Flags().StringSlice(isoURL, download.DefaultISOURLs(), "Locations to fetch the minikube ISO from.")
startCmd.Flags().String(kicBaseImage, kic.BaseImage, "The base image to use for docker/podman drivers. Intended for local development.")
startCmd.Flags().Bool(keepContext, false, "This will keep the existing kubectl context and will create a minikube context.")
startCmd.Flags().Bool(embedCerts, false, "if true, will embed the certs in kubeconfig.")
- startCmd.Flags().String(containerRuntime, constants.DefaultContainerRuntime, fmt.Sprintf("The container runtime to be used (%s).", strings.Join(cruntime.ValidRuntimes(), ", ")))
- startCmd.Flags().Bool(createMount, false, "This will start the mount daemon and automatically mount files into minikube.")
- startCmd.Flags().String(mountString, constants.DefaultMountDir+":/minikube-host", "The argument to pass the minikube mount command on start.")
- startCmd.Flags().StringSlice(config.AddonListFlag, nil, "Enable addons. see `minikube addons list` for a list of valid addon names.")
+ startCmd.Flags().StringP(containerRuntime, "c", constants.DefaultContainerRuntime, fmt.Sprintf("The container runtime to be used. Valid options: %s (default: auto)", strings.Join(cruntime.ValidRuntimes(), ", ")))
+ startCmd.Flags().Bool(createMount, false, "Kept for backward compatibility, value is ignored.")
+ startCmd.Flags().String(mountString, "", "Directory to mount in the guest using format '/host-path:/guest-path'.")
+ startCmd.Flags().String(mount9PVersion, defaultMount9PVersion, mount9PVersionDescription)
+ startCmd.Flags().String(mountGID, defaultMountGID, mountGIDDescription)
+ startCmd.Flags().String(mountIPFlag, defaultMountIP, mountIPDescription)
+ startCmd.Flags().Int(mountMSize, defaultMountMSize, mountMSizeDescription)
+ startCmd.Flags().StringSlice(mountOptions, defaultMountOptions(), mountOptionsDescription)
+ startCmd.Flags().Uint16(mountPortFlag, defaultMountPort, mountPortDescription)
+ startCmd.Flags().String(mountTypeFlag, defaultMountType, mountTypeDescription)
+ startCmd.Flags().String(mountUID, defaultMountUID, mountUIDDescription)
+ startCmd.Flags().StringSlice(config.AddonListFlag, nil, "Enable one or more addons, in a comma-separated format. See `minikube addons list` for a list of valid addon names.")
startCmd.Flags().String(criSocket, "", "The cri socket path to be used.")
- startCmd.Flags().String(networkPlugin, "", "Kubelet network plug-in to use (default: auto)")
+ startCmd.Flags().String(networkPlugin, "", "DEPRECATED: Replaced by --cni")
startCmd.Flags().Bool(enableDefaultCNI, false, "DEPRECATED: Replaced by --cni=bridge")
startCmd.Flags().String(cniFlag, "", "CNI plug-in to use. Valid options: auto, bridge, calico, cilium, flannel, kindnet, or path to a CNI manifest (default: auto)")
startCmd.Flags().StringSlice(waitComponents, kverify.DefaultWaitList, fmt.Sprintf("comma separated list of Kubernetes components to verify and wait for after starting a cluster. defaults to %q, available options: %q . other acceptable values are 'all' or 'none', 'true' and 'false'", strings.Join(kverify.DefaultWaitList, ","), strings.Join(kverify.AllComponentsList, ",")))
@@ -160,14 +194,25 @@ func initMinikubeFlags() {
startCmd.Flags().Bool(nativeSSH, true, "Use native Golang SSH client (default true). Set to 'false' to use the command line 'ssh' command when accessing the docker machine. Useful for the machine drivers when they will not start with 'Waiting for SSH'.")
startCmd.Flags().Bool(autoUpdate, true, "If set, automatically updates drivers to the latest version. Defaults to true.")
startCmd.Flags().Bool(installAddons, true, "If set, install addons. Defaults to true.")
- startCmd.Flags().IntP(nodes, "n", 1, "The number of nodes to spin up. Defaults to 1.")
+ startCmd.Flags().Bool(ha, false, "Create Highly Available Multi-Control Plane Cluster with a minimum of three control-plane nodes that will also be marked for work.")
+ startCmd.Flags().IntP(nodes, "n", 1, "The total number of nodes to spin up. Defaults to 1.")
startCmd.Flags().Bool(preload, true, "If set, download tarball of preloaded images if available to improve start time. Defaults to true.")
+ startCmd.Flags().Bool(noKubernetes, false, "If set, minikube VM/container will start without starting or configuring Kubernetes. (only works on new clusters)")
startCmd.Flags().Bool(deleteOnFailure, false, "If set, delete the current cluster if start fails and try again. Defaults to false.")
startCmd.Flags().Bool(forceSystemd, false, "If set, force the container runtime to use systemd as cgroup manager. Defaults to false.")
- startCmd.Flags().StringP(network, "", "", "network to run minikube with. Now it is used by docker/podman and KVM drivers. If left empty, minikube will create a new network.")
+ startCmd.Flags().String(network, "", "network to run minikube with. Used by docker/podman, qemu, kvm, and vfkit drivers. If left empty, minikube will create a new network.")
startCmd.Flags().StringVarP(&outputFormat, "output", "o", "text", "Format to print stdout in. Options include: [text,json]")
- startCmd.Flags().StringP(trace, "", "", "Send trace events. Options include: [gcp]")
- startCmd.Flags().Int(extraDisks, 0, "Number of extra disks created and attached to the minikube VM (currently only implemented for hyperkit driver)")
+ startCmd.Flags().String(trace, "", "Send trace events. Options include: [gcp]")
+ startCmd.Flags().Int(extraDisks, 0, "Number of extra disks created and attached to the minikube VM (currently only implemented for hyperkit, kvm2, qemu2, vfkit, and krunkit drivers)")
+ startCmd.Flags().Duration(certExpiration, constants.DefaultCertExpiration, "Duration until minikube certificate expiration, defaults to three years (26280h).")
+ startCmd.Flags().String(binaryMirror, "", "Location to fetch kubectl, kubelet, & kubeadm binaries from.")
+ startCmd.Flags().Bool(disableOptimizations, false, "If set, disables optimizations that are set for local Kubernetes. Including decreasing CoreDNS replicas from 2 to 1. Defaults to false.")
+ startCmd.Flags().Bool(disableMetrics, false, "If set, disables metrics reporting (CPU and memory usage), this can improve CPU usage. Defaults to false.")
+ startCmd.Flags().Bool(disableCoreDNSLog, false, "If set, disable CoreDNS verbose logging. Defaults to false.")
+ startCmd.Flags().String(staticIP, "", "Set a static IP for the minikube cluster, the IP must be: private, IPv4, and the last octet must be between 2 and 254, for example 192.168.200.200 (Docker and Podman drivers only)")
+ startCmd.Flags().StringP(gpus, "g", "", "Allow pods to use your GPUs. Options include: [all,nvidia,amd] (Docker driver with Docker container-runtime only)")
+ startCmd.Flags().Duration(autoPauseInterval, time.Minute*1, "Duration of inactivity before the minikube VM is paused (default 1m0s)")
+ startCmd.Flags().String(preloadSrc, "auto", "Which source to download the preload from (valid options: gcs, github, auto). Defaults to auto (try both).")
}
// initKubernetesFlags inits the commandline flags for Kubernetes related options
@@ -189,8 +234,22 @@ func initKubernetesFlags() {
// initDriverFlags inits the commandline flags for vm drivers
func initDriverFlags() {
- startCmd.Flags().String("driver", "", fmt.Sprintf("Driver is one of: %v (defaults to auto-detect)", driver.DisplaySupportedDrivers()))
+ startCmd.Flags().StringP("driver", "d", "", fmt.Sprintf("Driver is one of: %v (defaults to auto-detect)", driver.DisplaySupportedDrivers()))
startCmd.Flags().String("vm-driver", "", "DEPRECATED, use `driver` instead.")
+ // Hide the deprecated vm-driver flag from help text
+ if err := startCmd.Flags().MarkHidden("vm-driver"); err != nil {
+ klog.Warningf("Failed to hide vm-driver flag: %v\n", err)
+ }
+ // Hide the deprecated flag from help text so new users dont use it (still will be processed)
+ if err := startCmd.Flags().MarkHidden(enableDefaultCNI); err != nil {
+ klog.Warningf("Failed to hide %s flag: %v\n", enableDefaultCNI, err)
+ }
+
+ // Hide the deprecated flag from help text so new users dont use it (still will be processed)
+ if err := startCmd.Flags().MarkHidden(networkPlugin); err != nil {
+ klog.Warningf("Failed to hide %s flag: %v\n", networkPlugin, err)
+ }
+
startCmd.Flags().Bool(disableDriverMounts, false, "Disables the filesystem mounts provided by the hypervisors")
startCmd.Flags().Bool("vm", false, "Filter to use only VM Drivers")
@@ -202,7 +261,7 @@ func initDriverFlags() {
startCmd.Flags().Int(kvmNUMACount, 1, "Simulate numa node count in minikube, supported numa node count range is 1-8 (kvm2 driver only)")
// virtualbox
- startCmd.Flags().String(hostOnlyCIDR, "192.168.99.1/24", "The CIDR to be used for the minikube VM (virtualbox driver only)")
+ startCmd.Flags().String(hostOnlyCIDR, "192.168.59.1/24", "The CIDR to be used for the minikube VM (virtualbox driver only)")
startCmd.Flags().Bool(dnsProxy, false, "Enable proxy for NAT DNS requests (virtualbox driver only)")
startCmd.Flags().Bool(hostDNSResolver, true, "Enable host resolver for NAT DNS requests (virtualbox driver only)")
startCmd.Flags().Bool(noVTXCheck, false, "Disable checking for the availability of hardware virtualization before the vm is started (virtualbox driver only)")
@@ -224,6 +283,10 @@ func initDriverFlags() {
// docker & podman
startCmd.Flags().String(listenAddress, "", "IP Address to use to expose ports (docker and podman driver only)")
startCmd.Flags().StringSlice(ports, []string{}, "List of ports that should be exposed (docker and podman driver only)")
+ startCmd.Flags().String(subnet, "", "Subnet to be used on kic cluster. If left empty, minikube will choose subnet address, beginning from 192.168.49.0. (docker and podman driver only)")
+
+ // qemu
+ startCmd.Flags().String(qemuFirmwarePath, "", "Path to the qemu firmware file. Defaults: For Linux, the default firmware location. For macOS, the brew installation location. For Windows, C:\\Program Files\\qemu\\share")
}
// initNetworkingFlags inits the commandline flags for connectivity related flags for start
@@ -241,6 +304,10 @@ func initNetworkingFlags() {
startCmd.Flags().String(sshSSHUser, defaultSSHUser, "SSH user (ssh driver only)")
startCmd.Flags().String(sshSSHKey, "", "SSH key (ssh driver only)")
startCmd.Flags().Int(sshSSHPort, defaultSSHPort, "SSH port (ssh driver only)")
+
+ // socket vmnet
+ startCmd.Flags().String(socketVMnetClientPath, "", "Path to the socket vmnet client binary (QEMU driver only)")
+ startCmd.Flags().String(socketVMnetPath, "", "Path to socket vmnet binary (QEMU driver only)")
}
// ClusterFlagValue returns the current cluster name based on flags
@@ -249,19 +316,18 @@ func ClusterFlagValue() string {
}
// generateClusterConfig generate a config.ClusterConfig based on flags or existing cluster config
-func generateClusterConfig(cmd *cobra.Command, existing *config.ClusterConfig, k8sVersion string, drvName string) (config.ClusterConfig, config.Node, error) {
+func generateClusterConfig(cmd *cobra.Command, existing *config.ClusterConfig, k8sVersion string, rtime string, drvName string, options *run.CommandOptions) (config.ClusterConfig, config.Node, error) {
var cc config.ClusterConfig
if existing != nil {
cc = updateExistingConfigFromFlags(cmd, existing)
// identify appropriate cni then configure cruntime accordingly
- _, err := cni.New(&cc)
- if err != nil {
+ if _, err := cni.New(&cc); err != nil {
return cc, config.Node{}, errors.Wrap(err, "cni")
}
} else {
klog.Info("no existing cluster config was found, will generate one from the flags ")
- cc = generateNewConfigFromFlags(cmd, k8sVersion, drvName)
+ cc = generateNewConfigFromFlags(cmd, k8sVersion, rtime, drvName, options)
cnm, err := cni.New(&cc)
if err != nil {
@@ -274,8 +340,6 @@ func generateClusterConfig(cmd *cobra.Command, existing *config.ClusterConfig, k
}
}
- klog.Infof("config:\n%+v", cc)
-
r, err := cruntime.New(cruntime.Config{Type: cc.KubernetesConfig.ContainerRuntime})
if err != nil {
return cc, config.Node{}, errors.Wrap(err, "new runtime manager")
@@ -287,14 +351,16 @@ func generateClusterConfig(cmd *cobra.Command, existing *config.ClusterConfig, k
proxy.SetDockerEnv()
}
- var kubeNodeName string
- if driver.BareMetal(cc.Driver) {
- kubeNodeName = "m01"
- }
- return createNode(cc, kubeNodeName, existing)
+ return configureNodes(cc, existing)
}
func getCPUCount(drvName string) int {
+ if viper.GetString(cpus) == constants.NoLimit {
+ if driver.IsKIC(drvName) {
+ return 0
+ }
+ exit.Message(reason.Usage, "The '{{.name}}' driver does not support --cpus=no-limit", out.V{"name": drvName})
+ }
if viper.GetString(cpus) != constants.MaxResources {
return viper.GetInt(cpus)
}
@@ -328,9 +394,12 @@ func getMemorySize(cmd *cobra.Command, drvName string) int {
if cmd.Flags().Changed(memory) || viper.IsSet(memory) {
memString := viper.GetString(memory)
var err error
- if memString == constants.MaxResources {
- mem = noLimitMemory(sysLimit, containerLimit)
- } else {
+ switch {
+ case memString == constants.NoLimit && driver.IsKIC(drvName):
+ mem = 0
+ case memString == constants.MaxResources:
+ mem = noLimitMemory(sysLimit, containerLimit, drvName)
+ default:
mem, err = pkgutil.CalculateSizeInMB(memString)
if err != nil {
exit.Message(reason.Usage, "Generate unable to parse memory '{{.memory}}': {{.error}}", out.V{"memory": memString, "error": err})
@@ -356,6 +425,27 @@ func getDiskSize() int {
return diskSize
}
+func getExtraOptions() config.ExtraOptionSlice {
+ options := []string{}
+ if detect.IsCloudShell() {
+ options = append(options, "kubelet.cgroups-per-qos=false", "kubelet.enforce-node-allocatable=\"\"")
+ }
+ if viper.GetBool(disableMetrics) {
+ options = append(options, "kubelet.housekeeping-interval=5m")
+ }
+ for _, eo := range options {
+ if config.ExtraOptions.Exists(eo) {
+ klog.Infof("skipping extra-config %q.", eo)
+ continue
+ }
+ klog.Infof("setting extra-config: %s", eo)
+ if err := config.ExtraOptions.Set(eo); err != nil {
+ exit.Error(reason.InternalConfigSet, "failed to set extra option", err)
+ }
+ }
+ return config.ExtraOptions
+}
+
func getRepository(cmd *cobra.Command, k8sVersion string) string {
repository := viper.GetString(imageRepository)
mirrorCountry := strings.ToLower(viper.GetString(imageMirrorCountry))
@@ -376,6 +466,10 @@ func getRepository(cmd *cobra.Command, k8sVersion string) string {
repository = autoSelectedRepository
}
+ if repository == constants.AliyunMirror {
+ download.SetAliyunMirror()
+ }
+
if cmd.Flags().Changed(imageRepository) || cmd.Flags().Changed(imageMirrorCountry) {
out.Styled(style.Success, "Using image repository {{.name}}", out.V{"name": repository})
}
@@ -393,8 +487,72 @@ func getCNIConfig(cmd *cobra.Command) string {
return chosenCNI
}
+func getNetwork(driverName string, options *run.CommandOptions) string {
+ n := viper.GetString(network)
+ if driver.IsQEMU(driverName) {
+ return validateQemuNetwork(n)
+ } else if driver.IsVFKit(driverName) {
+ return validateVfkitNetwork(n, options)
+ }
+ return n
+}
+
+func validateQemuNetwork(n string) string {
+ switch n {
+ case "socket_vmnet":
+ if runtime.GOOS != "darwin" {
+ exit.Message(reason.Usage, "The socket_vmnet network is only supported on macOS")
+ }
+ if !detect.SocketVMNetInstalled() {
+ exit.Message(reason.NotFoundSocketVMNet, "\n\n")
+ }
+ case "":
+ if detect.SocketVMNetInstalled() {
+ n = "socket_vmnet"
+ } else {
+ n = "builtin"
+ }
+ out.Styled(style.Internet, "Automatically selected the {{.network}} network", out.V{"network": n})
+ case "user":
+ n = "builtin"
+ case "builtin":
+ default:
+ exit.Message(reason.Usage, "--network with QEMU must be 'builtin' or 'socket_vmnet'")
+ }
+ if n == "builtin" {
+ msg := "You are using the QEMU driver without a dedicated network, which doesn't support `minikube service` & `minikube tunnel` commands."
+ if runtime.GOOS == "darwin" {
+ msg += "\nTo try the dedicated network see: https://minikube.sigs.k8s.io/docs/drivers/qemu/#networking"
+ }
+ out.WarningT(msg)
+ }
+ return n
+}
+
+func validateVfkitNetwork(n string, options *run.CommandOptions) string {
+ if runtime.GOOS != "darwin" {
+ exit.Message(reason.Usage, "The vfkit driver is only supported on macOS")
+ }
+ switch n {
+ case "nat":
+ // always available
+ case "vmnet-shared":
+ // "vment-shared" provides access between machines, with lower performance compared to "nat".
+ if err := vmnet.ValidateHelper(options); err != nil {
+ vmnetErr := err.(*vmnet.Error)
+ exit.Message(vmnetErr.Kind, "failed to validate {{.network}} network: {{.reason}}", out.V{"network": n, "reason": err})
+ }
+ case "":
+ // Default to nat since it is always available and provides the best performance.
+ n = "nat"
+ default:
+ exit.Message(reason.Usage, "--network with vfkit must be 'nat' or 'vmnet-shared'")
+ }
+ return n
+}
+
// generateNewConfigFromFlags generate a config.ClusterConfig based on flags
-func generateNewConfigFromFlags(cmd *cobra.Command, k8sVersion string, drvName string) config.ClusterConfig {
+func generateNewConfigFromFlags(cmd *cobra.Command, k8sVersion string, rtime string, drvName string, options *run.CommandOptions) config.ClusterConfig {
var cc config.ClusterConfig
// networkPlugin cni deprecation warning
@@ -403,10 +561,12 @@ func generateNewConfigFromFlags(cmd *cobra.Command, k8sVersion string, drvName s
out.WarningT("With --network-plugin=cni, you will need to provide your own CNI. See --cni flag as a user-friendly alternative")
}
- if !(driver.IsKIC(drvName) || driver.IsKVM(drvName)) && viper.GetString(network) != "" {
- out.WarningT("--network flag is only valid with the docker/podman and KVM drivers, it will be ignored")
+ if viper.GetString(network) != "" && !driver.SupportsNetworkFlag(drvName) {
+ out.WarningT("--network flag is only valid with the docker/podman, qemu, kvm, and vfkit drivers, it will be ignored")
}
+ validateHANodeCount(cmd)
+
checkNumaCount(k8sVersion)
checkExtraDiskOptions(cmd, drvName)
@@ -417,7 +577,8 @@ func generateNewConfigFromFlags(cmd *cobra.Command, k8sVersion string, drvName s
EmbedCerts: viper.GetBool(embedCerts),
MinikubeISO: viper.GetString(isoURL),
KicBaseImage: viper.GetString(kicBaseImage),
- Network: viper.GetString(network),
+ Network: getNetwork(drvName, options),
+ Subnet: viper.GetString(subnet),
Memory: getMemorySize(cmd, drvName),
CPUs: getCPUCount(drvName),
DiskSize: getDiskSize(),
@@ -440,6 +601,7 @@ func generateNewConfigFromFlags(cmd *cobra.Command, k8sVersion string, drvName s
KVMGPU: viper.GetBool(kvmGPU),
KVMHidden: viper.GetBool(kvmHidden),
KVMNUMACount: viper.GetInt(kvmNUMACount),
+ APIServerPort: viper.GetInt(apiServerPort),
DisableDriverMounts: viper.GetBool(disableDriverMounts),
UUID: viper.GetString(uuid),
NoVTXCheck: viper.GetBool(noVTXCheck),
@@ -454,6 +616,24 @@ func generateNewConfigFromFlags(cmd *cobra.Command, k8sVersion string, drvName s
SSHKey: viper.GetString(sshSSHKey),
SSHPort: viper.GetInt(sshSSHPort),
ExtraDisks: viper.GetInt(extraDisks),
+ CertExpiration: viper.GetDuration(certExpiration),
+ MountString: viper.GetString(mountString),
+ Mount9PVersion: viper.GetString(mount9PVersion),
+ MountGID: viper.GetString(mountGID),
+ MountIP: viper.GetString(mountIPFlag),
+ MountMSize: viper.GetInt(mountMSize),
+ MountOptions: viper.GetStringSlice(mountOptions),
+ MountPort: uint16(viper.GetUint(mountPortFlag)),
+ MountType: viper.GetString(mountTypeFlag),
+ MountUID: viper.GetString(mountUID),
+ BinaryMirror: viper.GetString(binaryMirror),
+ DisableOptimizations: viper.GetBool(disableOptimizations),
+ DisableMetrics: viper.GetBool(disableMetrics),
+ DisableCoreDNSLog: viper.GetBool(disableCoreDNSLog),
+ CustomQemuFirmwarePath: viper.GetString(qemuFirmwarePath),
+ SocketVMnetClientPath: detect.SocketVMNetClientPath(),
+ SocketVMnetPath: detect.SocketVMNetPath(),
+ StaticIP: viper.GetString(staticIP),
KubernetesConfig: config.KubernetesConfig{
KubernetesVersion: k8sVersion,
ClusterName: ClusterFlagValue(),
@@ -463,26 +643,98 @@ func generateNewConfigFromFlags(cmd *cobra.Command, k8sVersion string, drvName s
APIServerIPs: apiServerIPs,
DNSDomain: viper.GetString(dnsDomain),
FeatureGates: viper.GetString(featureGates),
- ContainerRuntime: viper.GetString(containerRuntime),
+ ContainerRuntime: rtime,
CRISocket: viper.GetString(criSocket),
NetworkPlugin: chosenNetworkPlugin,
ServiceCIDR: viper.GetString(serviceCIDR),
ImageRepository: getRepository(cmd, k8sVersion),
- ExtraOptions: config.ExtraOptions,
+ ExtraOptions: getExtraOptions(),
ShouldLoadCachedImages: viper.GetBool(cacheImages),
CNI: getCNIConfig(cmd),
- NodePort: viper.GetInt(apiServerPort),
},
- MultiNodeRequested: viper.GetInt(nodes) > 1,
+ MultiNodeRequested: viper.GetInt(nodes) > 1 || viper.GetBool(ha),
+ GPUs: viper.GetString(gpus),
+ AutoPauseInterval: viper.GetDuration(autoPauseInterval),
}
cc.VerifyComponents = interpretWaitFlag(*cmd)
- if viper.GetBool(createMount) && driver.IsKIC(drvName) {
+
+ if viper.GetString(mountString) != "" && driver.IsKIC(drvName) {
cc.ContainerVolumeMounts = []string{viper.GetString(mountString)}
}
+ if driver.IsKIC(drvName) {
+ si, err := oci.CachedDaemonInfo(drvName)
+ if err != nil {
+ exit.Message(reason.Usage, "Ensure your {{.driver_name}} is running and is healthy.", out.V{"driver_name": driver.FullName(drvName)})
+ }
+ if si.Rootless {
+ out.Styled(style.Notice, "Using rootless {{.driver_name}} driver", out.V{"driver_name": driver.FullName(drvName)})
+ // KubeletInUserNamespace feature gate is essential for rootless driver.
+ // See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-in-userns/
+ cc.KubernetesConfig.FeatureGates = addFeatureGate(cc.KubernetesConfig.FeatureGates, "KubeletInUserNamespace=true")
+ } else {
+ if oci.IsRootlessForced() {
+ if driver.IsDocker(drvName) {
+ exit.Message(reason.Usage, "Using rootless Docker driver was required, but the current Docker does not seem rootless. Try 'docker context use rootless' .")
+ } else {
+ exit.Message(reason.Usage, "Using rootless driver was required, but the current driver does not seem rootless")
+ }
+ }
+ out.Styled(style.Notice, "Using {{.driver_name}} driver with root privileges", out.V{"driver_name": driver.FullName(drvName)})
+ }
+ // for btrfs: if k8s < v1.25.0-beta.0 set kubelet's LocalStorageCapacityIsolation feature gate flag to false,
+ // and if k8s >= v1.25.0-beta.0 (when it went ga and removed as feature gate), set kubelet's localStorageCapacityIsolation option (via kubeadm config) to false.
+ // ref: https://github.com/kubernetes/minikube/issues/14728#issue-1327885840
+ if si.StorageDriver == "btrfs" {
+ if semver.MustParse(strings.TrimPrefix(k8sVersion, version.VersionPrefix)).LT(semver.MustParse("1.25.0-beta.0")) {
+ klog.Info("auto-setting LocalStorageCapacityIsolation to false because using btrfs storage driver")
+ cc.KubernetesConfig.FeatureGates = addFeatureGate(cc.KubernetesConfig.FeatureGates, "LocalStorageCapacityIsolation=false")
+ } else if !cc.KubernetesConfig.ExtraOptions.Exists("kubelet.localStorageCapacityIsolation=false") {
+ if err := cc.KubernetesConfig.ExtraOptions.Set("kubelet.localStorageCapacityIsolation=false"); err != nil {
+ exit.Error(reason.InternalConfigSet, "failed to set extra option", err)
+ }
+ }
+ }
+ if runtime.GOOS == "linux" && si.DockerOS == "Docker Desktop" {
+ out.WarningT("For an improved experience it's recommended to use Docker Engine instead of Docker Desktop.\nDocker Engine installation instructions: https://docs.docker.com/engine/install/#server")
+ }
+ }
+
return cc
}
+func addFeatureGate(featureGates, s string) string {
+ if len(featureGates) == 0 {
+ return s
+ }
+ split := strings.Split(featureGates, ",")
+ m := make(map[string]struct{}, len(split))
+ for _, v := range split {
+ m[v] = struct{}{}
+ }
+ if _, ok := m[s]; !ok {
+ split = append(split, s)
+ }
+ return strings.Join(split, ",")
+}
+
+// validateHANodeCount ensures correct total number of nodes in ha (multi-control plane) cluster.
+func validateHANodeCount(cmd *cobra.Command) {
+ if !viper.GetBool(ha) {
+ return
+ }
+
+ // set total number of nodes in ha (multi-control plane) cluster to 3, if not otherwise defined by user
+ if !cmd.Flags().Changed(nodes) {
+ viper.Set(nodes, 3)
+ }
+
+ // respect user preference, if correct
+ if cmd.Flags().Changed(nodes) && viper.GetInt(nodes) < 3 {
+ exit.Message(reason.Usage, "HA (multi-control plane) clusters require 3 or more control-plane nodes")
+ }
+}
+
func checkNumaCount(k8sVersion string) {
if viper.GetInt(kvmNUMACount) < 1 || viper.GetInt(kvmNUMACount) > 8 {
exit.Message(reason.Usage, "--kvm-numa-count range is 1-8")
@@ -505,11 +757,6 @@ func upgradeExistingConfig(cmd *cobra.Command, cc *config.ClusterConfig) {
return
}
- if cc.VMDriver != "" && cc.Driver == "" {
- klog.Infof("config upgrade: Driver=%s", cc.VMDriver)
- cc.Driver = cc.VMDriver
- }
-
if cc.Name == "" {
klog.Infof("config upgrade: Name=%s", ClusterFlagValue())
cc.Name = ClusterFlagValue()
@@ -521,35 +768,43 @@ func upgradeExistingConfig(cmd *cobra.Command, cc *config.ClusterConfig) {
klog.Infof("config upgrade: KicBaseImage=%s", cc.KicBaseImage)
}
- if cc.CPUs == 0 {
+ if cc.CPUs == 0 && !driver.IsKIC(cc.Driver) {
klog.Info("Existing config file was missing cpu. (could be an old minikube config), will use the default value")
cc.CPUs = viper.GetInt(cpus)
}
- if cc.Memory == 0 {
+ if cc.Memory == 0 && !driver.IsKIC(cc.Driver) {
klog.Info("Existing config file was missing memory. (could be an old minikube config), will use the default value")
memInMB := getMemorySize(cmd, cc.Driver)
cc.Memory = memInMB
}
- // pre minikube 1.9.2 cc.KubernetesConfig.NodePort was not populated.
- // in minikube config there were two fields for api server port.
- // one in cc.KubernetesConfig.NodePort and one in cc.Nodes.Port
- // this makes sure api server port not be set as 0!
- if cc.KubernetesConfig.NodePort == 0 {
- cc.KubernetesConfig.NodePort = viper.GetInt(apiServerPort)
+ if cc.CertExpiration == 0 {
+ cc.CertExpiration = constants.DefaultCertExpiration
}
-
}
// updateExistingConfigFromFlags will update the existing config from the flags - used on a second start
-// skipping updating existing docker env , docker opt, InsecureRegistry, registryMirror, extra-config, apiserver-ips
+// skipping updating existing docker env, docker opt, InsecureRegistry, registryMirror, extra-config, apiserver-ips
func updateExistingConfigFromFlags(cmd *cobra.Command, existing *config.ClusterConfig) config.ClusterConfig { //nolint to suppress cyclomatic complexity 45 of func `updateExistingConfigFromFlags` is high (> 30)
-
validateFlags(cmd, existing.Driver)
cc := *existing
+ if cmd.Flags().Changed(nodes) {
+ out.WarningT("You cannot change the number of nodes for an existing minikube cluster. Please use 'minikube node add' to add nodes to an existing cluster.")
+ }
+
+ if cmd.Flags().Changed(ha) {
+ out.WarningT("Changing the HA (multi-control plane) mode of an existing minikube cluster is not currently supported. Please first delete the cluster and use 'minikube start --ha' to create new one.")
+ }
+
+ if cmd.Flags().Changed(apiServerPort) && config.IsHA(*existing) {
+ out.WarningT("Changing the API server port of an existing minikube HA (multi-control plane) cluster is not currently supported. Please first delete the cluster.")
+ } else {
+ updateIntFromFlag(cmd, &cc.APIServerPort, apiServerPort)
+ }
+
if cmd.Flags().Changed(memory) && getMemorySize(cmd, cc.Driver) != cc.Memory {
out.WarningT("You cannot change the memory size for an existing minikube cluster. Please first delete the cluster.")
}
@@ -570,7 +825,10 @@ func updateExistingConfigFromFlags(cmd *cobra.Command, existing *config.ClusterC
out.WarningT("You cannot add or remove extra disks for an existing minikube cluster. Please first delete the cluster.")
}
- updateStringFromFlag(cmd, &cc.MinikubeISO, isoURL)
+ if cmd.Flags().Changed(staticIP) && viper.GetString(staticIP) != existing.StaticIP {
+ out.WarningT("You cannot change the static IP of an existing minikube cluster. Please first delete the cluster.")
+ }
+
updateBoolFromFlag(cmd, &cc.KeepContext, keepContext)
updateBoolFromFlag(cmd, &cc.EmbedCerts, embedCerts)
updateStringFromFlag(cmd, &cc.MinikubeISO, isoURL)
@@ -611,14 +869,36 @@ func updateExistingConfigFromFlags(cmd *cobra.Command, existing *config.ClusterC
updateStringFromFlag(cmd, &cc.KubernetesConfig.NetworkPlugin, networkPlugin)
updateStringFromFlag(cmd, &cc.KubernetesConfig.ServiceCIDR, serviceCIDR)
updateBoolFromFlag(cmd, &cc.KubernetesConfig.ShouldLoadCachedImages, cacheImages)
- updateIntFromFlag(cmd, &cc.KubernetesConfig.NodePort, apiServerPort)
+ updateDurationFromFlag(cmd, &cc.CertExpiration, certExpiration)
+ updateStringFromFlag(cmd, &cc.MountString, mountString)
+ updateStringFromFlag(cmd, &cc.Mount9PVersion, mount9PVersion)
+ updateStringFromFlag(cmd, &cc.MountGID, mountGID)
+ updateStringFromFlag(cmd, &cc.MountIP, mountIPFlag)
+ updateIntFromFlag(cmd, &cc.MountMSize, mountMSize)
+ updateStringSliceFromFlag(cmd, &cc.MountOptions, mountOptions)
+ updateUint16FromFlag(cmd, &cc.MountPort, mountPortFlag)
+ updateStringFromFlag(cmd, &cc.MountType, mountTypeFlag)
+ updateStringFromFlag(cmd, &cc.MountUID, mountUID)
+ updateStringFromFlag(cmd, &cc.BinaryMirror, binaryMirror)
+ updateBoolFromFlag(cmd, &cc.DisableOptimizations, disableOptimizations)
+ updateStringFromFlag(cmd, &cc.CustomQemuFirmwarePath, qemuFirmwarePath)
+ updateStringFromFlag(cmd, &cc.SocketVMnetClientPath, socketVMnetClientPath)
+ updateStringFromFlag(cmd, &cc.SocketVMnetPath, socketVMnetPath)
+ updateDurationFromFlag(cmd, &cc.AutoPauseInterval, autoPauseInterval)
if cmd.Flags().Changed(kubernetesVersion) {
- cc.KubernetesConfig.KubernetesVersion = getKubernetesVersion(existing)
+ kubeVer, err := getKubernetesVersion(existing)
+ if err != nil {
+ klog.Warningf("failed getting Kubernetes version: %v", err)
+ }
+ cc.KubernetesConfig.KubernetesVersion = kubeVer
+ }
+ if cmd.Flags().Changed(containerRuntime) {
+ cc.KubernetesConfig.ContainerRuntime = getContainerRuntime(existing)
}
if cmd.Flags().Changed("extra-config") {
- cc.KubernetesConfig.ExtraOptions = config.ExtraOptions
+ cc.KubernetesConfig.ExtraOptions = getExtraOptions()
}
if cmd.Flags().Changed(cniFlag) || cmd.Flags().Changed(enableDefaultCNI) {
@@ -629,11 +909,22 @@ func updateExistingConfigFromFlags(cmd *cobra.Command, existing *config.ClusterC
cc.VerifyComponents = interpretWaitFlag(*cmd)
}
+ if cmd.Flags().Changed("apiserver-ips") {
+ // IPSlice not supported in Viper
+ // https://github.com/spf13/viper/issues/460
+ cc.KubernetesConfig.APIServerIPs = apiServerIPs
+ }
+
// Handle flags and legacy configuration upgrades that do not contain KicBaseImage
if cmd.Flags().Changed(kicBaseImage) || cc.KicBaseImage == "" {
cc.KicBaseImage = viper.GetString(kicBaseImage)
}
+ // If this cluster was stopped by a scheduled stop, clear the config
+ if cc.ScheduledStop != nil && time.Until(time.Unix(cc.ScheduledStop.InitiationTime, 0).Add(cc.ScheduledStop.Duration)) <= 0 {
+ cc.ScheduledStop = nil
+ }
+
return cc
}
@@ -672,6 +963,13 @@ func updateDurationFromFlag(cmd *cobra.Command, v *time.Duration, key string) {
}
}
+// updateUint16FromFlag will update the existing uint16 from the flag.
+func updateUint16FromFlag(cmd *cobra.Command, v *uint16, key string) {
+ if cmd.Flags().Changed(key) {
+ *v = uint16(viper.GetUint(key))
+ }
+}
+
// interpretWaitFlag interprets the wait flag and respects the legacy minikube users
// returns map of components to wait for
func interpretWaitFlag(cmd cobra.Command) map[string]bool {
@@ -718,7 +1016,7 @@ func interpretWaitFlag(cmd cobra.Command) map[string]bool {
}
func checkExtraDiskOptions(cmd *cobra.Command, driverName string) {
- supportedDrivers := []string{driver.HyperKit}
+ supportedDrivers := []string{driver.HyperKit, driver.KVM2, driver.QEMU2, driver.VFKit, driver.Krunkit}
if cmd.Flags().Changed(extraDisks) {
supported := false
diff --git a/cmd/minikube/cmd/start_test.go b/cmd/minikube/cmd/start_test.go
index 30b91b5a3095..3c926139af4b 100644
--- a/cmd/minikube/cmd/start_test.go
+++ b/cmd/minikube/cmd/start_test.go
@@ -17,18 +17,22 @@ limitations under the License.
package cmd
import (
- "os"
+ "fmt"
"strings"
"testing"
+ "time"
"github.com/blang/semver/v4"
"github.com/spf13/cobra"
"github.com/spf13/viper"
+ "k8s.io/klog/v2"
cfg "k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/constants"
+ "k8s.io/minikube/pkg/minikube/cruntime"
"k8s.io/minikube/pkg/minikube/driver"
"k8s.io/minikube/pkg/minikube/proxy"
+ "k8s.io/minikube/pkg/minikube/run"
)
func TestGetKubernetesVersion(t *testing.T) {
@@ -60,6 +64,16 @@ func TestGetKubernetesVersion(t *testing.T) {
paramVersion: "v1.16.0",
cfg: &cfg.ClusterConfig{KubernetesConfig: cfg.KubernetesConfig{KubernetesVersion: "v1.15.0"}},
},
+ {
+ description: "kubernetes-version without patch version",
+ expectedVersion: "v1.16.15",
+ paramVersion: "v1.16",
+ },
+ {
+ description: "kubernetes-version without patch version",
+ expectedVersion: "v1.16.15",
+ paramVersion: "1.16",
+ },
{
description: "kubernetes-version given as 'stable', no config",
expectedVersion: constants.DefaultKubernetesVersion,
@@ -70,12 +84,30 @@ func TestGetKubernetesVersion(t *testing.T) {
expectedVersion: constants.NewestKubernetesVersion,
paramVersion: "latest",
},
+ {
+ description: "kubernetes-version given as 'LATEST', no config",
+ expectedVersion: constants.NewestKubernetesVersion,
+ paramVersion: "LATEST",
+ },
+ {
+ description: "kubernetes-version given as 'newest', no config",
+ expectedVersion: constants.NewestKubernetesVersion,
+ paramVersion: "newest",
+ },
+ {
+ description: "kubernetes-version given as 'NEWEST', no config",
+ expectedVersion: constants.NewestKubernetesVersion,
+ paramVersion: "NEWEST",
+ },
}
for _, test := range tests {
t.Run(test.description, func(t *testing.T) {
viper.SetDefault(kubernetesVersion, test.paramVersion)
- version := getKubernetesVersion(test.cfg)
+ version, err := getKubernetesVersion(test.cfg)
+ if err != nil {
+ klog.Warningf("failed getting Kubernetes version: %v", err)
+ }
// check whether we are getting the expected version
if version != test.expectedVersion {
@@ -85,15 +117,14 @@ func TestGetKubernetesVersion(t *testing.T) {
}
}
-var checkRepoMock = func(v semver.Version, repo string) error {
- return nil
-}
+var checkRepoMock = func(_ semver.Version, _ string) error { return nil }
func TestMirrorCountry(t *testing.T) {
// Set default disk size value in lieu of flag init
viper.SetDefault(humanReadableDiskSize, defaultDiskSize)
checkRepository = checkRepoMock
k8sVersion := constants.DefaultKubernetesVersion
+ rtime := constants.DefaultContainerRuntime
var tests = []struct {
description string
k8sVersion string
@@ -139,7 +170,7 @@ func TestMirrorCountry(t *testing.T) {
viper.SetDefault(imageRepository, test.imageRepository)
viper.SetDefault(imageMirrorCountry, test.mirrorCountry)
viper.SetDefault(kvmNUMACount, 1)
- config, _, err := generateClusterConfig(cmd, nil, k8sVersion, driver.Mock)
+ config, _, err := generateClusterConfig(cmd, nil, k8sVersion, rtime, driver.Mock, &run.CommandOptions{})
if err != nil {
t.Fatalf("Got unexpected error %v during config generation", err)
}
@@ -153,14 +184,8 @@ func TestGenerateCfgFromFlagsHTTPProxyHandling(t *testing.T) {
// Set default disk size value in lieu of flag init
viper.SetDefault(humanReadableDiskSize, defaultDiskSize)
- originalEnv := os.Getenv("HTTP_PROXY")
- defer func() {
- err := os.Setenv("HTTP_PROXY", originalEnv)
- if err != nil {
- t.Fatalf("Error reverting env HTTP_PROXY to it's original value. Got err: %s", err)
- }
- }()
k8sVersion := constants.NewestKubernetesVersion
+ rtime := constants.DefaultContainerRuntime
var tests = []struct {
description string
proxy string
@@ -202,13 +227,11 @@ func TestGenerateCfgFromFlagsHTTPProxyHandling(t *testing.T) {
for _, test := range tests {
t.Run(test.description, func(t *testing.T) {
cmd := &cobra.Command{}
- if err := os.Setenv("HTTP_PROXY", test.proxy); err != nil {
- t.Fatalf("Unexpected error setting HTTP_PROXY: %v", err)
- }
+ t.Setenv("HTTP_PROXY", test.proxy)
cfg.DockerEnv = []string{} // clear docker env to avoid pollution
proxy.SetDockerEnv()
- config, _, err := generateClusterConfig(cmd, nil, k8sVersion, "none")
+ config, _, err := generateClusterConfig(cmd, nil, k8sVersion, rtime, "none", &run.CommandOptions{})
if err != nil {
t.Fatalf("Got unexpected error %v during config generation", err)
}
@@ -255,26 +278,26 @@ func TestSuggestMemoryAllocation(t *testing.T) {
nodes int
want int
}{
- {"128GB sys", 128000, 0, 1, 6000},
- {"64GB sys", 64000, 0, 1, 6000},
- {"32GB sys", 32768, 0, 1, 6000},
+ {"128GB sys", 128000, 0, 1, 6144},
+ {"64GB sys", 64000, 0, 1, 6144},
+ {"32GB sys", 32768, 0, 1, 6144},
{"16GB sys", 16384, 0, 1, 4000},
{"odd sys", 14567, 0, 1, 3600},
- {"4GB sys", 4096, 0, 1, 2200},
+ {"4GB sys", 4096, 0, 1, 3072},
{"2GB sys", 2048, 0, 1, 2048},
- {"Unable to poll sys", 0, 0, 1, 2200},
+ {"Unable to poll sys", 0, 0, 1, 3072},
{"128GB sys, 16GB container", 128000, 16384, 1, 16336},
{"64GB sys, 16GB container", 64000, 16384, 1, 16000},
{"16GB sys, 4GB container", 16384, 4096, 1, 4000},
{"4GB sys, 3.5GB container", 16384, 3500, 1, 3452},
{"16GB sys, 2GB container", 16384, 2048, 1, 2048},
{"16GB sys, unable to poll container", 16384, 0, 1, 4000},
- {"128GB sys 2 nodes", 128000, 0, 2, 6000},
- {"8GB sys 3 nodes", 8192, 0, 3, 2200},
- {"16GB sys 2 nodes", 16384, 0, 2, 2200},
+ {"128GB sys 2 nodes", 128000, 0, 2, 6144},
+ {"8GB sys 3 nodes", 8192, 0, 3, 3072},
+ {"16GB sys 2 nodes", 16384, 0, 2, 3072},
{"32GB sys 2 nodes", 32768, 0, 2, 4050},
- {"odd sys 2 nodes", 14567, 0, 2, 2200},
- {"4GB sys 2 nodes", 4096, 0, 2, 2200},
+ {"odd sys 2 nodes", 14567, 0, 2, 3072},
+ {"4GB sys 2 nodes", 4096, 0, 2, 3072},
{"2GB sys 3 nodes", 2048, 0, 3, 2048},
}
for _, test := range tests {
@@ -299,7 +322,6 @@ func TestBaseImageFlagDriverCombo(t *testing.T) {
{driver.VirtualBox, false},
{driver.HyperKit, false},
{driver.VMware, false},
- {driver.VMwareFusion, false},
{driver.HyperV, false},
{driver.Parallels, false},
{"something_invalid", false},
@@ -326,6 +348,14 @@ func TestValidateImageRepository(t *testing.T) {
imageRepository: "auto",
validImageRepository: "auto",
},
+ {
+ imageRepository: "$$$$invalid",
+ validImageRepository: "auto",
+ },
+ {
+ imageRepository: "",
+ validImageRepository: "auto",
+ },
{
imageRepository: "http://registry.test.com/google_containers/",
validImageRepository: "registry.test.com/google_containers",
@@ -350,6 +380,26 @@ func TestValidateImageRepository(t *testing.T) {
imageRepository: "https://registry.test.com:6666/google_containers",
validImageRepository: "registry.test.com:6666/google_containers",
},
+ {
+ imageRepository: "registry.test.com:6666/google_containers",
+ validImageRepository: "registry.test.com:6666/google_containers",
+ },
+ {
+ imageRepository: "registry.1test.com:6666/google_containers",
+ validImageRepository: "registry.1test.com:6666/google_containers",
+ },
+ {
+ imageRepository: "registry.t1est.com:6666/google_containers",
+ validImageRepository: "registry.t1est.com:6666/google_containers",
+ },
+ {
+ imageRepository: "registry.test1.com:6666/google_containers",
+ validImageRepository: "registry.test1.com:6666/google_containers",
+ },
+ {
+ imageRepository: "abc.xyz1.example.com",
+ validImageRepository: "abc.xyz1.example.com",
+ },
}
for _, test := range tests {
@@ -361,5 +411,450 @@ func TestValidateImageRepository(t *testing.T) {
}
})
}
+}
+
+func TestValidateDiskSize(t *testing.T) {
+ var tests = []struct {
+ diskSize string
+ errorMsg string
+ }{
+ {
+ diskSize: "2G",
+ errorMsg: "",
+ },
+ {
+ diskSize: "test",
+ errorMsg: "Validation unable to parse disk size test: FromHumanSize: invalid size: 'test'",
+ },
+ {
+ diskSize: "6M",
+ errorMsg: fmt.Sprintf("Requested disk size 6 is less than minimum of %v", minimumDiskSize),
+ },
+ }
+ for _, test := range tests {
+ t.Run(test.diskSize, func(t *testing.T) {
+ got := validateDiskSize(test.diskSize)
+ gotError := ""
+ if got != nil {
+ gotError = got.Error()
+ }
+ if gotError != test.errorMsg {
+ t.Errorf("validateDiskSize(diskSize=%v): got %v, expected %v", test.diskSize, got, test.errorMsg)
+ }
+ })
+ }
+}
+
+func TestValidateRuntime(t *testing.T) {
+ var tests = []struct {
+ runtime string
+ errorMsg string
+ }{
+ {
+ runtime: "cri-o",
+ errorMsg: "",
+ },
+ {
+ runtime: "docker",
+ errorMsg: "",
+ },
+ {
+ runtime: "test",
+ errorMsg: fmt.Sprintf("Invalid Container Runtime: test. Valid runtimes are: %v", cruntime.ValidRuntimes()),
+ },
+ }
+ for _, test := range tests {
+ t.Run(test.runtime, func(t *testing.T) {
+ got := validateRuntime(test.runtime)
+ gotError := ""
+ if got != nil {
+ gotError = got.Error()
+ }
+ if gotError != test.errorMsg {
+ t.Errorf("ValidateRuntime(runtime=%v): got %v, expected %v", test.runtime, got, test.errorMsg)
+ }
+ })
+ }
+}
+func TestIsTwoDigitSemver(t *testing.T) {
+ var tcs = []struct {
+ desc string
+ version string
+ expected bool
+ }{
+ {
+ desc: "a valid three digit version",
+ version: "1.26.5",
+ expected: false,
+ },
+ {
+ desc: "a valid two digit version",
+ version: "1.26",
+ expected: true,
+ },
+ {
+ desc: "a valid two digit version with a period",
+ version: "1.26.",
+ expected: false,
+ },
+ {
+ desc: "an invalid major version",
+ version: "2",
+ expected: false,
+ },
+ {
+ desc: "a valid major version",
+ version: "1",
+ expected: false,
+ },
+ {
+ desc: "a two digit version with a 0 as the major/minor components",
+ version: "0.0",
+ expected: true,
+ },
+ {
+ desc: "a two digit version with negative major version",
+ version: "-1.0",
+ expected: false,
+ },
+ {
+ desc: "a two digit version with negative minor version",
+ version: "1.-1",
+ expected: false,
+ },
+ {
+ desc: "a missing minor version",
+ version: "1.",
+ expected: false,
+ },
+ {
+ desc: "a missing major version",
+ version: ".2",
+ expected: false,
+ },
+ {
+ desc: "a valid two digit version with whitespace between components",
+ version: "1. 1",
+ expected: false,
+ },
+ {
+ desc: "a two digit version with a non-digit major component",
+ version: "a.12",
+ expected: false,
+ },
+ {
+ desc: "a two digit version with a non-digit minor component",
+ version: "1.a",
+ expected: false,
+ },
+ {
+ desc: "a two digit version with extraneous non-digits in minor component",
+ version: "1.2a",
+ expected: false,
+ },
+ {
+ desc: "a two digit version larger major/minor components",
+ version: "123456789.987654321",
+ expected: true,
+ },
+ {
+ desc: "a valid two digit version with a version prefix",
+ version: "v1.26",
+ expected: false,
+ },
+ {
+ desc: "a valid three digit version with a version prefix",
+ version: "v1.26.5",
+ expected: false,
+ },
+ }
+ for _, tc := range tcs {
+ t.Run(tc.desc, func(t *testing.T) {
+ actual := isTwoDigitSemver(tc.version)
+ // check whether the function correctly verifies if it is a 2 digit semver
+ if actual != tc.expected {
+ t.Fatalf("test failed. Expected version %s to return %t", tc.version, tc.expected)
+ }
+ })
+ }
+}
+
+func TestValidatePorts(t *testing.T) {
+ type portTest struct {
+ ports []string
+ errorMsg string
+ }
+ var tests = []portTest{
+ {
+ ports: []string{"8080:80"},
+ errorMsg: "",
+ },
+ {
+ ports: []string{"8080:80/tcp", "8080:80/udp"},
+ errorMsg: "",
+ },
+ {
+ ports: []string{"test:8080"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is not valid [test:8080] (Invalid hostPort: test)",
+ },
+ {
+ ports: []string{"0:80"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is outside range: 0",
+ },
+ {
+ ports: []string{"0:80/tcp"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is outside range: 0",
+ },
+ {
+ ports: []string{"65536:80/udp"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is not valid [65536:80/udp] (Invalid hostPort: 65536)",
+ },
+ {
+ ports: []string{"0-1:80-81/tcp"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is outside range: 0",
+ },
+ {
+ ports: []string{"0-1:80-81/udp"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is outside range: 0",
+ },
+ {
+ ports: []string{"80:80", "1023-1025:8023-8025", "1023-1025:8023-8025/tcp", "1023-1025:8023-8025/udp"},
+ errorMsg: "",
+ },
+ {
+ ports: []string{"127.0.0.1:8080:80", "127.0.0.1:8081:80/tcp", "127.0.0.1:8081:80/udp", "127.0.0.1:8082-8083:8082-8083/tcp"},
+ errorMsg: "",
+ },
+ {
+ ports: []string{"1000.0.0.1:80:80"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is not valid [1000.0.0.1:80:80] (Invalid ip address: 1000.0.0.1)",
+ },
+ {
+ ports: []string{"127.0.0.1:80:80", "127.0.0.1:81:81/tcp", "127.0.0.1:81:81/udp", "127.0.0.1:82-83:82-83/tcp", "127.0.0.1:82-83:82-83/udp"},
+ errorMsg: "",
+ },
+ {
+ ports: []string{"80"},
+ errorMsg: "",
+ },
+ {
+ ports: []string{"80", "65535", "65536"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is outside range: 65536",
+ },
+ {
+ ports: []string{"0", "80", "65535"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is outside range: 0",
+ },
+ {
+ ports: []string{"cats"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is not valid: cats",
+ },
+ {
+ ports: []string{"127.0.0.1:81:0/tcp"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is outside range: 0",
+ },
+ {
+ ports: []string{"127.0.0.1:81:65536/tcp"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is not valid [127.0.0.1:81:65536/tcp] (Invalid containerPort: 65536)",
+ },
+ {
+ ports: []string{"1-65536:80-81/tcp"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is not valid [1-65536:80-81/tcp] (Invalid hostPort: 1-65536)",
+ },
+ {
+ ports: []string{"1-80:0-81/tcp"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is not valid [1-80:0-81/tcp] (Invalid ranges specified for container and host Ports: 0-81 and 1-80)",
+ },
+ {
+ ports: []string{"1-80:1-65536/tcp"},
+ errorMsg: "Sorry, one of the ports provided with --ports flag is not valid [1-80:1-65536/tcp] (Invalid containerPort: 1-65536)",
+ },
+ }
+ for _, test := range tests {
+ t.Run(strings.Join(test.ports, ","), func(t *testing.T) {
+ gotError := ""
+ got := validatePorts(test.ports)
+ if got != nil {
+ gotError = got.Error()
+ }
+ if !strings.EqualFold(gotError, test.errorMsg) {
+ t.Errorf("validatePorts(ports=%v): got %v, expected %v", test.ports, got, test.errorMsg)
+ }
+ })
+ }
+}
+
+func TestValidateSubnet(t *testing.T) {
+ type subnetTest struct {
+ subnet string
+ errorMsg string
+ }
+ var tests = []subnetTest{
+ {
+ subnet: "192.168.1.1",
+ errorMsg: "",
+ },
+ {
+ subnet: "193.169.1.1",
+ errorMsg: "Sorry, the subnet 193.169.1.1 is not a private IP",
+ },
+ {
+ subnet: "192.168.1.1/24",
+ errorMsg: "",
+ },
+ {
+ subnet: "192.168.1.1/32",
+ errorMsg: "Sorry, the subnet provided does not have a mask less than or equal to /30",
+ },
+ }
+ for _, test := range tests {
+ t.Run(test.subnet, func(t *testing.T) {
+ gotError := ""
+ got := validateSubnet(test.subnet)
+ if got != nil {
+ gotError = got.Error()
+ }
+ if gotError != test.errorMsg {
+ t.Errorf("validateSubnet(subnet=%v): got %v, expected %v", test.subnet, got, test.errorMsg)
+ }
+ })
+ }
+}
+
+func TestValidateStaticIP(t *testing.T) {
+ tests := []struct {
+ staticIP string
+ drvName string
+ errorMsg string
+ }{
+ {
+ staticIP: "8.8.8.8",
+ drvName: "docker",
+ errorMsg: "static IP must be private",
+ },
+ {
+ staticIP: "8.8.8.8",
+ drvName: "hyperkit",
+ errorMsg: "",
+ },
+ {
+ staticIP: "fdfc:a4c0:e99e:7ad3::",
+ drvName: "docker",
+ errorMsg: "static IP must be IPv4",
+ },
+ {
+ staticIP: "192.168.49.0",
+ drvName: "docker",
+ errorMsg: "static IPs last octet must be between 2 and 254 (X.X.X.2 - X.X.X.254), for example 192.168.200.200",
+ },
+ {
+ staticIP: "192.168.49.1",
+ drvName: "docker",
+ errorMsg: "static IPs last octet must be between 2 and 254 (X.X.X.2 - X.X.X.254), for example 192.168.200.200",
+ },
+ {
+ staticIP: "192.168.49.255",
+ drvName: "docker",
+ errorMsg: "static IPs last octet must be between 2 and 254 (X.X.X.2 - X.X.X.254), for example 192.168.200.200",
+ },
+ {
+ staticIP: "192.168.49.2",
+ drvName: "docker",
+ errorMsg: "",
+ },
+ {
+ staticIP: "192.168.49.254",
+ drvName: "docker",
+ errorMsg: "",
+ },
+ }
+ for _, tt := range tests {
+ gotError := ""
+ got := validateStaticIP(tt.staticIP, tt.drvName, "")
+ if got != nil {
+ gotError = got.Error()
+ }
+ if gotError != tt.errorMsg {
+ t.Errorf("validateStaticIP(%s, %s): got %v, expected %v", tt.staticIP, tt.drvName, got, tt.errorMsg)
+ }
+ }
+}
+
+func TestImageMatchesBinaryVersion(t *testing.T) {
+ tests := []struct {
+ imageVersion string
+ binaryVersion string
+ versionMatch bool
+ }{
+ {"v1.17.0", "v1.17.0", true},
+ {"v1.17.0", "v1.20.0", false},
+ {"v1.31.0", "v1.31.1", true},
+ {"v1.31.1", "v1.31.0", false},
+ }
+
+ for _, tc := range tests {
+ got := imageMatchesBinaryVersion(tc.imageVersion, tc.binaryVersion)
+ if got != tc.versionMatch {
+ t.Errorf("imageMatchesBinaryVersion(%s, %s) = %t; want = %t", tc.imageVersion, tc.binaryVersion, got, tc.versionMatch)
+ }
+ }
+}
+
+func TestValidateGPUs(t *testing.T) {
+ tests := []struct {
+ gpus string
+ drvName string
+ runtime string
+ errorMsg string
+ }{
+ {"", "kvm", "containerd", ""},
+ {"all", "docker", "docker", ""},
+ {"nvidia", "docker", "docker", ""},
+ {"all", "docker", "", ""},
+ {"nvidia", "docker", "", ""},
+ {"all", "kvm", "docker", "The gpus flag can only be used with the docker driver and docker container-runtime"},
+ {"nvidia", "docker", "containerd", "The gpus flag can only be used with the docker driver and docker container-runtime"},
+ {"cat", "docker", "docker", `The gpus flag must be passed a value of "nvidia", "nvidia.com", "amd" or "all"`},
+ {"amd", "docker", "docker", ""},
+ {"amd", "docker", "", ""},
+ {"amd", "docker", "containerd", "The gpus flag can only be used with the docker driver and docker container-runtime"},
+ }
+
+ for _, tc := range tests {
+ gotError := ""
+ got := validateGPUs(tc.gpus, tc.drvName, tc.runtime)
+ if got != nil {
+ gotError = got.Error()
+ }
+ if gotError != tc.errorMsg {
+ t.Errorf("validateGPUs(%s, %s, %s) = %q; want = %q", tc.gpus, tc.drvName, tc.runtime, got, tc.errorMsg)
+ }
+ }
+}
+
+func TestValidateAutoPause(t *testing.T) {
+ tests := []struct {
+ interval string
+ shouldError bool
+ }{
+ {"1m0s", false},
+ {"5m", false},
+ {"1s", false},
+ {"0s", true},
+ {"-2m", true},
+ }
+ for _, tc := range tests {
+ input, err := time.ParseDuration(tc.interval)
+ if err != nil {
+ t.Fatalf("test has an invalid input duration of %q", tc.interval)
+ }
+ err = validateAutoPauseInterval(input)
+ if err != nil && !tc.shouldError {
+ t.Errorf("interval of %q failed validation; expected it to pass: %v", input, err)
+ }
+ if err == nil && tc.shouldError {
+ t.Errorf("interval of %q passed validation; expected it to fail: %v", input, err)
+ }
+ }
}
diff --git a/cmd/minikube/cmd/status.go b/cmd/minikube/cmd/status.go
index 67d6ac724215..976f796afbe3 100644
--- a/cmd/minikube/cmd/status.go
+++ b/cmd/minikube/cmd/status.go
@@ -17,38 +17,28 @@ limitations under the License.
package cmd
import (
- "bufio"
"encoding/json"
"fmt"
"io"
"os"
- "strconv"
"strings"
"text/template"
"time"
- cloudevents "github.com/cloudevents/sdk-go/v2"
-
"github.com/docker/machine/libmachine"
"github.com/docker/machine/libmachine/state"
"github.com/pkg/errors"
"github.com/spf13/cobra"
"k8s.io/klog/v2"
- "k8s.io/minikube/pkg/minikube/bootstrapper/bsutil/kverify"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/cluster"
"k8s.io/minikube/pkg/minikube/config"
- "k8s.io/minikube/pkg/minikube/constants"
- "k8s.io/minikube/pkg/minikube/driver"
"k8s.io/minikube/pkg/minikube/exit"
- "k8s.io/minikube/pkg/minikube/kubeconfig"
- "k8s.io/minikube/pkg/minikube/localpath"
- "k8s.io/minikube/pkg/minikube/machine"
"k8s.io/minikube/pkg/minikube/mustload"
"k8s.io/minikube/pkg/minikube/node"
+ "k8s.io/minikube/pkg/minikube/notify"
"k8s.io/minikube/pkg/minikube/out"
- "k8s.io/minikube/pkg/minikube/out/register"
"k8s.io/minikube/pkg/minikube/reason"
- "k8s.io/minikube/pkg/version"
)
var (
@@ -58,124 +48,6 @@ var (
watch time.Duration
)
-// Additional legacy states
-const (
- // Configured means configured
- Configured = "Configured" // ~state.Saved
- // Misconfigured means misconfigured
- Misconfigured = "Misconfigured" // ~state.Error
- // Nonexistent means the resource does not exist
- Nonexistent = "Nonexistent" // ~state.None
- // Irrelevant is used for statuses that aren't meaningful for worker nodes
- Irrelevant = "Irrelevant"
-)
-
-// New status modes, based roughly on HTTP/SMTP standards
-const (
-
- // 1xx signifies a transitional state. If retried, it will soon return a 2xx, 4xx, or 5xx
-
- Starting = 100
- Pausing = 101
- Unpausing = 102
- Stopping = 110
- Deleting = 120
-
- // 2xx signifies that the API Server is able to service requests
-
- OK = 200
- Warning = 203
-
- // 4xx signifies an error that requires help from the client to resolve
-
- NotFound = 404
- Stopped = 405
- Paused = 418 // I'm a teapot!
-
- // 5xx signifies a server-side error (that may be retryable)
-
- Error = 500
- InsufficientStorage = 507
- Unknown = 520
-)
-
-var (
- exitCodeToHTTPCode = map[int]int{
- // exit code 26 corresponds to insufficient storage
- 26: 507,
- }
-
- codeNames = map[int]string{
- 100: "Starting",
- 101: "Pausing",
- 102: "Unpausing",
- 110: "Stopping",
- 103: "Deleting",
-
- 200: "OK",
- 203: "Warning",
-
- 404: "NotFound",
- 405: "Stopped",
- 418: "Paused",
-
- 500: "Error",
- 507: "InsufficientStorage",
- 520: "Unknown",
- }
-
- codeDetails = map[int]string{
- 507: "/var is almost out of disk space",
- }
-)
-
-// Status holds string representations of component states
-type Status struct {
- Name string
- Host string
- Kubelet string
- APIServer string
- Kubeconfig string
- Worker bool
- TimeToStop string `json:",omitempty"`
- DockerEnv string `json:",omitempty"`
- PodManEnv string `json:",omitempty"`
-}
-
-// ClusterState holds a cluster state representation
-type ClusterState struct {
- BaseState
-
- BinaryVersion string
- TimeToStop string `json:",omitempty"`
- Components map[string]BaseState
- Nodes []NodeState
-}
-
-// NodeState holds a node state representation
-type NodeState struct {
- BaseState
- Components map[string]BaseState `json:",omitempty"`
-}
-
-// BaseState holds a component state representation, such as "apiserver" or "kubeconfig"
-type BaseState struct {
- // Name is the name of the object
- Name string
-
- // StatusCode is an HTTP-like status code for this object
- StatusCode int
- // Name is a human-readable name for the status code
- StatusName string
- // StatusDetail is long human-readable string describing why this particular status code was chosen
- StatusDetail string `json:",omitempty"` // Not yet implemented
-
- // Step is which workflow step the object is at.
- Step string `json:",omitempty"`
- // StepDetail is a long human-readable string describing the step
- StepDetail string `json:",omitempty"`
-}
-
const (
minikubeNotRunningStatusFlag = 1 << 0
clusterNotRunningStatusFlag = 1 << 1
@@ -212,16 +84,18 @@ var statusCmd = &cobra.Command{
Long: `Gets the status of a local Kubernetes cluster.
Exit status contains the status of minikube's VM, cluster and Kubernetes encoded on it's bits in this order from right to left.
Eg: 7 meaning: 1 (for minikube NOK) + 2 (for cluster NOK) + 4 (for Kubernetes NOK)`,
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(cmd *cobra.Command, _ []string) {
output = strings.ToLower(output)
if output != "text" && statusFormat != defaultStatusFormat {
exit.Message(reason.Usage, "Cannot use both --output and --format options")
}
+ options := flags.CommandOptions()
out.SetJSON(output == "json")
+ go notify.MaybePrintUpdateTextFromGithub(options)
cname := ClusterFlagValue()
- api, cc := mustload.Partial(cname)
+ api, cc := mustload.Partial(cname, options)
duration := watch
if !cmd.Flags().Changed("watch") || watch < 0 {
@@ -234,7 +108,7 @@ var statusCmd = &cobra.Command{
// writeStatusesAtInterval writes statuses in a given output format - at intervals defined by duration
func writeStatusesAtInterval(duration time.Duration, api libmachine.API, cc *config.ClusterConfig) {
for {
- var statuses []*Status
+ var statuses []*cluster.Status
if nodeName != "" || statusFormat != defaultStatusFormat && len(cc.Nodes) > 1 {
n, _, err := node.Retrieve(*cc, nodeName)
@@ -242,25 +116,16 @@ func writeStatusesAtInterval(duration time.Duration, api libmachine.API, cc *con
exit.Error(reason.GuestNodeRetrieve, "retrieving node", err)
}
- st, err := nodeStatus(api, *cc, *n)
+ st, err := cluster.NodeStatus(api, *cc, *n)
if err != nil {
klog.Errorf("status error: %v", err)
}
statuses = append(statuses, st)
} else {
- for _, n := range cc.Nodes {
- machineName := config.MachineName(*cc, n)
- klog.Infof("checking status of %s ...", machineName)
- st, err := nodeStatus(api, *cc, n)
- klog.Infof("%s status: %+v", machineName, st)
-
- if err != nil {
- klog.Errorf("status error: %v", err)
- }
- if st.Host == Nonexistent {
- klog.Errorf("The %q host does not exist!", machineName)
- }
- statuses = append(statuses, st)
+ var err error
+ statuses, err = cluster.GetStatus(api, cc)
+ if err != nil {
+ klog.Errorf("status error: %v", err)
}
}
@@ -274,7 +139,7 @@ func writeStatusesAtInterval(duration time.Duration, api libmachine.API, cc *con
case "json":
// Layout is currently only supported for JSON mode
if layout == "cluster" {
- if err := clusterStatusJSON(statuses, os.Stdout); err != nil {
+ if err := clusterStatusJSON(statuses, os.Stdout, cc); err != nil {
exit.Error(reason.InternalStatusJSON, "status json failure", err)
}
} else {
@@ -293,145 +158,27 @@ func writeStatusesAtInterval(duration time.Duration, api libmachine.API, cc *con
}
}
-// exitCode calcluates the appropriate exit code given a set of status messages
-func exitCode(statuses []*Status) int {
+// exitCode calculates the appropriate exit code given a set of status messages
+func exitCode(statuses []*cluster.Status) int {
c := 0
for _, st := range statuses {
if st.Host != state.Running.String() {
c |= minikubeNotRunningStatusFlag
}
- if (st.APIServer != state.Running.String() && st.APIServer != Irrelevant) || st.Kubelet != state.Running.String() {
+ if (st.APIServer != state.Running.String() && st.APIServer != cluster.Irrelevant) || st.Kubelet != state.Running.String() {
c |= clusterNotRunningStatusFlag
}
- if st.Kubeconfig != Configured && st.Kubeconfig != Irrelevant {
+ if st.Kubeconfig != cluster.Configured && st.Kubeconfig != cluster.Irrelevant {
c |= k8sNotRunningStatusFlag
}
}
return c
}
-// nodeStatus looks up the status of a node
-func nodeStatus(api libmachine.API, cc config.ClusterConfig, n config.Node) (*Status, error) {
- controlPlane := n.ControlPlane
- name := config.MachineName(cc, n)
-
- st := &Status{
- Name: name,
- Host: Nonexistent,
- APIServer: Nonexistent,
- Kubelet: Nonexistent,
- Kubeconfig: Nonexistent,
- Worker: !controlPlane,
- }
-
- hs, err := machine.Status(api, name)
- klog.Infof("%s host status = %q (err=%v)", name, hs, err)
- if err != nil {
- return st, errors.Wrap(err, "host")
- }
-
- // We have no record of this host. Return nonexistent struct
- if hs == state.None.String() {
- return st, nil
- }
- st.Host = hs
-
- // If it's not running, quickly bail out rather than delivering conflicting messages
- if st.Host != state.Running.String() {
- klog.Infof("host is not running, skipping remaining checks")
- st.APIServer = st.Host
- st.Kubelet = st.Host
- st.Kubeconfig = st.Host
- return st, nil
- }
-
- // We have a fully operational host, now we can check for details
- if _, err := cluster.DriverIP(api, name); err != nil {
- klog.Errorf("failed to get driver ip: %v", err)
- st.Host = state.Error.String()
- return st, err
- }
-
- st.Kubeconfig = Configured
- if !controlPlane {
- st.Kubeconfig = Irrelevant
- st.APIServer = Irrelevant
- }
-
- host, err := machine.LoadHost(api, name)
- if err != nil {
- return st, err
- }
-
- cr, err := machine.CommandRunner(host)
- if err != nil {
- return st, err
- }
-
- // Check storage
- p, err := machine.DiskUsed(cr, "/var")
- if err != nil {
- klog.Errorf("failed to get storage capacity of /var: %v", err)
- st.Host = state.Error.String()
- return st, err
- }
- if p >= 99 {
- st.Host = codeNames[InsufficientStorage]
- }
-
- stk := kverify.ServiceStatus(cr, "kubelet")
- st.Kubelet = stk.String()
- if cc.ScheduledStop != nil {
- initiationTime := time.Unix(cc.ScheduledStop.InitiationTime, 0)
- st.TimeToStop = time.Until(initiationTime.Add(cc.ScheduledStop.Duration)).String()
- }
- if os.Getenv(constants.MinikubeActiveDockerdEnv) != "" {
- st.DockerEnv = "in-use"
- }
- if os.Getenv(constants.MinikubeActivePodmanEnv) != "" {
- st.PodManEnv = "in-use"
- }
- // Early exit for worker nodes
- if !controlPlane {
- return st, nil
- }
-
- var hostname string
- var port int
- if cc.Addons["auto-pause"] {
- hostname, _, port, err = driver.AutoPauseProxyEndpoint(&cc, &n, host.DriverName)
- } else {
- hostname, _, port, err = driver.ControlPlaneEndpoint(&cc, &n, host.DriverName)
- }
-
- if err != nil {
- klog.Errorf("forwarded endpoint: %v", err)
- st.Kubeconfig = Misconfigured
- } else {
- err := kubeconfig.VerifyEndpoint(cc.Name, hostname, port)
- if err != nil && st.Host != state.Starting.String() {
- klog.Errorf("kubeconfig endpoint: %v", err)
- st.Kubeconfig = Misconfigured
- }
- }
-
- sta, err := kverify.APIServerStatus(cr, hostname, port)
- klog.Infof("%s apiserver status = %s (err=%v)", name, stk, err)
-
- if err != nil {
- klog.Errorln("Error apiserver status:", err)
- st.APIServer = state.Error.String()
- } else {
- st.APIServer = sta.String()
- }
-
- return st, nil
-}
-
func init() {
statusCmd.Flags().StringVarP(&statusFormat, "format", "f", defaultStatusFormat,
- `Go template format string for the status output. The format for Go templates can be found here: https://golang.org/pkg/text/template/
-For the list accessible variables for the template, see the struct values here: https://godoc.org/k8s.io/minikube/cmd/minikube/cmd#Status`)
+ `Go template format string for the status output. The format for Go templates can be found here: https://pkg.go.dev/text/template
+For the list accessible variables for the template, see the struct values here: https://pkg.go.dev/k8s.io/minikube/cmd/minikube/cmd#Status`)
statusCmd.Flags().StringVarP(&output, "output", "o", "text",
`minikube status --output OUTPUT. json, text`)
statusCmd.Flags().StringVarP(&layout, "layout", "l", "nodes",
@@ -441,7 +188,7 @@ For the list accessible variables for the template, see the struct values here:
statusCmd.Flags().Lookup("watch").NoOptDefVal = "1s"
}
-func statusText(st *Status, w io.Writer) error {
+func statusText(st *cluster.Status, w io.Writer) error {
tmpl, err := template.New("status").Parse(statusFormat)
if st.Worker && statusFormat == defaultStatusFormat {
tmpl, err = template.New("worker-status").Parse(workerStatusFormat)
@@ -452,14 +199,14 @@ func statusText(st *Status, w io.Writer) error {
if err := tmpl.Execute(w, st); err != nil {
return err
}
- if st.Kubeconfig == Misconfigured {
+ if st.Kubeconfig == cluster.Misconfigured {
_, err := w.Write([]byte("\nWARNING: Your kubectl is pointing to stale minikube-vm.\nTo fix the kubectl context, run `minikube update-context`\n"))
return err
}
return nil
}
-func statusJSON(st []*Status, w io.Writer) error {
+func statusJSON(st []*cluster.Status, w io.Writer) error {
var js []byte
var err error
// Keep backwards compat with single node clusters to not break anyone
@@ -475,185 +222,8 @@ func statusJSON(st []*Status, w io.Writer) error {
return err
}
-// readEventLog reads cloudevent logs from $MINIKUBE_HOME/profiles//events.json
-func readEventLog(name string) ([]cloudevents.Event, time.Time, error) {
- path := localpath.EventLog(name)
-
- st, err := os.Stat(path)
- if err != nil {
- return nil, time.Time{}, errors.Wrap(err, "stat")
- }
-
- f, err := os.Open(path)
- if err != nil {
- return nil, st.ModTime(), errors.Wrap(err, "open")
- }
- var events []cloudevents.Event
-
- scanner := bufio.NewScanner(f)
- for scanner.Scan() {
- ev := cloudevents.NewEvent()
- if err = json.Unmarshal(scanner.Bytes(), &ev); err != nil {
- return events, st.ModTime(), err
- }
- events = append(events, ev)
- }
-
- return events, st.ModTime(), nil
-}
-
-// clusterState converts Status structs into a ClusterState struct
-func clusterState(sts []*Status) ClusterState {
- statusName := sts[0].APIServer
- if sts[0].Host == codeNames[InsufficientStorage] {
- statusName = sts[0].Host
- }
- sc := statusCode(statusName)
-
- cs := ClusterState{
- BinaryVersion: version.GetVersion(),
-
- BaseState: BaseState{
- Name: ClusterFlagValue(),
- StatusCode: sc,
- StatusName: statusName,
- StatusDetail: codeDetails[sc],
- },
-
- TimeToStop: sts[0].TimeToStop,
-
- Components: map[string]BaseState{
- "kubeconfig": {Name: "kubeconfig", StatusCode: statusCode(sts[0].Kubeconfig), StatusName: codeNames[statusCode(sts[0].Kubeconfig)]},
- },
- }
-
- for _, st := range sts {
- ns := NodeState{
- BaseState: BaseState{
- Name: st.Name,
- StatusCode: statusCode(st.Host),
- },
- Components: map[string]BaseState{
- "kubelet": {Name: "kubelet", StatusCode: statusCode(st.Kubelet)},
- },
- }
-
- if st.APIServer != Irrelevant {
- ns.Components["apiserver"] = BaseState{Name: "apiserver", StatusCode: statusCode(st.APIServer)}
- }
-
- // Convert status codes to status names
- ns.StatusName = codeNames[ns.StatusCode]
- for k, v := range ns.Components {
- v.StatusName = codeNames[v.StatusCode]
- ns.Components[k] = v
- }
-
- cs.Nodes = append(cs.Nodes, ns)
- }
-
- evs, mtime, err := readEventLog(sts[0].Name)
- if err != nil {
- klog.Errorf("unable to read event log: %v", err)
- return cs
- }
-
- transientCode := 0
- var finalStep map[string]string
-
- for _, ev := range evs {
- // klog.Infof("read event: %+v", ev)
- if ev.Type() == "io.k8s.sigs.minikube.step" {
- var data map[string]string
- err := ev.DataAs(&data)
- if err != nil {
- klog.Errorf("unable to parse data: %v\nraw data: %s", err, ev.Data())
- continue
- }
-
- switch data["name"] {
- case string(register.InitialSetup):
- transientCode = Starting
- case string(register.Done):
- transientCode = 0
- case string(register.Stopping):
- klog.Infof("%q == %q", data["name"], register.Stopping)
- transientCode = Stopping
- case string(register.Deleting):
- transientCode = Deleting
- case string(register.Pausing):
- transientCode = Pausing
- case string(register.Unpausing):
- transientCode = Unpausing
- }
-
- finalStep = data
- klog.Infof("transient code %d (%q) for step: %+v", transientCode, codeNames[transientCode], data)
- }
- if ev.Type() == "io.k8s.sigs.minikube.error" {
- var data map[string]string
- err := ev.DataAs(&data)
- if err != nil {
- klog.Errorf("unable to parse data: %v\nraw data: %s", err, ev.Data())
- continue
- }
- exitCode, err := strconv.Atoi(data["exitcode"])
- if err != nil {
- klog.Errorf("exit code not found: %v", err)
- continue
- }
- if val, ok := exitCodeToHTTPCode[exitCode]; ok {
- exitCode = val
- }
- transientCode = exitCode
- for _, n := range cs.Nodes {
- n.StatusCode = transientCode
- n.StatusName = codeNames[n.StatusCode]
- }
-
- klog.Infof("transient code %d (%q) for step: %+v", transientCode, codeNames[transientCode], data)
- }
- }
-
- if finalStep != nil {
- if mtime.Before(time.Now().Add(-10 * time.Minute)) {
- klog.Warningf("event stream is too old (%s) to be considered a transient state", mtime)
- } else {
- cs.Step = strings.TrimSpace(finalStep["name"])
- cs.StepDetail = strings.TrimSpace(finalStep["message"])
- if transientCode != 0 {
- cs.StatusCode = transientCode
- }
- }
- }
-
- cs.StatusName = codeNames[cs.StatusCode]
- cs.StatusDetail = codeDetails[cs.StatusCode]
- return cs
-}
-
-// statusCode returns a status code number given a name
-func statusCode(st string) int {
- // legacy names
- switch st {
- case "Running", "Configured":
- return OK
- case "Misconfigured":
- return Error
- }
-
- // new names
- for code, name := range codeNames {
- if name == st {
- return code
- }
- }
-
- return Unknown
-}
-
-func clusterStatusJSON(statuses []*Status, w io.Writer) error {
- cs := clusterState(statuses)
+func clusterStatusJSON(statuses []*cluster.Status, w io.Writer, cc *config.ClusterConfig) error {
+ cs := cluster.GetState(statuses, ClusterFlagValue(), cc)
bs, err := json.Marshal(cs)
if err != nil {
diff --git a/cmd/minikube/cmd/status_test.go b/cmd/minikube/cmd/status_test.go
index bd794cbe32d0..6bb310932a58 100644
--- a/cmd/minikube/cmd/status_test.go
+++ b/cmd/minikube/cmd/status_test.go
@@ -20,22 +20,24 @@ import (
"bytes"
"encoding/json"
"testing"
+
+ "k8s.io/minikube/pkg/minikube/cluster"
)
func TestExitCode(t *testing.T) {
var tests = []struct {
name string
want int
- state *Status
+ state *cluster.Status
}{
- {"ok", 0, &Status{Host: "Running", Kubelet: "Running", APIServer: "Running", Kubeconfig: Configured}},
- {"paused", 2, &Status{Host: "Running", Kubelet: "Stopped", APIServer: "Paused", Kubeconfig: Configured}},
- {"down", 7, &Status{Host: "Stopped", Kubelet: "Stopped", APIServer: "Stopped", Kubeconfig: Misconfigured}},
- {"missing", 7, &Status{Host: "Nonexistent", Kubelet: "Nonexistent", APIServer: "Nonexistent", Kubeconfig: "Nonexistent"}},
+ {"ok", 0, &cluster.Status{Host: "Running", Kubelet: "Running", APIServer: "Running", Kubeconfig: cluster.Configured}},
+ {"paused", 2, &cluster.Status{Host: "Running", Kubelet: "Stopped", APIServer: "Paused", Kubeconfig: cluster.Configured}},
+ {"down", 7, &cluster.Status{Host: "Stopped", Kubelet: "Stopped", APIServer: "Stopped", Kubeconfig: cluster.Misconfigured}},
+ {"missing", 7, &cluster.Status{Host: "Nonexistent", Kubelet: "Nonexistent", APIServer: "Nonexistent", Kubeconfig: "Nonexistent"}},
}
for _, tc := range tests {
t.Run(tc.name, func(t *testing.T) {
- got := exitCode([]*Status{tc.state})
+ got := exitCode([]*cluster.Status{tc.state})
if got != tc.want {
t.Errorf("exitcode(%+v) = %d, want: %d", tc.state, got, tc.want)
}
@@ -46,22 +48,22 @@ func TestExitCode(t *testing.T) {
func TestStatusText(t *testing.T) {
var tests = []struct {
name string
- state *Status
+ state *cluster.Status
want string
}{
{
name: "ok",
- state: &Status{Name: "minikube", Host: "Running", Kubelet: "Running", APIServer: "Running", Kubeconfig: Configured, TimeToStop: "10m"},
+ state: &cluster.Status{Name: "minikube", Host: "Running", Kubelet: "Running", APIServer: "Running", Kubeconfig: cluster.Configured, TimeToStop: "10m"},
want: "minikube\ntype: Control Plane\nhost: Running\nkubelet: Running\napiserver: Running\nkubeconfig: Configured\ntimeToStop: 10m\n\n",
},
{
name: "paused",
- state: &Status{Name: "minikube", Host: "Running", Kubelet: "Stopped", APIServer: "Paused", Kubeconfig: Configured},
+ state: &cluster.Status{Name: "minikube", Host: "Running", Kubelet: "Stopped", APIServer: "Paused", Kubeconfig: cluster.Configured},
want: "minikube\ntype: Control Plane\nhost: Running\nkubelet: Stopped\napiserver: Paused\nkubeconfig: Configured\n\n",
},
{
name: "down",
- state: &Status{Name: "minikube", Host: "Stopped", Kubelet: "Stopped", APIServer: "Stopped", Kubeconfig: Misconfigured},
+ state: &cluster.Status{Name: "minikube", Host: "Stopped", Kubelet: "Stopped", APIServer: "Stopped", Kubeconfig: cluster.Misconfigured},
want: "minikube\ntype: Control Plane\nhost: Stopped\nkubelet: Stopped\napiserver: Stopped\nkubeconfig: Misconfigured\n\n\nWARNING: Your kubectl is pointing to stale minikube-vm.\nTo fix the kubectl context, run `minikube update-context`\n",
},
}
@@ -84,21 +86,21 @@ func TestStatusText(t *testing.T) {
func TestStatusJSON(t *testing.T) {
var tests = []struct {
name string
- state *Status
+ state *cluster.Status
}{
- {"ok", &Status{Host: "Running", Kubelet: "Running", APIServer: "Running", Kubeconfig: Configured, TimeToStop: "10m"}},
- {"paused", &Status{Host: "Running", Kubelet: "Stopped", APIServer: "Paused", Kubeconfig: Configured}},
- {"down", &Status{Host: "Stopped", Kubelet: "Stopped", APIServer: "Stopped", Kubeconfig: Misconfigured}},
+ {"ok", &cluster.Status{Host: "Running", Kubelet: "Running", APIServer: "Running", Kubeconfig: cluster.Configured, TimeToStop: "10m"}},
+ {"paused", &cluster.Status{Host: "Running", Kubelet: "Stopped", APIServer: "Paused", Kubeconfig: cluster.Configured}},
+ {"down", &cluster.Status{Host: "Stopped", Kubelet: "Stopped", APIServer: "Stopped", Kubeconfig: cluster.Misconfigured}},
}
for _, tc := range tests {
t.Run(tc.name, func(t *testing.T) {
var b bytes.Buffer
- err := statusJSON([]*Status{tc.state}, &b)
+ err := statusJSON([]*cluster.Status{tc.state}, &b)
if err != nil {
t.Errorf("json(%+v) error: %v", tc.state, err)
}
- st := &Status{}
+ st := &cluster.Status{}
if err := json.Unmarshal(b.Bytes(), st); err != nil {
t.Errorf("json(%+v) unmarshal error: %v", tc.state, err)
}
diff --git a/cmd/minikube/cmd/stop.go b/cmd/minikube/cmd/stop.go
index 1db7ab203827..789570197c26 100644
--- a/cmd/minikube/cmd/stop.go
+++ b/cmd/minikube/cmd/stop.go
@@ -27,6 +27,7 @@ import (
"github.com/spf13/cobra"
"github.com/spf13/viper"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/kubeconfig"
@@ -36,6 +37,7 @@ import (
"k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/out/register"
"k8s.io/minikube/pkg/minikube/reason"
+ "k8s.io/minikube/pkg/minikube/run"
"k8s.io/minikube/pkg/minikube/schedule"
"k8s.io/minikube/pkg/minikube/style"
"k8s.io/minikube/pkg/util/retry"
@@ -69,7 +71,8 @@ func init() {
}
// runStop handles the executes the flow of "minikube stop"
-func runStop(cmd *cobra.Command, args []string) {
+func runStop(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
out.SetJSON(outputFormat == "json")
register.Reg.SetStep(register.Stopping)
@@ -94,7 +97,7 @@ func runStop(cmd *cobra.Command, args []string) {
}
// Kill any existing scheduled stops
- schedule.KillExisting(profilesToStop)
+ schedule.KillExisting(profilesToStop, options)
if cancelScheduledStop {
register.Reg.SetStep(register.Done)
out.Step(style.Stopped, `All existing scheduled stops cancelled`)
@@ -102,7 +105,7 @@ func runStop(cmd *cobra.Command, args []string) {
}
if scheduledStopDuration != 0 {
- if err := schedule.Daemonize(profilesToStop, scheduledStopDuration); err != nil {
+ if err := schedule.Daemonize(profilesToStop, scheduledStopDuration, options); err != nil {
exit.Message(reason.DaemonizeError, "unable to daemonize: {{.err}}", out.V{"err": err.Error()})
}
// if OS is windows, scheduled stop is now being handled within minikube, so return
@@ -115,24 +118,28 @@ func runStop(cmd *cobra.Command, args []string) {
stoppedNodes := 0
for _, profile := range profilesToStop {
- stoppedNodes = stopProfile(profile)
+ stoppedNodes = stopProfile(profile, options)
}
register.Reg.SetStep(register.Done)
- if stoppedNodes > 0 {
- out.Step(style.Stopped, `{{.count}} nodes stopped.`, out.V{"count": stoppedNodes})
- }
+ out.Step(style.Stopped, `{{.count}} node{{if gt .count 1}}s{{end}} stopped.`, out.V{"count": stoppedNodes})
}
-func stopProfile(profile string) int {
+func stopProfile(profile string, options *run.CommandOptions) int {
stoppedNodes := 0
register.Reg.SetStep(register.Stopping)
// end new code
- api, cc := mustload.Partial(profile)
+ api, cc := mustload.Partial(profile, options)
defer api.Close()
- for _, n := range cc.Nodes {
+ if err := killMountProcess(); err != nil {
+ out.WarningT("Unable to kill mount process: {{.error}}", out.V{"error": err})
+ }
+
+ // stop nodes in reverse order, so last one being primary control-plane node, that will start first next time
+ for i := len(cc.Nodes) - 1; i >= 0; i-- {
+ n := cc.Nodes[i]
machineName := config.MachineName(*cc, n)
nonexistent := stop(api, machineName)
@@ -141,10 +148,6 @@ func stopProfile(profile string) int {
}
}
- if err := killMountProcess(); err != nil {
- out.WarningT("Unable to kill mount process: {{.error}}", out.V{"error": err})
- }
-
if !keepActive {
if err := kubeconfig.DeleteContext(profile, kubeconfig.PathFromEnv()); err != nil {
exit.Error(reason.HostKubeconfigDeleteCtx, "delete ctx", err)
diff --git a/cmd/minikube/cmd/tunnel.go b/cmd/minikube/cmd/tunnel.go
index ffdd6cd8fb72..7e9f6f246d9e 100644
--- a/cmd/minikube/cmd/tunnel.go
+++ b/cmd/minikube/cmd/tunnel.go
@@ -18,14 +18,18 @@ package cmd
import (
"context"
+ "fmt"
"os"
"os/signal"
"path/filepath"
+ "runtime"
"strconv"
+ "github.com/juju/fslock"
"github.com/spf13/cobra"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/drivers/kic/oci"
"k8s.io/minikube/pkg/kapi"
"k8s.io/minikube/pkg/minikube/config"
@@ -33,12 +37,17 @@ import (
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/localpath"
"k8s.io/minikube/pkg/minikube/mustload"
+ "k8s.io/minikube/pkg/minikube/out"
"k8s.io/minikube/pkg/minikube/reason"
+ "k8s.io/minikube/pkg/minikube/style"
"k8s.io/minikube/pkg/minikube/tunnel"
"k8s.io/minikube/pkg/minikube/tunnel/kic"
+ pkgnetwork "k8s.io/minikube/pkg/network"
)
var cleanup bool
+var bindAddress string
+var lockHandle *fslock.Lock
// tunnelCmd represents the tunnel command
var tunnelCmd = &cobra.Command{
@@ -48,10 +57,19 @@ var tunnelCmd = &cobra.Command{
PersistentPreRun: func(cmd *cobra.Command, args []string) {
RootCmd.PersistentPreRun(cmd, args)
},
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
manager := tunnel.NewManager()
cname := ClusterFlagValue()
- co := mustload.Healthy(cname)
+ co := mustload.Healthy(cname, options)
+
+ if driver.IsQEMU(co.Config.Driver) && pkgnetwork.IsBuiltinQEMU(co.Config.Network) {
+ msg := "minikube tunnel is not currently implemented with the builtin network on QEMU"
+ if runtime.GOOS == "darwin" {
+ msg += ", try starting minikube with '--network=socket_vmnet'"
+ }
+ exit.Message(reason.Unimplemented, msg)
+ }
if cleanup {
klog.Info("Checking for tunnels to cleanup...")
@@ -60,6 +78,9 @@ var tunnelCmd = &cobra.Command{
}
}
+ mustLockOrExit(cname)
+ defer cleanupLock()
+
// Tunnel uses the k8s clientset to query the API server for services in the LoadBalancerEmulator.
// We define the tunnel and minikube error free if the API server responds within a second.
// This also contributes to better UX, the tunnel status check can happen every second and
@@ -77,16 +98,16 @@ var tunnelCmd = &cobra.Command{
cancel()
}()
- if driver.NeedsPortForward(co.Config.Driver) {
-
- port, err := oci.ForwardedPort(oci.Docker, cname, 22)
+ if driver.NeedsPortForward(co.Config.Driver) || bindAddress != "" {
+ port, err := oci.ForwardedPort(co.Config.Driver, cname, 22)
if err != nil {
exit.Error(reason.DrvPortForward, "error getting ssh port", err)
}
sshPort := strconv.Itoa(port)
sshKey := filepath.Join(localpath.MiniPath(), "machines", cname, "id_rsa")
- kicSSHTunnel := kic.NewSSHTunnel(ctx, sshPort, sshKey, clientset.CoreV1())
+ outputTunnelStarted()
+ kicSSHTunnel := kic.NewSSHTunnel(ctx, sshPort, sshKey, bindAddress, clientset.CoreV1(), clientset.NetworkingV1())
err = kicSSHTunnel.Start()
if err != nil {
exit.Error(reason.SvcTunnelStart, "error starting tunnel", err)
@@ -103,6 +124,36 @@ var tunnelCmd = &cobra.Command{
},
}
+func cleanupLock() {
+ if lockHandle != nil {
+ err := lockHandle.Unlock()
+ if err != nil {
+ out.Styled(style.Warning, fmt.Sprintf("failed to release lock during cleanup: %v", err))
+ }
+ }
+}
+
+func mustLockOrExit(profile string) {
+ tunnelLockPath := filepath.Join(localpath.Profile(profile), ".tunnel_lock")
+
+ lockHandle = fslock.New(tunnelLockPath)
+ err := lockHandle.TryLock()
+ if err == fslock.ErrLocked {
+ exit.Message(reason.SvcTunnelAlreadyRunning, "Another tunnel process is already running, terminate the existing instance to start a new one")
+ }
+ if err != nil {
+ exit.Error(reason.SvcTunnelStart, "failed to acquire lock due to unexpected error", err)
+ }
+}
+
+func outputTunnelStarted() {
+ out.Styled(style.Success, "Tunnel successfully started")
+ out.Ln("")
+ out.Styled(style.Notice, "NOTE: Please do not close this terminal as this process must stay alive for the tunnel to be accessible ...")
+ out.Ln("")
+}
+
func init() {
tunnelCmd.Flags().BoolVarP(&cleanup, "cleanup", "c", true, "call with cleanup=true to remove old tunnels")
+ tunnelCmd.Flags().StringVar(&bindAddress, "bind-address", "", "set tunnel bind address, empty or '*' indicates the tunnel should be available for all interfaces")
}
diff --git a/cmd/minikube/cmd/unpause.go b/cmd/minikube/cmd/unpause.go
index e1c590961efe..ce7157deb493 100644
--- a/cmd/minikube/cmd/unpause.go
+++ b/cmd/minikube/cmd/unpause.go
@@ -23,6 +23,7 @@ import (
"github.com/spf13/viper"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/cluster"
"k8s.io/minikube/pkg/minikube/config"
"k8s.io/minikube/pkg/minikube/constants"
@@ -42,11 +43,12 @@ var unpauseCmd = &cobra.Command{
Use: "unpause",
Aliases: []string{"resume"},
Short: "unpause Kubernetes",
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
cname := ClusterFlagValue()
register.SetEventLogPath(localpath.EventLog(cname))
- co := mustload.Running(cname)
+ co := mustload.Running(cname, options)
out.SetJSON(outputFormat == "json")
register.Reg.SetStep(register.Unpausing)
diff --git a/cmd/minikube/cmd/update-check.go b/cmd/minikube/cmd/update-check.go
index 496ebb4ada7b..ce12428ba611 100644
--- a/cmd/minikube/cmd/update-check.go
+++ b/cmd/minikube/cmd/update-check.go
@@ -29,18 +29,18 @@ var updateCheckCmd = &cobra.Command{
Use: "update-check",
Short: "Print current and latest version number",
Long: `Print current and latest version number`,
- Run: func(command *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
url := notify.GithubMinikubeReleasesURL
r, err := notify.AllVersionsFromURL(url)
if err != nil {
exit.Error(reason.InetVersionUnavailable, "Unable to fetch latest version info", err)
}
- if len(r) < 1 {
+ if len(r.Releases) < 1 {
exit.Message(reason.InetVersionEmpty, "Update server returned an empty list")
}
out.Ln("CurrentVersion: %s", version.GetVersion())
- out.Ln("LatestVersion: %s", r[0].Name)
+ out.Ln("LatestVersion: %s", r.Releases[0].Name)
},
}
diff --git a/cmd/minikube/cmd/update-context.go b/cmd/minikube/cmd/update-context.go
index e50fb9b827c9..fc3e72b4b48a 100644
--- a/cmd/minikube/cmd/update-context.go
+++ b/cmd/minikube/cmd/update-context.go
@@ -18,6 +18,7 @@ package cmd
import (
"github.com/spf13/cobra"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/kubeconfig"
"k8s.io/minikube/pkg/minikube/mustload"
@@ -32,9 +33,10 @@ var updateContextCmd = &cobra.Command{
Short: "Update kubeconfig in case of an IP or port change",
Long: `Retrieves the IP address of the running cluster, checks it
with IP in kubeconfig, and corrects kubeconfig if incorrect.`,
- Run: func(cmd *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
cname := ClusterFlagValue()
- co := mustload.Running(cname)
+ co := mustload.Running(cname, options)
// cluster extension metada for kubeconfig
updated, err := kubeconfig.UpdateEndpoint(cname, co.CP.Hostname, co.CP.Port, kubeconfig.PathFromEnv(), kubeconfig.NewExtension())
diff --git a/cmd/minikube/cmd/version.go b/cmd/minikube/cmd/version.go
index 6f2a2da02b85..8dddeea0154d 100644
--- a/cmd/minikube/cmd/version.go
+++ b/cmd/minikube/cmd/version.go
@@ -18,13 +18,15 @@ package cmd
import (
"encoding/json"
+ "maps"
"os/exec"
- "sort"
+ "slices"
"strings"
"github.com/spf13/cobra"
"gopkg.in/yaml.v2"
"k8s.io/klog/v2"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/exit"
"k8s.io/minikube/pkg/minikube/mustload"
"k8s.io/minikube/pkg/minikube/out"
@@ -42,27 +44,30 @@ var versionCmd = &cobra.Command{
Use: "version",
Short: "Print the version of minikube",
Long: `Print the version of minikube.`,
- Run: func(command *cobra.Command, args []string) {
+ Run: func(_ *cobra.Command, _ []string) {
+ options := flags.CommandOptions()
minikubeVersion := version.GetVersion()
gitCommitID := version.GetGitCommitID()
- data := map[string]string{
+ data := map[string]interface{}{
"minikubeVersion": minikubeVersion,
"commit": gitCommitID,
}
if listComponentsVersions && !shortVersion {
- co := mustload.Running(ClusterFlagValue())
+ co := mustload.Running(ClusterFlagValue(), options)
runner := co.CP.Runner
versionCMDS := map[string]*exec.Cmd{
- "docker": exec.Command("docker", "--version"),
- "dockerd": exec.Command("dockerd", "--version"),
- "containerd": exec.Command("containerd", "--version"),
- "crio": exec.Command("crio", "--version"),
- "podman": exec.Command("sudo", "podman", "--version"),
- "crictl": exec.Command("sudo", "crictl", "--version"),
- "buildctl": exec.Command("buildctl", "--version"),
- "ctr": exec.Command("ctr", "--version"),
- "runc": exec.Command("runc", "--version"),
+ "docker": exec.Command("docker", "--version"),
+ "dockerd": exec.Command("dockerd", "--version"),
+ "cri-dockerd": exec.Command("cri-dockerd", "--version"),
+ "containerd": exec.Command("containerd", "--version"),
+ "crio": exec.Command("crio", "--version"),
+ "podman": exec.Command("sudo", "podman", "--version"),
+ "crictl": exec.Command("sudo", "crictl", "--version"),
+ "buildctl": exec.Command("buildctl", "--version"),
+ "ctr": exec.Command("ctr", "--version"),
+ "runc": exec.Command("runc", "--version"),
+ "crun": exec.Command("crun", "--version"),
}
for k, v := range versionCMDS {
rr, err := runner.RunCmd(v)
@@ -87,11 +92,7 @@ var versionCmd = &cobra.Command{
if gitCommitID != "" {
out.Ln("commit: %v", gitCommitID)
}
- keys := make([]string, 0, len(data))
- for k := range data {
- keys = append(keys, k)
- }
- sort.Strings(keys)
+ keys := slices.Sorted(maps.Keys(data))
for _, k := range keys {
v := data[k]
// for backward compatibility we keep displaying the old way for these two
diff --git a/cmd/minikube/main.go b/cmd/minikube/main.go
index 496ec6e9fd13..1c8b707a19f4 100644
--- a/cmd/minikube/main.go
+++ b/cmd/minikube/main.go
@@ -20,6 +20,7 @@ import (
"bytes"
"crypto/sha1"
"encoding/hex"
+ "errors"
"flag"
"fmt"
"log"
@@ -47,10 +48,15 @@ import (
"github.com/pkg/profile"
"k8s.io/minikube/cmd/minikube/cmd"
+ "k8s.io/minikube/cmd/minikube/cmd/flags"
"k8s.io/minikube/pkg/minikube/constants"
"k8s.io/minikube/pkg/minikube/machine"
"k8s.io/minikube/pkg/minikube/out"
_ "k8s.io/minikube/pkg/provision"
+
+ dconfig "github.com/docker/cli/cli/config"
+ ddocker "github.com/docker/cli/cli/context/docker"
+ dstore "github.com/docker/cli/cli/context/store"
)
const minikubeEnableProfile = "MINIKUBE_ENABLE_PROFILING"
@@ -60,12 +66,17 @@ var (
// unexpected errors from libmachine to the user.
machineLogErrorRe = regexp.MustCompile(`VirtualizationException`)
machineLogWarningRe = regexp.MustCompile(`(?i)warning`)
+ // This regex is to filter out logs that contain environment variables which could contain sensitive information
+ machineLogEnvironmentRe = regexp.MustCompile(`&exec\.Cmd`)
)
func main() {
+ options := flags.CommandOptions()
bridgeLogMessages()
defer klog.Flush()
+ propagateDockerContextToEnv()
+
// Don't parse flags when running as kubectl
_, callingCmd := filepath.Split(os.Args[0])
callingCmd = strings.TrimSuffix(callingCmd, ".exe")
@@ -79,7 +90,7 @@ func main() {
defer profile.Start(profile.TraceProfile).Stop()
}
if os.Getenv(constants.IsMinikubeChildProcess) == "" {
- machine.StartDriver()
+ machine.StartDriver(options)
}
out.SetOutFile(os.Stdout)
out.SetErrFile(os.Stderr)
@@ -122,11 +133,14 @@ type machineLogBridge struct{}
// Write passes machine driver logs to klog
func (lb machineLogBridge) Write(b []byte) (n int, err error) {
- if machineLogErrorRe.Match(b) {
+ switch {
+ case machineLogEnvironmentRe.Match(b):
+ return len(b), nil
+ case machineLogErrorRe.Match(b):
klog.Errorf("libmachine: %s", b)
- } else if machineLogWarningRe.Match(b) {
+ case machineLogWarningRe.Match(b):
klog.Warningf("libmachine: %s", b)
- } else {
+ default:
klog.Infof("libmachine: %s", b)
}
return len(b), nil
@@ -145,13 +159,13 @@ func checkLogFileMaxSize(file string, maxSizeKB int64) bool {
// logFileName generates a default logfile name in the form minikube___.log from args
func logFileName(dir string, logIdx int64) string {
h := sha1.New()
- user, err := user.Current()
+ userInfo, err := user.Current()
if err != nil {
klog.Warningf("Unable to get username to add to log filename hash: %v", err)
} else {
- _, err := h.Write([]byte(user.Username))
+ _, err := h.Write([]byte(userInfo.Username))
if err != nil {
- klog.Warningf("Unable to add username %s to log filename hash: %v", user.Username, err)
+ klog.Warningf("Unable to add username %s to log filename hash: %v", userInfo.Username, err)
}
}
for _, s := range pflag.Args() {
@@ -176,7 +190,7 @@ func logFileName(dir string, logIdx int64) string {
// setFlags sets the flags
func setFlags(parse bool) {
- // parse flags beyond subcommand - get aroung go flag 'limitations':
+ // parse flags beyond subcommand - get around go flag 'limitations':
// "Flag parsing stops just before the first non-flag argument" (ref: https://pkg.go.dev/flag#hdr-Command_line_flag_syntax)
pflag.CommandLine.ParseErrorsWhitelist.UnknownFlags = true
pflag.CommandLine.AddGoFlagSet(flag.CommandLine)
@@ -225,7 +239,7 @@ func setFlags(parse bool) {
// setLastStartFlags sets the log_file flag to lastStart.txt if start command and user doesn't specify log_file or log_dir flags.
func setLastStartFlags() {
- if len(os.Args) < 2 || os.Args[1] != "start" {
+ if pflag.Arg(0) != "start" {
return
}
if pflag.CommandLine.Changed("log_file") || pflag.CommandLine.Changed("log_dir") {
@@ -243,3 +257,55 @@ func setLastStartFlags() {
klog.Warningf("Unable to set default flag value for log_file: %v", err)
}
}
+
+// propagateDockerContextToEnv propagates the current context in ~/.docker/config.json to $DOCKER_HOST,
+// so that google/go-containerregistry can pick it up.
+func propagateDockerContextToEnv() {
+ if os.Getenv("DOCKER_HOST") != "" {
+ // Already explicitly set
+ return
+ }
+ currentContext := os.Getenv("DOCKER_CONTEXT")
+ if currentContext == "" {
+ dockerConfigDir := dconfig.Dir()
+ if _, err := os.Stat(dockerConfigDir); err != nil {
+ if !errors.Is(err, os.ErrNotExist) {
+ klog.Warning(err)
+ }
+ return
+ }
+ cf, err := dconfig.Load(dockerConfigDir)
+ if err != nil {
+ klog.Warningf("Unable to load the current Docker config from %q: %v", dockerConfigDir, err)
+ return
+ }
+ currentContext = cf.CurrentContext
+ }
+ if currentContext == "" {
+ return
+ }
+ storeConfig := dstore.NewConfig(
+ func() interface{} { return &ddocker.EndpointMeta{} },
+ dstore.EndpointTypeGetter(ddocker.DockerEndpoint, func() interface{} { return &ddocker.EndpointMeta{} }),
+ )
+ st := dstore.New(dconfig.ContextStoreDir(), storeConfig)
+ md, err := st.GetMetadata(currentContext)
+ if err != nil {
+ klog.Warningf("Unable to resolve the current Docker CLI context %q: %v", currentContext, err)
+ klog.Warningf("Try running `docker context use %s` to resolve the above error", currentContext)
+ return
+ }
+ dockerEP, ok := md.Endpoints[ddocker.DockerEndpoint]
+ if !ok {
+ // No warning (the context is not for Docker)
+ return
+ }
+ dockerEPMeta, ok := dockerEP.(ddocker.EndpointMeta)
+ if !ok {
+ klog.Warningf("expected docker.EndpointMeta, got %T", dockerEP)
+ return
+ }
+ if dockerEPMeta.Host != "" {
+ os.Setenv("DOCKER_HOST", dockerEPMeta.Host)
+ }
+}
diff --git a/cmd/performance/mkcmp/cmd/README.md b/cmd/performance/mkcmp/cmd/README.md
index 6df569350114..13dade54cf55 100644
--- a/cmd/performance/mkcmp/cmd/README.md
+++ b/cmd/performance/mkcmp/cmd/README.md
@@ -15,8 +15,8 @@ make out/mkcmp
./out/mkcmp ./out/minikube pr://400
```
-mkcmp is primarily used for our prbot, which comments mkcmp output on valid PRs [example](https://github.com/kubernetes/minikube/pull/10430#issuecomment-776311409).
-To make changes to the prbot output, submitting a PR to change mkcmp code should be sufficient.
+mkcmp is primarily used for our pr-bot, which comments mkcmp output on valid PRs [example](https://github.com/kubernetes/minikube/pull/10430#issuecomment-776311409).
+To make changes to the pr-bot output, submitting a PR to change mkcmp code should be sufficient.
Note: STDOUT from mkcmp is *exactly* what is commented on github, so we want it to be in Markdown.
diff --git a/cmd/performance/mkcmp/cmd/mkcmp.go b/cmd/performance/mkcmp/cmd/mkcmp.go
index 16ed30ae40c8..6817cabe74d1 100644
--- a/cmd/performance/mkcmp/cmd/mkcmp.go
+++ b/cmd/performance/mkcmp/cmd/mkcmp.go
@@ -32,15 +32,15 @@ var rootCmd = &cobra.Command{
Short: "mkcmp is used to compare performance of two minikube binaries",
SilenceUsage: true,
SilenceErrors: true,
- PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
+ PersistentPreRunE: func(_ *cobra.Command, args []string) error {
return validateArgs(args)
},
- RunE: func(cmd *cobra.Command, args []string) error {
+ RunE: func(_ *cobra.Command, args []string) error {
binaries, err := retrieveBinaries(args)
if err != nil {
return err
}
- return perf.CompareMinikubeStart(context.Background(), os.Stdout, binaries)
+ return perf.CompareMinikubeStart(context.Background(), binaries)
},
}
diff --git a/cmd/performance/pr-bot/bot.go b/cmd/performance/pr-bot/bot.go
index 340c4ef8f4de..106c446f4bad 100644
--- a/cmd/performance/pr-bot/bot.go
+++ b/cmd/performance/pr-bot/bot.go
@@ -37,9 +37,9 @@ func main() {
}
// analyzePerformance is responsible for:
-// 1. collecting PRs to run performance analysis on
-// 2. running mkcmp against those PRs
-// 3. commenting results on those PRs
+// 1. collecting PRs to run performance analysis on
+// 2. running mkcmp against those PRs
+// 3. commenting results on those PRs
func analyzePerformance(ctx context.Context) error {
client := monitor.NewClient(ctx, monitor.GithubOwner, monitor.GithubRepo)
prs, err := client.ListOpenPRsWithLabel(monitor.OkToTestLabel)
diff --git a/deploy/addons/aliyun_mirror.json b/deploy/addons/aliyun_mirror.json
new file mode 100644
index 000000000000..42bd7d63b34d
--- /dev/null
+++ b/deploy/addons/aliyun_mirror.json
@@ -0,0 +1,100 @@
+{
+ "docker.io/kubernetesui/dashboard": "registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard",
+ "docker.io/kubernetesui/metrics-scraper": "registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-scraper",
+ "gcr.io/k8s-minikube/auto-pause-hook": "registry.cn-hangzhou.aliyuncs.com/google_containers/auto-pause-hook",
+ "quay.io/operator-framework/olm": "registry.cn-hangzhou.aliyuncs.com/google_containers/olm",
+ "quay.io/operator-framework/upstream-community-operators": "registry.cn-hangzhou.aliyuncs.com/google_containers/upstream-community-operators",
+ "registry.k8s.io/kube-registry-proxy": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-registry-proxy",
+ "docker.io/upmcenterprises/registry-creds": "registry.cn-hangzhou.aliyuncs.com/google_containers/registry-creds",
+ "quay.io/rhdevelopers/core-dns-patcher": "registry.cn-hangzhou.aliyuncs.com/google_containers/core-dns-patcher",
+ "docker.io/nvidia/k8s-device-plugin": "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-device-plugin",
+ "docker.io/ivans3/minikube-log-viewer": "registry.cn-hangzhou.aliyuncs.com/google_containers/minikube-log-viewer",
+ "docker.io/cryptexlabs/minikube-ingress-dns": "registry.cn-hangzhou.aliyuncs.com/google_containers/minikube-ingress-dns",
+ "docker.io/kicbase/minikube-ingress-dns": "registry.cn-hangzhou.aliyuncs.com/google_containers/minikube-ingress-dns",
+ "quay.io/datawire/ambassador-operator": "registry.cn-hangzhou.aliyuncs.com/google_containers/ambassador-operator",
+ "docker.io/jettech/kube-webhook-certgen": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen",
+ "gcr.io/k8s-minikube/gcp-auth-webhook": "registry.cn-hangzhou.aliyuncs.com/google_containers/gcp-auth-webhook",
+ "registry.k8s.io/sig-storage/snapshot-controller": "registry.cn-hangzhou.aliyuncs.com/google_containers/snapshot-controller",
+ "registry.k8s.io/sig-storage/csi-attacher": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-attacher",
+ "registry.k8s.io/sig-storage/csi-external-health-monitor-agent": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-external-health-monitor-agent",
+ "registry.k8s.io/sig-storage/csi-external-health-monitor-controller": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-external-health-monitor-controller",
+ "registry.k8s.io/sig-storage/csi-node-driver-registrar": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-node-driver-registrar",
+ "registry.k8s.io/sig-storage/hostpathplugin": "registry.cn-hangzhou.aliyuncs.com/google_containers/hostpathplugin",
+ "registry.k8s.io/sig-storage/livenessprobe": "registry.cn-hangzhou.aliyuncs.com/google_containers/livenessprobe",
+ "registry.k8s.io/sig-storage/csi-resizer": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-resizer",
+ "registry.k8s.io/sig-storage/csi-snapshotter": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-snapshotter",
+ "registry.k8s.io/sig-storage/csi-provisioner": "registry.cn-hangzhou.aliyuncs.com/google_containers/csi-provisioner",
+ "docker.io/registry": "registry.cn-hangzhou.aliyuncs.com/google_containers/registry",
+ "docker.io/coredns/coredns": "registry.cn-hangzhou.aliyuncs.com/google_containers/coredns",
+ "docker.io/kindest/kindnetd": "registry.cn-hangzhou.aliyuncs.com/google_containers/kindnetd",
+ "registry.k8s.io/ingress-nginx/controller": "registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller",
+ "gcr.io/cloud-builders/gcs-fetcher": "registry.cn-hangzhou.aliyuncs.com/cloud-builders/gcs-fetcher",
+ "gcr.io/google-samples/freshpod": "registry.cn-hangzhou.aliyuncs.com/google_containers/freshpod",
+ "gcr.io/k8s-minikube/gvisor-addon": "registry.cn-hangzhou.aliyuncs.com/google_containers/gvisor-addon",
+ "gcr.io/k8s-minikube/kicbase": "registry.cn-hangzhou.aliyuncs.com/google_containers/kicbase",
+ "gcr.io/k8s-minikube/storage-provisioner": "registry.cn-hangzhou.aliyuncs.com/google_containers/storage-provisioner",
+ "registry.k8s.io/addon-resizer": "registry.cn-hangzhou.aliyuncs.com/google_containers/addon-resizer",
+ "registry.k8s.io/busybox": "registry.cn-hangzhou.aliyuncs.com/google_containers/busybox",
+ "registry.k8s.io/cluster-autoscaler": "registry.cn-hangzhou.aliyuncs.com/google_containers/cluster-autoscaler",
+ "registry.k8s.io/coredns/coredns": "registry.cn-hangzhou.aliyuncs.com/google_containers/coredns",
+ "registry.k8s.io/defaultbackend": "registry.cn-hangzhou.aliyuncs.com/google_containers/defaultbackend",
+ "registry.k8s.io/echoserver": "registry.cn-hangzhou.aliyuncs.com/google_containers/echoserver",
+ "registry.k8s.io/elasticsearch": "registry.cn-hangzhou.aliyuncs.com/google_containers/elasticsearch",
+ "registry.k8s.io/etcd": "registry.cn-hangzhou.aliyuncs.com/google_containers/etcd",
+ "registry.k8s.io/etcd-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/etcd-amd64",
+ "registry.k8s.io/exechealthz-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/exechealthz-amd64",
+ "registry.k8s.io/flannel-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/flannel-amd64",
+ "registry.k8s.io/fluentd-elasticsearch": "registry.cn-hangzhou.aliyuncs.com/google_containers/fluentd-elasticsearch",
+ "registry.k8s.io/heapster": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster",
+ "registry.k8s.io/heapster_grafana": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster_grafana",
+ "registry.k8s.io/heapster_influxdb": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster_influxdb",
+ "registry.k8s.io/heapster-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster-amd64",
+ "registry.k8s.io/heapster-grafana-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster-grafana-amd64",
+ "registry.k8s.io/heapster-influxdb-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/heapster-influxdb-amd64",
+ "registry.k8s.io/k8s-dns-dnsmasq-nanny-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-dnsmasq-nanny-amd64",
+ "registry.k8s.io/k8s-dns-kube-dns-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-kube-dns-amd64",
+ "registry.k8s.io/k8s-dns-node-cache": "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-node-cache",
+ "registry.k8s.io/k8s-dns-sidecar-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/k8s-dns-sidecar-amd64",
+ "registry.k8s.io/kube-addon-manager": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-addon-manager",
+ "registry.k8s.io/kube-addon-manager-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-addon-manager-amd64",
+ "registry.k8s.io/kube-apiserver": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver",
+ "registry.k8s.io/kube-apiserver-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver-amd64",
+ "registry.k8s.io/kube-controller-manager": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager",
+ "registry.k8s.io/kube-controller-manager-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager-amd64",
+ "registry.k8s.io/kube-cross": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-cross",
+ "registry.k8s.io/kube-dnsmasq-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-dnsmasq-amd64",
+ "registry.k8s.io/kube-proxy": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy",
+ "registry.k8s.io/kube-proxy-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy-amd64",
+ "registry.k8s.io/kube-scheduler": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler",
+ "registry.k8s.io/kube-scheduler-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler-amd64",
+ "registry.k8s.io/kube-state-metrics": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-state-metrics",
+ "registry.k8s.io/kubedns-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kubedns-amd64",
+ "registry.k8s.io/kubernetes-dashboard-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/kubernetes-dashboard-amd64",
+ "registry.k8s.io/metrics-server-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-server-amd64",
+ "registry.k8s.io/minikube-nvidia-driver-installer": "registry.cn-hangzhou.aliyuncs.com/google_containers/minikube-nvidia-driver-installer",
+ "registry.k8s.io/mongodb-install": "registry.cn-hangzhou.aliyuncs.com/google_containers/mongodb-install",
+ "registry.k8s.io/nginx-slim": "registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-slim",
+ "registry.k8s.io/nvidia-gpu-device-plugin": "registry.cn-hangzhou.aliyuncs.com/google_containers/nvidia-gpu-device-plugin",
+ "registry.k8s.io/pause": "registry.cn-hangzhou.aliyuncs.com/google_containers/pause",
+ "registry.k8s.io/pause-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/pause-amd64",
+ "registry.k8s.io/spark": "registry.cn-hangzhou.aliyuncs.com/google_containers/spark",
+ "registry.k8s.io/spartakus-amd64": "registry.cn-hangzhou.aliyuncs.com/google_containers/spartakus-amd64",
+ "registry.k8s.io/zeppelin": "registry.cn-hangzhou.aliyuncs.com/google_containers/zeppelin",
+ "quay.io/coreos/configmap-reload": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/configmap-reload",
+ "quay.io/coreos/grafana-watcher": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/grafana-watcher",
+ "quay.io/coreos/hyperkube": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/hyperkube",
+ "quay.io/coreos/kube-rbac-proxy": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/kube-rbac-proxy",
+ "quay.io/coreos/kube-state-metrics": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/kube-state-metrics",
+ "quay.io/coreos/monitoring-grafana": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/monitoring-grafana",
+ "quay.io/coreos/prometheus-config-reloader": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/prometheus-config-reloader",
+ "quay.io/coreos/prometheus-operator": "registry.cn-hangzhou.aliyuncs.com/coreos_containers/prometheus-operator",
+ "quay.io/kubernetes-ingress-controller/nginx-ingress-controller": "registry.cn-hangzhou.aliyuncs.com/google_containers/nginx-ingress-controller",
+ "quay.io/kubernetes-service-catalog/service-catalog": "registry.cn-hangzhou.aliyuncs.com/kubernetes-service-catalog/service-catalog",
+ "quay.io/prometheus/alertmanager": "registry.cn-hangzhou.aliyuncs.com/google_containers/alertmanager",
+ "quay.io/prometheus/prometheus": "registry.cn-hangzhou.aliyuncs.com/google_containers/prometheus",
+ "registry.k8s.io/ingress-nginx/kube-webhook-certgen": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-webhook-certgen",
+ "gcr.io/k8s-minikube/minikube-ingress-dns": "registry.cn-hangzhou.aliyuncs.com/google_containers/minikube-ingress-dns",
+ "gcr.io/google_containers/pause": "registry.cn-hangzhou.aliyuncs.com/google_containers/pause",
+ "registry.k8s.io/metrics-server/metrics-server": "registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-server",
+ "gcr.io/google_containers/kube-registry-proxy": "registry.cn-hangzhou.aliyuncs.com/google_containers/kube-registry-proxy"
+}
diff --git a/deploy/addons/ambassador/ambassador-operator-crds.yaml.tmpl b/deploy/addons/ambassador/ambassador-operator-crds.yaml
similarity index 98%
rename from deploy/addons/ambassador/ambassador-operator-crds.yaml.tmpl
rename to deploy/addons/ambassador/ambassador-operator-crds.yaml
index e8495d955111..b6a0d8a0f418 100644
--- a/deploy/addons/ambassador/ambassador-operator-crds.yaml.tmpl
+++ b/deploy/addons/ambassador/ambassador-operator-crds.yaml
@@ -12,7 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: ambassadorinstallations.getambassador.io
@@ -91,7 +91,7 @@ spec:
instead of [AES](https://www.getambassador.io/docs/latest/topics/install/).
Default is false which means it installs AES by default. TODO: 1.
AES/AOSS is not installed and the user installs using `installOSS:
- true`, then we straightaway install AOSS. 2. AOSS is installed via
+ true`, then we straight away install AOSS. 2. AOSS is installed via
operator and the user sets `installOSS: false`, then we perform the
migration as detailed here - https://www.getambassador.io/docs/latest/topics/install/upgrade-to-edge-stack/
3. AES is installed and the user sets `installOSS: true`, then we
diff --git a/deploy/addons/ambassador/ambassadorinstallation.yaml.tmpl b/deploy/addons/ambassador/ambassadorinstallation.yaml
similarity index 100%
rename from deploy/addons/ambassador/ambassadorinstallation.yaml.tmpl
rename to deploy/addons/ambassador/ambassadorinstallation.yaml
diff --git a/deploy/addons/assets.go b/deploy/addons/assets.go
index 3fa5c6ced362..c58b114d7dbe 100644
--- a/deploy/addons/assets.go
+++ b/deploy/addons/assets.go
@@ -20,8 +20,7 @@ import "embed"
var (
// AutoPauseAssets assets for auto-pause addon
- //go:embed auto-pause/*.tmpl
- //go:embed auto-pause/unpause.lua
+ //go:embed auto-pause/*.tmpl auto-pause/*.yaml auto-pause/unpause.lua
AutoPauseAssets embed.FS
// DashboardAssets assets for dashboard addon
@@ -29,23 +28,23 @@ var (
DashboardAssets embed.FS
// DefaultStorageClassAssets assets for default-storageclass addon
- //go:embed storageclass/storageclass.yaml.tmpl
+ //go:embed storageclass/storageclass.yaml
DefaultStorageClassAssets embed.FS
// PodSecurityPolicyAssets assets for pod-security-policy addon
- //go:embed pod-security-policy/pod-security-policy.yaml.tmpl
+ //go:embed pod-security-policy/pod-security-policy.yaml
PodSecurityPolicyAssets embed.FS
// StorageProvisionerAssets assets for storage-provisioner addon
//go:embed storage-provisioner/storage-provisioner.yaml.tmpl
StorageProvisionerAssets embed.FS
- // StorageProvisionerGlusterAssets assets for storage-provisioner-gluster addon
- //go:embed storage-provisioner-gluster/*.tmpl
- StorageProvisionerGlusterAssets embed.FS
+ // StorageProvisionerRancherAssets assets for storage-provisioner-rancher addon
+ //go:embed storage-provisioner-rancher/*.tmpl
+ StorageProvisionerRancherAssets embed.FS
// EfkAssets assets for efk addon
- //go:embed efk/*.tmpl
+ //go:embed efk/*.tmpl efk/*.yaml
EfkAssets embed.FS
// IngressAssets assets for ingress addon
@@ -57,23 +56,31 @@ var (
IstioProvisionerAssets embed.FS
// IstioAssets assets for istio addon
- //go:embed istio/istio-default-profile.yaml.tmpl
+ //go:embed istio/istio-default-profile.yaml
IstioAssets embed.FS
+ // InspektorGadgetAssets assets for inspektor-gadget addon
+ //go:embed inspektor-gadget/*.tmpl
+ InspektorGadgetAssets embed.FS
+
+ // KongAssets assets for kong addon
+ //go:embed kong/kong-ingress-controller.yaml.tmpl
+ KongAssets embed.FS
+
// KubevirtAssets assets for kubevirt addon
//go:embed kubevirt/pod.yaml.tmpl
KubevirtAssets embed.FS
// MetricsServerAssets assets for metrics-server addon
- //go:embed metrics-server/*.tmpl
+ //go:embed metrics-server/*.tmpl metrics-server/*.yaml
MetricsServerAssets embed.FS
// OlmAssets assets for olm addon
- //go:embed olm/*.tmpl
+ //go:embed olm/*.tmpl olm/*.yaml
OlmAssets embed.FS
// RegistryAssets assets for registry addon
- //go:embed registry/*.tmpl
+ //go:embed registry/*.tmpl registry/*.yaml
RegistryAssets embed.FS
// RegistryCredsAssets assets for registry-creds addon
@@ -81,7 +88,7 @@ var (
RegistryCredsAssets embed.FS
// RegistryAliasesAssets assets for registry-aliases addon
- //go:embed registry-aliases/*.tmpl
+ //go:embed registry-aliases/*.tmpl registry-aliases/*.yaml
RegistryAliasesAssets embed.FS
// FreshpodAssets assets for freshpod addon
@@ -96,18 +103,18 @@ var (
//go:embed gpu/nvidia-gpu-device-plugin.yaml.tmpl
NvidiaGpuDevicePluginAssets embed.FS
+ // AmdGpuDevicePluginAssets assets for amd-gpu-device-plugin addon
+ //go:embed gpu/amd-gpu-device-plugin.yaml.tmpl
+ AmdGpuDevicePluginAssets embed.FS
+
// LogviewerAssets assets for logviewer addon
- //go:embed logviewer/*.tmpl
+ //go:embed logviewer/*.tmpl logviewer/*.yaml
LogviewerAssets embed.FS
// GvisorAssets assets for gvisor addon
- //go:embed gvisor/*.tmpl gvisor/*.toml
+ //go:embed gvisor/*.tmpl
GvisorAssets embed.FS
- // HelmTillerAssets assets for helm-tiller addon
- //go:embed helm-tiller/*.tmpl
- HelmTillerAssets embed.FS
-
// IngressDNSAssets assets for ingress-dns addon
//go:embed ingress-dns/ingress-dns-pod.yaml.tmpl
IngressDNSAssets embed.FS
@@ -117,22 +124,58 @@ var (
MetallbAssets embed.FS
// AmbassadorAssets assets for ambassador addon
- //go:embed ambassador/*.tmpl
+ //go:embed ambassador/*.tmpl ambassador/*.yaml
AmbassadorAssets embed.FS
// GcpAuthAssets assets for gcp-auth addon
- //go:embed gcp-auth/*.tmpl
+ //go:embed gcp-auth/*.tmpl gcp-auth/*.yaml
GcpAuthAssets embed.FS
+ // VolcanoAssets assets for volcano addon
+ //go:embed volcano/*.tmpl
+ VolcanoAssets embed.FS
+
// VolumeSnapshotsAssets assets for volumesnapshots addon
- //go:embed volumesnapshots/*.tmpl
+ //go:embed volumesnapshots/*.tmpl volumesnapshots/*.yaml
VolumeSnapshotsAssets embed.FS
// CsiHostpathDriverAssets assets for csi-hostpath-driver addon
- //go:embed csi-hostpath-driver/deploy/*.tmpl csi-hostpath-driver/rbac/*.tmpl
+ //go:embed csi-hostpath-driver/deploy/*.tmpl csi-hostpath-driver/deploy/*.yaml csi-hostpath-driver/rbac/*.yaml
CsiHostpathDriverAssets embed.FS
// PortainerAssets assets for portainer addon
//go:embed portainer/portainer.yaml.tmpl
PortainerAssets embed.FS
+
+ // AliyunMirror assets for aliyun_mirror.json
+ //go:embed aliyun_mirror.json
+ AliyunMirror embed.FS
+
+ // InAccelAssets assets for inaccel addon
+ //go:embed inaccel/fpga-operator.yaml.tmpl
+ InAccelAssets embed.FS
+
+ // HeadlampAssets assets for headlamp addon
+ //go:embed headlamp/*.yaml headlamp/*.tmpl
+ HeadlampAssets embed.FS
+
+ // CloudSpanner assets for cloud-spanner addon
+ //go:embed cloud-spanner/*.tmpl
+ CloudSpanner embed.FS
+
+ // Kubeflow assets for kubeflow addon
+ //go:embed kubeflow/*.yaml
+ Kubeflow embed.FS
+
+ // NvidiaDevicePlugin assets for nvidia-device-plugin addon
+ //go:embed nvidia-device-plugin/*.tmpl
+ NvidiaDevicePlugin embed.FS
+
+ // YakdAssets assets for yakd addon
+ //go:embed yakd/*.yaml yakd/*.tmpl
+ YakdAssets embed.FS
+
+ // Kubetail assets for kubetail addon
+ //go:embed kubetail/*.yaml kubetail/*.tmpl
+ KubetailAssets embed.FS
)
diff --git a/deploy/addons/auto-pause/Dockerfile b/deploy/addons/auto-pause/Dockerfile
index cd217d9e2de2..e1d718951365 100644
--- a/deploy/addons/auto-pause/Dockerfile
+++ b/deploy/addons/auto-pause/Dockerfile
@@ -1,2 +1,9 @@
-FROM golang:1.8
-ADD auto-pause-hook /auto-pause-hook
+FROM golang:1.25.5 AS builder
+WORKDIR /app
+COPY go.mod go.sum ./
+RUN go mod download
+COPY ./ ./
+RUN GOOS=linux CGO_ENABLED=0 go build -a --ldflags '-extldflags "-static"' -tags netgo -installsuffix netgo -o auto-pause-hook cmd/auto-pause/auto-pause-hook/main.go cmd/auto-pause/auto-pause-hook/config.go cmd/auto-pause/auto-pause-hook/certs.go
+
+FROM scratch
+COPY --from=builder /app/auto-pause-hook /auto-pause-hook
diff --git a/deploy/addons/auto-pause/auto-pause.service.tmpl b/deploy/addons/auto-pause/auto-pause.service.tmpl
index 0a5260a7b434..5e52966b1869 100644
--- a/deploy/addons/auto-pause/auto-pause.service.tmpl
+++ b/deploy/addons/auto-pause/auto-pause.service.tmpl
@@ -3,7 +3,7 @@ Description=Auto Pause Service
[Service]
Type=simple
-ExecStart=/bin/auto-pause --container-runtime={{.ContainerRuntime}}
+ExecStart=/bin/auto-pause --container-runtime={{.ContainerRuntime}} --interval={{.AutoPauseInterval}}
Restart=always
[Install]
diff --git a/deploy/addons/auto-pause/auto-pause.yaml.tmpl b/deploy/addons/auto-pause/auto-pause.yaml
similarity index 100%
rename from deploy/addons/auto-pause/auto-pause.yaml.tmpl
rename to deploy/addons/auto-pause/auto-pause.yaml
diff --git a/deploy/addons/cloud-spanner/deployment.yaml.tmpl b/deploy/addons/cloud-spanner/deployment.yaml.tmpl
new file mode 100644
index 000000000000..85e2500e2103
--- /dev/null
+++ b/deploy/addons/cloud-spanner/deployment.yaml.tmpl
@@ -0,0 +1,45 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: cloud-spanner-emulator
+ labels:
+ app: cloud-spanner-emulator
+ gcp-auth-skip-secret: "true"
+ kubernetes.io/minikube-addons-endpoint: cloud-spanner
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: cloud-spanner-emulator
+ template:
+ metadata:
+ labels:
+ app: cloud-spanner-emulator
+ spec:
+ containers:
+ - name: cloud-spanner-emulator
+ image: {{.CustomRegistries.CloudSpanner | default .ImageRepository | default .Registries.CloudSpanner}}{{.Images.CloudSpanner}}
+ imagePullPolicy: IfNotPresent
+ ports:
+ - containerPort: 9020
+ name: http
+ - containerPort: 9010
+ name: grpc
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: cloud-spanner-emulator
+ labels:
+ app: cloud-spanner-emulator
+spec:
+ type: NodePort
+ ports:
+ - port: 9020
+ name: http
+ - port: 9010
+ name: grpc
+ selector:
+ app: cloud-spanner-emulator
diff --git a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-attacher.yaml.tmpl b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-attacher.yaml.tmpl
index cf5a80154002..e49d56209610 100644
--- a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-attacher.yaml.tmpl
+++ b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-attacher.yaml.tmpl
@@ -38,25 +38,15 @@ spec:
replicas: 1
selector:
matchLabels:
- app: csi-hostpath-attacher
+ app.kubernetes.io/name: csi-hostpath-attacher
template:
metadata:
labels:
- app: csi-hostpath-attacher
+ app.kubernetes.io/name: csi-hostpath-attacher
addonmanager.kubernetes.io/mode: Reconcile
kubernetes.io/minikube-addons: csi-hostpath-driver
spec:
- affinity:
- podAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - csi-hostpathplugin
- topologyKey: kubernetes.io/hostname
- serviceAccountName: csi-attacher
+ serviceAccount: csi-attacher
containers:
- name: csi-attacher
image: {{.CustomRegistries.Attacher | default .ImageRepository | default .Registries.Attacher }}{{.Images.Attacher}}
diff --git a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-driverinfo.yaml.tmpl b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-driverinfo.yaml
similarity index 81%
rename from deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-driverinfo.yaml.tmpl
rename to deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-driverinfo.yaml
index 4b2be01185d4..e509d234c20d 100644
--- a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-driverinfo.yaml.tmpl
+++ b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-driverinfo.yaml
@@ -27,3 +27,9 @@ spec:
# To determine at runtime which mode a volume uses, pod info and its
# "csi.storage.k8s.io/ephemeral" entry are needed.
podInfoOnMount: true
+ # No attacher needed.
+ attachRequired: false
+ storageCapacity: true
+ # Kubernetes may use fsGroup to change permissions and ownership
+ # of the volume to match user requested fsGroup in the pod's SecurityPolicy
+ fsGroupPolicy: File
diff --git a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-plugin.yaml.tmpl b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-plugin.yaml.tmpl
index b737e916ed1c..0975149ea701 100644
--- a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-plugin.yaml.tmpl
+++ b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-plugin.yaml.tmpl
@@ -16,64 +16,37 @@
# are needed only because of condition explained in
# https://github.com/kubernetes/kubernetes/issues/69608
-kind: Service
-apiVersion: v1
-metadata:
- name: csi-hostpathplugin
- namespace: kube-system
- labels:
- app: csi-hostpathplugin
- addonmanager.kubernetes.io/mode: Reconcile
-spec:
- selector:
- app: csi-hostpathplugin
- ports:
- - name: dummy
- port: 12345
----
-kind: StatefulSet
+kind: DaemonSet
apiVersion: apps/v1
metadata:
name: csi-hostpathplugin
namespace: kube-system
labels:
+ app.kubernetes.io/instance: hostpath.csi.k8s.io
+ app.kubernetes.io/part-of: csi-driver-host-path
+ app.kubernetes.io/name: csi-hostpathplugin
+ app.kubernetes.io/component: plugin
addonmanager.kubernetes.io/mode: Reconcile
spec:
- serviceName: "csi-hostpathplugin"
- # One replica only:
- # Host path driver only works when everything runs
- # on a single node. We achieve that by starting it once and then
- # co-locate all other pods via inter-pod affinity
- replicas: 1
selector:
matchLabels:
- app: csi-hostpathplugin
+ app.kubernetes.io/instance: hostpath.csi.k8s.io
+ app.kubernetes.io/part-of: csi-driver-host-path
+ app.kubernetes.io/name: csi-hostpathplugin
+ app.kubernetes.io/component: plugin
addonmanager.kubernetes.io/mode: Reconcile
template:
metadata:
labels:
- app: csi-hostpathplugin
+ app.kubernetes.io/instance: hostpath.csi.k8s.io
+ app.kubernetes.io/part-of: csi-driver-host-path
+ app.kubernetes.io/name: csi-hostpathplugin
+ app.kubernetes.io/component: plugin
addonmanager.kubernetes.io/mode: Reconcile
kubernetes.io/minikube-addons: csi-hostpath-driver
spec:
- serviceAccount: csi-external-health-monitor-controller
+ serviceAccount: csi-hostpathplugin-sa
containers:
- - name: csi-external-health-monitor-agent
- image: {{.CustomRegistries.HostMonitorAgent | default .ImageRepository | default .Registries.HostMonitorAgent }}{{.Images.HostMonitorAgent}}
- args:
- - "--v=5"
- - "--csi-address=$(ADDRESS)"
- env:
- - name: NODE_NAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: ADDRESS
- value: /csi/csi.sock
- imagePullPolicy: "IfNotPresent"
- volumeMounts:
- - name: socket-dir
- mountPath: /csi
- name: csi-external-health-monitor-controller
image: {{.CustomRegistries.HostMonitorController | default .ImageRepository | default .Registries.HostMonitorController }}{{.Images.HostMonitorController}}
args:
@@ -163,6 +136,62 @@ spec:
- --csi-address=/csi/csi.sock
- --health-port=9898
+ - name: csi-provisioner
+ image: {{.CustomRegistries.Provisioner | default .ImageRepository | default .Registries.Provisioner }}{{.Images.Provisioner}}
+ args:
+ - -v=5
+ - --csi-address=/csi/csi.sock
+ - --feature-gates=Topology=true
+ - --enable-capacity
+ - --capacity-ownerref-level=0 # pod is owner
+ - --node-deployment=true
+ - --strict-topology=true
+ - --immediate-topology=false
+ - --worker-threads=5
+ env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: spec.nodeName
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ securityContext:
+ # This is necessary only for systems with SELinux, where
+ # non-privileged sidecar containers cannot access unix domain socket
+ # created by privileged CSI driver container.
+ privileged: true
+ volumeMounts:
+ - mountPath: /csi
+ name: socket-dir
+
+ - name: csi-snapshotter
+ image: {{.CustomRegistries.Snapshotter | default .ImageRepository | default .Registries.Snapshotter }}{{.Images.Snapshotter}}
+ args:
+ - -v=5
+ - --csi-address=/csi/csi.sock
+ - --node-deployment
+ env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: spec.nodeName
+ securityContext:
+ # This is necessary only for systems with SELinux, where
+ # non-privileged sidecar containers cannot access unix domain socket
+ # created by privileged CSI driver container.
+ privileged: true
+ volumeMounts:
+ - mountPath: /csi
+ name: socket-dir
+
volumes:
- hostPath:
path: /var/lib/kubelet/plugins/csi-hostpath
diff --git a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-provisioner.yaml.tmpl b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-provisioner.yaml.tmpl
deleted file mode 100644
index b8c1acccc7df..000000000000
--- a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-provisioner.yaml.tmpl
+++ /dev/null
@@ -1,81 +0,0 @@
-# Copyright 2018 The Kubernetes Authors All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-kind: Service
-apiVersion: v1
-metadata:
- name: csi-hostpath-provisioner
- namespace: kube-system
- labels:
- app: csi-hostpath-provisioner
- addonmanager.kubernetes.io/mode: Reconcile
-spec:
- selector:
- app: csi-hostpath-provisioner
- ports:
- - name: dummy
- port: 12345
-
----
-kind: StatefulSet
-apiVersion: apps/v1
-metadata:
- name: csi-hostpath-provisioner
- namespace: kube-system
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
-spec:
- serviceName: "csi-hostpath-provisioner"
- replicas: 1
- selector:
- matchLabels:
- app: csi-hostpath-provisioner
- template:
- metadata:
- labels:
- app: csi-hostpath-provisioner
- addonmanager.kubernetes.io/mode: Reconcile
- kubernetes.io/minikube-addons: csi-hostpath-driver
- spec:
- affinity:
- podAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - csi-hostpathplugin
- topologyKey: kubernetes.io/hostname
- serviceAccountName: csi-provisioner
- containers:
- - name: csi-provisioner
- image: {{.CustomRegistries.Provisioner | default .ImageRepository | default .Registries.Provisioner }}{{.Images.Provisioner}}
- args:
- - -v=5
- - --csi-address=/csi/csi.sock
- - --feature-gates=Topology=true
- securityContext:
- # This is necessary only for systems with SELinux, where
- # non-privileged sidecar containers cannot access unix domain socket
- # created by privileged CSI driver container.
- privileged: true
- volumeMounts:
- - mountPath: /csi
- name: socket-dir
- volumes:
- - hostPath:
- path: /var/lib/kubelet/plugins/csi-hostpath
- type: DirectoryOrCreate
- name: socket-dir
diff --git a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-resizer.yaml.tmpl b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-resizer.yaml.tmpl
index 7995ce80067f..e1270b6a709f 100644
--- a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-resizer.yaml.tmpl
+++ b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-resizer.yaml.tmpl
@@ -40,25 +40,15 @@ spec:
replicas: 1
selector:
matchLabels:
- app: csi-hostpath-resizer
+ app.kubernetes.io/name: csi-hostpath-resizer
template:
metadata:
labels:
- app: csi-hostpath-resizer
+ app.kubernetes.io/name: csi-hostpath-resizer
addonmanager.kubernetes.io/mode: Reconcile
kubernetes.io/minikube-addons: csi-hostpath-driver
spec:
- affinity:
- podAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - csi-hostpathplugin
- topologyKey: kubernetes.io/hostname
- serviceAccountName: csi-resizer
+ serviceAccount: csi-resizer
containers:
- name: csi-resizer
image: {{.CustomRegistries.Resizer | default .ImageRepository | default .Registries.Resizer }}{{.Images.Resizer}}
diff --git a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-snapshotter.yaml.tmpl b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-snapshotter.yaml.tmpl
deleted file mode 100644
index 708dd6119408..000000000000
--- a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-snapshotter.yaml.tmpl
+++ /dev/null
@@ -1,81 +0,0 @@
-# Copyright 2018 The Kubernetes Authors All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-kind: Service
-apiVersion: v1
-metadata:
- name: csi-hostpath-snapshotter
- namespace: kube-system
- labels:
- app: csi-hostpath-snapshotter
- addonmanager.kubernetes.io/mode: Reconcile
-spec:
- selector:
- app: csi-hostpath-snapshotter
- ports:
- - name: dummy
- port: 12345
-
----
-kind: StatefulSet
-apiVersion: apps/v1
-metadata:
- name: csi-hostpath-snapshotter
- namespace: kube-system
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
-spec:
- serviceName: "csi-hostpath-snapshotter"
- replicas: 1
- selector:
- matchLabels:
- app: csi-hostpath-snapshotter
- addonmanager.kubernetes.io/mode: Reconcile
- template:
- metadata:
- labels:
- app: csi-hostpath-snapshotter
- addonmanager.kubernetes.io/mode: Reconcile
- kubernetes.io/minikube-addons: csi-hostpath-driver
- spec:
- affinity:
- podAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - csi-hostpathplugin
- topologyKey: kubernetes.io/hostname
- serviceAccount: csi-snapshotter
- containers:
- - name: csi-snapshotter
- image: {{.CustomRegistries.Snapshotter | default .ImageRepository | default .Registries.Snapshotter }}{{.Images.Snapshotter}}
- args:
- - -v=5
- - --csi-address=/csi/csi.sock
- securityContext:
- # This is necessary only for systems with SELinux, where
- # non-privileged sidecar containers cannot access unix domain socket
- # created by privileged CSI driver container.
- privileged: true
- volumeMounts:
- - mountPath: /csi
- name: socket-dir
- volumes:
- - hostPath:
- path: /var/lib/kubelet/plugins/csi-hostpath
- type: DirectoryOrCreate
- name: socket-dir
diff --git a/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-storageclass.yaml.tmpl b/deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-storageclass.yaml
similarity index 100%
rename from deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-storageclass.yaml.tmpl
rename to deploy/addons/csi-hostpath-driver/deploy/csi-hostpath-storageclass.yaml
diff --git a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-attacher.yaml.tmpl b/deploy/addons/csi-hostpath-driver/rbac/rbac-external-attacher.yaml
similarity index 100%
rename from deploy/addons/csi-hostpath-driver/rbac/rbac-external-attacher.yaml.tmpl
rename to deploy/addons/csi-hostpath-driver/rbac/rbac-external-attacher.yaml
diff --git a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-health-monitor-agent.yaml.tmpl b/deploy/addons/csi-hostpath-driver/rbac/rbac-external-health-monitor-agent.yaml.tmpl
deleted file mode 100644
index e2cb6fc82d3c..000000000000
--- a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-health-monitor-agent.yaml.tmpl
+++ /dev/null
@@ -1,66 +0,0 @@
-# Copyright 2018 The Kubernetes Authors All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# This YAML file contains all RBAC objects that are necessary to run external
-# CSI health monitor agent.
-#
-# In production, each CSI driver deployment has to be customized:
-# - to avoid conflicts, use non-default namespace and different names
-# for non-namespaced entities like the ClusterRole
-# - decide whether the deployment replicates the external CSI
-# health monitor agent, in which case leadership election must be enabled;
-# this influences the RBAC setup, see below
-
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: csi-external-health-monitor-agent
- namespace: kube-system
-
----
-# Health monitor agent must be able to work with PVs, PVCs, Nodes and Pods
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: external-health-monitor-agent-runner
-rules:
- - apiGroups: [""]
- resources: ["persistentvolumes"]
- verbs: ["get", "list", "watch"]
- - apiGroups: [""]
- resources: ["persistentvolumeclaims"]
- verbs: ["get", "list", "watch"]
- - apiGroups: [""]
- resources: ["nodes"]
- verbs: ["get", "list", "watch"]
- - apiGroups: [""]
- resources: ["pods"]
- verbs: ["get", "list", "watch"]
- - apiGroups: [""]
- resources: ["events"]
- verbs: ["get", "list", "watch", "create", "patch"]
-
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: csi-external-health-monitor-agent-role
-subjects:
- - kind: ServiceAccount
- name: csi-external-health-monitor-agent
- namespace: kube-system
-roleRef:
- kind: ClusterRole
- name: external-health-monitor-agent-runner
- apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
diff --git a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-health-monitor-controller.yaml.tmpl b/deploy/addons/csi-hostpath-driver/rbac/rbac-external-health-monitor-controller.yaml
similarity index 98%
rename from deploy/addons/csi-hostpath-driver/rbac/rbac-external-health-monitor-controller.yaml.tmpl
rename to deploy/addons/csi-hostpath-driver/rbac/rbac-external-health-monitor-controller.yaml
index 0cc7a064557c..19c8eda4ae8b 100644
--- a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-health-monitor-controller.yaml.tmpl
+++ b/deploy/addons/csi-hostpath-driver/rbac/rbac-external-health-monitor-controller.yaml
@@ -91,4 +91,4 @@ subjects:
roleRef:
kind: Role
name: external-health-monitor-controller-cfg
- apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
+ apiGroup: rbac.authorization.k8s.io
diff --git a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-provisioner.yaml.tmpl b/deploy/addons/csi-hostpath-driver/rbac/rbac-external-provisioner.yaml
similarity index 80%
rename from deploy/addons/csi-hostpath-driver/rbac/rbac-external-provisioner.yaml.tmpl
rename to deploy/addons/csi-hostpath-driver/rbac/rbac-external-provisioner.yaml
index 70f14c2dc70c..649176901248 100644
--- a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-provisioner.yaml.tmpl
+++ b/deploy/addons/csi-hostpath-driver/rbac/rbac-external-provisioner.yaml
@@ -63,6 +63,10 @@ rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
+ # Access to volumeattachments is only needed when the CSI driver
+ # has the PUBLISH_UNPUBLISH_VOLUME controller capability.
+ # In that case, external-provisioner will watch volumeattachments
+ # to determine when it is safe to delete a volume.
- apiGroups: ["storage.k8s.io"]
resources: ["volumeattachments"]
verbs: ["get", "list", "watch"]
@@ -92,12 +96,24 @@ metadata:
rules:
# Only one of the following rules for endpoints or leases is required based on
# what is set for `--leader-election-type`. Endpoints are deprecated in favor of Leases.
-- apiGroups: [""]
- resources: ["endpoints"]
- verbs: ["get", "watch", "list", "delete", "update", "create"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "watch", "list", "delete", "update", "create"]
+# Permissions for CSIStorageCapacity are only needed enabling the publishing
+# of storage capacity information.
+- apiGroups: ["storage.k8s.io"]
+ resources: ["csistoragecapacities"]
+ verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
+# The GET permissions below are needed for walking up the ownership chain
+# for CSIStorageCapacity. They are sufficient for deployment via
+# StatefulSet (only needs to get Pod) and Deployment (needs to get
+# Pod and then ReplicaSet to find the Deployment).
+- apiGroups: [""]
+ resources: ["pods"]
+ verbs: ["get"]
+- apiGroups: ["apps"]
+ resources: ["replicasets"]
+ verbs: ["get"]
---
kind: RoleBinding
diff --git a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-resizer.yaml.tmpl b/deploy/addons/csi-hostpath-driver/rbac/rbac-external-resizer.yaml
similarity index 97%
rename from deploy/addons/csi-hostpath-driver/rbac/rbac-external-resizer.yaml.tmpl
rename to deploy/addons/csi-hostpath-driver/rbac/rbac-external-resizer.yaml
index bf0e1ebfd63e..44cc536ebaf0 100644
--- a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-resizer.yaml.tmpl
+++ b/deploy/addons/csi-hostpath-driver/rbac/rbac-external-resizer.yaml
@@ -71,7 +71,7 @@ roleRef:
apiGroup: rbac.authorization.k8s.io
---
-# Resizer must be able to work with end point in current namespace
+# Resizer must be able to work with `leases` in current namespace
# if (and only if) leadership election is enabled
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
diff --git a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-snapshotter.yaml.tmpl b/deploy/addons/csi-hostpath-driver/rbac/rbac-external-snapshotter.yaml
similarity index 58%
rename from deploy/addons/csi-hostpath-driver/rbac/rbac-external-snapshotter.yaml.tmpl
rename to deploy/addons/csi-hostpath-driver/rbac/rbac-external-snapshotter.yaml
index 74880728341a..5d9507cef5a3 100644
--- a/deploy/addons/csi-hostpath-driver/rbac/rbac-external-snapshotter.yaml.tmpl
+++ b/deploy/addons/csi-hostpath-driver/rbac/rbac-external-snapshotter.yaml
@@ -12,12 +12,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-# RBAC file for the snapshot controller.
+
+# Together with the RBAC file for external-provisioner, this YAML file
+# contains all RBAC objects that are necessary to run external CSI
+# snapshotter.
#
-# The snapshot controller implements the control loop for CSI snapshot functionality.
-# It should be installed as part of the base Kubernetes distribution in an appropriate
-# namespace for components implementing base system functionality. For installing with
-# Vanilla Kubernetes, kube-system makes sense for the namespace.
+# In production, each CSI driver deployment has to be customized:
+# - to avoid conflicts, use non-default namespace and different names
+# for non-namespaced entities like the ClusterRole
+# - optionally rename the non-namespaced ClusterRole if there
+# are conflicts with other deployments
apiVersion: v1
kind: ServiceAccount
@@ -30,35 +34,27 @@ kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
# rename if there are conflicts
- name: csi-snapshotter-runner
+ name: external-snapshotter-runner
rules:
- - apiGroups: [""]
- resources: ["persistentvolumes"]
- verbs: ["get", "list", "watch"]
- - apiGroups: [""]
- resources: ["persistentvolumeclaims"]
- verbs: ["get", "list", "watch", "update"]
- - apiGroups: ["storage.k8s.io"]
- resources: ["storageclasses"]
- verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["list", "watch", "create", "update", "patch"]
+ # Secret permission is optional.
+ # Enable it if your driver needs secret.
+ # For example, `csi.storage.k8s.io/snapshotter-secret-name` is set in VolumeSnapshotClass.
+ # See https://kubernetes-csi.github.io/docs/secrets-and-credentials.html for more details.
+ # - apiGroups: [""]
+ # resources: ["secrets"]
+ # verbs: ["get", "list"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotcontents"]
- verbs: ["create", "get", "list", "watch", "update", "delete"]
+ verbs: ["get", "list", "watch", "update", "patch"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotcontents/status"]
- verbs: ["update"]
- - apiGroups: ["snapshot.storage.k8s.io"]
- resources: ["volumesnapshots"]
- verbs: ["get", "list", "watch", "update"]
- - apiGroups: ["snapshot.storage.k8s.io"]
- resources: ["volumesnapshots/status"]
- verbs: ["update"]
+ verbs: ["update", "patch"]
---
kind: ClusterRoleBinding
@@ -68,11 +64,12 @@ metadata:
subjects:
- kind: ServiceAccount
name: csi-snapshotter
+ # replace with non-default namespace name
namespace: kube-system
roleRef:
kind: ClusterRole
# change the name also here if the ClusterRole gets renamed
- name: csi-snapshotter-runner
+ name: external-snapshotter-runner
apiGroup: rbac.authorization.k8s.io
---
@@ -80,17 +77,17 @@ kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
namespace: kube-system
- name: csi-snapshotter-leaderelection
+ name: external-snapshotter-leaderelection
rules:
- - apiGroups: ["coordination.k8s.io"]
- resources: ["leases"]
- verbs: ["get", "watch", "list", "delete", "update", "create"]
+- apiGroups: ["coordination.k8s.io"]
+ resources: ["leases"]
+ verbs: ["get", "watch", "list", "delete", "update", "create"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
- name: csi-snapshotter-leaderelection
+ name: external-snapshotter-leaderelection
namespace: kube-system
subjects:
- kind: ServiceAccount
@@ -98,5 +95,5 @@ subjects:
namespace: kube-system
roleRef:
kind: Role
- name: csi-snapshotter-leaderelection
- apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
+ name: external-snapshotter-leaderelection
+ apiGroup: rbac.authorization.k8s.io
diff --git a/deploy/addons/csi-hostpath-driver/rbac/rbac-hostpath.yaml b/deploy/addons/csi-hostpath-driver/rbac/rbac-hostpath.yaml
new file mode 100644
index 000000000000..7c93d9bfa5b0
--- /dev/null
+++ b/deploy/addons/csi-hostpath-driver/rbac/rbac-hostpath.yaml
@@ -0,0 +1,137 @@
+# Copyright 2023 The Kubernetes Authors All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# All of the individual sidecar RBAC roles get bound
+# to this account.
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+ name: csi-hostpathplugin-sa
+ namespace: kube-system
+ labels:
+ app.kubernetes.io/instance: hostpath.csi.k8s.io
+ app.kubernetes.io/part-of: csi-driver-host-path
+ app.kubernetes.io/name: csi-hostpathplugin
+ app.kubernetes.io/component: serviceaccount
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/instance: hostpath.csi.k8s.io
+ app.kubernetes.io/part-of: csi-driver-host-path
+ app.kubernetes.io/name: csi-hostpathplugin
+ app.kubernetes.io/component: provisioner-cluster-role
+ name: csi-hostpathplugin-provisioner-cluster-role
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: external-provisioner-runner
+subjects:
+- kind: ServiceAccount
+ name: csi-hostpathplugin-sa
+ namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/instance: hostpath.csi.k8s.io
+ app.kubernetes.io/part-of: csi-driver-host-path
+ app.kubernetes.io/name: csi-hostpathplugin
+ app.kubernetes.io/component: snapshotter-cluster-role
+ name: csi-hostpathplugin-snapshotter-cluster-role
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: external-snapshotter-runner
+subjects:
+- kind: ServiceAccount
+ name: csi-hostpathplugin-sa
+ namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/instance: hostpath.csi.k8s.io
+ app.kubernetes.io/part-of: csi-driver-host-path
+ app.kubernetes.io/name: csi-hostpathplugin
+ app.kubernetes.io/component: health-monitor-cluster-role
+ name: csi-hostpathplugin-health-monitor-cluster-role
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: external-health-monitor-controller-runner
+subjects:
+- kind: ServiceAccount
+ name: csi-hostpathplugin-sa
+ namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/instance: hostpath.csi.k8s.io
+ app.kubernetes.io/part-of: csi-driver-host-path
+ app.kubernetes.io/name: csi-hostpathplugin
+ app.kubernetes.io/component: provisioner-role
+ name: csi-hostpathplugin-provisioner-role
+ namespace: kube-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: external-provisioner-cfg
+subjects:
+- kind: ServiceAccount
+ name: csi-hostpathplugin-sa
+ namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/instance: hostpath.csi.k8s.io
+ app.kubernetes.io/part-of: csi-driver-host-path
+ app.kubernetes.io/name: csi-hostpathplugin
+ app.kubernetes.io/component: snapshotter-role
+ name: csi-hostpathplugin-snapshotter-role
+ namespace: kube-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: external-snapshotter-leaderelection
+subjects:
+- kind: ServiceAccount
+ name: csi-hostpathplugin-sa
+ namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/instance: hostpath.csi.k8s.io
+ app.kubernetes.io/part-of: csi-driver-host-path
+ app.kubernetes.io/name: csi-hostpathplugin
+ app.kubernetes.io/component: snapshotter-role
+ name: csi-hostpathplugin-health-monitor-role
+ namespace: kube-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: external-health-monitor-controller-cfg
+subjects:
+- kind: ServiceAccount
+ name: csi-hostpathplugin-sa
+ namespace: kube-system
diff --git a/deploy/addons/dashboard/dashboard-dp.yaml.tmpl b/deploy/addons/dashboard/dashboard-dp.yaml.tmpl
index ef76cdd6ad04..eb4da1ec181b 100644
--- a/deploy/addons/dashboard/dashboard-dp.yaml.tmpl
+++ b/deploy/addons/dashboard/dashboard-dp.yaml.tmpl
@@ -57,7 +57,7 @@ spec:
runAsGroup: 2001
serviceAccountName: kubernetes-dashboard
nodeSelector:
- "beta.kubernetes.io/os": linux
+ "kubernetes.io/os": linux
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
@@ -123,7 +123,7 @@ spec:
emptyDir: {}
serviceAccountName: kubernetes-dashboard
nodeSelector:
- "beta.kubernetes.io/os": linux
+ "kubernetes.io/os": linux
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
diff --git a/deploy/addons/efk/elasticsearch-rc.yaml.tmpl b/deploy/addons/efk/elasticsearch-rc.yaml.tmpl
index 466891219f87..ca5a49f283a5 100644
--- a/deploy/addons/efk/elasticsearch-rc.yaml.tmpl
+++ b/deploy/addons/efk/elasticsearch-rc.yaml.tmpl
@@ -12,8 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: ReplicationController
+apiVersion: apps/v1
+kind: Deployment
metadata:
name: elasticsearch-logging
namespace: kube-system
@@ -24,12 +24,15 @@ metadata:
spec:
replicas: 1
selector:
- k8s-app: elasticsearch-logging
- addonmanager.kubernetes.io/mode: Reconcile
+ matchLabels:
+ k8s-app: elasticsearch-logging
+ kubernetes.io/minikube-addons: efk
+ addonmanager.kubernetes.io/mode: Reconcile
template:
metadata:
labels:
k8s-app: elasticsearch-logging
+ kubernetes.io/minikube-addons: efk
addonmanager.kubernetes.io/mode: Reconcile
spec:
containers:
diff --git a/deploy/addons/efk/elasticsearch-svc.yaml.tmpl b/deploy/addons/efk/elasticsearch-svc.yaml
similarity index 100%
rename from deploy/addons/efk/elasticsearch-svc.yaml.tmpl
rename to deploy/addons/efk/elasticsearch-svc.yaml
diff --git a/deploy/addons/efk/fluentd-es-configmap.yaml.tmpl b/deploy/addons/efk/fluentd-es-configmap.yaml
similarity index 100%
rename from deploy/addons/efk/fluentd-es-configmap.yaml.tmpl
rename to deploy/addons/efk/fluentd-es-configmap.yaml
diff --git a/deploy/addons/efk/fluentd-es-rc.yaml.tmpl b/deploy/addons/efk/fluentd-es-rc.yaml.tmpl
index d43282982c5e..8cc1c8fb8eeb 100644
--- a/deploy/addons/efk/fluentd-es-rc.yaml.tmpl
+++ b/deploy/addons/efk/fluentd-es-rc.yaml.tmpl
@@ -12,8 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: ReplicationController
+apiVersion: apps/v1
+kind: Deployment
metadata:
name: fluentd-es
namespace: kube-system
@@ -23,10 +23,16 @@ metadata:
addonmanager.kubernetes.io/mode: Reconcile
spec:
replicas: 1
+ selector:
+ matchLabels:
+ k8s-app: fluentd-es
+ kubernetes.io/minikube-addons: efk
+ addonmanager.kubernetes.io/mode: Reconcile
template:
metadata:
labels:
k8s-app: fluentd-es
+ kubernetes.io/minikube-addons: efk
addonmanager.kubernetes.io/mode: Reconcile
spec:
containers:
diff --git a/deploy/addons/efk/kibana-rc.yaml.tmpl b/deploy/addons/efk/kibana-rc.yaml.tmpl
index ed541e49b08f..a9d289e641b4 100644
--- a/deploy/addons/efk/kibana-rc.yaml.tmpl
+++ b/deploy/addons/efk/kibana-rc.yaml.tmpl
@@ -12,8 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: ReplicationController
+apiVersion: apps/v1
+kind: Deployment
metadata:
name: kibana-logging
namespace: kube-system
@@ -24,12 +24,15 @@ metadata:
spec:
replicas: 1
selector:
+ matchLabels:
k8s-app: kibana-logging
+ kubernetes.io/minikube-addons: efk
addonmanager.kubernetes.io/mode: Reconcile
template:
metadata:
labels:
k8s-app: kibana-logging
+ kubernetes.io/minikube-addons: efk
addonmanager.kubernetes.io/mode: Reconcile
spec:
containers:
diff --git a/deploy/addons/efk/kibana-svc.yaml.tmpl b/deploy/addons/efk/kibana-svc.yaml
similarity index 100%
rename from deploy/addons/efk/kibana-svc.yaml.tmpl
rename to deploy/addons/efk/kibana-svc.yaml
diff --git a/deploy/addons/freshpod/freshpod-rc.yaml.tmpl b/deploy/addons/freshpod/freshpod-rc.yaml.tmpl
index 70e380794017..30c413776564 100644
--- a/deploy/addons/freshpod/freshpod-rc.yaml.tmpl
+++ b/deploy/addons/freshpod/freshpod-rc.yaml.tmpl
@@ -12,8 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: ReplicationController
+apiVersion: apps/v1
+kind: Deployment
metadata:
name: freshpod
namespace: kube-system
@@ -24,12 +24,15 @@ metadata:
spec:
replicas: 1
selector:
- k8s-app: freshpod
- addonmanager.kubernetes.io/mode: Reconcile
+ matchLabels:
+ k8s-app: freshpod
+ kubernetes.io/minikube-addons: freshpod
+ addonmanager.kubernetes.io/mode: Reconcile
template:
metadata:
labels:
k8s-app: freshpod
+ kubernetes.io/minikube-addons: freshpod
addonmanager.kubernetes.io/mode: Reconcile
spec:
containers:
diff --git a/deploy/addons/gcp-auth/gcp-auth-ns.yaml.tmpl b/deploy/addons/gcp-auth/gcp-auth-ns.yaml
similarity index 100%
rename from deploy/addons/gcp-auth/gcp-auth-ns.yaml.tmpl
rename to deploy/addons/gcp-auth/gcp-auth-ns.yaml
diff --git a/deploy/addons/gcp-auth/gcp-auth-service.yaml.tmpl b/deploy/addons/gcp-auth/gcp-auth-service.yaml
similarity index 95%
rename from deploy/addons/gcp-auth/gcp-auth-service.yaml.tmpl
rename to deploy/addons/gcp-auth/gcp-auth-service.yaml
index 4a8b5144f6f7..fa79bafe3331 100644
--- a/deploy/addons/gcp-auth/gcp-auth-service.yaml.tmpl
+++ b/deploy/addons/gcp-auth/gcp-auth-service.yaml
@@ -19,7 +19,8 @@ metadata:
namespace: gcp-auth
spec:
ports:
- - port: 443
+ - name: https
+ port: 443
targetPort: 8443
protocol: TCP
selector:
diff --git a/deploy/addons/gcp-auth/gcp-auth-webhook.yaml.tmpl.tmpl b/deploy/addons/gcp-auth/gcp-auth-webhook.yaml.tmpl
similarity index 78%
rename from deploy/addons/gcp-auth/gcp-auth-webhook.yaml.tmpl.tmpl
rename to deploy/addons/gcp-auth/gcp-auth-webhook.yaml.tmpl
index 3923a5ed75c2..86b0615757f0 100644
--- a/deploy/addons/gcp-auth/gcp-auth-webhook.yaml.tmpl.tmpl
+++ b/deploy/addons/gcp-auth/gcp-auth-webhook.yaml.tmpl
@@ -1,4 +1,4 @@
-# Copyright 2017 The Kubernetes Authors.
+# Copyright 2021 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,7 +12,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
----
apiVersion: v1
kind: ServiceAccount
metadata:
@@ -32,6 +31,7 @@ rules:
- list
- get
- create
+ - delete
- apiGroups:
- admissionregistration.k8s.io
resources:
@@ -39,6 +39,13 @@ rules:
verbs:
- get
- update
+ - apiGroups:
+ - ''
+ resources:
+ - namespaces
+ verbs:
+ - list
+ - watch
---
apiVersion: rbac.authorization.k8s.io/v1
@@ -61,6 +68,7 @@ metadata:
name: gcp-auth-certs-create
namespace: gcp-auth
spec:
+ ttlSecondsAfterFinished: 30
template:
metadata:
name: gcp-auth-certs-create
@@ -68,7 +76,7 @@ spec:
serviceAccountName: minikube-gcp-auth-certs
containers:
- name: create
- image: {{.CustomRegistries.KubeWebhookCertgen | default .ImageRepository | default .Registries.KubeWebhookCertgen }}{{.Images.KubeWebhookCertgen}}
+ image: {{.CustomRegistries.KubeWebhookCertgen | default .ImageRepository | default .Registries.KubeWebhookCertgen}}{{.Images.KubeWebhookCertgen}}
imagePullPolicy: IfNotPresent
args:
- create
@@ -92,10 +100,16 @@ spec:
app: gcp-auth
kubernetes.io/minikube-addons: gcp-auth
spec:
+ serviceAccountName: minikube-gcp-auth-certs
containers:
- name: gcp-auth
- image: {{.CustomRegistries.GCPAuthWebhook | default .ImageRepository | default .Registries.GCPAuthWebhook }}{{.Images.GCPAuthWebhook}}
+ image: {{.CustomRegistries.GCPAuthWebhook | default .ImageRepository | default .Registries.GCPAuthWebhook}}{{.Images.GCPAuthWebhook}}
imagePullPolicy: IfNotPresent
+ env:
+ - name: GOOGLE_APPLICATION_CREDENTIALS
+ value: /google-app-creds.json
+ - name: MOCK_GOOGLE_TOKEN
+ value: "{{.Environment.MockGoogleToken}}"
ports:
- containerPort: 8443
volumeMounts:
@@ -105,6 +119,9 @@ spec:
- name: gcp-project
mountPath: /var/lib/minikube/google_cloud_project
readOnly: true
+ - name: gcp-creds
+ mountPath: /google-app-creds.json
+ readOnly: true
volumes:
- name: webhook-certs
secret:
@@ -113,6 +130,10 @@ spec:
hostPath:
path: /var/lib/minikube/google_cloud_project
type: File
+ - name: gcp-creds
+ hostPath:
+ path: /var/lib/minikube/google_application_credentials.json
+ type: File
---
apiVersion: batch/v1
kind: Job
@@ -120,6 +141,7 @@ metadata:
name: gcp-auth-certs-patch
namespace: gcp-auth
spec:
+ ttlSecondsAfterFinished: 30
template:
metadata:
name: gcp-auth-certs-patch
@@ -127,7 +149,7 @@ spec:
serviceAccountName: minikube-gcp-auth-certs
containers:
- name: patch
- image: {{.CustomRegistries.KubeWebhookCertgen | default .ImageRepository | default .Registries.KubeWebhookCertgen }}{{.Images.KubeWebhookCertgen}}
+ image: {{.CustomRegistries.KubeWebhookCertgen | default .ImageRepository | default .Registries.KubeWebhookCertgen}}{{.Images.KubeWebhookCertgen}}
imagePullPolicy: IfNotPresent
args:
- patch
@@ -183,4 +205,4 @@ webhooks:
apiGroups: ["*"]
apiVersions: ["*"]
resources: ["serviceaccounts"]
- scope: "*"
\ No newline at end of file
+ scope: "*"
diff --git a/deploy/addons/gpu/amd-gpu-device-plugin.yaml.tmpl b/deploy/addons/gpu/amd-gpu-device-plugin.yaml.tmpl
new file mode 100644
index 000000000000..12bffa56a350
--- /dev/null
+++ b/deploy/addons/gpu/amd-gpu-device-plugin.yaml.tmpl
@@ -0,0 +1,60 @@
+# Copyright 2024 The Kubernetes Authors All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: amd-gpu-device-plugin
+ namespace: kube-system
+ labels:
+ k8s-app: amd-gpu-device-plugin
+ kubernetes.io/minikube-addons: amd-gpu-device-plugin
+ addonmanager.kubernetes.io/mode: Reconcile
+spec:
+ selector:
+ matchLabels:
+ k8s-app: amd-gpu-device-plugin
+ template:
+ metadata:
+ labels:
+ name: amd-gpu-device-plugin
+ k8s-app: amd-gpu-device-plugin
+ spec:
+ nodeSelector:
+ kubernetes.io/arch: amd64
+ priorityClassName: system-node-critical
+ tolerations:
+ - key: CriticalAddonsOnly
+ operator: Exists
+ volumes:
+ - name: dp
+ hostPath:
+ path: /var/lib/kubelet/device-plugins
+ - name: sys
+ hostPath:
+ path: /sys
+ containers:
+ - image: {{.CustomRegistries.AmdDevicePlugin | default .ImageRepository | default .Registries.AmdDevicePlugin }}{{.Images.AmdDevicePlugin}}
+ name: amd-gpu-device-plugin
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop: ["ALL"]
+ volumeMounts:
+ - name: dp
+ mountPath: /var/lib/kubelet/device-plugins
+ - name: sys
+ mountPath: /sys
+ updateStrategy:
+ type: RollingUpdate
diff --git a/deploy/addons/gpu/nvidia-driver-installer.yaml.tmpl b/deploy/addons/gpu/nvidia-driver-installer.yaml.tmpl
index 0c4978a82685..83dc631750c7 100644
--- a/deploy/addons/gpu/nvidia-driver-installer.yaml.tmpl
+++ b/deploy/addons/gpu/nvidia-driver-installer.yaml.tmpl
@@ -64,6 +64,11 @@ spec:
value: /usr/local/nvidia
- name: ROOT_MOUNT_DIR
value: /root
+ - name: NVIDIA_DRIVER_VERSION
+ value: "510.60.02"
+ # hack to not have to change https://github.com/GoogleCloudPlatform/container-engine-accelerators/blob/master/nvidia-driver-installer/minikube/entrypoint.sh
+ command: ["/bin/sh"]
+ args: ["-c", "sed -i 's|make modules_prepare|&;ln -s /root/lib/modules/${KERNEL_VERSION}/Module.symvers|' /entrypoint.sh;exec /entrypoint.sh"]
volumeMounts:
- name: nvidia-install-dir-host
mountPath: /usr/local/nvidia
@@ -72,5 +77,5 @@ spec:
- name: root-mount
mountPath: /root
containers:
- - image: "{{default "k8s.gcr.io" .ImageRepository}}/{{.Images.Pause}}"
+ - image: "{{default "registry.k8s.io" .ImageRepository}}/{{.Images.Pause}}"
name: pause
diff --git a/deploy/addons/gpu/nvidia-gpu-device-plugin.yaml.tmpl b/deploy/addons/gpu/nvidia-gpu-device-plugin.yaml.tmpl
index e1e695866e11..0ec4cd4fff99 100644
--- a/deploy/addons/gpu/nvidia-gpu-device-plugin.yaml.tmpl
+++ b/deploy/addons/gpu/nvidia-gpu-device-plugin.yaml.tmpl
@@ -29,8 +29,6 @@ spec:
metadata:
labels:
k8s-app: nvidia-gpu-device-plugin
- annotations:
- scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
priorityClassName: system-node-critical
tolerations:
@@ -42,9 +40,12 @@ spec:
- name: device-plugin
hostPath:
path: /var/lib/kubelet/device-plugins
+ - name: dev
+ hostPath:
+ path: /dev
containers:
- image: {{.CustomRegistries.NvidiaDevicePlugin | default .ImageRepository | default .Registries.NvidiaDevicePlugin }}{{.Images.NvidiaDevicePlugin}}
- command: ["/usr/bin/nvidia-device-plugin", "-logtostderr"]
+ command: ["/usr/bin/nvidia-gpu-device-plugin", "-logtostderr"]
name: nvidia-gpu-device-plugin
resources:
requests:
@@ -56,6 +57,8 @@ spec:
drop: ["ALL"]
volumeMounts:
- name: device-plugin
- mountPath: /var/lib/kubelet/device-plugins
+ mountPath: /device-plugin
+ - name: dev
+ mountPath: /dev
updateStrategy:
type: RollingUpdate
diff --git a/deploy/addons/gvisor/README.md b/deploy/addons/gvisor/README.md
index d6414715b6f4..66e39e60b9f0 100644
--- a/deploy/addons/gvisor/README.md
+++ b/deploy/addons/gvisor/README.md
@@ -1,8 +1,8 @@
## gVisor Addon
-[gVisor](https://gvisor.dev/), a sandboxed container runtime, allows users to securely run pods with untrusted workloads within Minikube.
+[gVisor](https://gvisor.dev/), a sandboxed container runtime, allows users to securely run pods with untrusted workloads within minikube.
-### Starting Minikube
-gVisor depends on the containerd runtime to run in Minikube.
+### Starting minikube
+gVisor depends on the containerd runtime to run in minikube.
When starting minikube, specify the following flags, along with any additional desired flags:
```shell
@@ -29,7 +29,7 @@ NAME CREATED AT
runtimeclass.node.k8s.io/gvisor 2019-06-15T04:35:09Z
```
-Once the pod has status `Running`, gVisor is enabled in Minikube.
+Once the pod has status `Running`, gVisor is enabled in minikube.
### Running pods in gVisor
@@ -71,4 +71,4 @@ NAME READY STATUS RESTARTS AGE
gvisor 1/1 Terminating 0 5m
```
-_Note: Once gVisor is disabled, any pod with the `gvisor` Runtime Class or `io.kubernetes.cri.untrusted-workload` annotation will fail with a FailedCreatePodSandBox error._
+_Note: Once gVisor is disabled, any pod with the `gvisor` Runtime Class will fail with a FailedCreatePodSandBox error._
diff --git a/deploy/addons/gvisor/gvisor-config.toml b/deploy/addons/gvisor/gvisor-config.toml
deleted file mode 100644
index bcf12b25b4f3..000000000000
--- a/deploy/addons/gvisor/gvisor-config.toml
+++ /dev/null
@@ -1,68 +0,0 @@
-root = "/var/lib/containerd"
-state = "/run/containerd"
-oom_score = 0
-
-[grpc]
- address = "/run/containerd/containerd.sock"
- uid = 0
- gid = 0
- max_recv_message_size = 16777216
- max_send_message_size = 16777216
-
-[debug]
- address = ""
- uid = 0
- gid = 0
- level = ""
-
-[metrics]
- address = ""
- grpc_histogram = false
-
-[cgroup]
- path = ""
-
-[plugins]
- [plugins.cgroups]
- no_prometheus = false
- [plugins.cri]
- stream_server_address = ""
- stream_server_port = "10010"
- enable_selinux = false
- sandbox_image = "{{default "k8s.gcr.io" .ImageRepository}}/pause:3.1"
- stats_collect_period = 10
- systemd_cgroup = false
- enable_tls_streaming = false
- max_container_log_line_size = 16384
- [plugins.cri.containerd]
- snapshotter = "overlayfs"
- no_pivot = false
- [plugins.cri.containerd.default_runtime]
- runtime_type = "io.containerd.runtime.v1.linux"
- runtime_engine = ""
- runtime_root = ""
- [plugins.cri.containerd.runtimes.untrusted]
- runtime_type = "io.containerd.runsc.v1"
- [plugins.cri.containerd.runtimes.runsc]
- runtime_type = "io.containerd.runsc.v1"
- [plugins.cri.cni]
- bin_dir = "/opt/cni/bin"
- conf_dir = "/etc/cni/net.d"
- conf_template = ""
- [plugins.cri.registry]
- [plugins.cri.registry.mirrors]
- [plugins.cri.registry.mirrors."docker.io"]
- endpoint = ["https://registry-1.docker.io"]
- [plugins.diff-service]
- default = ["walking"]
- [plugins.linux]
- runtime = "runc"
- runtime_root = ""
- no_shim = false
- shim_debug = true
- [plugins.scheduler]
- pause_threshold = 0.02
- deletion_threshold = 0
- mutation_threshold = 100
- schedule_delay = "0s"
- startup_delay = "100ms"
diff --git a/deploy/addons/gvisor/gvisor-runtimeclass.yaml.tmpl b/deploy/addons/gvisor/gvisor-runtimeclass.yaml.tmpl
index f37fa4a9ba64..6229c2a2d2fc 100644
--- a/deploy/addons/gvisor/gvisor-runtimeclass.yaml.tmpl
+++ b/deploy/addons/gvisor/gvisor-runtimeclass.yaml.tmpl
@@ -12,7 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: node.k8s.io/v1beta1
+apiVersion: node.k8s.io/v1{{if .LegacyRuntimeClass}}beta1{{end}}
kind: RuntimeClass
metadata:
name: gvisor
diff --git a/deploy/addons/headlamp/headlamp-clusterrolebinding.yaml b/deploy/addons/headlamp/headlamp-clusterrolebinding.yaml
new file mode 100644
index 000000000000..1f516989ed97
--- /dev/null
+++ b/deploy/addons/headlamp/headlamp-clusterrolebinding.yaml
@@ -0,0 +1,18 @@
+---
+# ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: headlamp-admin
+ namespace: headlamp
+ labels:
+ app.kubernetes.io/name: headlamp
+ app.kubernetes.io/instance: headlamp
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: headlamp
+ namespace: headlamp
diff --git a/deploy/addons/headlamp/headlamp-deployment.yaml.tmpl b/deploy/addons/headlamp/headlamp-deployment.yaml.tmpl
new file mode 100644
index 000000000000..63da3b343303
--- /dev/null
+++ b/deploy/addons/headlamp/headlamp-deployment.yaml.tmpl
@@ -0,0 +1,42 @@
+---
+# Deployment
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: headlamp
+ namespace: headlamp
+ labels:
+ app.kubernetes.io/name: headlamp
+ app.kubernetes.io/instance: headlamp
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: headlamp
+ app.kubernetes.io/instance: headlamp
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: headlamp
+ app.kubernetes.io/instance: headlamp
+ spec:
+ serviceAccountName: headlamp
+ containers:
+ - name: headlamp
+ image: {{.CustomRegistries.Headlamp | default .ImageRepository | default .Registries.Headlamp }}{{.Images.Headlamp}}
+ imagePullPolicy: IfNotPresent
+ args:
+ - "-in-cluster"
+ - "-plugins-dir=/headlamp/plugins"
+ ports:
+ - name: http
+ containerPort: 4466
+ protocol: TCP
+ livenessProbe:
+ httpGet:
+ path: /
+ port: http
+ readinessProbe:
+ httpGet:
+ path: /
+ port: http
diff --git a/deploy/addons/headlamp/headlamp-namespace.yaml b/deploy/addons/headlamp/headlamp-namespace.yaml
new file mode 100644
index 000000000000..85d4ae0a2eb0
--- /dev/null
+++ b/deploy/addons/headlamp/headlamp-namespace.yaml
@@ -0,0 +1,6 @@
+---
+# Namespace
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: headlamp
diff --git a/deploy/addons/headlamp/headlamp-service.yaml b/deploy/addons/headlamp/headlamp-service.yaml
new file mode 100644
index 000000000000..1eca749b8293
--- /dev/null
+++ b/deploy/addons/headlamp/headlamp-service.yaml
@@ -0,0 +1,21 @@
+---
+# Service
+apiVersion: v1
+kind: Service
+metadata:
+ name: headlamp
+ namespace: headlamp
+ labels:
+ app.kubernetes.io/name: headlamp
+ app.kubernetes.io/instance: headlamp
+ kubernetes.io/minikube-addons-endpoint: headlamp
+spec:
+ type: NodePort
+ ports:
+ - port: 80
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ app.kubernetes.io/name: headlamp
+ app.kubernetes.io/instance: headlamp
diff --git a/deploy/addons/headlamp/headlamp-serviceaccount.yaml b/deploy/addons/headlamp/headlamp-serviceaccount.yaml
new file mode 100644
index 000000000000..2dfba7fc61b9
--- /dev/null
+++ b/deploy/addons/headlamp/headlamp-serviceaccount.yaml
@@ -0,0 +1,10 @@
+---
+# ServiceAccount
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: headlamp
+ namespace: headlamp
+ labels:
+ app.kubernetes.io/name: headlamp
+ app.kubernetes.io/instance: headlamp
diff --git a/deploy/addons/helm-tiller/README.md b/deploy/addons/helm-tiller/README.md
deleted file mode 100644
index b5dd8234a28a..000000000000
--- a/deploy/addons/helm-tiller/README.md
+++ /dev/null
@@ -1,23 +0,0 @@
-## helm-tiller Addon
-[Kubernetes Helm](https://helm.sh) - The Kubernetes Package Manager
-
-### Enabling helm-tiller
-To enable this addon, simply run:
-
-```shell script
-minikube addons enable helm-tiller
-```
-
-In a minute or so tiller will be installed into your cluster. You could run `helm init` each time you create a new minikube instance or you could just enable this addon.
-Each time you start a new minikube instance, tiller will be automatically installed.
-
-### Testing installation
-
-```shell script
-helm ls
-```
-
-If everything went well you shouldn't get any errors about tiller being installed in your cluster. If you haven't deployed any releases `helm ls` won't return anything.
-
-### Deprecation of Tiller
-When tiller is finally deprecated this addon won't be necessary anymore. If your version of helm doesn't use tiller, you don't need this addon.
diff --git a/deploy/addons/helm-tiller/helm-tiller-dp.tmpl b/deploy/addons/helm-tiller/helm-tiller-dp.tmpl
deleted file mode 100644
index ed44d410cf04..000000000000
--- a/deploy/addons/helm-tiller/helm-tiller-dp.tmpl
+++ /dev/null
@@ -1,83 +0,0 @@
-# Copyright 2019 The Kubernetes Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- labels:
- app: helm
- name: tiller
- addonmanager.kubernetes.io/mode: Reconcile
- kubernetes.io/minikube-addons: helm
- name: tiller-deploy
- namespace: kube-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: helm
- name: tiller
- strategy:
- rollingUpdate:
- maxSurge: 1
- maxUnavailable: 1
- type: RollingUpdate
- template:
- metadata:
- labels:
- app: helm
- name: tiller
- spec:
- automountServiceAccountToken: true
- containers:
- - env:
- - name: TILLER_NAMESPACE
- value: kube-system
- - name: TILLER_HISTORY_MAX
- value: "0"
- image: {{.CustomRegistries.Tiller | default .ImageRepository | default .Registries.Tiller }}{{.Images.Tiller}}
- imagePullPolicy: IfNotPresent
- livenessProbe:
- failureThreshold: 3
- httpGet:
- path: /liveness
- port: 44135
- scheme: HTTP
- initialDelaySeconds: 1
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 1
- name: tiller
- ports:
- - containerPort: 44134
- name: tiller
- protocol: TCP
- - containerPort: 44135
- name: http
- protocol: TCP
- readinessProbe:
- failureThreshold: 3
- httpGet:
- path: /readiness
- port: 44135
- scheme: HTTP
- initialDelaySeconds: 1
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 1
- resources: {}
- terminationMessagePath: /dev/termination-log
- terminationMessagePolicy: File
- serviceAccount: tiller
- serviceAccountName: tiller
\ No newline at end of file
diff --git a/deploy/addons/helm-tiller/helm-tiller-rbac.tmpl b/deploy/addons/helm-tiller/helm-tiller-rbac.tmpl
deleted file mode 100644
index 2cde8c492e69..000000000000
--- a/deploy/addons/helm-tiller/helm-tiller-rbac.tmpl
+++ /dev/null
@@ -1,42 +0,0 @@
-# Copyright 2019 The Kubernetes Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: tiller
- namespace: kube-system
- labels:
- app: helm
- name: tiller
- addonmanager.kubernetes.io/mode: Reconcile
- kubernetes.io/minikube-addons: helm
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: tiller-clusterrolebinding
- labels:
- app: helm
- name: tiller
- addonmanager.kubernetes.io/mode: Reconcile
- kubernetes.io/minikube-addons: helm
-subjects:
- - kind: ServiceAccount
- name: tiller
- namespace: kube-system
-roleRef:
- kind: ClusterRole
- name: cluster-admin
- apiGroup: ""
\ No newline at end of file
diff --git a/deploy/addons/inaccel/README.md b/deploy/addons/inaccel/README.md
new file mode 100644
index 000000000000..a8e24b3f9ec8
--- /dev/null
+++ b/deploy/addons/inaccel/README.md
@@ -0,0 +1,7 @@
+### Documentation
+
+For detailed usage instructions visit: [docs.inaccel.com](https://docs.inaccel.com)
+
+### Support
+
+For more product information contact: info@inaccel.com
diff --git a/deploy/addons/inaccel/fpga-operator.yaml.tmpl b/deploy/addons/inaccel/fpga-operator.yaml.tmpl
new file mode 100644
index 000000000000..a20bbc7747f7
--- /dev/null
+++ b/deploy/addons/inaccel/fpga-operator.yaml.tmpl
@@ -0,0 +1,56 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+ kubernetes.io/minikube-addons: inaccel
+ name: inaccel-addon
+ namespace: kube-system
+data:
+ disable.sh: |
+ #!/bin/sh -e
+ exec >/proc/1/fd/1
+ echo "Disabling InAccel FPGA Operator"
+ helm uninstall inaccel --namespace kube-system
+ echo "InAccel is disabled"
+ enable.sh: |
+ #!/bin/sh -e
+ exec >/proc/1/fd/1
+ echo "Enabling InAccel FPGA Operator"
+ helm install inaccel fpga-operator --namespace kube-system --repo https://setup.inaccel.com/helm
+ echo "InAccel is enabled"
+---
+apiVersion: v1
+kind: Pod
+metadata:
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+ kubernetes.io/minikube-addons: inaccel
+ name: inaccel-addon
+ namespace: kube-system
+spec:
+ containers:
+ - command:
+ - sleep
+ - infinity
+ image: {{ .CustomRegistries.Helm3 | default .ImageRepository | default .Registries.Helm3 }}{{ .Images.Helm3 }}
+ lifecycle:
+ postStart:
+ exec:
+ command:
+ - /inaccel/enable.sh
+ preStop:
+ exec:
+ command:
+ - /inaccel/disable.sh
+ name: helm3
+ volumeMounts:
+ - mountPath: /inaccel
+ name: inaccel-addon
+ readOnly: true
+ volumes:
+ - configMap:
+ defaultMode: 0777
+ name: inaccel-addon
+ name: inaccel-addon
diff --git a/deploy/addons/ingress-dns/example/example.yaml b/deploy/addons/ingress-dns/example/example.yaml
index e1906c21498e..b8e321785e07 100644
--- a/deploy/addons/ingress-dns/example/example.yaml
+++ b/deploy/addons/ingress-dns/example/example.yaml
@@ -29,7 +29,7 @@ spec:
spec:
containers:
- name: hello-world-app
- image: gcr.io/google-samples/hello-app:1.0
+ image: docker.io/kicbase/echo-server:1.0
ports:
- containerPort: 8080
---
@@ -39,6 +39,7 @@ metadata:
name: example-ingress
namespace: kube-system
spec:
+ ingressClassName: nginx
rules:
- host: hello-john.test
http:
diff --git a/deploy/addons/ingress-dns/ingress-dns-pod.yaml.tmpl b/deploy/addons/ingress-dns/ingress-dns-pod.yaml.tmpl
index bb0e7c1b3fab..b6f46aaeb923 100644
--- a/deploy/addons/ingress-dns/ingress-dns-pod.yaml.tmpl
+++ b/deploy/addons/ingress-dns/ingress-dns-pod.yaml.tmpl
@@ -22,9 +22,8 @@ metadata:
app: minikube-ingress-dns
kubernetes.io/bootstrapping: rbac-defaults
app.kubernetes.io/part-of: kube-system
- addonmanager.kubernetes.io/mode: Reconcile
---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: minikube-ingress-dns
@@ -33,7 +32,6 @@ metadata:
app: minikube-ingress-dns
kubernetes.io/bootstrapping: rbac-defaults
app.kubernetes.io/part-of: kube-system
- addonmanager.kubernetes.io/mode: Reconcile
gcp-auth-skip-secret: "true"
rules:
- apiGroups:
@@ -47,7 +45,7 @@ rules:
- list
- watch
---
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: minikube-ingress-dns
@@ -56,7 +54,6 @@ metadata:
app: minikube-ingress-dns
kubernetes.io/bootstrapping: rbac-defaults
app.kubernetes.io/part-of: kube-system
- addonmanager.kubernetes.io/mode: Reconcile
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
@@ -74,16 +71,16 @@ metadata:
labels:
app: minikube-ingress-dns
app.kubernetes.io/part-of: kube-system
- addonmanager.kubernetes.io/mode: Reconcile
spec:
serviceAccountName: minikube-ingress-dns
hostNetwork: true
containers:
- name: minikube-ingress-dns
- image: {{.CustomRegistries.IngressDNS | default .ImageRepository | default .Registries.IngressDNS }}{{.Images.IngressDNS}}
+ image: {{.CustomRegistries.IngressDNS | default .ImageRepository | default .Registries.IngressDNS }}{{.Images.IngressDNS}}
imagePullPolicy: IfNotPresent
ports:
- containerPort: 53
+ hostPort: 53
protocol: UDP
env:
- name: DNS_PORT
@@ -91,4 +88,22 @@ spec:
- name: POD_IP
valueFrom:
fieldRef:
- fieldPath: status.podIP
\ No newline at end of file
+ fieldPath: status.podIP
+ volumeMounts:
+ - mountPath: /config
+ name: minikube-ingress-dns-config-volume
+ volumes:
+ - name: minikube-ingress-dns-config-volume
+ configMap:
+ name: minikube-ingress-dns
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: minikube-ingress-dns
+ namespace: kube-system
+ labels:
+ app: minikube-ingress-dns
+ app.kubernetes.io/part-of: kube-system
+data:
+ dns-nodata-delay-ms: "20"
diff --git a/deploy/addons/ingress/ingress-configmap.yaml.tmpl b/deploy/addons/ingress/ingress-configmap.yaml.tmpl
deleted file mode 100644
index 37817eaae39e..000000000000
--- a/deploy/addons/ingress/ingress-configmap.yaml.tmpl
+++ /dev/null
@@ -1,58 +0,0 @@
-# Copyright 2016 The Kubernetes Authors All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Namespace
-metadata:
- name: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- addonmanager.kubernetes.io/mode: Reconcile
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: EnsureExists
- name: ingress-nginx-controller
- namespace: ingress-nginx
-data:
- # see https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/configmap.md for all possible options and their description
- hsts: "false"
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: tcp-services
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: EnsureExists
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: udp-services
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: EnsureExists
diff --git a/deploy/addons/ingress/ingress-deploy.yaml.tmpl b/deploy/addons/ingress/ingress-deploy.yaml.tmpl
new file mode 100644
index 000000000000..ce5f9027e9d1
--- /dev/null
+++ b/deploy/addons/ingress/ingress-deploy.yaml.tmpl
@@ -0,0 +1,704 @@
+# Copyright 2021 The Kubernetes Authors All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# ref: https://github.com/kubernetes/ingress-nginx/blob/main/deploy/static/provider/kind/deploy.yaml
+
+apiVersion: v1
+kind: Namespace
+metadata:
+ labels:
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx
+---
+apiVersion: v1
+automountServiceAccountToken: true
+kind: ServiceAccount
+metadata:
+ labels:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx
+ namespace: ingress-nginx
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app.kubernetes.io/component: admission-webhook
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-admission
+ namespace: ingress-nginx
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ labels:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx
+ namespace: ingress-nginx
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - namespaces
+ verbs:
+ - get
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - pods
+ - secrets
+ - endpoints
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - services
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ {{- if eq .IngressAPIVersion "v1beta1"}}
+ - extensions
+ {{- end}}
+ - networking.k8s.io
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ {{- if eq .IngressAPIVersion "v1beta1"}}
+ - extensions
+ {{- end}}
+ - networking.k8s.io
+ resources:
+ - ingresses/status
+ verbs:
+ - update
+- apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingressclasses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resourceNames:
+ - ingress-nginx-leader
+ resources:
+ - configmaps
+ verbs:
+ - get
+ - update
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ verbs:
+ - create
+- apiGroups:
+ - coordination.k8s.io
+ resourceNames:
+ - ingress-nginx-leader
+ resources:
+ - leases
+ verbs:
+ - get
+ - update
+- apiGroups:
+ - coordination.k8s.io
+ resources:
+ - leases
+ verbs:
+ - create
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+- apiGroups:
+ - discovery.k8s.io
+ resources:
+ - endpointslices
+ verbs:
+ - list
+ - watch
+ - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ labels:
+ app.kubernetes.io/component: admission-webhook
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-admission
+ namespace: ingress-nginx
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - secrets
+ verbs:
+ - get
+ - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - endpoints
+ - nodes
+ - pods
+ - secrets
+ - namespaces
+ verbs:
+ - list
+ - watch
+- apiGroups:
+ - coordination.k8s.io
+ resources:
+ - leases
+ verbs:
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - get
+- apiGroups:
+ - ""
+ resources:
+ - services
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ {{- if eq .IngressAPIVersion "v1beta1"}}
+ - extensions
+ {{- end}}
+ - networking.k8s.io
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+- apiGroups:
+ {{- if eq .IngressAPIVersion "v1beta1"}}
+ - extensions
+ {{- end}}
+ - networking.k8s.io
+ resources:
+ - ingresses/status
+ verbs:
+ - update
+- apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingressclasses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - discovery.k8s.io
+ resources:
+ - endpointslices
+ verbs:
+ - list
+ - watch
+ - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app.kubernetes.io/component: admission-webhook
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-admission
+rules:
+- apiGroups:
+ - admissionregistration.k8s.io
+ resources:
+ - validatingwebhookconfigurations
+ verbs:
+ - get
+ - update
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx
+ namespace: ingress-nginx
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: ingress-nginx
+subjects:
+- kind: ServiceAccount
+ name: ingress-nginx
+ namespace: ingress-nginx
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/component: admission-webhook
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-admission
+ namespace: ingress-nginx
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: ingress-nginx-admission
+subjects:
+- kind: ServiceAccount
+ name: ingress-nginx-admission
+ namespace: ingress-nginx
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: ingress-nginx
+subjects:
+- kind: ServiceAccount
+ name: ingress-nginx
+ namespace: ingress-nginx
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/component: admission-webhook
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-admission
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: ingress-nginx-admission
+subjects:
+- kind: ServiceAccount
+ name: ingress-nginx-admission
+ namespace: ingress-nginx
+---
+apiVersion: v1
+data:
+ # see https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/configmap.md for all possible options and their description
+ hsts: "false"
+ # see https://github.com/kubernetes/minikube/pull/12702#discussion_r727519180: 'allow-snippet-annotations' should be used only if strictly required by another part of the deployment
+# allow-snippet-annotations: "true"
+kind: ConfigMap
+metadata:
+ labels:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-controller
+ namespace: ingress-nginx
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: tcp-services
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/component: controller
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: udp-services
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/component: controller
+---
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-controller
+ namespace: ingress-nginx
+spec:
+ {{- if and (eq .IngressAPIVersion "v1") (not .PreOneTwentyKubernetes)}}
+ ipFamilies:
+ - IPv4
+ ipFamilyPolicy: SingleStack
+ {{- end}}
+ ports:
+ - name: http
+ port: 80
+ protocol: TCP
+ targetPort: http
+ {{- if eq .IngressAPIVersion "v1"}}
+ appProtocol: http
+ {{- end}}
+ - name: https
+ port: 443
+ protocol: TCP
+ targetPort: https
+ {{- if eq .IngressAPIVersion "v1"}}
+ appProtocol: https
+ {{- end}}
+ selector:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ type: NodePort
+---
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-controller-admission
+ namespace: ingress-nginx
+spec:
+ ports:
+ - name: https-webhook
+ port: 443
+ targetPort: webhook
+ {{- if eq .IngressAPIVersion "v1"}}
+ appProtocol: https
+ {{- end}}
+ selector:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ type: ClusterIP
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-controller
+ namespace: ingress-nginx
+spec:
+ minReadySeconds: 0
+ revisionHistoryLimit: 10
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ strategy:
+ rollingUpdate:
+ maxUnavailable: 1
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ gcp-auth-skip-secret: "true"
+ spec:
+ containers:
+ - args:
+ - /nginx-ingress-controller
+ - --election-id=ingress-nginx-leader
+ {{- if eq .IngressAPIVersion "v1"}}
+ - --controller-class=k8s.io/ingress-nginx
+ - --watch-ingress-without-class=true
+ {{- end}}
+ {{- if eq .IngressAPIVersion "v1beta1"}}
+ - --ingress-class=nginx
+ {{- end}}
+ - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
+ - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
+ - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
+ - --validating-webhook=:8443
+ - --validating-webhook-certificate=/usr/local/certificates/cert
+ - --validating-webhook-key=/usr/local/certificates/key
+ {{- if .CustomIngressCert}}
+ - --default-ssl-certificate={{ .CustomIngressCert }}
+ {{- end}}
+ env:
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: LD_PRELOAD
+ value: /usr/local/lib/libmimalloc.so
+ image: {{.CustomRegistries.IngressController | default .ImageRepository | default .Registries.IngressController}}{{.Images.IngressController}}
+ imagePullPolicy: IfNotPresent
+ lifecycle:
+ preStop:
+ exec:
+ command:
+ - /wait-shutdown
+ livenessProbe:
+ failureThreshold: 5
+ httpGet:
+ path: /healthz
+ port: 10254
+ scheme: HTTP
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ name: controller
+ ports:
+ - containerPort: 80
+ hostPort: 80
+ name: http
+ protocol: TCP
+ - containerPort: 443
+ hostPort: 443
+ name: https
+ protocol: TCP
+ - containerPort: 8443
+ name: webhook
+ protocol: TCP
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /healthz
+ port: 10254
+ scheme: HTTP
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ resources:
+ requests:
+ cpu: 100m
+ memory: 90Mi
+ securityContext:
+ allowPrivilegeEscalation: true
+ capabilities:
+ add:
+ - NET_BIND_SERVICE
+ drop:
+ - ALL
+ runAsUser: 101
+ volumeMounts:
+ - mountPath: /usr/local/certificates/
+ name: webhook-cert
+ readOnly: true
+ dnsPolicy: ClusterFirst
+ nodeSelector:
+ minikube.k8s.io/primary: "true"
+ kubernetes.io/os: linux
+ serviceAccountName: ingress-nginx
+ terminationGracePeriodSeconds: 0
+ tolerations:
+ - effect: NoSchedule
+ key: node-role.kubernetes.io/master
+ operator: Equal
+ volumes:
+ - name: webhook-cert
+ secret:
+ secretName: ingress-nginx-admission
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ labels:
+ app.kubernetes.io/component: admission-webhook
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-admission-create
+ namespace: ingress-nginx
+spec:
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/component: admission-webhook
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-admission-create
+ spec:
+ containers:
+ - args:
+ - create
+ - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc
+ - --namespace=$(POD_NAMESPACE)
+ - --secret-name=ingress-nginx-admission
+ env:
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ image: {{.CustomRegistries.KubeWebhookCertgenCreate | default .ImageRepository | default .Registries.KubeWebhookCertgenCreate }}{{.Images.KubeWebhookCertgenCreate}}
+ imagePullPolicy: IfNotPresent
+ name: create
+ securityContext:
+ allowPrivilegeEscalation: false
+ nodeSelector:
+ minikube.k8s.io/primary: "true"
+ kubernetes.io/os: linux
+ restartPolicy: OnFailure
+ securityContext:
+ runAsNonRoot: true
+ runAsUser: 2000
+ serviceAccountName: ingress-nginx-admission
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ labels:
+ app.kubernetes.io/component: admission-webhook
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-admission-patch
+ namespace: ingress-nginx
+spec:
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/component: admission-webhook
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-admission-patch
+ spec:
+ containers:
+ - args:
+ - patch
+ - --webhook-name=ingress-nginx-admission
+ - --namespace=$(POD_NAMESPACE)
+ - --patch-mutating=false
+ - --secret-name=ingress-nginx-admission
+ - --patch-failure-policy=Fail
+ env:
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ image: {{.CustomRegistries.KubeWebhookCertgenPatch | default .ImageRepository | default .Registries.KubeWebhookCertgenPatch }}{{.Images.KubeWebhookCertgenPatch}}
+ imagePullPolicy: IfNotPresent
+ name: patch
+ securityContext:
+ allowPrivilegeEscalation: false
+ nodeSelector:
+ minikube.k8s.io/primary: "true"
+ kubernetes.io/os: linux
+ restartPolicy: OnFailure
+ securityContext:
+ runAsNonRoot: true
+ runAsUser: 2000
+ serviceAccountName: ingress-nginx-admission
+---
+{{- if eq .IngressAPIVersion "v1"}}
+apiVersion: networking.k8s.io/v1
+kind: IngressClass
+metadata:
+ annotations:
+ ingressclass.kubernetes.io/is-default-class: "true"
+ labels:
+ app.kubernetes.io/component: controller
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: nginx
+spec:
+ controller: k8s.io/ingress-nginx
+---
+{{- end}}
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+ labels:
+ app.kubernetes.io/component: admission-webhook
+ app.kubernetes.io/instance: ingress-nginx
+ app.kubernetes.io/name: ingress-nginx
+ name: ingress-nginx-admission
+webhooks:
+- admissionReviewVersions:
+ - v1
+ {{- if eq .IngressAPIVersion "v1beta1"}}
+ - v1beta1
+ {{- end}}
+ clientConfig:
+ service:
+ name: ingress-nginx-controller-admission
+ namespace: ingress-nginx
+ path: /networking/{{.IngressAPIVersion}}/ingresses
+ failurePolicy: Fail
+ matchPolicy: Equivalent
+ name: validate.nginx.ingress.kubernetes.io
+ rules:
+ - apiGroups:
+ - networking.k8s.io
+ apiVersions:
+ - {{.IngressAPIVersion}}
+ operations:
+ - CREATE
+ - UPDATE
+ resources:
+ - ingresses
+ sideEffects: None
diff --git a/deploy/addons/ingress/ingress-dp.yaml.tmpl b/deploy/addons/ingress/ingress-dp.yaml.tmpl
deleted file mode 100644
index 694534c9361e..000000000000
--- a/deploy/addons/ingress/ingress-dp.yaml.tmpl
+++ /dev/null
@@ -1,299 +0,0 @@
-# Copyright 2016 The Kubernetes Authors All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
----
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: Reconcile
- name: ingress-nginx-controller-admission
- namespace: ingress-nginx
-spec:
- type: ClusterIP
- ports:
- - name: https-webhook
- port: 443
- targetPort: webhook
- selector:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
----
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: Reconcile
- name: ingress-nginx-controller
- namespace: ingress-nginx
-spec:
- type: NodePort
- ports:
- - name: http
- port: 80
- protocol: TCP
- targetPort: http
- - name: https
- port: 443
- protocol: TCP
- targetPort: https
- selector:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: ingress-nginx-controller
- namespace: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: Reconcile
-spec:
- selector:
- matchLabels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: Reconcile
- revisionHistoryLimit: 10
- strategy:
- rollingUpdate:
- maxUnavailable: 1
- type: RollingUpdate
- minReadySeconds: 0
- template:
- metadata:
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: Reconcile
- gcp-auth-skip-secret: "true"
- spec:
- dnsPolicy: ClusterFirst
- containers:
- - name: controller
- image: {{.CustomRegistries.IngressController | default .ImageRepository | default .Registries.IngressController }}{{.Images.IngressController}}
- imagePullPolicy: IfNotPresent
- lifecycle:
- preStop:
- exec:
- command:
- - /wait-shutdown
- args:
- - /nginx-ingress-controller
- - --ingress-class=nginx
- - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller
- - --report-node-internal-ip-address
- - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
- - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
- - --validating-webhook=:8443
- - --validating-webhook-certificate=/usr/local/certificates/cert
- - --validating-webhook-key=/usr/local/certificates/key
- {{if .CustomIngressCert}}
- - --default-ssl-certificate={{ .CustomIngressCert }}
- {{end}}
- securityContext:
- capabilities:
- drop:
- - ALL
- add:
- - NET_BIND_SERVICE
- runAsUser: 101
- allowPrivilegeEscalation: true
- env:
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: LD_PRELOAD
- value: /usr/local/lib/libmimalloc.so
- livenessProbe:
- httpGet:
- path: /healthz
- port: 10254
- scheme: HTTP
- initialDelaySeconds: 10
- periodSeconds: 10
- timeoutSeconds: 1
- successThreshold: 1
- failureThreshold: 5
- readinessProbe:
- httpGet:
- path: /healthz
- port: 10254
- scheme: HTTP
- initialDelaySeconds: 10
- periodSeconds: 10
- timeoutSeconds: 1
- successThreshold: 1
- failureThreshold: 3
- ports:
- - name: http
- containerPort: 80
- protocol: TCP
- hostPort: 80
- - name: https
- containerPort: 443
- protocol: TCP
- hostPort: 443
- - name: webhook
- containerPort: 8443
- protocol: TCP
- volumeMounts:
- - name: webhook-cert
- mountPath: /usr/local/certificates/
- readOnly: true
- resources:
- requests:
- cpu: 100m
- memory: 90Mi
- serviceAccountName: ingress-nginx
- volumes:
- - name: webhook-cert
- secret:
- secretName: ingress-nginx-admission
----
-# Currently(v0.44.0), ValidatingWebhookConfiguration of this validates v1beta1 request
-# TODO(govargo): check this after upstream ingress-nginx can validate v1 version
-# https://github.com/kubernetes/ingress-nginx/blob/controller-v0.44.0/internal/admission/controller/main.go#L46-L52
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: admission-webhook
- addonmanager.kubernetes.io/mode: Reconcile
- name: ingress-nginx-admission
-webhooks:
- - name: validate.nginx.ingress.kubernetes.io
- matchPolicy: Equivalent
- rules:
- - apiGroups:
- - networking.k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - ingresses
- failurePolicy: Fail
- sideEffects: None
- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- namespace: ingress-nginx
- name: ingress-nginx-controller-admission
- path: /networking/v1beta1/ingresses
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: ingress-nginx-admission-create
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: admission-webhook
- addonmanager.kubernetes.io/mode: Reconcile
- namespace: ingress-nginx
-spec:
- template:
- metadata:
- name: ingress-nginx-admission-create
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: admission-webhook
- addonmanager.kubernetes.io/mode: Reconcile
- spec:
- containers:
- - name: create
- image: {{.CustomRegistries.KubeWebhookCertgenCreate | default .ImageRepository | default .Registries.KubeWebhookCertgenCreate }}{{.Images.KubeWebhookCertgenCreate}}
- imagePullPolicy: IfNotPresent
- args:
- - create
- - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc
- - --namespace=$(POD_NAMESPACE)
- - --secret-name=ingress-nginx-admission
- env:
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- restartPolicy: OnFailure
- serviceAccountName: ingress-nginx-admission
- securityContext:
- runAsNonRoot: true
- runAsUser: 2000
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: ingress-nginx-admission-patch
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: admission-webhook
- addonmanager.kubernetes.io/mode: Reconcile
- namespace: ingress-nginx
-spec:
- template:
- metadata:
- name: ingress-nginx-admission-patch
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: admission-webhook
- addonmanager.kubernetes.io/mode: Reconcile
- spec:
- containers:
- - name: patch
- image: {{.CustomRegistries.KubeWebhookCertgenPatch | default .ImageRepository | default .Registries.KubeWebhookCertgenPatch }}{{.Images.KubeWebhookCertgenPatch}}
- imagePullPolicy: IfNotPresent
- args:
- - patch
- - --webhook-name=ingress-nginx-admission
- - --namespace=$(POD_NAMESPACE)
- - --patch-mutating=false
- - --secret-name=ingress-nginx-admission
- - --patch-failure-policy=Fail
- env:
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- restartPolicy: OnFailure
- serviceAccountName: ingress-nginx-admission
- securityContext:
- runAsNonRoot: true
- runAsUser: 2000
diff --git a/deploy/addons/ingress/ingress-rbac.yaml.tmpl b/deploy/addons/ingress/ingress-rbac.yaml.tmpl
deleted file mode 100644
index 5a2cf139b706..000000000000
--- a/deploy/addons/ingress/ingress-rbac.yaml.tmpl
+++ /dev/null
@@ -1,283 +0,0 @@
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: Reconcile
- name: ingress-nginx
- namespace: ingress-nginx
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- addonmanager.kubernetes.io/mode: Reconcile
- name: ingress-nginx
-rules:
- - apiGroups:
- - ''
- resources:
- - configmaps
- - endpoints
- - nodes
- - pods
- - secrets
- verbs:
- - list
- - watch
- - apiGroups:
- - ''
- resources:
- - nodes
- verbs:
- - get
- - apiGroups:
- - ''
- resources:
- - services
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io # k8s 1.14+
- resources:
- - ingresses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - ''
- resources:
- - events
- verbs:
- - create
- - patch
- - apiGroups:
- - extensions
- - networking.k8s.io # k8s 1.14+
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - networking.k8s.io # k8s 1.18+
- resources:
- - ingressclasses
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: ingress-nginx
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- addonmanager.kubernetes.io/mode: Reconcile
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: ingress-nginx
-subjects:
-- kind: ServiceAccount
- name: ingress-nginx
- namespace: ingress-nginx
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: Reconcile
- name: ingress-nginx
- namespace: ingress-nginx
-rules:
- - apiGroups:
- - ''
- resources:
- - namespaces
- verbs:
- - get
- - apiGroups:
- - ''
- resources:
- - configmaps
- - pods
- - secrets
- - endpoints
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - ''
- resources:
- - services
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io # k8s 1.14+
- resources:
- - ingresses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - extensions
- - networking.k8s.io # k8s 1.14+
- resources:
- - ingresses/status
- verbs:
- - update
- - apiGroups:
- - networking.k8s.io # k8s 1.18+
- resources:
- - ingressclasses
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - ''
- resources:
- - configmaps
- resourceNames:
- - ingress-controller-leader-nginx
- verbs:
- - get
- - update
- - apiGroups:
- - ''
- resources:
- - configmaps
- verbs:
- - create
- - apiGroups:
- - ''
- resources:
- - events
- verbs:
- - create
- - patch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: controller
- addonmanager.kubernetes.io/mode: Reconcile
- name: ingress-nginx
- namespace: ingress-nginx
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: ingress-nginx
-subjects:
-- kind: ServiceAccount
- name: ingress-nginx
- namespace: ingress-nginx
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: ingress-nginx-admission
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: admission-webhook
- addonmanager.kubernetes.io/mode: Reconcile
- namespace: ingress-nginx
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: ingress-nginx-admission
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: admission-webhook
- addonmanager.kubernetes.io/mode: Reconcile
- namespace: ingress-nginx
-rules:
- - apiGroups:
- - admissionregistration.k8s.io
- resources:
- - validatingwebhookconfigurations
- verbs:
- - get
- - update
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: ingress-nginx-admission
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: admission-webhook
- addonmanager.kubernetes.io/mode: Reconcile
- namespace: ingress-nginx
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: ingress-nginx-admission
-subjects:
- - kind: ServiceAccount
- name: ingress-nginx-admission
- namespace: ingress-nginx
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: ingress-nginx-admission
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: admission-webhook
- addonmanager.kubernetes.io/mode: Reconcile
- namespace: ingress-nginx
-rules:
- - apiGroups:
- - ''
- resources:
- - secrets
- verbs:
- - get
- - create
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: ingress-nginx-admission
- labels:
- app.kubernetes.io/name: ingress-nginx
- app.kubernetes.io/instance: ingress-nginx
- app.kubernetes.io/component: admission-webhook
- addonmanager.kubernetes.io/mode: Reconcile
- namespace: ingress-nginx
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: ingress-nginx-admission
-subjects:
- - kind: ServiceAccount
- name: ingress-nginx-admission
- namespace: ingress-nginx
diff --git a/deploy/addons/inspektor-gadget/ig-deployment.yaml.tmpl b/deploy/addons/inspektor-gadget/ig-deployment.yaml.tmpl
new file mode 100644
index 000000000000..ddf085bac1c5
--- /dev/null
+++ b/deploy/addons/inspektor-gadget/ig-deployment.yaml.tmpl
@@ -0,0 +1,400 @@
+---
+# This file is generated by 'make generate-manifests'; DO NOT EDIT.
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: gadget
+---
+# Source: gadget/templates/serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ k8s-app: gadget
+ name: gadget
+ namespace: gadget
+---
+# Source: gadget/templates/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ labels:
+ k8s-app: gadget
+ name: gadget
+ namespace: gadget
+data:
+ config.yaml: |-
+ events-buffer-length: 16384
+ containerd-socketpath: /run/containerd/containerd.sock
+ crio-socketpath: /run/crio/crio.sock
+ docker-socketpath: /run/docker.sock
+ podman-socketpath: /run/podman/podman.sock
+ gadget-namespace: gadget
+ daemon-log-level: info
+ operator:
+ kubemanager:
+ fallback-podinformer: true
+ hook-mode: auto
+ oci:
+ allowed-gadgets: []
+ disallow-pulling: false
+ insecure-registries: []
+ public-keys:
+ - |
+ -----BEGIN PUBLIC KEY-----
+ MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEoDOC0gYSxZTopenGmX3ZFvQ1DSfh
+ Ir4EKRt5jC+mXaJ7c7J+oREskYMn/SfZdRHNSOjLTZUMDm60zpXGhkFecg==
+ -----END PUBLIC KEY-----
+ verify-image: true
+ otel-metrics:
+ otel-metrics-listen: false
+ otel-metrics-listen-address: 0.0.0.0:2224
+---
+# Source: gadget/templates/clusterrole.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: gadget-cluster-role
+ labels:
+ k8s-app: gadget
+rules:
+ - apiGroups: [""]
+ resources: ["nodes/proxy"]
+ verbs: ["get"]
+ - apiGroups: [""]
+ resources: ["namespaces", "nodes", "pods"]
+ verbs: ["get", "watch", "list"]
+ - apiGroups: [""]
+ resources: ["services"]
+ # list is needed by network-policy gadget
+ # watch is needed by operators enriching with service informations
+ verbs: ["list", "watch"]
+ - apiGroups: ["gadget.kinvolk.io"]
+ resources: ["traces", "traces/status"]
+ # For traces, we need all rights on them as we define this resource.
+ verbs: ["delete", "deletecollection", "get", "list", "patch", "create", "update", "watch"]
+ - apiGroups: ["*"]
+ resources: ["deployments", "replicasets", "statefulsets", "daemonsets", "jobs", "cronjobs", "replicationcontrollers"]
+ # Required to retrieve the owner references used by the seccomp gadget.
+ verbs: ["get"]
+ - apiGroups: ["security-profiles-operator.x-k8s.io"]
+ resources: ["seccompprofiles"]
+ # Required for integration with the Kubernetes Security Profiles Operator
+ verbs: ["list", "watch", "create"]
+ - apiGroups: ["security.openshift.io"]
+ # It is necessary to use the 'privileged' security context constraints to be
+ # able mount host directories as volumes, use the host networking, among others.
+ # This will be used only when running on OpenShift:
+ # https://docs.openshift.com/container-platform/4.9/authentication/managing-security-context-constraints.html#default-sccs_configuring-internal-oauth
+ resources: ["securitycontextconstraints"]
+ resourceNames: ["privileged"]
+ verbs: ["use"]
+---
+# Source: gadget/templates/clusterrolebinding.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: gadget-cluster-role-binding
+ labels:
+ k8s-app: gadget
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: gadget-cluster-role
+subjects:
+ - kind: ServiceAccount
+ name: gadget
+ namespace: gadget
+---
+# Source: gadget/templates/role.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ labels:
+ k8s-app: gadget
+ name: gadget-role
+ namespace: gadget
+rules:
+ - apiGroups: [ "" ]
+ resources: [ "secrets" ]
+ # get secrets is needed for retrieving pull secret.
+ verbs: [ "get" ]
+ - apiGroups: [""]
+ resources: ["configmaps"]
+ verbs: ["get", "watch", "list", "create", "delete", "patch", "update"]
+---
+# Source: gadget/templates/rolebinding.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ k8s-app: gadget
+ name: gadget-role-binding
+ namespace: gadget
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: gadget-role
+subjects:
+ - kind: ServiceAccount
+ name: gadget
+---
+# Source: gadget/templates/daemonset.yaml
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ labels:
+ k8s-app: gadget
+ name: gadget
+ namespace: gadget
+spec:
+ selector:
+ matchLabels:
+ k8s-app: gadget
+ template:
+ metadata:
+ labels:
+ k8s-app: gadget
+ annotations:
+ # We need to set gadget container as unconfined so it is able to write
+ # /sys/fs/bpf as well as /sys/kernel/debug/tracing.
+ # Otherwise, we can have error like:
+ # "failed to create server failed to create folder for pinning bpf maps: mkdir /sys/fs/bpf/gadget: permission denied"
+ # (For reference, see: https://github.com/inspektor-gadget/inspektor-gadget/runs/3966318270?check_suite_focus=true#step:20:221)
+ container.apparmor.security.beta.kubernetes.io/gadget: "unconfined"
+ # keep aligned with values in pkg/operators/prometheus/prometheus.go
+ prometheus.io/scrape: "true"
+ prometheus.io/port: "2223"
+ prometheus.io/path: "/metrics"
+ spec:
+ serviceAccount: gadget
+ hostPID: false
+ hostNetwork: false
+ containers:
+ - name: gadget
+ terminationMessagePolicy: FallbackToLogsOnError
+ image: {{.CustomRegistries.InspektorGadget | default .ImageRepository | default .Registries.InspektorGadget }}{{.Images.InspektorGadget}}
+ imagePullPolicy: Always
+ command: [ "/bin/gadgettracermanager", "-serve" ]
+ lifecycle:
+ preStop:
+ exec:
+ command:
+ - "/cleanup"
+ livenessProbe:
+ exec:
+ command:
+ - /bin/gadgettracermanager
+ - -liveness
+ periodSeconds: 5
+ timeoutSeconds: 2
+ readinessProbe:
+ exec:
+ command:
+ - /bin/gadgettracermanager
+ - -liveness
+ periodSeconds: 5
+ timeoutSeconds: 2
+ startupProbe:
+ exec:
+ command:
+ - /bin/gadgettracermanager
+ - -liveness
+ failureThreshold: 12
+ periodSeconds: 5
+ env:
+ - name: NODE_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ - name: GADGET_POD_UID
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.uid
+ - name: GADGET_IMAGE
+ value: "ghcr.io/inspektor-gadget/inspektor-gadget"
+ - name: HOST_ROOT
+ value: "/host"
+ - name: IG_EXPERIMENTAL
+ value: "false"
+ securityContext:
+ readOnlyRootFilesystem: true
+ # With hostPID/hostNetwork/privileged [1] set to false, we need to set appropriate
+ # SELinux context [2] to be able to mount host directories with correct permissions.
+ # This option is ignored if hostPID/hostNetwork/privileged is set to true or SELinux isn't enabled.
+ # See:
+ # 1 - https://github.com/cri-o/cri-o/blob/v1.27.0/server/sandbox_run_linux.go#L537
+ # 2 - https://github.com/cri-o/cri-o/blob/v1.27.0/server/container_create_linux.go#L310
+ seLinuxOptions:
+ type: "spc_t"
+ capabilities:
+ drop:
+ - ALL
+ add:
+ # We need CAP_SYS_ADMIN for gadgettracermanager due to several
+ # syscalls:
+ # - bpf(): It often checks if SYS_ADMIN is set, among others
+ # there:
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5/kernel/bpf/syscall.c#L2602
+ # - perf_event_open(): The kernel checks if CAP_PERFMON or
+ # CAP_SYS_ADMIN is set:
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5/kernel/events/core.c#L12406-L12409
+ # - fanotify_init(): CAP_SYS_ADMIN is required to use all the
+ # functionalities offered by fanotify:
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5/fs/notify/fanotify/fanotify_user.c#L1404
+ # - fanotify_mark(): This capability is required to setup mount
+ # or filesystem marks:
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5/fs/notify/fanotify/fanotify_user.c#L1745-L1754
+ # - mount(): We need this capability to modify the caller
+ # namespace:
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5/fs/namespace.c#L1844-L1846
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5/fs/namespace.c#L3609
+ # - setns(): SYS_ADMIN is needed to install various namespace:
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5ba9292eda36fd8e3c11f35ee065c/kernel/nsproxy.c#L574
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5/kernel/cgroup/namespace.c#L103-L105
+ - SYS_ADMIN
+
+ # We need this capability to get addresses from /proc/kallsyms.
+ # Without it, addresses displayed when reading this file will be
+ # 0.
+ # Indeed, the socket-enricher needs to get the socket_file_ops
+ # to work correctly:
+ # https://github.com/inspektor-gadget/inspektor-gadget/blob/69692d54d951/pkg/gadgets/internal/socketenricher/tracer.go#L75
+ - SYSLOG
+
+ # Accessing some procfs files such as /proc/$pid/ns/mnt
+ # requires ptrace capability:
+ # https://github.com/inspektor-gadget/inspektor-gadget/blob/3c51ff5e9f5b/pkg/utils/host/namespaces.go#L65
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5/fs/proc/namespaces.c#L58
+ - SYS_PTRACE
+
+ # Needed by RemoveMemlock in gadgettracermanager:
+ # https://github.com/inspektor-gadget/inspektor-gadget/blob/f2b9826fc4ae046415cdee30ee4a25322fd3f0c0/pkg/gadgettracermanager/gadgettracermanager.go#L258
+ - SYS_RESOURCE
+
+ # Needed by mmap() called by gadgettracermanager:
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5/mm/mmap.c#L1281
+ # https://github.com/torvalds/linux/blob/c42d9eeef8e5/mm/mmap.c#L1161-L1162
+ - IPC_LOCK
+
+ # Needed by gadgets that open a raw sock like dns and snisnoop:
+ # https://github.com/inspektor-gadget/inspektor-gadget/blob/3c51ff5e9f5b/gadgets/trace_dns/program.bpf.c#L365-L366
+ - NET_RAW
+
+ # Needed to attach qdiscs and filters to network interfaces. See createClsActQdisc()
+ # and addTCFilter() in pkg/gadgets/internal/tcnetworktracer/tc.go
+ - NET_ADMIN
+ volumeMounts:
+ - mountPath: /host/bin
+ name: bin
+ readOnly: true
+ # We need to have read/write as we write NRI and OCI config files
+ # here.
+ - mountPath: /host/etc
+ name: etc
+ readOnly: false
+ # We need to have read/write as we write NRI and OCI binaries here.
+ - mountPath: /host/opt
+ name: opt
+ readOnly: false
+ - mountPath: /host/usr
+ name: usr
+ readOnly: true
+ - mountPath: /host/run
+ name: run
+ readOnly: true
+ - mountPath: /host/var
+ name: var
+ readOnly: true
+ # WARNING Despite mounting host proc as readonly, it is possible to
+ # write host file system using symlinks under /host/proc. The
+ # following command, ran from gadget pod, will result in writing to
+ # the host filesystem:
+ # touch /host/proc/1/root/foobar
+ # This limitation comes from Inspektor Gadget needing to be run as
+ # unconfined with regard to AppArmor and having the SYS_PTRACE
+ # capability.
+ - mountPath: /host/proc
+ name: proc
+ readOnly: true
+ - mountPath: /run
+ name: run
+ - mountPath: /sys/kernel/debug
+ name: debugfs
+ - mountPath: /sys/fs/cgroup
+ name: cgroup
+ readOnly: true
+ - mountPath: /sys/fs/bpf
+ name: bpffs
+ # We need to add a dedicated volume to store OCI image otherwise it
+ # will fail as the container root filesystem is read only.
+ # For this, we use an emptyDir without size limit.
+ - mountPath: /var/lib/ig
+ name: oci
+ - mountPath: /etc/ig
+ name: config
+ readOnly: true
+ # We need a dedicated volume to store the wasm cache
+ # otherwise it will fail as the container root filesystem is read only.
+ - mountPath: /var/run/ig/wasm-cache
+ name: wasm-cache
+ readOnly: false
+ nodeSelector:
+ kubernetes.io/os: linux
+ affinity:
+ {}
+ tolerations:
+ - effect: NoSchedule
+ operator: Exists
+ - effect: NoExecute
+ operator: Exists
+ volumes:
+ # /bin is needed to find runc.
+ - name: bin
+ hostPath:
+ path: /bin
+ # /etc is needed for several reasons:
+ # 1. entrypoint needs /etc/os-release to print information.
+ # 2. entrypoint needs /etc/nri to handle NRI hooks
+ # 3. entrypoint needs /etc/containers/oci to handle OCI hooks.
+ - name: etc
+ hostPath:
+ path: /etc
+ # /opt is needed for several reasons:
+ # 1. entrypoint needs /opt/nri to handle NRI hooks.
+ # 2. entrypoint needs /opt/hooks/oci to handle OCI hooks.
+ - name: opt
+ hostPath:
+ path: /opt
+ # /usr is needed to find runc.
+ - name: usr
+ hostPath:
+ path: /usr
+ - name: proc
+ hostPath:
+ path: /proc
+ - name: run
+ hostPath:
+ path: /run
+ # /var is needed by container-hook to fanoitfy mark certain directories
+ # e.g. needed in case of docker runtime on minikube (driver=kvm2)
+ - name: var
+ hostPath:
+ path: /var
+ - name: cgroup
+ hostPath:
+ path: /sys/fs/cgroup
+ - name: bpffs
+ hostPath:
+ path: /sys/fs/bpf
+ - name: debugfs
+ hostPath:
+ path: /sys/kernel/debug
+ - name: oci
+ emptyDir:
+ - name: config
+ configMap:
+ name: gadget
+ defaultMode: 0o400
+ - name: wasm-cache
+ emptyDir: {}
diff --git a/deploy/addons/istio-provisioner/istio-operator.yaml.tmpl b/deploy/addons/istio-provisioner/istio-operator.yaml.tmpl
index 6c5f23118b79..5ba677d3698e 100644
--- a/deploy/addons/istio-provisioner/istio-operator.yaml.tmpl
+++ b/deploy/addons/istio-provisioner/istio-operator.yaml.tmpl
@@ -8,7 +8,7 @@ metadata:
addonmanager.kubernetes.io/mode: EnsureExists
...
---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: istiooperators.install.istio.io
@@ -16,6 +16,8 @@ metadata:
kubernetes.io/minikube-addons: istio
addonmanager.kubernetes.io/mode: EnsureExists
spec:
+ conversion:
+ strategy: None
group: install.istio.io
names:
kind: IstioOperator
@@ -24,13 +26,24 @@ spec:
singular: istiooperator
shortNames:
- iop
+ - io
scope: Namespaced
- subresources:
- status: {}
versions:
- name: v1alpha1
+ subresources:
+ status: {}
+ schema:
+ openAPIV3Schema:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
served: true
storage: true
+ subresources:
+ status: {}
+ schema:
+ openAPIV3Schema:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
...
---
apiVersion: v1
@@ -77,12 +90,6 @@ rules:
- '*'
verbs:
- '*'
-- apiGroups:
- - rbac.istio.io
- resources:
- - '*'
- verbs:
- - '*'
- apiGroups:
- security.istio.io
resources:
@@ -111,9 +118,7 @@ rules:
- daemonsets
- deployments
- deployments/finalizers
- - ingresses
- replicasets
- - statefulsets
verbs:
- '*'
- apiGroups:
@@ -129,6 +134,7 @@ rules:
verbs:
- get
- create
+ - update
- apiGroups:
- policy
resources:
@@ -144,18 +150,28 @@ rules:
- rolebindings
verbs:
- '*'
+- apiGroups:
+ - coordination.k8s.io
+ resources:
+ - leases
+ verbs:
+ - get
+ - create
+ - update
- apiGroups:
- ""
resources:
- - configmaps
+ - configmaps
- endpoints
- events
- namespaces
- pods
+ - pods/proxy
+ - pods/portforward
- persistentvolumeclaims
- secrets
- services
- - serviceaccounts
+ - serviceaccounts
verbs:
- '*'
...
@@ -191,6 +207,7 @@ spec:
- name: http-metrics
port: 8383
targetPort: 8383
+ protocol: TCP
selector:
name: istio-operator
...
@@ -202,7 +219,7 @@ metadata:
name: istio-operator
labels:
kubernetes.io/minikube-addons: istio
- addonmanager.kubernetes.io/mode: Reconcile
+ addonmanager.kubernetes.io/mode: Reconcile
spec:
replicas: 1
selector:
@@ -222,6 +239,16 @@ spec:
command:
- operator
- server
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ privileged: false
+ readOnlyRootFilesystem: true
+ runAsGroup: 1337
+ runAsUser: 1337
+ runAsNonRoot: true
imagePullPolicy: IfNotPresent
resources:
limits:
@@ -243,4 +270,6 @@ spec:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: "istio-operator"
+ - name: WAIT_FOR_RESOURCES_TIMEOUT
+ value: "300s"
...
diff --git a/deploy/addons/istio/istio-default-profile.yaml.tmpl b/deploy/addons/istio/istio-default-profile.yaml
similarity index 100%
rename from deploy/addons/istio/istio-default-profile.yaml.tmpl
rename to deploy/addons/istio/istio-default-profile.yaml
diff --git a/deploy/addons/kong/kong-ingress-controller.yaml.tmpl b/deploy/addons/kong/kong-ingress-controller.yaml.tmpl
new file mode 100644
index 000000000000..499880b5c4cb
--- /dev/null
+++ b/deploy/addons/kong/kong-ingress-controller.yaml.tmpl
@@ -0,0 +1,1855 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: kong
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.3
+ creationTimestamp: null
+ name: ingressclassparameterses.configuration.konghq.com
+spec:
+ group: configuration.konghq.com
+ names:
+ kind: IngressClassParameters
+ listKind: IngressClassParametersList
+ plural: ingressclassparameterses
+ singular: ingressclassparameters
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: IngressClassParameters is the Schema for the IngressClassParameters
+ API.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: Spec is the IngressClassParameters specification.
+ properties:
+ enableLegacyRegexDetection:
+ default: false
+ description: EnableLegacyRegexDetection automatically detects if ImplementationSpecific
+ Ingress paths are regular expression paths using the legacy 2.x
+ heuristic. The controller adds the "~" prefix to those paths if
+ the Kong version is 3.0 or higher.
+ type: boolean
+ serviceUpstream:
+ default: false
+ description: Offload load-balancing to kube-proxy or sidecar.
+ type: boolean
+ type: object
+ type: object
+ served: true
+ storage: true
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.3
+ creationTimestamp: null
+ name: kongclusterplugins.configuration.konghq.com
+spec:
+ group: configuration.konghq.com
+ names:
+ categories:
+ - kong-ingress-controller
+ kind: KongClusterPlugin
+ listKind: KongClusterPluginList
+ plural: kongclusterplugins
+ shortNames:
+ - kcp
+ singular: kongclusterplugin
+ scope: Cluster
+ versions:
+ - additionalPrinterColumns:
+ - description: Name of the plugin
+ jsonPath: .plugin
+ name: Plugin-Type
+ type: string
+ - description: Age
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ - description: Indicates if the plugin is disabled
+ jsonPath: .disabled
+ name: Disabled
+ priority: 1
+ type: boolean
+ - description: Configuration of the plugin
+ jsonPath: .config
+ name: Config
+ priority: 1
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: KongClusterPlugin is the Schema for the kongclusterplugins API.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ config:
+ description: Config contains the plugin configuration. It's a list of
+ keys and values required to configure the plugin. Please read the documentation
+ of the plugin being configured to set values in here. For any plugin
+ in Kong, anything that goes in the `config` JSON key in the Admin API
+ request, goes into this property. Only one of `config` or `configFrom`
+ may be used in a KongClusterPlugin, not both at once.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ configFrom:
+ description: ConfigFrom references a secret containing the plugin configuration.
+ This should be used when the plugin configuration contains sensitive
+ information, such as AWS credentials in the Lambda plugin or the client
+ secret in the OIDC plugin. Only one of `config` or `configFrom` may
+ be used in a KongClusterPlugin, not both at once.
+ properties:
+ secretKeyRef:
+ description: Specifies a name, a namespace, and a key of a secret
+ to refer to.
+ properties:
+ key:
+ description: The key containing the value.
+ type: string
+ name:
+ description: The secret containing the key.
+ type: string
+ namespace:
+ description: The namespace containing the secret.
+ type: string
+ required:
+ - key
+ - name
+ - namespace
+ type: object
+ type: object
+ consumerRef:
+ description: ConsumerRef is a reference to a particular consumer.
+ type: string
+ disabled:
+ description: Disabled set if the plugin is disabled or not.
+ type: boolean
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ ordering:
+ description: 'Ordering overrides the normal plugin execution order. It''s
+ only available on Kong Enterprise. `` is a request processing
+ phase (for example, `access` or `body_filter`) and `` is the
+ name of the plugin that will run before or after the KongPlugin. For
+ example, a KongPlugin with `plugin: rate-limiting` and `before.access:
+ ["key-auth"]` will create a rate limiting plugin that limits requests
+ _before_ they are authenticated.'
+ properties:
+ after:
+ additionalProperties:
+ items:
+ type: string
+ type: array
+ description: PluginOrderingPhase indicates which plugins in a phase
+ should affect the target plugin's order
+ type: object
+ before:
+ additionalProperties:
+ items:
+ type: string
+ type: array
+ description: PluginOrderingPhase indicates which plugins in a phase
+ should affect the target plugin's order
+ type: object
+ type: object
+ plugin:
+ description: PluginName is the name of the plugin to which to apply the
+ config.
+ type: string
+ protocols:
+ description: Protocols configures plugin to run on requests received on
+ specific protocols.
+ items:
+ description: KongProtocol is a valid Kong protocol. This alias is necessary
+ to deal with https://github.com/kubernetes-sigs/controller-tools/issues/342
+ enum:
+ - http
+ - https
+ - grpc
+ - grpcs
+ - tcp
+ - tls
+ - udp
+ type: string
+ type: array
+ run_on:
+ description: RunOn configures the plugin to run on the first or the second
+ or both nodes in case of a service mesh deployment.
+ enum:
+ - first
+ - second
+ - all
+ type: string
+ required:
+ - plugin
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.3
+ creationTimestamp: null
+ name: kongconsumers.configuration.konghq.com
+spec:
+ group: configuration.konghq.com
+ names:
+ categories:
+ - kong-ingress-controller
+ kind: KongConsumer
+ listKind: KongConsumerList
+ plural: kongconsumers
+ shortNames:
+ - kc
+ singular: kongconsumer
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: Username of a Kong Consumer
+ jsonPath: .username
+ name: Username
+ type: string
+ - description: Age
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: KongConsumer is the Schema for the kongconsumers API.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ credentials:
+ description: Credentials are references to secrets containing a credential
+ to be provisioned in Kong.
+ items:
+ type: string
+ type: array
+ custom_id:
+ description: CustomID is a Kong cluster-unique existing ID for the consumer
+ - useful for mapping Kong with users in your existing database.
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ username:
+ description: Username is a Kong cluster-unique username of the consumer.
+ type: string
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.3
+ creationTimestamp: null
+ name: kongingresses.configuration.konghq.com
+spec:
+ group: configuration.konghq.com
+ names:
+ categories:
+ - kong-ingress-controller
+ kind: KongIngress
+ listKind: KongIngressList
+ plural: kongingresses
+ shortNames:
+ - ki
+ singular: kongingress
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ description: KongIngress is the Schema for the kongingresses API.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ proxy:
+ description: Proxy defines additional connection options for the routes
+ to be configured in the Kong Gateway, e.g. `connection_timeout`, `retries`,
+ etc.
+ properties:
+ connect_timeout:
+ description: "The timeout in milliseconds for\testablishing a connection
+ to the upstream server. Deprecated: use Service's \"konghq.com/connect-timeout\"
+ annotation instead."
+ minimum: 0
+ type: integer
+ path:
+ description: '(optional) The path to be used in requests to the upstream
+ server. Deprecated: use Service''s "konghq.com/path" annotation
+ instead.'
+ pattern: ^/.*$
+ type: string
+ protocol:
+ description: 'The protocol used to communicate with the upstream.
+ Deprecated: use Service''s "konghq.com/protocol" annotation instead.'
+ enum:
+ - http
+ - https
+ - grpc
+ - grpcs
+ - tcp
+ - tls
+ - udp
+ type: string
+ read_timeout:
+ description: 'The timeout in milliseconds between two successive read
+ operations for transmitting a request to the upstream server. Deprecated:
+ use Service''s "konghq.com/read-timeout" annotation instead.'
+ minimum: 0
+ type: integer
+ retries:
+ description: 'The number of retries to execute upon failure to proxy.
+ Deprecated: use Service''s "konghq.com/retries" annotation instead.'
+ minimum: 0
+ type: integer
+ write_timeout:
+ description: 'The timeout in milliseconds between two successive write
+ operations for transmitting a request to the upstream server. Deprecated:
+ use Service''s "konghq.com/write-timeout" annotation instead.'
+ minimum: 0
+ type: integer
+ type: object
+ route:
+ description: Route define rules to match client requests. Each Route is
+ associated with a Service, and a Service may have multiple Routes associated
+ to it.
+ properties:
+ headers:
+ additionalProperties:
+ items:
+ type: string
+ type: array
+ description: 'Headers contains one or more lists of values indexed
+ by header name that will cause this Route to match if present in
+ the request. The Host header cannot be used with this attribute.
+ Deprecated: use Ingress'' "konghq.com/headers" annotation instead.'
+ type: object
+ https_redirect_status_code:
+ description: 'HTTPSRedirectStatusCode is the status code Kong responds
+ with when all properties of a Route match except the protocol. Deprecated:
+ use Ingress'' "ingress.kubernetes.io/force-ssl-redirect" or "konghq.com/https-redirect-status-code"
+ annotations instead.'
+ type: integer
+ methods:
+ description: 'Methods is a list of HTTP methods that match this Route.
+ Deprecated: use Ingress'' "konghq.com/methods" annotation instead.'
+ items:
+ type: string
+ type: array
+ path_handling:
+ description: 'PathHandling controls how the Service path, Route path
+ and requested path are combined when sending a request to the upstream.
+ Deprecated: use Ingress'' "konghq.com/path-handling" annotation
+ instead.'
+ enum:
+ - v0
+ - v1
+ type: string
+ preserve_host:
+ description: 'PreserveHost sets When matching a Route via one of the
+ hosts domain names, use the request Host header in the upstream
+ request headers. If set to false, the upstream Host header will
+ be that of the Service’s host. Deprecated: use Ingress'' "konghq.com/preserve-host"
+ annotation instead.'
+ type: boolean
+ protocols:
+ description: 'Protocols is an array of the protocols this Route should
+ allow. Deprecated: use Ingress'' "konghq.com/protocols" annotation
+ instead.'
+ items:
+ description: KongProtocol is a valid Kong protocol. This alias is
+ necessary to deal with https://github.com/kubernetes-sigs/controller-tools/issues/342
+ enum:
+ - http
+ - https
+ - grpc
+ - grpcs
+ - tcp
+ - tls
+ - udp
+ type: string
+ type: array
+ regex_priority:
+ description: 'RegexPriority is a number used to choose which route
+ resolves a given request when several routes match it using regexes
+ simultaneously. Deprecated: use Ingress'' "konghq.com/regex-priority"
+ annotation instead.'
+ type: integer
+ request_buffering:
+ description: 'RequestBuffering sets whether to enable request body
+ buffering or not. Deprecated: use Ingress'' "konghq.com/request-buffering"
+ annotation instead.'
+ type: boolean
+ response_buffering:
+ description: 'ResponseBuffering sets whether to enable response body
+ buffering or not. Deprecated: use Ingress'' "konghq.com/response-buffering"
+ annotation instead.'
+ type: boolean
+ snis:
+ description: 'SNIs is a list of SNIs that match this Route when using
+ stream routing. Deprecated: use Ingress'' "konghq.com/snis" annotation
+ instead.'
+ items:
+ type: string
+ type: array
+ strip_path:
+ description: 'StripPath sets When matching a Route via one of the
+ paths strip the matching prefix from the upstream request URL. Deprecated:
+ use Ingress'' "konghq.com/strip-path" annotation instead.'
+ type: boolean
+ type: object
+ upstream:
+ description: Upstream represents a virtual hostname and can be used to
+ loadbalance incoming requests over multiple targets (e.g. Kubernetes
+ `Services` can be a target, OR `Endpoints` can be targets).
+ properties:
+ algorithm:
+ description: Algorithm is the load balancing algorithm to use.
+ enum:
+ - round-robin
+ - consistent-hashing
+ - least-connections
+ type: string
+ hash_fallback:
+ description: 'HashFallback defines What to use as hashing input if
+ the primary hash_on does not return a hash. Accepted values are:
+ "none", "consumer", "ip", "header", "cookie".'
+ type: string
+ hash_fallback_header:
+ description: HashFallbackHeader is the header name to take the value
+ from as hash input. Only required when "hash_fallback" is set to
+ "header".
+ type: string
+ hash_fallback_query_arg:
+ description: HashFallbackQueryArg is the "hash_fallback" version of
+ HashOnQueryArg.
+ type: string
+ hash_fallback_uri_capture:
+ description: HashFallbackURICapture is the "hash_fallback" version
+ of HashOnURICapture.
+ type: string
+ hash_on:
+ description: 'HashOn defines what to use as hashing input. Accepted
+ values are: "none", "consumer", "ip", "header", "cookie", "path",
+ "query_arg", "uri_capture".'
+ type: string
+ hash_on_cookie:
+ description: The cookie name to take the value from as hash input.
+ Only required when "hash_on" or "hash_fallback" is set to "cookie".
+ type: string
+ hash_on_cookie_path:
+ description: The cookie path to set in the response headers. Only
+ required when "hash_on" or "hash_fallback" is set to "cookie".
+ type: string
+ hash_on_header:
+ description: HashOnHeader defines the header name to take the value
+ from as hash input. Only required when "hash_on" is set to "header".
+ type: string
+ hash_on_query_arg:
+ description: HashOnQueryArg is the query string parameter whose value
+ is the hash input when "hash_on" is set to "query_arg".
+ type: string
+ hash_on_uri_capture:
+ description: HashOnURICapture is the name of the capture group whose
+ value is the hash input when "hash_on" is set to "uri_capture".
+ type: string
+ healthchecks:
+ description: Healthchecks defines the health check configurations
+ in Kong.
+ properties:
+ active:
+ description: ActiveHealthcheck configures active health check
+ probing.
+ properties:
+ concurrency:
+ minimum: 1
+ type: integer
+ healthy:
+ description: Healthy configures thresholds and HTTP status
+ codes to mark targets healthy for an upstream.
+ properties:
+ http_statuses:
+ items:
+ type: integer
+ type: array
+ interval:
+ minimum: 0
+ type: integer
+ successes:
+ minimum: 0
+ type: integer
+ type: object
+ http_path:
+ pattern: ^/.*$
+ type: string
+ https_sni:
+ type: string
+ https_verify_certificate:
+ type: boolean
+ timeout:
+ minimum: 0
+ type: integer
+ type:
+ type: string
+ unhealthy:
+ description: Unhealthy configures thresholds and HTTP status
+ codes to mark targets unhealthy.
+ properties:
+ http_failures:
+ minimum: 0
+ type: integer
+ http_statuses:
+ items:
+ type: integer
+ type: array
+ interval:
+ minimum: 0
+ type: integer
+ tcp_failures:
+ minimum: 0
+ type: integer
+ timeouts:
+ minimum: 0
+ type: integer
+ type: object
+ type: object
+ passive:
+ description: PassiveHealthcheck configures passive checks around
+ passive health checks.
+ properties:
+ healthy:
+ description: Healthy configures thresholds and HTTP status
+ codes to mark targets healthy for an upstream.
+ properties:
+ http_statuses:
+ items:
+ type: integer
+ type: array
+ interval:
+ minimum: 0
+ type: integer
+ successes:
+ minimum: 0
+ type: integer
+ type: object
+ type:
+ type: string
+ unhealthy:
+ description: Unhealthy configures thresholds and HTTP status
+ codes to mark targets unhealthy.
+ properties:
+ http_failures:
+ minimum: 0
+ type: integer
+ http_statuses:
+ items:
+ type: integer
+ type: array
+ interval:
+ minimum: 0
+ type: integer
+ tcp_failures:
+ minimum: 0
+ type: integer
+ timeouts:
+ minimum: 0
+ type: integer
+ type: object
+ type: object
+ threshold:
+ type: number
+ type: object
+ host_header:
+ description: HostHeader is The hostname to be used as Host header
+ when proxying requests through Kong.
+ type: string
+ slots:
+ description: Slots is the number of slots in the load balancer algorithm.
+ minimum: 10
+ type: integer
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.3
+ creationTimestamp: null
+ name: kongplugins.configuration.konghq.com
+spec:
+ group: configuration.konghq.com
+ names:
+ categories:
+ - kong-ingress-controller
+ kind: KongPlugin
+ listKind: KongPluginList
+ plural: kongplugins
+ shortNames:
+ - kp
+ singular: kongplugin
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: Name of the plugin
+ jsonPath: .plugin
+ name: Plugin-Type
+ type: string
+ - description: Age
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ - description: Indicates if the plugin is disabled
+ jsonPath: .disabled
+ name: Disabled
+ priority: 1
+ type: boolean
+ - description: Configuration of the plugin
+ jsonPath: .config
+ name: Config
+ priority: 1
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: KongPlugin is the Schema for the kongplugins API.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ config:
+ description: Config contains the plugin configuration. It's a list of
+ keys and values required to configure the plugin. Please read the documentation
+ of the plugin being configured to set values in here. For any plugin
+ in Kong, anything that goes in the `config` JSON key in the Admin API
+ request, goes into this property. Only one of `config` or `configFrom`
+ may be used in a KongPlugin, not both at once.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ configFrom:
+ description: ConfigFrom references a secret containing the plugin configuration.
+ This should be used when the plugin configuration contains sensitive
+ information, such as AWS credentials in the Lambda plugin or the client
+ secret in the OIDC plugin. Only one of `config` or `configFrom` may
+ be used in a KongPlugin, not both at once.
+ properties:
+ secretKeyRef:
+ description: Specifies a name and a key of a secret to refer to. The
+ namespace is implicitly set to the one of referring object.
+ properties:
+ key:
+ description: The key containing the value.
+ type: string
+ name:
+ description: The secret containing the key.
+ type: string
+ required:
+ - key
+ - name
+ type: object
+ type: object
+ consumerRef:
+ description: ConsumerRef is a reference to a particular consumer.
+ type: string
+ disabled:
+ description: Disabled set if the plugin is disabled or not.
+ type: boolean
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ ordering:
+ description: 'Ordering overrides the normal plugin execution order. It''s
+ only available on Kong Enterprise. `` is a request processing
+ phase (for example, `access` or `body_filter`) and `` is the
+ name of the plugin that will run before or after the KongPlugin. For
+ example, a KongPlugin with `plugin: rate-limiting` and `before.access:
+ ["key-auth"]` will create a rate limiting plugin that limits requests
+ _before_ they are authenticated.'
+ properties:
+ after:
+ additionalProperties:
+ items:
+ type: string
+ type: array
+ description: PluginOrderingPhase indicates which plugins in a phase
+ should affect the target plugin's order
+ type: object
+ before:
+ additionalProperties:
+ items:
+ type: string
+ type: array
+ description: PluginOrderingPhase indicates which plugins in a phase
+ should affect the target plugin's order
+ type: object
+ type: object
+ plugin:
+ description: PluginName is the name of the plugin to which to apply the
+ config.
+ type: string
+ protocols:
+ description: Protocols configures plugin to run on requests received on
+ specific protocols.
+ items:
+ description: KongProtocol is a valid Kong protocol. This alias is necessary
+ to deal with https://github.com/kubernetes-sigs/controller-tools/issues/342
+ enum:
+ - http
+ - https
+ - grpc
+ - grpcs
+ - tcp
+ - tls
+ - udp
+ type: string
+ type: array
+ run_on:
+ description: RunOn configures the plugin to run on the first or the second
+ or both nodes in case of a service mesh deployment.
+ enum:
+ - first
+ - second
+ - all
+ type: string
+ required:
+ - plugin
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.3
+ creationTimestamp: null
+ name: tcpingresses.configuration.konghq.com
+spec:
+ group: configuration.konghq.com
+ names:
+ categories:
+ - kong-ingress-controller
+ kind: TCPIngress
+ listKind: TCPIngressList
+ plural: tcpingresses
+ singular: tcpingress
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: Address of the load balancer
+ jsonPath: .status.loadBalancer.ingress[*].ip
+ name: Address
+ type: string
+ - description: Age
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: TCPIngress is the Schema for the tcpingresses API.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: Spec is the TCPIngress specification.
+ properties:
+ rules:
+ description: A list of rules used to configure the Ingress.
+ items:
+ description: IngressRule represents a rule to apply against incoming
+ requests. Matching is performed based on an (optional) SNI and
+ port.
+ properties:
+ backend:
+ description: Backend defines the referenced service endpoint
+ to which the traffic will be forwarded to.
+ properties:
+ serviceName:
+ description: Specifies the name of the referenced service.
+ minLength: 1
+ type: string
+ servicePort:
+ description: Specifies the port of the referenced service.
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ required:
+ - serviceName
+ - servicePort
+ type: object
+ host:
+ description: Host is the fully qualified domain name of a network
+ host, as defined by RFC 3986. If a Host is not specified,
+ then port-based TCP routing is performed. Kong doesn't care
+ about the content of the TCP stream in this case. If a Host
+ is specified, the protocol must be TLS over TCP. A plain-text
+ TCP request cannot be routed based on Host. It can only be
+ routed based on Port.
+ type: string
+ port:
+ description: Port is the port on which to accept TCP or TLS
+ over TCP sessions and route. It is a required field. If a
+ Host is not specified, the requested are routed based only
+ on Port.
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ required:
+ - backend
+ - port
+ type: object
+ type: array
+ tls:
+ description: TLS configuration. This is similar to the `tls` section
+ in the Ingress resource in networking.v1beta1 group. The mapping
+ of SNIs to TLS cert-key pair defined here will be used for HTTP
+ Ingress rules as well. Once can define the mapping in this resource
+ or the original Ingress resource, both have the same effect.
+ items:
+ description: IngressTLS describes the transport layer security.
+ properties:
+ hosts:
+ description: Hosts are a list of hosts included in the TLS certificate.
+ The values in this list must match the name/s used in the
+ tlsSecret. Defaults to the wildcard host setting for the loadbalancer
+ controller fulfilling this Ingress, if left unspecified.
+ items:
+ type: string
+ type: array
+ secretName:
+ description: SecretName is the name of the secret used to terminate
+ SSL traffic.
+ type: string
+ type: object
+ type: array
+ type: object
+ status:
+ description: TCPIngressStatus defines the observed state of TCPIngress.
+ properties:
+ loadBalancer:
+ description: LoadBalancer contains the current status of the load-balancer.
+ properties:
+ ingress:
+ description: Ingress is a list containing ingress points for the
+ load-balancer. Traffic intended for the service should be sent
+ to these ingress points.
+ items:
+ description: 'LoadBalancerIngress represents the status of a
+ load-balancer ingress point: traffic intended for the service
+ should be sent to an ingress point.'
+ properties:
+ hostname:
+ description: Hostname is set for load-balancer ingress points
+ that are DNS based (typically AWS load-balancers)
+ type: string
+ ip:
+ description: IP is set for load-balancer ingress points
+ that are IP based (typically GCE or OpenStack load-balancers)
+ type: string
+ ports:
+ description: Ports is a list of records of service ports
+ If used, every port defined in the service should have
+ an entry in it
+ items:
+ properties:
+ error:
+ description: 'Error is to record the problem with
+ the service port The format of the error shall comply
+ with the following rules: - built-in error values
+ shall be specified in this file and those shall
+ use CamelCase names - cloud provider specific error
+ values must have names that comply with the format
+ foo.example.com/CamelCase. --- The regex it matches
+ is (dns1123SubdomainFmt/)?(qualifiedNameFmt)'
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ port:
+ description: Port is the port number of the service
+ port of which status is recorded here
+ format: int32
+ type: integer
+ protocol:
+ default: TCP
+ description: 'Protocol is the protocol of the service
+ port of which status is recorded here The supported
+ values are: "TCP", "UDP", "SCTP"'
+ type: string
+ required:
+ - port
+ - protocol
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ type: array
+ type: object
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.11.3
+ creationTimestamp: null
+ name: udpingresses.configuration.konghq.com
+spec:
+ group: configuration.konghq.com
+ names:
+ categories:
+ - kong-ingress-controller
+ kind: UDPIngress
+ listKind: UDPIngressList
+ plural: udpingresses
+ singular: udpingress
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: Address of the load balancer
+ jsonPath: .status.loadBalancer.ingress[*].ip
+ name: Address
+ type: string
+ - description: Age
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: UDPIngress is the Schema for the udpingresses API.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: Spec is the UDPIngress specification.
+ properties:
+ rules:
+ description: A list of rules used to configure the Ingress.
+ items:
+ description: UDPIngressRule represents a rule to apply against incoming
+ requests wherein no Host matching is available for request routing,
+ only the port is used to match requests.
+ properties:
+ backend:
+ description: Backend defines the Kubernetes service which accepts
+ traffic from the listening Port defined above.
+ properties:
+ serviceName:
+ description: Specifies the name of the referenced service.
+ minLength: 1
+ type: string
+ servicePort:
+ description: Specifies the port of the referenced service.
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ required:
+ - serviceName
+ - servicePort
+ type: object
+ port:
+ description: Port indicates the port for the Kong proxy to accept
+ incoming traffic on, which will then be routed to the service
+ Backend.
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ required:
+ - backend
+ - port
+ type: object
+ type: array
+ type: object
+ status:
+ description: UDPIngressStatus defines the observed state of UDPIngress.
+ properties:
+ loadBalancer:
+ description: LoadBalancer contains the current status of the load-balancer.
+ properties:
+ ingress:
+ description: Ingress is a list containing ingress points for the
+ load-balancer. Traffic intended for the service should be sent
+ to these ingress points.
+ items:
+ description: 'LoadBalancerIngress represents the status of a
+ load-balancer ingress point: traffic intended for the service
+ should be sent to an ingress point.'
+ properties:
+ hostname:
+ description: Hostname is set for load-balancer ingress points
+ that are DNS based (typically AWS load-balancers)
+ type: string
+ ip:
+ description: IP is set for load-balancer ingress points
+ that are IP based (typically GCE or OpenStack load-balancers)
+ type: string
+ ports:
+ description: Ports is a list of records of service ports
+ If used, every port defined in the service should have
+ an entry in it
+ items:
+ properties:
+ error:
+ description: 'Error is to record the problem with
+ the service port The format of the error shall comply
+ with the following rules: - built-in error values
+ shall be specified in this file and those shall
+ use CamelCase names - cloud provider specific error
+ values must have names that comply with the format
+ foo.example.com/CamelCase. --- The regex it matches
+ is (dns1123SubdomainFmt/)?(qualifiedNameFmt)'
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ port:
+ description: Port is the port number of the service
+ port of which status is recorded here
+ format: int32
+ type: integer
+ protocol:
+ default: TCP
+ description: 'Protocol is the protocol of the service
+ port of which status is recorded here The supported
+ values are: "TCP", "UDP", "SCTP"'
+ type: string
+ required:
+ - port
+ - protocol
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ type: array
+ type: object
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: kong-serviceaccount
+ namespace: kong
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: kong-leader-election
+ namespace: kong
+rules:
+- apiGroups:
+ - ""
+ - coordination.k8s.io
+ resources:
+ - configmaps
+ - leases
+ verbs:
+ - get
+ - list
+ - watch
+ - create
+ - update
+ - patch
+ - delete
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ creationTimestamp: null
+ name: kong-ingress
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - endpoints
+ verbs:
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - endpoints/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+- apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - pods
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - secrets
+ verbs:
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - secrets/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - ""
+ resources:
+ - services
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - services/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - ingressclassparameterses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - kongclusterplugins
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - kongclusterplugins/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - kongconsumers
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - kongconsumers/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - kongingresses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - kongingresses/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - kongplugins
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - kongplugins/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - tcpingresses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - tcpingresses/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - udpingresses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - configuration.konghq.com
+ resources:
+ - udpingresses/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - discovery.k8s.io
+ resources:
+ - endpointslices
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - extensions
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - extensions
+ resources:
+ - ingresses/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingressclasses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingresses/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - apiextensions.k8s.io
+ resources:
+ - customresourcedefinitions
+ verbs:
+ - list
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ creationTimestamp: null
+ name: kong-ingress-gateway
+rules:
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - gatewayclasses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - gatewayclasses/status
+ verbs:
+ - get
+ - update
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - gateways
+ verbs:
+ - get
+ - list
+ - update
+ - watch
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - gateways/status
+ verbs:
+ - get
+ - update
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - grpcroutes
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - grpcroutes/status
+ verbs:
+ - get
+ - patch
+ - update
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - httproutes
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - httproutes/status
+ verbs:
+ - get
+ - update
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - referencegrants
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - referencegrants/status
+ verbs:
+ - get
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - tcproutes
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - tcproutes/status
+ verbs:
+ - get
+ - update
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - tlsroutes
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - tlsroutes/status
+ verbs:
+ - get
+ - update
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - udproutes
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - udproutes/status
+ verbs:
+ - get
+ - update
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ creationTimestamp: null
+ name: kong-ingress-knative
+rules:
+- apiGroups:
+ - networking.internal.knative.dev
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - networking.internal.knative.dev
+ resources:
+ - ingresses/status
+ verbs:
+ - get
+ - patch
+ - update
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: kong-leader-election
+ namespace: kong
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: kong-leader-election
+subjects:
+- kind: ServiceAccount
+ name: kong-serviceaccount
+ namespace: kong
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: kong-ingress
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: kong-ingress
+subjects:
+- kind: ServiceAccount
+ name: kong-serviceaccount
+ namespace: kong
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: kong-ingress-gateway
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: kong-ingress-gateway
+subjects:
+- kind: ServiceAccount
+ name: kong-serviceaccount
+ namespace: kong
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: kong-ingress-knative
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: kong-ingress-knative
+subjects:
+- kind: ServiceAccount
+ name: kong-serviceaccount
+ namespace: kong
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: kong-admin
+ namespace: kong
+spec:
+ clusterIP: None
+ ports:
+ - name: admin
+ port: 8444
+ protocol: TCP
+ targetPort: 8444
+ selector:
+ app: proxy-kong
+---
+apiVersion: v1
+kind: Service
+metadata:
+ annotations:
+ service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
+ service.beta.kubernetes.io/aws-load-balancer-type: nlb
+ name: kong-proxy
+ namespace: kong
+spec:
+ ports:
+ - name: proxy
+ port: 80
+ protocol: TCP
+ targetPort: 8000
+ - name: proxy-ssl
+ port: 443
+ protocol: TCP
+ targetPort: 8443
+ selector:
+ app: proxy-kong
+ type: LoadBalancer
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: kong-validation-webhook
+ namespace: kong
+spec:
+ ports:
+ - name: webhook
+ port: 443
+ protocol: TCP
+ targetPort: 8080
+ selector:
+ app: ingress-kong
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ app: ingress-kong
+ name: ingress-kong
+ namespace: kong
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: ingress-kong
+ template:
+ metadata:
+ annotations:
+ kuma.io/gateway: enabled
+ kuma.io/service-account-token-volume: kong-serviceaccount-token
+ traffic.sidecar.istio.io/includeInboundPorts: ""
+ labels:
+ app: ingress-kong
+ spec:
+ automountServiceAccountToken: false
+ containers:
+ - env:
+ - name: CONTROLLER_KONG_ADMIN_SVC
+ value: kong/kong-admin
+ - name: CONTROLLER_KONG_ADMIN_TLS_SKIP_VERIFY
+ value: "true"
+ - name: CONTROLLER_PUBLISH_SERVICE
+ value: kong/kong-proxy
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.name
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: {{.CustomRegistries.KongIngress | default .ImageRepository | default .Registries.KongIngress}}{{.Images.KongIngress}}
+ imagePullPolicy: IfNotPresent
+ livenessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /healthz
+ port: 10254
+ scheme: HTTP
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ name: ingress-controller
+ ports:
+ - containerPort: 8080
+ name: webhook
+ protocol: TCP
+ - containerPort: 10255
+ name: cmetrics
+ protocol: TCP
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /readyz
+ port: 10254
+ scheme: HTTP
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ volumeMounts:
+ - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
+ name: kong-serviceaccount-token
+ readOnly: true
+ serviceAccountName: kong-serviceaccount
+ volumes:
+ - name: kong-serviceaccount-token
+ projected:
+ sources:
+ - serviceAccountToken:
+ expirationSeconds: 3607
+ path: token
+ - configMap:
+ items:
+ - key: ca.crt
+ path: ca.crt
+ name: kube-root-ca.crt
+ - downwardAPI:
+ items:
+ - fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ path: namespace
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ app: proxy-kong
+ name: proxy-kong
+ namespace: kong
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: proxy-kong
+ template:
+ metadata:
+ annotations:
+ kuma.io/gateway: enabled
+ kuma.io/service-account-token-volume: kong-serviceaccount-token
+ traffic.sidecar.istio.io/includeInboundPorts: ""
+ labels:
+ app: proxy-kong
+ spec:
+ automountServiceAccountToken: false
+ containers:
+ - env:
+ - name: KONG_PROXY_LISTEN
+ value: 0.0.0.0:8000 reuseport backlog=16384, 0.0.0.0:8443 http2 ssl reuseport
+ backlog=16384
+ - name: KONG_PORT_MAPS
+ value: 80:8000, 443:8443
+ - name: KONG_ADMIN_LISTEN
+ value: 0.0.0.0:8444 http2 ssl reuseport backlog=16384
+ - name: KONG_STATUS_LISTEN
+ value: 0.0.0.0:8100
+ - name: KONG_DATABASE
+ value: "off"
+ - name: KONG_NGINX_WORKER_PROCESSES
+ value: "2"
+ - name: KONG_KIC
+ value: "on"
+ - name: KONG_ADMIN_ACCESS_LOG
+ value: /dev/stdout
+ - name: KONG_ADMIN_ERROR_LOG
+ value: /dev/stderr
+ - name: KONG_PROXY_ERROR_LOG
+ value: /dev/stderr
+ - name: KONG_ROUTER_FLAVOR
+ value: traditional
+ image: {{.CustomRegistries.Kong | default .ImageRepository | default .Registries.Kong}}{{.Images.Kong}}
+ lifecycle:
+ preStop:
+ exec:
+ command:
+ - /bin/bash
+ - -c
+ - kong quit
+ livenessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /status
+ port: 8100
+ scheme: HTTP
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ name: proxy
+ ports:
+ - containerPort: 8000
+ name: proxy
+ protocol: TCP
+ - containerPort: 8443
+ name: proxy-ssl
+ protocol: TCP
+ - containerPort: 8100
+ name: metrics
+ protocol: TCP
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /status
+ port: 8100
+ scheme: HTTP
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ serviceAccountName: kong-serviceaccount
+ volumes:
+ - name: kong-serviceaccount-token
+ projected:
+ sources:
+ - serviceAccountToken:
+ expirationSeconds: 3607
+ path: token
+ - configMap:
+ items:
+ - key: ca.crt
+ path: ca.crt
+ name: kube-root-ca.crt
+ - downwardAPI:
+ items:
+ - fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ path: namespace
+---
+apiVersion: networking.k8s.io/v1
+kind: IngressClass
+metadata:
+ name: kong
+spec:
+ controller: ingress-controllers.konghq.com/kong
diff --git a/deploy/addons/kubeflow/kubeflow.yaml b/deploy/addons/kubeflow/kubeflow.yaml
new file mode 100644
index 000000000000..6735fa8d21c4
--- /dev/null
+++ b/deploy/addons/kubeflow/kubeflow.yaml
@@ -0,0 +1,126526 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: auth
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: cert-manager
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ labels:
+ istio-injection: disabled
+ istio-operator-managed: Reconcile
+ name: istio-system
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ labels:
+ app.kubernetes.io/component: knative-eventing
+ app.kubernetes.io/name: knative-eventing
+ app.kubernetes.io/version: 1.10.1
+ kustomize.component: knative
+ name: knative-eventing
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ labels:
+ app.kubernetes.io/name: knative-serving
+ app.kubernetes.io/version: 1.10.2
+ istio-injection: enabled
+ name: knative-serving
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ labels:
+ control-plane: kubeflow
+ istio-injection: enabled
+ name: kubeflow
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ registry.knative.dev/eventTypes: |
+ [
+ { "type": "dev.knative.apiserver.resource.add" },
+ { "type": "dev.knative.apiserver.resource.delete" },
+ { "type": "dev.knative.apiserver.resource.update" },
+ { "type": "dev.knative.apiserver.ref.add" },
+ { "type": "dev.knative.apiserver.ref.delete" },
+ { "type": "dev.knative.apiserver.ref.update" }
+ ]
+ creationTimestamp: null
+ labels:
+ app.kubernetes.io/component: knative-eventing
+ app.kubernetes.io/name: knative-eventing
+ app.kubernetes.io/version: 1.10.1
+ duck.knative.dev/source: "true"
+ eventing.knative.dev/source: "true"
+ knative.dev/crd-install: "true"
+ kustomize.component: knative
+ name: apiserversources.sources.knative.dev
+spec:
+ group: sources.knative.dev
+ names:
+ categories:
+ - all
+ - knative
+ - sources
+ kind: ApiServerSource
+ plural: apiserversources
+ singular: apiserversource
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.sinkUri
+ name: Sink
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ - jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].reason
+ name: Reason
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: ApiServerSource is an event source that brings Kubernetes API
+ server events into Knative.
+ properties:
+ spec:
+ properties:
+ ceOverrides:
+ description: CloudEventOverrides defines overrides to control the
+ output format and modifications of the event sent to the sink.
+ properties:
+ extensions:
+ description: Extensions specify what attribute are added or overridden
+ on the outbound event. Each `Extensions` key-value pair are
+ set on the event as an attribute extension independently.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ mode:
+ description: EventMode controls the format of the event. `Reference`
+ sends a dataref event type for the resource under watch. `Resource`
+ send the full resource lifecycle event. Defaults to `Reference`
+ type: string
+ namespaceSelector:
+ description: NamespaceSelector is a label selector to capture the
+ namespaces that should be watched by the source.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship to
+ a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ owner:
+ description: ResourceOwner is an additional filter to only track resources
+ that are owned by a specific resource type. If ResourceOwner matches
+ Resources[n] then Resources[n] is allowed to pass the ResourceOwner
+ filter.
+ properties:
+ apiVersion:
+ description: APIVersion - the API version of the resource to watch.
+ type: string
+ kind:
+ description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ type: object
+ resources:
+ description: Resource are the resources this source will track and
+ send related lifecycle events from the Kubernetes ApiServer, with
+ an optional label selector to help filter.
+ items:
+ properties:
+ apiVersion:
+ description: APIVersion - the API version of the resource to
+ watch.
+ type: string
+ kind:
+ description: 'Kind of the resource to watch. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ selector:
+ description: 'LabelSelector filters this source to objects to
+ those resources pass the label selector. More info: http://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors'
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn,
+ Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists or
+ DoesNotExist, the values array must be empty. This
+ array is replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ matchLabels:
+ description: matchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ type: object
+ type: array
+ serviceAccountName:
+ description: ServiceAccountName is the name of the ServiceAccount
+ to use to run this source. Defaults to default if not set.
+ type: string
+ sink:
+ description: Sink is a reference to an object that will resolve to
+ a uri to use as the sink.
+ properties:
+ ref:
+ description: Ref points to an Addressable.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ This is optional field, it gets defaulted to the object
+ holding it if left out.'
+ type: string
+ type: object
+ uri:
+ description: URI can be an absolute URL(non-empty scheme and non-empty
+ host) pointing to the target or a relative URI. Relative URIs
+ will be resolved using the base URI retrieved from Ref.
+ type: string
+ type: object
+ required:
+ - resources
+ type: object
+ status:
+ properties:
+ annotations:
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ceAttributes:
+ description: CloudEventAttributes are the specific attributes that
+ the Source uses as part of its CloudEvents.
+ items:
+ properties:
+ source:
+ description: Source is the CloudEvents source attribute.
+ type: string
+ type:
+ description: Type refers to the CloudEvent type attribute.
+ type: string
+ type: object
+ type: array
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - type
+ - status
+ type: object
+ type: array
+ namespaces:
+ description: Namespaces show the namespaces currently watched by the
+ ApiServerSource
+ items:
+ type: string
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ sinkUri:
+ description: SinkURI is the current active sink URI that has been
+ configured for the Source.
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ name: authcodes.dex.coreos.com
+spec:
+ group: dex.coreos.com
+ names:
+ kind: AuthCode
+ listKind: AuthCodeList
+ plural: authcodes
+ singular: authcode
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ served: true
+ storage: true
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ helm.sh/resource-policy: keep
+ labels:
+ app: istio-pilot
+ chart: istio
+ heritage: Tiller
+ istio: security
+ release: istio
+ name: authorizationpolicies.security.istio.io
+spec:
+ group: security.istio.io
+ names:
+ categories:
+ - istio-io
+ - security-istio-io
+ kind: AuthorizationPolicy
+ listKind: AuthorizationPolicyList
+ plural: authorizationpolicies
+ singular: authorizationpolicy
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ description: 'Configuration for access control on workloads. See more
+ details at: https://istio.io/docs/reference/config/security/authorization-policy.html'
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - provider
+ - required:
+ - provider
+ properties:
+ action:
+ description: Optional.
+ enum:
+ - ALLOW
+ - DENY
+ - AUDIT
+ - CUSTOM
+ type: string
+ provider:
+ description: Specifies detailed configuration of the CUSTOM action.
+ properties:
+ name:
+ description: Specifies the name of the extension provider.
+ type: string
+ type: object
+ rules:
+ description: Optional.
+ items:
+ properties:
+ from:
+ description: Optional.
+ items:
+ properties:
+ source:
+ description: Source specifies the source of a request.
+ properties:
+ ipBlocks:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ namespaces:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notIpBlocks:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notNamespaces:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notPrincipals:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notRemoteIpBlocks:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notRequestPrincipals:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ principals:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ remoteIpBlocks:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ requestPrincipals:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ type: array
+ to:
+ description: Optional.
+ items:
+ properties:
+ operation:
+ description: Operation specifies the operation of a request.
+ properties:
+ hosts:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ methods:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notHosts:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notMethods:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notPaths:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notPorts:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ paths:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ ports:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ type: array
+ when:
+ description: Optional.
+ items:
+ properties:
+ key:
+ description: The name of an Istio attribute.
+ type: string
+ notValues:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ values:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ type: object
+ type: array
+ selector:
+ description: Optional.
+ properties:
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ type: object
+ status:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ served: true
+ storage: false
+ subresources:
+ status: {}
+ - name: v1beta1
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ description: 'Configuration for access control on workloads. See more
+ details at: https://istio.io/docs/reference/config/security/authorization-policy.html'
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - provider
+ - required:
+ - provider
+ properties:
+ action:
+ description: Optional.
+ enum:
+ - ALLOW
+ - DENY
+ - AUDIT
+ - CUSTOM
+ type: string
+ provider:
+ description: Specifies detailed configuration of the CUSTOM action.
+ properties:
+ name:
+ description: Specifies the name of the extension provider.
+ type: string
+ type: object
+ rules:
+ description: Optional.
+ items:
+ properties:
+ from:
+ description: Optional.
+ items:
+ properties:
+ source:
+ description: Source specifies the source of a request.
+ properties:
+ ipBlocks:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ namespaces:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notIpBlocks:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notNamespaces:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notPrincipals:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notRemoteIpBlocks:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notRequestPrincipals:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ principals:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ remoteIpBlocks:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ requestPrincipals:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ type: array
+ to:
+ description: Optional.
+ items:
+ properties:
+ operation:
+ description: Operation specifies the operation of a request.
+ properties:
+ hosts:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ methods:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notHosts:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notMethods:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notPaths:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ notPorts:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ paths:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ ports:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ type: array
+ when:
+ description: Optional.
+ items:
+ properties:
+ key:
+ description: The name of an Istio attribute.
+ type: string
+ notValues:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ values:
+ description: Optional.
+ items:
+ type: string
+ type: array
+ type: object
+ type: array
+ type: object
+ type: array
+ selector:
+ description: Optional.
+ properties:
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ type: object
+ status:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app.kubernetes.io/component: knative-eventing
+ app.kubernetes.io/name: knative-eventing
+ app.kubernetes.io/version: 1.10.1
+ duck.knative.dev/addressable: "true"
+ knative.dev/crd-install: "true"
+ kustomize.component: knative
+ name: brokers.eventing.knative.dev
+spec:
+ group: eventing.knative.dev
+ names:
+ categories:
+ - all
+ - knative
+ - eventing
+ kind: Broker
+ plural: brokers
+ singular: broker
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.address.url
+ name: URL
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ - jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].reason
+ name: Reason
+ type: string
+ - jsonPath: .metadata.annotations.eventing\.knative\.dev/broker\.class
+ name: Class
+ priority: 1
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: Broker collects a pool of events that are consumable using Triggers.
+ Brokers provide a well-known endpoint for event delivery that senders can
+ use with minimal knowledge of the event routing strategy. Subscribers use
+ Triggers to request delivery of events from a Broker's pool to a specific
+ URL or Addressable endpoint.
+ properties:
+ spec:
+ description: Spec defines the desired state of the Broker.
+ properties:
+ config:
+ description: Config is a KReference to the configuration that specifies
+ configuration options for this Broker. For example, this could be
+ a pointer to a ConfigMap.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ This is optional field, it gets defaulted to the object holding
+ it if left out.'
+ type: string
+ type: object
+ delivery:
+ description: Delivery contains the delivery spec for each trigger
+ to this Broker. Each trigger delivery spec, if any, overrides this
+ global delivery spec.
+ properties:
+ backoffDelay:
+ description: 'BackoffDelay is the delay before retrying. More
+ information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html
+ - https://en.wikipedia.org/wiki/ISO_8601 For linear policy,
+ backoff delay is backoffDelay*. For exponential
+ policy, backoff delay is backoffDelay*2^.'
+ type: string
+ backoffPolicy:
+ description: BackoffPolicy is the retry backoff policy (linear,
+ exponential).
+ type: string
+ deadLetterSink:
+ description: DeadLetterSink is the sink receiving event that could
+ not be sent to a destination.
+ properties:
+ ref:
+ description: Ref points to an Addressable.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ This is optional field, it gets defaulted to the object
+ holding it if left out.'
+ type: string
+ type: object
+ uri:
+ description: URI can be an absolute URL(non-empty scheme and
+ non-empty host) pointing to the target or a relative URI.
+ Relative URIs will be resolved using the base URI retrieved
+ from Ref.
+ type: string
+ type: object
+ retry:
+ description: Retry is the minimum number of retries the sender
+ should attempt when sending an event before moving it to the
+ dead letter sink.
+ format: int32
+ type: integer
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ status:
+ description: Status represents the current state of the Broker. This data
+ may be out of date.
+ properties:
+ address:
+ description: Broker is Addressable. It exposes the endpoint as an
+ URI to get events delivered into the Broker mesh.
+ properties:
+ url:
+ type: string
+ type: object
+ annotations:
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - type
+ - status
+ type: object
+ type: array
+ deadLetterSinkUri:
+ description: DeadLetterSinkURI is the resolved URI of the dead letter
+ sink that will be used as a fallback when not specified by Triggers.
+ type: string
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app: cert-manager
+ app.kubernetes.io/instance: cert-manager
+ app.kubernetes.io/name: cert-manager
+ app.kubernetes.io/version: v1.12.2
+ name: certificaterequests.cert-manager.io
+spec:
+ group: cert-manager.io
+ names:
+ categories:
+ - cert-manager
+ kind: CertificateRequest
+ listKind: CertificateRequestList
+ plural: certificaterequests
+ shortNames:
+ - cr
+ - crs
+ singular: certificaterequest
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.conditions[?(@.type=="Approved")].status
+ name: Approved
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Denied")].status
+ name: Denied
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - jsonPath: .spec.issuerRef.name
+ name: Issuer
+ type: string
+ - jsonPath: .spec.username
+ name: Requestor
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].message
+ name: Status
+ priority: 1
+ type: string
+ - description: CreationTimestamp is a timestamp representing the server time when
+ this object was created. It is not guaranteed to be set in happens-before
+ order across separate operations. Clients may not set this value. It is represented
+ in RFC3339 form and is in UTC.
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: "A CertificateRequest is used to request a signed certificate
+ from one of the configured issuers. \n All fields within the CertificateRequest's
+ `spec` are immutable after creation. A CertificateRequest will either succeed
+ or fail, as denoted by its `status.state` field. \n A CertificateRequest
+ is a one-shot resource, meaning it represents a single point in time request
+ for a certificate and cannot be re-used."
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: Desired state of the CertificateRequest resource.
+ properties:
+ duration:
+ description: The requested 'duration' (i.e. lifetime) of the Certificate.
+ This option may be ignored/overridden by some issuer types.
+ type: string
+ extra:
+ additionalProperties:
+ items:
+ type: string
+ type: array
+ description: Extra contains extra attributes of the user that created
+ the CertificateRequest. Populated by the cert-manager webhook on
+ creation and immutable.
+ type: object
+ groups:
+ description: Groups contains group membership of the user that created
+ the CertificateRequest. Populated by the cert-manager webhook on
+ creation and immutable.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ isCA:
+ description: IsCA will request to mark the certificate as valid for
+ certificate signing when submitting to the issuer. This will automatically
+ add the `cert sign` usage to the list of `usages`.
+ type: boolean
+ issuerRef:
+ description: IssuerRef is a reference to the issuer for this CertificateRequest. If
+ the `kind` field is not set, or set to `Issuer`, an Issuer resource
+ with the given name in the same namespace as the CertificateRequest
+ will be used. If the `kind` field is set to `ClusterIssuer`, a
+ ClusterIssuer with the provided name will be used. The `name` field
+ in this stanza is required at all times. The group field refers
+ to the API group of the issuer which defaults to `cert-manager.io`
+ if empty.
+ properties:
+ group:
+ description: Group of the resource being referred to.
+ type: string
+ kind:
+ description: Kind of the resource being referred to.
+ type: string
+ name:
+ description: Name of the resource being referred to.
+ type: string
+ required:
+ - name
+ type: object
+ request:
+ description: The PEM-encoded x509 certificate signing request to be
+ submitted to the CA for signing.
+ format: byte
+ type: string
+ uid:
+ description: UID contains the uid of the user that created the CertificateRequest.
+ Populated by the cert-manager webhook on creation and immutable.
+ type: string
+ usages:
+ description: Usages is the set of x509 usages that are requested for
+ the certificate. If usages are set they SHOULD be encoded inside
+ the CSR spec Defaults to `digital signature` and `key encipherment`
+ if not specified.
+ items:
+ description: "KeyUsage specifies valid usage contexts for keys.
+ See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12
+ \n Valid KeyUsage values are as follows: \"signing\", \"digital
+ signature\", \"content commitment\", \"key encipherment\", \"key
+ agreement\", \"data encipherment\", \"cert sign\", \"crl sign\",
+ \"encipher only\", \"decipher only\", \"any\", \"server auth\",
+ \"client auth\", \"code signing\", \"email protection\", \"s/mime\",
+ \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\",
+ \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\""
+ enum:
+ - signing
+ - digital signature
+ - content commitment
+ - key encipherment
+ - key agreement
+ - data encipherment
+ - cert sign
+ - crl sign
+ - encipher only
+ - decipher only
+ - any
+ - server auth
+ - client auth
+ - code signing
+ - email protection
+ - s/mime
+ - ipsec end system
+ - ipsec tunnel
+ - ipsec user
+ - timestamping
+ - ocsp signing
+ - microsoft sgc
+ - netscape sgc
+ type: string
+ type: array
+ username:
+ description: Username contains the name of the user that created the
+ CertificateRequest. Populated by the cert-manager webhook on creation
+ and immutable.
+ type: string
+ required:
+ - issuerRef
+ - request
+ type: object
+ status:
+ description: Status of the CertificateRequest. This is set and managed
+ automatically.
+ properties:
+ ca:
+ description: The PEM encoded x509 certificate of the signer, also
+ known as the CA (Certificate Authority). This is set on a best-effort
+ basis by different issuers. If not set, the CA is assumed to be
+ unknown/not available.
+ format: byte
+ type: string
+ certificate:
+ description: The PEM encoded x509 certificate resulting from the certificate
+ signing request. If not set, the CertificateRequest has either not
+ been completed or has failed. More information on failure can be
+ found by checking the `conditions` field.
+ format: byte
+ type: string
+ conditions:
+ description: List of status conditions to indicate the status of a
+ CertificateRequest. Known condition types are `Ready` and `InvalidRequest`.
+ items:
+ description: CertificateRequestCondition contains condition information
+ for a CertificateRequest.
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the timestamp corresponding
+ to the last status change of this condition.
+ format: date-time
+ type: string
+ message:
+ description: Message is a human readable description of the
+ details of the last transition, complementing reason.
+ type: string
+ reason:
+ description: Reason is a brief machine readable explanation
+ for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of (`True`, `False`,
+ `Unknown`).
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: Type of the condition, known values are (`Ready`,
+ `InvalidRequest`, `Approved`, `Denied`).
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ failureTime:
+ description: FailureTime stores the time that this CertificateRequest
+ failed. This is used to influence garbage collection and back-off.
+ format: date-time
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app: cert-manager
+ app.kubernetes.io/instance: cert-manager
+ app.kubernetes.io/name: cert-manager
+ app.kubernetes.io/version: v1.12.2
+ name: certificates.cert-manager.io
+spec:
+ group: cert-manager.io
+ names:
+ categories:
+ - cert-manager
+ kind: Certificate
+ listKind: CertificateList
+ plural: certificates
+ shortNames:
+ - cert
+ - certs
+ singular: certificate
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - jsonPath: .spec.secretName
+ name: Secret
+ type: string
+ - jsonPath: .spec.issuerRef.name
+ name: Issuer
+ priority: 1
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].message
+ name: Status
+ priority: 1
+ type: string
+ - description: CreationTimestamp is a timestamp representing the server time when
+ this object was created. It is not guaranteed to be set in happens-before
+ order across separate operations. Clients may not set this value. It is represented
+ in RFC3339 form and is in UTC.
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: "A Certificate resource should be created to ensure an up to
+ date and signed x509 certificate is stored in the Kubernetes Secret resource
+ named in `spec.secretName`. \n The stored certificate will be renewed before
+ it expires (as configured by `spec.renewBefore`)."
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: Desired state of the Certificate resource.
+ properties:
+ additionalOutputFormats:
+ description: AdditionalOutputFormats defines extra output formats
+ of the private key and signed certificate chain to be written to
+ this Certificate's target Secret. This is an Alpha Feature and is
+ only enabled with the `--feature-gates=AdditionalCertificateOutputFormats=true`
+ option on both the controller and webhook components.
+ items:
+ description: CertificateAdditionalOutputFormat defines an additional
+ output format of a Certificate resource. These contain supplementary
+ data formats of the signed certificate chain and paired private
+ key.
+ properties:
+ type:
+ description: Type is the name of the format type that should
+ be written to the Certificate's target Secret.
+ enum:
+ - DER
+ - CombinedPEM
+ type: string
+ required:
+ - type
+ type: object
+ type: array
+ commonName:
+ description: 'CommonName is a common name to be used on the Certificate.
+ The CommonName should have a length of 64 characters or fewer to
+ avoid generating invalid CSRs. This value is ignored by TLS clients
+ when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4'
+ type: string
+ dnsNames:
+ description: DNSNames is a list of DNS subjectAltNames to be set on
+ the Certificate.
+ items:
+ type: string
+ type: array
+ duration:
+ description: The requested 'duration' (i.e. lifetime) of the Certificate.
+ This option may be ignored/overridden by some issuer types. If unset
+ this defaults to 90 days. Certificate will be renewed either 2/3
+ through its duration or `renewBefore` period before its expiry,
+ whichever is later. Minimum accepted duration is 1 hour. Value must
+ be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
+ type: string
+ emailAddresses:
+ description: EmailAddresses is a list of email subjectAltNames to
+ be set on the Certificate.
+ items:
+ type: string
+ type: array
+ encodeUsagesInRequest:
+ description: EncodeUsagesInRequest controls whether key usages should
+ be present in the CertificateRequest
+ type: boolean
+ ipAddresses:
+ description: IPAddresses is a list of IP address subjectAltNames to
+ be set on the Certificate.
+ items:
+ type: string
+ type: array
+ isCA:
+ description: IsCA will mark this Certificate as valid for certificate
+ signing. This will automatically add the `cert sign` usage to the
+ list of `usages`.
+ type: boolean
+ issuerRef:
+ description: IssuerRef is a reference to the issuer for this certificate.
+ If the `kind` field is not set, or set to `Issuer`, an Issuer resource
+ with the given name in the same namespace as the Certificate will
+ be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer
+ with the provided name will be used. The `name` field in this stanza
+ is required at all times.
+ properties:
+ group:
+ description: Group of the resource being referred to.
+ type: string
+ kind:
+ description: Kind of the resource being referred to.
+ type: string
+ name:
+ description: Name of the resource being referred to.
+ type: string
+ required:
+ - name
+ type: object
+ keystores:
+ description: Keystores configures additional keystore output formats
+ stored in the `secretName` Secret resource.
+ properties:
+ jks:
+ description: JKS configures options for storing a JKS keystore
+ in the `spec.secretName` Secret resource.
+ properties:
+ create:
+ description: Create enables JKS keystore creation for the
+ Certificate. If true, a file named `keystore.jks` will be
+ created in the target Secret resource, encrypted using the
+ password stored in `passwordSecretRef`. The keystore file
+ will be updated immediately. If the issuer provided a CA
+ certificate, a file named `truststore.jks` will also be
+ created in the target Secret resource, encrypted using the
+ password stored in `passwordSecretRef` containing the issuing
+ Certificate Authority
+ type: boolean
+ passwordSecretRef:
+ description: PasswordSecretRef is a reference to a key in
+ a Secret resource containing the password used to encrypt
+ the JKS keystore.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this field
+ may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred to.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - create
+ - passwordSecretRef
+ type: object
+ pkcs12:
+ description: PKCS12 configures options for storing a PKCS12 keystore
+ in the `spec.secretName` Secret resource.
+ properties:
+ create:
+ description: Create enables PKCS12 keystore creation for the
+ Certificate. If true, a file named `keystore.p12` will be
+ created in the target Secret resource, encrypted using the
+ password stored in `passwordSecretRef`. The keystore file
+ will be updated immediately. If the issuer provided a CA
+ certificate, a file named `truststore.p12` will also be
+ created in the target Secret resource, encrypted using the
+ password stored in `passwordSecretRef` containing the issuing
+ Certificate Authority
+ type: boolean
+ passwordSecretRef:
+ description: PasswordSecretRef is a reference to a key in
+ a Secret resource containing the password used to encrypt
+ the PKCS12 keystore.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this field
+ may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred to.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - create
+ - passwordSecretRef
+ type: object
+ type: object
+ literalSubject:
+ description: LiteralSubject is an LDAP formatted string that represents
+ the [X.509 Subject field](https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6).
+ Use this *instead* of the Subject field if you need to ensure the
+ correct ordering of the RDN sequence, such as when issuing certs
+ for LDAP authentication. See https://github.com/cert-manager/cert-manager/issues/3203,
+ https://github.com/cert-manager/cert-manager/issues/4424. This field
+ is alpha level and is only supported by cert-manager installations
+ where LiteralCertificateSubject feature gate is enabled on both
+ cert-manager controller and webhook.
+ type: string
+ privateKey:
+ description: Options to control private keys used for the Certificate.
+ properties:
+ algorithm:
+ description: Algorithm is the private key algorithm of the corresponding
+ private key for this certificate. If provided, allowed values
+ are either `RSA`,`Ed25519` or `ECDSA` If `algorithm` is specified
+ and `size` is not provided, key size of 256 will be used for
+ `ECDSA` key algorithm and key size of 2048 will be used for
+ `RSA` key algorithm. key size is ignored when using the `Ed25519`
+ key algorithm.
+ enum:
+ - RSA
+ - ECDSA
+ - Ed25519
+ type: string
+ encoding:
+ description: The private key cryptography standards (PKCS) encoding
+ for this certificate's private key to be encoded in. If provided,
+ allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 and
+ PKCS#8, respectively. Defaults to `PKCS1` if not specified.
+ enum:
+ - PKCS1
+ - PKCS8
+ type: string
+ rotationPolicy:
+ description: RotationPolicy controls how private keys should be
+ regenerated when a re-issuance is being processed. If set to
+ Never, a private key will only be generated if one does not
+ already exist in the target `spec.secretName`. If one does exists
+ but it does not have the correct algorithm or size, a warning
+ will be raised to await user intervention. If set to Always,
+ a private key matching the specified requirements will be generated
+ whenever a re-issuance occurs. Default is 'Never' for backward
+ compatibility.
+ enum:
+ - Never
+ - Always
+ type: string
+ size:
+ description: Size is the key bit size of the corresponding private
+ key for this certificate. If `algorithm` is set to `RSA`, valid
+ values are `2048`, `4096` or `8192`, and will default to `2048`
+ if not specified. If `algorithm` is set to `ECDSA`, valid values
+ are `256`, `384` or `521`, and will default to `256` if not
+ specified. If `algorithm` is set to `Ed25519`, Size is ignored.
+ No other values are allowed.
+ type: integer
+ type: object
+ renewBefore:
+ description: How long before the currently issued certificate's expiry
+ cert-manager should renew the certificate. The default is 2/3 of
+ the issued certificate's duration. Minimum accepted value is 5 minutes.
+ Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration
+ type: string
+ revisionHistoryLimit:
+ description: revisionHistoryLimit is the maximum number of CertificateRequest
+ revisions that are maintained in the Certificate's history. Each
+ revision represents a single `CertificateRequest` created by this
+ Certificate, either when it was created, renewed, or Spec was changed.
+ Revisions will be removed by oldest first if the number of revisions
+ exceeds this number. If set, revisionHistoryLimit must be a value
+ of `1` or greater. If unset (`nil`), revisions will not be garbage
+ collected. Default value is `nil`.
+ format: int32
+ type: integer
+ secretName:
+ description: SecretName is the name of the secret resource that will
+ be automatically created and managed by this Certificate resource.
+ It will be populated with a private key and certificate, signed
+ by the denoted issuer.
+ type: string
+ secretTemplate:
+ description: SecretTemplate defines annotations and labels to be copied
+ to the Certificate's Secret. Labels and annotations on the Secret
+ will be changed as they appear on the SecretTemplate when added
+ or removed. SecretTemplate annotations are added in conjunction
+ with, and cannot overwrite, the base set of annotations cert-manager
+ sets on the Certificate's Secret.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations is a key value map to be copied to the
+ target Kubernetes Secret.
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ description: Labels is a key value map to be copied to the target
+ Kubernetes Secret.
+ type: object
+ type: object
+ subject:
+ description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name).
+ properties:
+ countries:
+ description: Countries to be used on the Certificate.
+ items:
+ type: string
+ type: array
+ localities:
+ description: Cities to be used on the Certificate.
+ items:
+ type: string
+ type: array
+ organizationalUnits:
+ description: Organizational Units to be used on the Certificate.
+ items:
+ type: string
+ type: array
+ organizations:
+ description: Organizations to be used on the Certificate.
+ items:
+ type: string
+ type: array
+ postalCodes:
+ description: Postal codes to be used on the Certificate.
+ items:
+ type: string
+ type: array
+ provinces:
+ description: State/Provinces to be used on the Certificate.
+ items:
+ type: string
+ type: array
+ serialNumber:
+ description: Serial number to be used on the Certificate.
+ type: string
+ streetAddresses:
+ description: Street addresses to be used on the Certificate.
+ items:
+ type: string
+ type: array
+ type: object
+ uris:
+ description: URIs is a list of URI subjectAltNames to be set on the
+ Certificate.
+ items:
+ type: string
+ type: array
+ usages:
+ description: Usages is the set of x509 usages that are requested for
+ the certificate. Defaults to `digital signature` and `key encipherment`
+ if not specified.
+ items:
+ description: "KeyUsage specifies valid usage contexts for keys.
+ See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12
+ \n Valid KeyUsage values are as follows: \"signing\", \"digital
+ signature\", \"content commitment\", \"key encipherment\", \"key
+ agreement\", \"data encipherment\", \"cert sign\", \"crl sign\",
+ \"encipher only\", \"decipher only\", \"any\", \"server auth\",
+ \"client auth\", \"code signing\", \"email protection\", \"s/mime\",
+ \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\",
+ \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\""
+ enum:
+ - signing
+ - digital signature
+ - content commitment
+ - key encipherment
+ - key agreement
+ - data encipherment
+ - cert sign
+ - crl sign
+ - encipher only
+ - decipher only
+ - any
+ - server auth
+ - client auth
+ - code signing
+ - email protection
+ - s/mime
+ - ipsec end system
+ - ipsec tunnel
+ - ipsec user
+ - timestamping
+ - ocsp signing
+ - microsoft sgc
+ - netscape sgc
+ type: string
+ type: array
+ required:
+ - issuerRef
+ - secretName
+ type: object
+ status:
+ description: Status of the Certificate. This is set and managed automatically.
+ properties:
+ conditions:
+ description: List of status conditions to indicate the status of certificates.
+ Known condition types are `Ready` and `Issuing`.
+ items:
+ description: CertificateCondition contains condition information
+ for an Certificate.
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the timestamp corresponding
+ to the last status change of this condition.
+ format: date-time
+ type: string
+ message:
+ description: Message is a human readable description of the
+ details of the last transition, complementing reason.
+ type: string
+ observedGeneration:
+ description: If set, this represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.condition[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the Certificate.
+ format: int64
+ type: integer
+ reason:
+ description: Reason is a brief machine readable explanation
+ for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of (`True`, `False`,
+ `Unknown`).
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: Type of the condition, known values are (`Ready`,
+ `Issuing`).
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ failedIssuanceAttempts:
+ description: The number of continuous failed issuance attempts up
+ till now. This field gets removed (if set) on a successful issuance
+ and gets set to 1 if unset and an issuance has failed. If an issuance
+ has failed, the delay till the next issuance will be calculated
+ using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1).
+ type: integer
+ lastFailureTime:
+ description: LastFailureTime is set only if the lastest issuance for
+ this Certificate failed and contains the time of the failure. If
+ an issuance has failed, the delay till the next issuance will be
+ calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts
+ - 1). If the latest issuance has succeeded this field will be unset.
+ format: date-time
+ type: string
+ nextPrivateKeySecretName:
+ description: The name of the Secret resource containing the private
+ key to be used for the next certificate iteration. The keymanager
+ controller will automatically set this field if the `Issuing` condition
+ is set to `True`. It will automatically unset this field when the
+ Issuing condition is not set or False.
+ type: string
+ notAfter:
+ description: The expiration time of the certificate stored in the
+ secret named by this resource in `spec.secretName`.
+ format: date-time
+ type: string
+ notBefore:
+ description: The time after which the certificate stored in the secret
+ named by this resource in spec.secretName is valid.
+ format: date-time
+ type: string
+ renewalTime:
+ description: RenewalTime is the time at which the certificate will
+ be next renewed. If not set, no upcoming renewal is scheduled.
+ format: date-time
+ type: string
+ revision:
+ description: "The current 'revision' of the certificate as issued.
+ \n When a CertificateRequest resource is created, it will have the
+ `cert-manager.io/certificate-revision` set to one greater than the
+ current value of this field. \n Upon issuance, this field will be
+ set to the value of the annotation on the CertificateRequest resource
+ used to issue the certificate. \n Persisting the value on the CertificateRequest
+ resource allows the certificates controller to know whether a request
+ is part of an old issuance or if it is part of the ongoing revision's
+ issuance by checking if the revision value in the annotation is
+ greater than this field."
+ type: integer
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app.kubernetes.io/component: networking
+ app.kubernetes.io/name: knative-serving
+ app.kubernetes.io/version: 1.10.2
+ knative.dev/crd-install: "true"
+ name: certificates.networking.internal.knative.dev
+spec:
+ group: networking.internal.knative.dev
+ names:
+ categories:
+ - knative-internal
+ - networking
+ kind: Certificate
+ plural: certificates
+ shortNames:
+ - kcert
+ singular: certificate
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].reason
+ name: Reason
+ type: string
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: Certificate is responsible for provisioning a SSL certificate
+ for the given hosts. It is a Knative abstraction for various SSL certificate
+ provisioning solutions (such as cert-manager or self-signed SSL certificate).
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: 'Spec is the desired state of the Certificate. More info:
+ https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+ properties:
+ dnsNames:
+ description: DNSNames is a list of DNS names the Certificate could
+ support. The wildcard format of DNSNames (e.g. *.default.example.com)
+ is supported.
+ items:
+ type: string
+ type: array
+ domain:
+ description: Domain is the top level domain of the values for DNSNames.
+ type: string
+ secretName:
+ description: SecretName is the name of the secret resource to store
+ the SSL certificate in.
+ type: string
+ required:
+ - dnsNames
+ - secretName
+ type: object
+ status:
+ description: 'Status is the current state of the Certificate. More info:
+ https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ description: 'Condition defines a readiness condition for a Knative
+ resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ http01Challenges:
+ description: HTTP01Challenges is a list of HTTP01 challenges that
+ need to be fulfilled in order to get the TLS certificate..
+ items:
+ description: HTTP01Challenge defines the status of a HTTP01 challenge
+ that a certificate needs to fulfill.
+ properties:
+ serviceName:
+ description: ServiceName is the name of the service to serve
+ HTTP01 challenge requests.
+ type: string
+ serviceNamespace:
+ description: ServiceNamespace is the namespace of the service
+ to serve HTTP01 challenge requests.
+ type: string
+ servicePort:
+ anyOf:
+ - type: integer
+ - type: string
+ description: ServicePort is the port of the service to serve
+ HTTP01 challenge requests.
+ x-kubernetes-int-or-string: true
+ url:
+ description: URL is the URL that the HTTP01 challenge is expected
+ to serve on.
+ type: string
+ type: object
+ type: array
+ notAfter:
+ description: The expiration time of the TLS certificate stored in
+ the secret named by this resource in spec.secretName.
+ format: date-time
+ type: string
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app: cert-manager
+ app.kubernetes.io/instance: cert-manager
+ app.kubernetes.io/name: cert-manager
+ app.kubernetes.io/version: v1.12.2
+ name: challenges.acme.cert-manager.io
+spec:
+ group: acme.cert-manager.io
+ names:
+ categories:
+ - cert-manager
+ - cert-manager-acme
+ kind: Challenge
+ listKind: ChallengeList
+ plural: challenges
+ singular: challenge
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.state
+ name: State
+ type: string
+ - jsonPath: .spec.dnsName
+ name: Domain
+ type: string
+ - jsonPath: .status.reason
+ name: Reason
+ priority: 1
+ type: string
+ - description: CreationTimestamp is a timestamp representing the server time when
+ this object was created. It is not guaranteed to be set in happens-before
+ order across separate operations. Clients may not set this value. It is represented
+ in RFC3339 form and is in UTC.
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: Challenge is a type to represent a Challenge request with an
+ ACME server
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ authorizationURL:
+ description: The URL to the ACME Authorization resource that this
+ challenge is a part of.
+ type: string
+ dnsName:
+ description: dnsName is the identifier that this challenge is for,
+ e.g. example.com. If the requested DNSName is a 'wildcard', this
+ field MUST be set to the non-wildcard domain, e.g. for `*.example.com`,
+ it must be `example.com`.
+ type: string
+ issuerRef:
+ description: References a properly configured ACME-type Issuer which
+ should be used to create this Challenge. If the Issuer does not
+ exist, processing will be retried. If the Issuer is not an 'ACME'
+ Issuer, an error will be returned and the Challenge will be marked
+ as failed.
+ properties:
+ group:
+ description: Group of the resource being referred to.
+ type: string
+ kind:
+ description: Kind of the resource being referred to.
+ type: string
+ name:
+ description: Name of the resource being referred to.
+ type: string
+ required:
+ - name
+ type: object
+ key:
+ description: 'The ACME challenge key for this challenge For HTTP01
+ challenges, this is the value that must be responded with to complete
+ the HTTP01 challenge in the format: `.`. For DNS01 challenges, this is
+ the base64 encoded SHA256 sum of the `.` text that must be set as the TXT
+ record content.'
+ type: string
+ solver:
+ description: Contains the domain solving configuration that should
+ be used to solve this challenge resource.
+ properties:
+ dns01:
+ description: Configures cert-manager to attempt to complete authorizations
+ by performing the DNS01 challenge flow.
+ properties:
+ acmeDNS:
+ description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns)
+ API to manage DNS01 challenge records.
+ properties:
+ accountSecretRef:
+ description: A reference to a specific 'key' within a
+ Secret resource. In some instances, `key` is a required
+ field.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ host:
+ type: string
+ required:
+ - accountSecretRef
+ - host
+ type: object
+ akamai:
+ description: Use the Akamai DNS zone management API to manage
+ DNS01 challenge records.
+ properties:
+ accessTokenSecretRef:
+ description: A reference to a specific 'key' within a
+ Secret resource. In some instances, `key` is a required
+ field.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ clientSecretSecretRef:
+ description: A reference to a specific 'key' within a
+ Secret resource. In some instances, `key` is a required
+ field.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ clientTokenSecretRef:
+ description: A reference to a specific 'key' within a
+ Secret resource. In some instances, `key` is a required
+ field.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ serviceConsumerDomain:
+ type: string
+ required:
+ - accessTokenSecretRef
+ - clientSecretSecretRef
+ - clientTokenSecretRef
+ - serviceConsumerDomain
+ type: object
+ azureDNS:
+ description: Use the Microsoft Azure DNS API to manage DNS01
+ challenge records.
+ properties:
+ clientID:
+ description: if both this and ClientSecret are left unset
+ MSI will be used
+ type: string
+ clientSecretSecretRef:
+ description: if both this and ClientID are left unset
+ MSI will be used
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ environment:
+ description: name of the Azure environment (default AzurePublicCloud)
+ enum:
+ - AzurePublicCloud
+ - AzureChinaCloud
+ - AzureGermanCloud
+ - AzureUSGovernmentCloud
+ type: string
+ hostedZoneName:
+ description: name of the DNS zone that should be used
+ type: string
+ managedIdentity:
+ description: managed identity configuration, can not be
+ used at the same time as clientID, clientSecretSecretRef
+ or tenantID
+ properties:
+ clientID:
+ description: client ID of the managed identity, can
+ not be used at the same time as resourceID
+ type: string
+ resourceID:
+ description: resource ID of the managed identity,
+ can not be used at the same time as clientID
+ type: string
+ type: object
+ resourceGroupName:
+ description: resource group the DNS zone is located in
+ type: string
+ subscriptionID:
+ description: ID of the Azure subscription
+ type: string
+ tenantID:
+ description: when specifying ClientID and ClientSecret
+ then this field is also needed
+ type: string
+ required:
+ - resourceGroupName
+ - subscriptionID
+ type: object
+ cloudDNS:
+ description: Use the Google Cloud DNS API to manage DNS01
+ challenge records.
+ properties:
+ hostedZoneName:
+ description: HostedZoneName is an optional field that
+ tells cert-manager in which Cloud DNS zone the challenge
+ record has to be created. If left empty cert-manager
+ will automatically choose a zone.
+ type: string
+ project:
+ type: string
+ serviceAccountSecretRef:
+ description: A reference to a specific 'key' within a
+ Secret resource. In some instances, `key` is a required
+ field.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - project
+ type: object
+ cloudflare:
+ description: Use the Cloudflare API to manage DNS01 challenge
+ records.
+ properties:
+ apiKeySecretRef:
+ description: 'API key to use to authenticate with Cloudflare.
+ Note: using an API token to authenticate is now the
+ recommended method as it allows greater control of permissions.'
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ apiTokenSecretRef:
+ description: API token used to authenticate with Cloudflare.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ email:
+ description: Email of the account, only required when
+ using API key based authentication.
+ type: string
+ type: object
+ cnameStrategy:
+ description: CNAMEStrategy configures how the DNS01 provider
+ should handle CNAME records when found in DNS zones.
+ enum:
+ - None
+ - Follow
+ type: string
+ digitalocean:
+ description: Use the DigitalOcean DNS API to manage DNS01
+ challenge records.
+ properties:
+ tokenSecretRef:
+ description: A reference to a specific 'key' within a
+ Secret resource. In some instances, `key` is a required
+ field.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - tokenSecretRef
+ type: object
+ rfc2136:
+ description: Use RFC2136 ("Dynamic Updates in the Domain Name
+ System") (https://datatracker.ietf.org/doc/rfc2136/) to
+ manage DNS01 challenge records.
+ properties:
+ nameserver:
+ description: The IP address or hostname of an authoritative
+ DNS server supporting RFC2136 in the form host:port.
+ If the host is an IPv6 address it must be enclosed in
+ square brackets (e.g [2001:db8::1]) ; port is optional.
+ This field is required.
+ type: string
+ tsigAlgorithm:
+ description: 'The TSIG Algorithm configured in the DNS
+ supporting RFC2136. Used only when ``tsigSecretSecretRef``
+ and ``tsigKeyName`` are defined. Supported values are
+ (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``,
+ ``HMACSHA256`` or ``HMACSHA512``.'
+ type: string
+ tsigKeyName:
+ description: The TSIG Key name configured in the DNS.
+ If ``tsigSecretSecretRef`` is defined, this field is
+ required.
+ type: string
+ tsigSecretSecretRef:
+ description: The name of the secret containing the TSIG
+ value. If ``tsigKeyName`` is defined, this field is
+ required.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - nameserver
+ type: object
+ route53:
+ description: Use the AWS Route53 API to manage DNS01 challenge
+ records.
+ properties:
+ accessKeyID:
+ description: 'The AccessKeyID is used for authentication.
+ Cannot be set when SecretAccessKeyID is set. If neither
+ the Access Key nor Key ID are set, we fall-back to using
+ env vars, shared credentials file or AWS Instance metadata,
+ see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
+ type: string
+ accessKeyIDSecretRef:
+ description: 'The SecretAccessKey is used for authentication.
+ If set, pull the AWS access key ID from a key within
+ a Kubernetes Secret. Cannot be set when AccessKeyID
+ is set. If neither the Access Key nor Key ID are set,
+ we fall-back to using env vars, shared credentials file
+ or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ hostedZoneID:
+ description: If set, the provider will manage only this
+ zone in Route53 and will not do an lookup using the
+ route53:ListHostedZonesByName api call.
+ type: string
+ region:
+ description: Always set the region when using AccessKeyID
+ and SecretAccessKey
+ type: string
+ role:
+ description: Role is a Role ARN which the Route53 provider
+ will assume using either the explicit credentials AccessKeyID/SecretAccessKey
+ or the inferred credentials from environment variables,
+ shared credentials file or AWS Instance metadata
+ type: string
+ secretAccessKeySecretRef:
+ description: 'The SecretAccessKey is used for authentication.
+ If neither the Access Key nor Key ID are set, we fall-back
+ to using env vars, shared credentials file or AWS Instance
+ metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - region
+ type: object
+ webhook:
+ description: Configure an external webhook based DNS01 challenge
+ solver to manage DNS01 challenge records.
+ properties:
+ config:
+ description: Additional configuration that should be passed
+ to the webhook apiserver when challenges are processed.
+ This can contain arbitrary JSON data. Secret values
+ should not be specified in this stanza. If secret values
+ are needed (e.g. credentials for a DNS service), you
+ should use a SecretKeySelector to reference a Secret
+ resource. For details on the schema of this field, consult
+ the webhook provider implementation's documentation.
+ x-kubernetes-preserve-unknown-fields: true
+ groupName:
+ description: The API group name that should be used when
+ POSTing ChallengePayload resources to the webhook apiserver.
+ This should be the same as the GroupName specified in
+ the webhook provider implementation.
+ type: string
+ solverName:
+ description: The name of the solver to use, as defined
+ in the webhook provider implementation. This will typically
+ be the name of the provider, e.g. 'cloudflare'.
+ type: string
+ required:
+ - groupName
+ - solverName
+ type: object
+ type: object
+ http01:
+ description: Configures cert-manager to attempt to complete authorizations
+ by performing the HTTP01 challenge flow. It is not possible
+ to obtain certificates for wildcard domain names (e.g. `*.example.com`)
+ using the HTTP01 challenge mechanism.
+ properties:
+ gatewayHTTPRoute:
+ description: The Gateway API is a sig-network community API
+ that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/).
+ The Gateway solver will create HTTPRoutes with the specified
+ labels in the same namespace as the challenge. This solver
+ is experimental, and fields / behaviour may change in the
+ future.
+ properties:
+ labels:
+ additionalProperties:
+ type: string
+ description: Custom labels that will be applied to HTTPRoutes
+ created by cert-manager while solving HTTP-01 challenges.
+ type: object
+ parentRefs:
+ description: 'When solving an HTTP-01 challenge, cert-manager
+ creates an HTTPRoute. cert-manager needs to know which
+ parentRefs should be used when creating the HTTPRoute.
+ Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways'
+ items:
+ description: "ParentReference identifies an API object
+ (usually a Gateway) that can be considered a parent
+ of this resource (usually a route). The only kind
+ of parent resource with \"Core\" support is Gateway.
+ This API may be extended in the future to support
+ additional kinds of parent resources, such as HTTPRoute.
+ \n The API object must be valid in the cluster; the
+ Group and Kind must be registered in the cluster for
+ this reference to be valid."
+ properties:
+ group:
+ default: gateway.networking.k8s.io
+ description: "Group is the group of the referent.
+ When unspecified, \"gateway.networking.k8s.io\"
+ is inferred. To set the core API group (such as
+ for a \"Service\" kind referent), Group must be
+ explicitly set to \"\" (empty string). \n Support:
+ Core"
+ maxLength: 253
+ pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ kind:
+ default: Gateway
+ description: "Kind is kind of the referent. \n Support:
+ Core (Gateway) \n Support: Implementation-specific
+ (Other Resources)"
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+ type: string
+ name:
+ description: "Name is the name of the referent.
+ \n Support: Core"
+ maxLength: 253
+ minLength: 1
+ type: string
+ namespace:
+ description: "Namespace is the namespace of the
+ referent. When unspecified, this refers to the
+ local namespace of the Route. \n Note that there
+ are specific rules for ParentRefs which cross
+ namespace boundaries. Cross-namespace references
+ are only valid if they are explicitly allowed
+ by something in the namespace they are referring
+ to. For example: Gateway has the AllowedRoutes
+ field, and ReferenceGrant provides a generic way
+ to enable any other kind of cross-namespace reference.
+ \n Support: Core"
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+ type: string
+ port:
+ description: "Port is the network port this Route
+ targets. It can be interpreted differently based
+ on the type of parent resource. \n When the parent
+ resource is a Gateway, this targets all listeners
+ listening on the specified port that also support
+ this kind of Route(and select this Route). It's
+ not recommended to set `Port` unless the networking
+ behaviors specified in a Route must apply to a
+ specific port as opposed to a listener(s) whose
+ port(s) may be changed. When both Port and SectionName
+ are specified, the name and port of the selected
+ listener must match both specified values. \n
+ Implementations MAY choose to support other parent
+ resources. Implementations supporting other types
+ of parent resources MUST clearly document how/if
+ Port is interpreted. \n For the purpose of status,
+ an attachment is considered successful as long
+ as the parent resource accepts it partially. For
+ example, Gateway listeners can restrict which
+ Routes can attach to them by Route kind, namespace,
+ or hostname. If 1 of 2 Gateway listeners accept
+ attachment from the referencing Route, the Route
+ MUST be considered successfully attached. If no
+ Gateway listeners accept attachment from this
+ Route, the Route MUST be considered detached from
+ the Gateway. \n Support: Extended \n "
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ sectionName:
+ description: "SectionName is the name of a section
+ within the target resource. In the following resources,
+ SectionName is interpreted as the following: \n
+ * Gateway: Listener Name. When both Port (experimental)
+ and SectionName are specified, the name and port
+ of the selected listener must match both specified
+ values. \n Implementations MAY choose to support
+ attaching Routes to other resources. If that is
+ the case, they MUST clearly document how SectionName
+ is interpreted. \n When unspecified (empty string),
+ this will reference the entire resource. For the
+ purpose of status, an attachment is considered
+ successful if at least one section in the parent
+ resource accepts it. For example, Gateway listeners
+ can restrict which Routes can attach to them by
+ Route kind, namespace, or hostname. If 1 of 2
+ Gateway listeners accept attachment from the referencing
+ Route, the Route MUST be considered successfully
+ attached. If no Gateway listeners accept attachment
+ from this Route, the Route MUST be considered
+ detached from the Gateway. \n Support: Core"
+ maxLength: 253
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ serviceType:
+ description: Optional service type for Kubernetes solver
+ service. Supported values are NodePort or ClusterIP.
+ If unset, defaults to NodePort.
+ type: string
+ type: object
+ ingress:
+ description: The ingress based HTTP01 challenge solver will
+ solve challenges by creating or modifying Ingress resources
+ in order to route requests for '/.well-known/acme-challenge/XYZ'
+ to 'challenge solver' pods that are provisioned by cert-manager
+ for each Challenge to be completed.
+ properties:
+ class:
+ description: This field configures the annotation `kubernetes.io/ingress.class`
+ when creating Ingress resources to solve ACME challenges
+ that use this challenge solver. Only one of `class`,
+ `name` or `ingressClassName` may be specified.
+ type: string
+ ingressClassName:
+ description: This field configures the field `ingressClassName`
+ on the created Ingress resources used to solve ACME
+ challenges that use this challenge solver. This is the
+ recommended way of configuring the ingress class. Only
+ one of `class`, `name` or `ingressClassName` may be
+ specified.
+ type: string
+ ingressTemplate:
+ description: Optional ingress template used to configure
+ the ACME challenge solver ingress used for HTTP01 challenges.
+ properties:
+ metadata:
+ description: ObjectMeta overrides for the ingress
+ used to solve HTTP01 challenges. Only the 'labels'
+ and 'annotations' fields may be set. If labels or
+ annotations overlap with in-built values, the values
+ here will override the in-built values.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations that should be added
+ to the created ACME HTTP01 solver ingress.
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ description: Labels that should be added to the
+ created ACME HTTP01 solver ingress.
+ type: object
+ type: object
+ type: object
+ name:
+ description: The name of the ingress resource that should
+ have ACME challenge solving routes inserted into it
+ in order to solve HTTP01 challenges. This is typically
+ used in conjunction with ingress controllers like ingress-gce,
+ which maintains a 1:1 mapping between external IPs and
+ ingress resources. Only one of `class`, `name` or `ingressClassName`
+ may be specified.
+ type: string
+ podTemplate:
+ description: Optional pod template used to configure the
+ ACME challenge solver pods used for HTTP01 challenges.
+ properties:
+ metadata:
+ description: ObjectMeta overrides for the pod used
+ to solve HTTP01 challenges. Only the 'labels' and
+ 'annotations' fields may be set. If labels or annotations
+ overlap with in-built values, the values here will
+ override the in-built values.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations that should be added
+ to the create ACME HTTP01 solver pods.
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ description: Labels that should be added to the
+ created ACME HTTP01 solver pods.
+ type: object
+ type: object
+ spec:
+ description: PodSpec defines overrides for the HTTP01
+ challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec
+ to find out currently supported fields. All other
+ fields will be ignored.
+ properties:
+ affinity:
+ description: If specified, the pod's scheduling
+ constraints
+ properties:
+ nodeAffinity:
+ description: Describes node affinity scheduling
+ rules for the pod.
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will prefer
+ to schedule pods to nodes that satisfy
+ the affinity expressions specified by
+ this field, but it may choose a node
+ that violates one or more of the expressions.
+ The node that is most preferred is the
+ one with the greatest sum of weights,
+ i.e. for each node that meets all of
+ the scheduling requirements (resource
+ request, requiredDuringScheduling affinity
+ expressions, etc.), compute a sum by
+ iterating through the elements of this
+ field and adding "weight" to the sum
+ if the node matches the corresponding
+ matchExpressions; the node(s) with the
+ highest sum are the most preferred.
+ items:
+ description: An empty preferred scheduling
+ term matches all objects with implicit
+ weight 0 (i.e. it's a no-op). A null
+ preferred scheduling term matches
+ no objects (i.e. is also a no-op).
+ properties:
+ preference:
+ description: A node selector term,
+ associated with the corresponding
+ weight.
+ properties:
+ matchExpressions:
+ description: A list of node
+ selector requirements by node's
+ labels.
+ items:
+ description: A node selector
+ requirement is a selector
+ that contains values, a
+ key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: The label
+ key that the selector
+ applies to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators are
+ In, NotIn, Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An array
+ of string values. If
+ the operator is In or
+ NotIn, the values array
+ must be non-empty. If
+ the operator is Exists
+ or DoesNotExist, the
+ values array must be
+ empty. If the operator
+ is Gt or Lt, the values
+ array must have a single
+ element, which will
+ be interpreted as an
+ integer. This array
+ is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ description: A list of node
+ selector requirements by node's
+ fields.
+ items:
+ description: A node selector
+ requirement is a selector
+ that contains values, a
+ key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: The label
+ key that the selector
+ applies to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators are
+ In, NotIn, Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An array
+ of string values. If
+ the operator is In or
+ NotIn, the values array
+ must be non-empty. If
+ the operator is Exists
+ or DoesNotExist, the
+ values array must be
+ empty. If the operator
+ is Gt or Lt, the values
+ array must have a single
+ element, which will
+ be interpreted as an
+ integer. This array
+ is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ x-kubernetes-map-type: atomic
+ weight:
+ description: Weight associated with
+ matching the corresponding nodeSelectorTerm,
+ in the range 1-100.
+ format: int32
+ type: integer
+ required:
+ - preference
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the affinity requirements
+ specified by this field are not met
+ at scheduling time, the pod will not
+ be scheduled onto the node. If the affinity
+ requirements specified by this field
+ cease to be met at some point during
+ pod execution (e.g. due to an update),
+ the system may or may not try to eventually
+ evict the pod from its node.
+ properties:
+ nodeSelectorTerms:
+ description: Required. A list of node
+ selector terms. The terms are ORed.
+ items:
+ description: A null or empty node
+ selector term matches no objects.
+ The requirements of them are ANDed.
+ The TopologySelectorTerm type
+ implements a subset of the NodeSelectorTerm.
+ properties:
+ matchExpressions:
+ description: A list of node
+ selector requirements by node's
+ labels.
+ items:
+ description: A node selector
+ requirement is a selector
+ that contains values, a
+ key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: The label
+ key that the selector
+ applies to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators are
+ In, NotIn, Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An array
+ of string values. If
+ the operator is In or
+ NotIn, the values array
+ must be non-empty. If
+ the operator is Exists
+ or DoesNotExist, the
+ values array must be
+ empty. If the operator
+ is Gt or Lt, the values
+ array must have a single
+ element, which will
+ be interpreted as an
+ integer. This array
+ is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ description: A list of node
+ selector requirements by node's
+ fields.
+ items:
+ description: A node selector
+ requirement is a selector
+ that contains values, a
+ key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: The label
+ key that the selector
+ applies to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators are
+ In, NotIn, Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An array
+ of string values. If
+ the operator is In or
+ NotIn, the values array
+ must be non-empty. If
+ the operator is Exists
+ or DoesNotExist, the
+ values array must be
+ empty. If the operator
+ is Gt or Lt, the values
+ array must have a single
+ element, which will
+ be interpreted as an
+ integer. This array
+ is replaced during a
+ strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ required:
+ - nodeSelectorTerms
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ podAffinity:
+ description: Describes pod affinity scheduling
+ rules (e.g. co-locate this pod in the same
+ node, zone, etc. as some other pod(s)).
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will prefer
+ to schedule pods to nodes that satisfy
+ the affinity expressions specified by
+ this field, but it may choose a node
+ that violates one or more of the expressions.
+ The node that is most preferred is the
+ one with the greatest sum of weights,
+ i.e. for each node that meets all of
+ the scheduling requirements (resource
+ request, requiredDuringScheduling affinity
+ expressions, etc.), compute a sum by
+ iterating through the elements of this
+ field and adding "weight" to the sum
+ if the node has pods which matches the
+ corresponding podAffinityTerm; the node(s)
+ with the highest sum are the most preferred.
+ items:
+ description: The weights of all of the
+ matched WeightedPodAffinityTerm fields
+ are added per-node to find the most
+ preferred node(s)
+ properties:
+ podAffinityTerm:
+ description: Required. A pod affinity
+ term, associated with the corresponding
+ weight.
+ properties:
+ labelSelector:
+ description: A label query over
+ a set of resources, in this
+ case pods.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label selector
+ requirement is a selector
+ that contains values,
+ a key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: key is
+ the label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: operator
+ represents a key's
+ relationship to
+ a set of values.
+ Valid operators
+ are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array of string
+ values. If the operator
+ is In or NotIn,
+ the values array
+ must be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty. This
+ array is replaced
+ during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single {key,value}
+ in the matchLabels map
+ is equivalent to an element
+ of matchExpressions, whose
+ key field is "key", the
+ operator is "In", and
+ the values array contains
+ only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ description: A label query over
+ the set of namespaces that
+ the term applies to. The term
+ is applied to the union of
+ the namespaces selected by
+ this field and the ones listed
+ in the namespaces field. null
+ selector and null or empty
+ namespaces list means "this
+ pod's namespace". An empty
+ selector ({}) matches all
+ namespaces.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label selector
+ requirement is a selector
+ that contains values,
+ a key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: key is
+ the label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: operator
+ represents a key's
+ relationship to
+ a set of values.
+ Valid operators
+ are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array of string
+ values. If the operator
+ is In or NotIn,
+ the values array
+ must be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty. This
+ array is replaced
+ during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single {key,value}
+ in the matchLabels map
+ is equivalent to an element
+ of matchExpressions, whose
+ key field is "key", the
+ operator is "In", and
+ the values array contains
+ only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ description: namespaces specifies
+ a static list of namespace
+ names that the term applies
+ to. The term is applied to
+ the union of the namespaces
+ listed in this field and the
+ ones selected by namespaceSelector.
+ null or empty namespaces list
+ and null namespaceSelector
+ means "this pod's namespace".
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should
+ be co-located (affinity) or
+ not co-located (anti-affinity)
+ with the pods matching the
+ labelSelector in the specified
+ namespaces, where co-located
+ is defined as running on a
+ node whose value of the label
+ with key topologyKey matches
+ that of any node on which
+ any of the selected pods is
+ running. Empty topologyKey
+ is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ description: weight associated with
+ matching the corresponding podAffinityTerm,
+ in the range 1-100.
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the affinity requirements
+ specified by this field are not met
+ at scheduling time, the pod will not
+ be scheduled onto the node. If the affinity
+ requirements specified by this field
+ cease to be met at some point during
+ pod execution (e.g. due to a pod label
+ update), the system may or may not try
+ to eventually evict the pod from its
+ node. When there are multiple elements,
+ the lists of nodes corresponding to
+ each podAffinityTerm are intersected,
+ i.e. all terms must be satisfied.
+ items:
+ description: Defines a set of pods (namely
+ those matching the labelSelector relative
+ to the given namespace(s)) that this
+ pod should be co-located (affinity)
+ or not co-located (anti-affinity)
+ with, where co-located is defined
+ as running on a node whose value of
+ the label with key matches
+ that of any node on which a pod of
+ the set of pods is running
+ properties:
+ labelSelector:
+ description: A label query over
+ a set of resources, in this case
+ pods.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label selector
+ requirement is a selector
+ that contains values, a
+ key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the
+ label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator
+ represents a key's relationship
+ to a set of values.
+ Valid operators are
+ In, NotIn, Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values is
+ an array of string values.
+ If the operator is In
+ or NotIn, the values
+ array must be non-empty.
+ If the operator is Exists
+ or DoesNotExist, the
+ values array must be
+ empty. This array is
+ replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is
+ a map of {key,value} pairs.
+ A single {key,value} in the
+ matchLabels map is equivalent
+ to an element of matchExpressions,
+ whose key field is "key",
+ the operator is "In", and
+ the values array contains
+ only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ description: A label query over
+ the set of namespaces that the
+ term applies to. The term is applied
+ to the union of the namespaces
+ selected by this field and the
+ ones listed in the namespaces
+ field. null selector and null
+ or empty namespaces list means
+ "this pod's namespace". An empty
+ selector ({}) matches all namespaces.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label selector
+ requirement is a selector
+ that contains values, a
+ key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the
+ label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator
+ represents a key's relationship
+ to a set of values.
+ Valid operators are
+ In, NotIn, Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values is
+ an array of string values.
+ If the operator is In
+ or NotIn, the values
+ array must be non-empty.
+ If the operator is Exists
+ or DoesNotExist, the
+ values array must be
+ empty. This array is
+ replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is
+ a map of {key,value} pairs.
+ A single {key,value} in the
+ matchLabels map is equivalent
+ to an element of matchExpressions,
+ whose key field is "key",
+ the operator is "In", and
+ the values array contains
+ only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ description: namespaces specifies
+ a static list of namespace names
+ that the term applies to. The
+ term is applied to the union of
+ the namespaces listed in this
+ field and the ones selected by
+ namespaceSelector. null or empty
+ namespaces list and null namespaceSelector
+ means "this pod's namespace".
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should be
+ co-located (affinity) or not co-located
+ (anti-affinity) with the pods
+ matching the labelSelector in
+ the specified namespaces, where
+ co-located is defined as running
+ on a node whose value of the label
+ with key topologyKey matches that
+ of any node on which any of the
+ selected pods is running. Empty
+ topologyKey is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ podAntiAffinity:
+ description: Describes pod anti-affinity scheduling
+ rules (e.g. avoid putting this pod in the
+ same node, zone, etc. as some other pod(s)).
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will prefer
+ to schedule pods to nodes that satisfy
+ the anti-affinity expressions specified
+ by this field, but it may choose a node
+ that violates one or more of the expressions.
+ The node that is most preferred is the
+ one with the greatest sum of weights,
+ i.e. for each node that meets all of
+ the scheduling requirements (resource
+ request, requiredDuringScheduling anti-affinity
+ expressions, etc.), compute a sum by
+ iterating through the elements of this
+ field and adding "weight" to the sum
+ if the node has pods which matches the
+ corresponding podAffinityTerm; the node(s)
+ with the highest sum are the most preferred.
+ items:
+ description: The weights of all of the
+ matched WeightedPodAffinityTerm fields
+ are added per-node to find the most
+ preferred node(s)
+ properties:
+ podAffinityTerm:
+ description: Required. A pod affinity
+ term, associated with the corresponding
+ weight.
+ properties:
+ labelSelector:
+ description: A label query over
+ a set of resources, in this
+ case pods.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label selector
+ requirement is a selector
+ that contains values,
+ a key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: key is
+ the label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: operator
+ represents a key's
+ relationship to
+ a set of values.
+ Valid operators
+ are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array of string
+ values. If the operator
+ is In or NotIn,
+ the values array
+ must be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty. This
+ array is replaced
+ during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single {key,value}
+ in the matchLabels map
+ is equivalent to an element
+ of matchExpressions, whose
+ key field is "key", the
+ operator is "In", and
+ the values array contains
+ only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ description: A label query over
+ the set of namespaces that
+ the term applies to. The term
+ is applied to the union of
+ the namespaces selected by
+ this field and the ones listed
+ in the namespaces field. null
+ selector and null or empty
+ namespaces list means "this
+ pod's namespace". An empty
+ selector ({}) matches all
+ namespaces.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label selector
+ requirement is a selector
+ that contains values,
+ a key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: key is
+ the label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: operator
+ represents a key's
+ relationship to
+ a set of values.
+ Valid operators
+ are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array of string
+ values. If the operator
+ is In or NotIn,
+ the values array
+ must be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty. This
+ array is replaced
+ during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single {key,value}
+ in the matchLabels map
+ is equivalent to an element
+ of matchExpressions, whose
+ key field is "key", the
+ operator is "In", and
+ the values array contains
+ only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ description: namespaces specifies
+ a static list of namespace
+ names that the term applies
+ to. The term is applied to
+ the union of the namespaces
+ listed in this field and the
+ ones selected by namespaceSelector.
+ null or empty namespaces list
+ and null namespaceSelector
+ means "this pod's namespace".
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should
+ be co-located (affinity) or
+ not co-located (anti-affinity)
+ with the pods matching the
+ labelSelector in the specified
+ namespaces, where co-located
+ is defined as running on a
+ node whose value of the label
+ with key topologyKey matches
+ that of any node on which
+ any of the selected pods is
+ running. Empty topologyKey
+ is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ description: weight associated with
+ matching the corresponding podAffinityTerm,
+ in the range 1-100.
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the anti-affinity requirements
+ specified by this field are not met
+ at scheduling time, the pod will not
+ be scheduled onto the node. If the anti-affinity
+ requirements specified by this field
+ cease to be met at some point during
+ pod execution (e.g. due to a pod label
+ update), the system may or may not try
+ to eventually evict the pod from its
+ node. When there are multiple elements,
+ the lists of nodes corresponding to
+ each podAffinityTerm are intersected,
+ i.e. all terms must be satisfied.
+ items:
+ description: Defines a set of pods (namely
+ those matching the labelSelector relative
+ to the given namespace(s)) that this
+ pod should be co-located (affinity)
+ or not co-located (anti-affinity)
+ with, where co-located is defined
+ as running on a node whose value of
+ the label with key matches
+ that of any node on which a pod of
+ the set of pods is running
+ properties:
+ labelSelector:
+ description: A label query over
+ a set of resources, in this case
+ pods.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label selector
+ requirement is a selector
+ that contains values, a
+ key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the
+ label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator
+ represents a key's relationship
+ to a set of values.
+ Valid operators are
+ In, NotIn, Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values is
+ an array of string values.
+ If the operator is In
+ or NotIn, the values
+ array must be non-empty.
+ If the operator is Exists
+ or DoesNotExist, the
+ values array must be
+ empty. This array is
+ replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is
+ a map of {key,value} pairs.
+ A single {key,value} in the
+ matchLabels map is equivalent
+ to an element of matchExpressions,
+ whose key field is "key",
+ the operator is "In", and
+ the values array contains
+ only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ description: A label query over
+ the set of namespaces that the
+ term applies to. The term is applied
+ to the union of the namespaces
+ selected by this field and the
+ ones listed in the namespaces
+ field. null selector and null
+ or empty namespaces list means
+ "this pod's namespace". An empty
+ selector ({}) matches all namespaces.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label selector
+ requirement is a selector
+ that contains values, a
+ key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the
+ label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator
+ represents a key's relationship
+ to a set of values.
+ Valid operators are
+ In, NotIn, Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values is
+ an array of string values.
+ If the operator is In
+ or NotIn, the values
+ array must be non-empty.
+ If the operator is Exists
+ or DoesNotExist, the
+ values array must be
+ empty. This array is
+ replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is
+ a map of {key,value} pairs.
+ A single {key,value} in the
+ matchLabels map is equivalent
+ to an element of matchExpressions,
+ whose key field is "key",
+ the operator is "In", and
+ the values array contains
+ only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ description: namespaces specifies
+ a static list of namespace names
+ that the term applies to. The
+ term is applied to the union of
+ the namespaces listed in this
+ field and the ones selected by
+ namespaceSelector. null or empty
+ namespaces list and null namespaceSelector
+ means "this pod's namespace".
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should be
+ co-located (affinity) or not co-located
+ (anti-affinity) with the pods
+ matching the labelSelector in
+ the specified namespaces, where
+ co-located is defined as running
+ on a node whose value of the label
+ with key topologyKey matches that
+ of any node on which any of the
+ selected pods is running. Empty
+ topologyKey is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ type: object
+ imagePullSecrets:
+ description: If specified, the pod's imagePullSecrets
+ items:
+ description: LocalObjectReference contains enough
+ information to let you locate the referenced
+ object inside the same namespace.
+ properties:
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: 'NodeSelector is a selector which
+ must be true for the pod to fit on a node. Selector
+ which must match a node''s labels for the pod
+ to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
+ type: object
+ priorityClassName:
+ description: If specified, the pod's priorityClassName.
+ type: string
+ serviceAccountName:
+ description: If specified, the pod's service account
+ type: string
+ tolerations:
+ description: If specified, the pod's tolerations.
+ items:
+ description: The pod this Toleration is attached
+ to tolerates any taint that matches the triple
+ using the matching operator
+ .
+ properties:
+ effect:
+ description: Effect indicates the taint
+ effect to match. Empty means match all
+ taint effects. When specified, allowed
+ values are NoSchedule, PreferNoSchedule
+ and NoExecute.
+ type: string
+ key:
+ description: Key is the taint key that the
+ toleration applies to. Empty means match
+ all taint keys. If the key is empty, operator
+ must be Exists; this combination means
+ to match all values and all keys.
+ type: string
+ operator:
+ description: Operator represents a key's
+ relationship to the value. Valid operators
+ are Exists and Equal. Defaults to Equal.
+ Exists is equivalent to wildcard for value,
+ so that a pod can tolerate all taints
+ of a particular category.
+ type: string
+ tolerationSeconds:
+ description: TolerationSeconds represents
+ the period of time the toleration (which
+ must be of effect NoExecute, otherwise
+ this field is ignored) tolerates the taint.
+ By default, it is not set, which means
+ tolerate the taint forever (do not evict).
+ Zero and negative values will be treated
+ as 0 (evict immediately) by the system.
+ format: int64
+ type: integer
+ value:
+ description: Value is the taint value the
+ toleration matches to. If the operator
+ is Exists, the value should be empty,
+ otherwise just a regular string.
+ type: string
+ type: object
+ type: array
+ type: object
+ type: object
+ serviceType:
+ description: Optional service type for Kubernetes solver
+ service. Supported values are NodePort or ClusterIP.
+ If unset, defaults to NodePort.
+ type: string
+ type: object
+ type: object
+ selector:
+ description: Selector selects a set of DNSNames on the Certificate
+ resource that should be solved using this challenge solver.
+ If not specified, the solver will be treated as the 'default'
+ solver with the lowest priority, i.e. if any other solver has
+ a more specific match, it will be used instead.
+ properties:
+ dnsNames:
+ description: List of DNSNames that this solver will be used
+ to solve. If specified and a match is found, a dnsNames
+ selector will take precedence over a dnsZones selector.
+ If multiple solvers match with the same dnsNames value,
+ the solver with the most matching labels in matchLabels
+ will be selected. If neither has more matches, the solver
+ defined earlier in the list will be selected.
+ items:
+ type: string
+ type: array
+ dnsZones:
+ description: List of DNSZones that this solver will be used
+ to solve. The most specific DNS zone match specified here
+ will take precedence over other DNS zone matches, so a solver
+ specifying sys.example.com will be selected over one specifying
+ example.com for the domain www.sys.example.com. If multiple
+ solvers match with the same dnsZones value, the solver with
+ the most matching labels in matchLabels will be selected.
+ If neither has more matches, the solver defined earlier
+ in the list will be selected.
+ items:
+ type: string
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: A label selector that is used to refine the set
+ of certificate's that this challenge solver will apply to.
+ type: object
+ type: object
+ type: object
+ token:
+ description: The ACME challenge token for this challenge. This is
+ the raw value returned from the ACME server.
+ type: string
+ type:
+ description: The type of ACME challenge this resource represents.
+ One of "HTTP-01" or "DNS-01".
+ enum:
+ - HTTP-01
+ - DNS-01
+ type: string
+ url:
+ description: The URL of the ACME Challenge resource for this challenge.
+ This can be used to lookup details about the status of this challenge.
+ type: string
+ wildcard:
+ description: wildcard will be true if this challenge is for a wildcard
+ identifier, for example '*.example.com'.
+ type: boolean
+ required:
+ - authorizationURL
+ - dnsName
+ - issuerRef
+ - key
+ - solver
+ - token
+ - type
+ - url
+ type: object
+ status:
+ properties:
+ presented:
+ description: presented will be set to true if the challenge values
+ for this challenge are currently 'presented'. This *does not* imply
+ the self check is passing. Only that the values have been 'submitted'
+ for the appropriate challenge mechanism (i.e. the DNS01 TXT record
+ has been presented, or the HTTP01 configuration has been configured).
+ type: boolean
+ processing:
+ description: Used to denote whether this challenge should be processed
+ or not. This field will only be set to true by the 'scheduling'
+ component. It will only be set to false by the 'challenges' controller,
+ after the challenge has reached a final state or timed out. If this
+ field is set to false, the challenge controller will not take any
+ more action.
+ type: boolean
+ reason:
+ description: Contains human readable information on why the Challenge
+ is in the current state.
+ type: string
+ state:
+ description: Contains the current 'state' of the challenge. If not
+ set, the state of the challenge is unknown.
+ enum:
+ - valid
+ - ready
+ - pending
+ - processing
+ - invalid
+ - expired
+ - errored
+ type: string
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app.kubernetes.io/component: knative-eventing
+ app.kubernetes.io/name: knative-eventing
+ app.kubernetes.io/version: 1.10.1
+ duck.knative.dev/addressable: "true"
+ knative.dev/crd-install: "true"
+ kustomize.component: knative
+ messaging.knative.dev/subscribable: "true"
+ name: channels.messaging.knative.dev
+spec:
+ group: messaging.knative.dev
+ names:
+ categories:
+ - all
+ - knative
+ - messaging
+ - channel
+ kind: Channel
+ plural: channels
+ shortNames:
+ - ch
+ singular: channel
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.address.url
+ name: URL
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ - jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].reason
+ name: Reason
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: Channel represents a generic Channel. It is normally used when
+ we want a Channel, but do not need a specific Channel implementation.
+ properties:
+ spec:
+ description: Spec defines the desired state of the Channel.
+ properties:
+ channelTemplate:
+ description: ChannelTemplate specifies which Channel CRD to use to
+ create the CRD Channel backing this Channel. This is immutable after
+ creation. Normally this is set by the Channel defaulter, not directly
+ by the user.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this
+ representation of an object. Servers should convert recognized
+ schemas to the latest internal value, and may reject unrecognized
+ values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource
+ this object represents. Servers may infer this from the endpoint
+ the client submits requests to. Cannot be updated. In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ spec:
+ description: Spec defines the Spec to use for each channel created.
+ Passed in verbatim to the Channel CRD as Spec section.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ delivery:
+ description: DeliverySpec contains the default delivery spec for each
+ subscription to this Channelable. Each subscription delivery spec,
+ if any, overrides this global delivery spec.
+ properties:
+ backoffDelay:
+ description: 'BackoffDelay is the delay before retrying. More
+ information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html
+ - https://en.wikipedia.org/wiki/ISO_8601 For linear policy,
+ backoff delay is backoffDelay*. For exponential
+ policy, backoff delay is backoffDelay*2^.'
+ type: string
+ backoffPolicy:
+ description: BackoffPolicy is the retry backoff policy (linear,
+ exponential).
+ type: string
+ deadLetterSink:
+ description: DeadLetterSink is the sink receiving event that could
+ not be sent to a destination.
+ properties:
+ ref:
+ description: Ref points to an Addressable.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ This is optional field, it gets defaulted to the object
+ holding it if left out.'
+ type: string
+ type: object
+ uri:
+ description: URI can be an absolute URL(non-empty scheme and
+ non-empty host) pointing to the target or a relative URI.
+ Relative URIs will be resolved using the base URI retrieved
+ from Ref.
+ type: string
+ type: object
+ retry:
+ description: Retry is the minimum number of retries the sender
+ should attempt when sending an event before moving it to the
+ dead letter sink.
+ format: int32
+ type: integer
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ subscribers:
+ description: This is the list of subscriptions for this subscribable.
+ items:
+ properties:
+ delivery:
+ description: DeliverySpec contains options controlling the event
+ delivery
+ properties:
+ backoffDelay:
+ description: 'BackoffDelay is the delay before retrying.
+ More information on Duration format: - https://www.iso.org/iso-8601-date-and-time-format.html
+ - https://en.wikipedia.org/wiki/ISO_8601 For linear policy,
+ backoff delay is backoffDelay*. For exponential
+ policy, backoff delay is backoffDelay*2^.'
+ type: string
+ backoffPolicy:
+ description: BackoffPolicy is the retry backoff policy (linear,
+ exponential).
+ type: string
+ deadLetterSink:
+ description: DeadLetterSink is the sink receiving event
+ that could not be sent to a destination.
+ properties:
+ ref:
+ description: Ref points to an Addressable.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ This is optional field, it gets defaulted to the
+ object holding it if left out.'
+ type: string
+ type: object
+ uri:
+ description: URI can be an absolute URL(non-empty scheme
+ and non-empty host) pointing to the target or a relative
+ URI. Relative URIs will be resolved using the base
+ URI retrieved from Ref.
+ type: string
+ type: object
+ retry:
+ description: Retry is the minimum number of retries the
+ sender should attempt when sending an event before moving
+ it to the dead letter sink.
+ format: int32
+ type: integer
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ generation:
+ description: Generation of the origin of the subscriber with
+ uid:UID.
+ format: int64
+ type: integer
+ replyUri:
+ description: ReplyURI is the endpoint for the reply
+ type: string
+ subscriberUri:
+ description: SubscriberURI is the endpoint for the subscriber
+ type: string
+ uid:
+ description: UID is used to understand the origin of the subscriber.
+ type: string
+ type: object
+ type: array
+ type: object
+ status:
+ description: Status represents the current state of the Channel. This
+ data may be out of date.
+ properties:
+ address:
+ properties:
+ url:
+ type: string
+ type: object
+ annotations:
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ channel:
+ description: Channel is an KReference to the Channel CRD backing this
+ Channel.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ This is optional field, it gets defaulted to the object holding
+ it if left out.'
+ type: string
+ type: object
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - type
+ - status
+ type: object
+ type: array
+ deadLetterChannel:
+ description: DeadLetterChannel is a KReference and is set by the channel
+ when it supports native error handling via a channel Failed messages
+ are delivered here.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ This is optional field, it gets defaulted to the object holding
+ it if left out.'
+ type: string
+ type: object
+ deadLetterSinkUri:
+ description: DeadLetterSinkURI is the resolved URI of the dead letter
+ sink that will be used as a fallback when not specified by Triggers.
+ type: string
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ subscribers:
+ description: This is the list of subscription's statuses for this
+ channel.
+ items:
+ properties:
+ message:
+ description: A human readable message indicating details of
+ Ready status.
+ type: string
+ observedGeneration:
+ description: Generation of the origin of the subscriber with
+ uid:UID.
+ format: int64
+ type: integer
+ ready:
+ description: Status of the subscriber.
+ type: string
+ uid:
+ description: UID is used to understand the origin of the subscriber.
+ type: string
+ type: object
+ type: array
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app.kubernetes.io/component: networking
+ app.kubernetes.io/name: knative-serving
+ app.kubernetes.io/version: 1.10.2
+ knative.dev/crd-install: "true"
+ name: clusterdomainclaims.networking.internal.knative.dev
+spec:
+ group: networking.internal.knative.dev
+ names:
+ categories:
+ - knative-internal
+ - networking
+ kind: ClusterDomainClaim
+ plural: clusterdomainclaims
+ shortNames:
+ - cdc
+ singular: clusterdomainclaim
+ scope: Cluster
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: ClusterDomainClaim is a cluster-wide reservation for a particular
+ domain name.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: 'Spec is the desired state of the ClusterDomainClaim. More
+ info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+ properties:
+ namespace:
+ description: Namespace is the namespace which is allowed to create
+ a DomainMapping using this ClusterDomainClaim's name.
+ type: string
+ required:
+ - namespace
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app: cert-manager
+ app.kubernetes.io/instance: cert-manager
+ app.kubernetes.io/name: cert-manager
+ app.kubernetes.io/version: v1.12.2
+ name: clusterissuers.cert-manager.io
+spec:
+ group: cert-manager.io
+ names:
+ categories:
+ - cert-manager
+ kind: ClusterIssuer
+ listKind: ClusterIssuerList
+ plural: clusterissuers
+ singular: clusterissuer
+ scope: Cluster
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].message
+ name: Status
+ priority: 1
+ type: string
+ - description: CreationTimestamp is a timestamp representing the server time when
+ this object was created. It is not guaranteed to be set in happens-before
+ order across separate operations. Clients may not set this value. It is represented
+ in RFC3339 form and is in UTC.
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: A ClusterIssuer represents a certificate issuing authority which
+ can be referenced as part of `issuerRef` fields. It is similar to an Issuer,
+ however it is cluster-scoped and therefore can be referenced by resources
+ that exist in *any* namespace, not just the same namespace as the referent.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: Desired state of the ClusterIssuer resource.
+ properties:
+ acme:
+ description: ACME configures this issuer to communicate with a RFC8555
+ (ACME) server to obtain signed x509 certificates.
+ properties:
+ caBundle:
+ description: Base64-encoded bundle of PEM CAs which can be used
+ to validate the certificate chain presented by the ACME server.
+ Mutually exclusive with SkipTLSVerify; prefer using CABundle
+ to prevent various kinds of security vulnerabilities. If CABundle
+ and SkipTLSVerify are unset, the system certificate bundle inside
+ the container is used to validate the TLS connection.
+ format: byte
+ type: string
+ disableAccountKeyGeneration:
+ description: Enables or disables generating a new ACME account
+ key. If true, the Issuer resource will *not* request a new account
+ but will expect the account key to be supplied via an existing
+ secret. If false, the cert-manager system will generate a new
+ ACME account key for the Issuer. Defaults to false.
+ type: boolean
+ email:
+ description: Email is the email address to be associated with
+ the ACME account. This field is optional, but it is strongly
+ recommended to be set. It will be used to contact you in case
+ of issues with your account or certificates, including expiry
+ notification emails. This field may be updated after the account
+ is initially registered.
+ type: string
+ enableDurationFeature:
+ description: Enables requesting a Not After date on certificates
+ that matches the duration of the certificate. This is not supported
+ by all ACME servers like Let's Encrypt. If set to true when
+ the ACME server does not support it it will create an error
+ on the Order. Defaults to false.
+ type: boolean
+ externalAccountBinding:
+ description: ExternalAccountBinding is a reference to a CA external
+ account of the ACME server. If set, upon registration cert-manager
+ will attempt to associate the given external account credentials
+ with the registered ACME account.
+ properties:
+ keyAlgorithm:
+ description: 'Deprecated: keyAlgorithm field exists for historical
+ compatibility reasons and should not be used. The algorithm
+ is now hardcoded to HS256 in golang/x/crypto/acme.'
+ enum:
+ - HS256
+ - HS384
+ - HS512
+ type: string
+ keyID:
+ description: keyID is the ID of the CA key that the External
+ Account is bound to.
+ type: string
+ keySecretRef:
+ description: keySecretRef is a Secret Key Selector referencing
+ a data item in a Kubernetes Secret which holds the symmetric
+ MAC key of the External Account Binding. The `key` is the
+ index string that is paired with the key data in the Secret
+ and should not be confused with the key data itself, or
+ indeed with the External Account Binding keyID above. The
+ secret key stored in the Secret **must** be un-padded, base64
+ URL encoded data.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this field
+ may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred to.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - keyID
+ - keySecretRef
+ type: object
+ preferredChain:
+ description: 'PreferredChain is the chain to use if the ACME server
+ outputs multiple. PreferredChain is no guarantee that this one
+ gets delivered by the ACME endpoint. For example, for Let''s
+ Encrypt''s DST crosssign you would use: "DST Root CA X3" or
+ "ISRG Root X1" for the newer Let''s Encrypt root CA. This value
+ picks the first certificate bundle in the ACME alternative chains
+ that has a certificate with this value as its issuer''s CN'
+ maxLength: 64
+ type: string
+ privateKeySecretRef:
+ description: PrivateKey is the name of a Kubernetes Secret resource
+ that will be used to store the automatically generated ACME
+ account private key. Optionally, a `key` may be specified to
+ select a specific entry within the named Secret resource. If
+ `key` is not specified, a default of `tls.key` will be used.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this field may
+ be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred to. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ server:
+ description: 'Server is the URL used to access the ACME server''s
+ ''directory'' endpoint. For example, for Let''s Encrypt''s staging
+ endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory".
+ Only ACME v2 endpoints (i.e. RFC 8555) are supported.'
+ type: string
+ skipTLSVerify:
+ description: 'INSECURE: Enables or disables validation of the
+ ACME server TLS certificate. If true, requests to the ACME server
+ will not have the TLS certificate chain validated. Mutually
+ exclusive with CABundle; prefer using CABundle to prevent various
+ kinds of security vulnerabilities. Only enable this option in
+ development environments. If CABundle and SkipTLSVerify are
+ unset, the system certificate bundle inside the container is
+ used to validate the TLS connection. Defaults to false.'
+ type: boolean
+ solvers:
+ description: 'Solvers is a list of challenge solvers that will
+ be used to solve ACME challenges for the matching domains. Solver
+ configurations must be provided in order to obtain certificates
+ from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/'
+ items:
+ description: An ACMEChallengeSolver describes how to solve ACME
+ challenges for the issuer it is part of. A selector may be
+ provided to use different solving strategies for different
+ DNS names. Only one of HTTP01 or DNS01 must be provided.
+ properties:
+ dns01:
+ description: Configures cert-manager to attempt to complete
+ authorizations by performing the DNS01 challenge flow.
+ properties:
+ acmeDNS:
+ description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns)
+ API to manage DNS01 challenge records.
+ properties:
+ accountSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ host:
+ type: string
+ required:
+ - accountSecretRef
+ - host
+ type: object
+ akamai:
+ description: Use the Akamai DNS zone management API
+ to manage DNS01 challenge records.
+ properties:
+ accessTokenSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ clientSecretSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ clientTokenSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ serviceConsumerDomain:
+ type: string
+ required:
+ - accessTokenSecretRef
+ - clientSecretSecretRef
+ - clientTokenSecretRef
+ - serviceConsumerDomain
+ type: object
+ azureDNS:
+ description: Use the Microsoft Azure DNS API to manage
+ DNS01 challenge records.
+ properties:
+ clientID:
+ description: if both this and ClientSecret are left
+ unset MSI will be used
+ type: string
+ clientSecretSecretRef:
+ description: if both this and ClientID are left
+ unset MSI will be used
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ environment:
+ description: name of the Azure environment (default
+ AzurePublicCloud)
+ enum:
+ - AzurePublicCloud
+ - AzureChinaCloud
+ - AzureGermanCloud
+ - AzureUSGovernmentCloud
+ type: string
+ hostedZoneName:
+ description: name of the DNS zone that should be
+ used
+ type: string
+ managedIdentity:
+ description: managed identity configuration, can
+ not be used at the same time as clientID, clientSecretSecretRef
+ or tenantID
+ properties:
+ clientID:
+ description: client ID of the managed identity,
+ can not be used at the same time as resourceID
+ type: string
+ resourceID:
+ description: resource ID of the managed identity,
+ can not be used at the same time as clientID
+ type: string
+ type: object
+ resourceGroupName:
+ description: resource group the DNS zone is located
+ in
+ type: string
+ subscriptionID:
+ description: ID of the Azure subscription
+ type: string
+ tenantID:
+ description: when specifying ClientID and ClientSecret
+ then this field is also needed
+ type: string
+ required:
+ - resourceGroupName
+ - subscriptionID
+ type: object
+ cloudDNS:
+ description: Use the Google Cloud DNS API to manage
+ DNS01 challenge records.
+ properties:
+ hostedZoneName:
+ description: HostedZoneName is an optional field
+ that tells cert-manager in which Cloud DNS zone
+ the challenge record has to be created. If left
+ empty cert-manager will automatically choose a
+ zone.
+ type: string
+ project:
+ type: string
+ serviceAccountSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - project
+ type: object
+ cloudflare:
+ description: Use the Cloudflare API to manage DNS01
+ challenge records.
+ properties:
+ apiKeySecretRef:
+ description: 'API key to use to authenticate with
+ Cloudflare. Note: using an API token to authenticate
+ is now the recommended method as it allows greater
+ control of permissions.'
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ apiTokenSecretRef:
+ description: API token used to authenticate with
+ Cloudflare.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ email:
+ description: Email of the account, only required
+ when using API key based authentication.
+ type: string
+ type: object
+ cnameStrategy:
+ description: CNAMEStrategy configures how the DNS01
+ provider should handle CNAME records when found in
+ DNS zones.
+ enum:
+ - None
+ - Follow
+ type: string
+ digitalocean:
+ description: Use the DigitalOcean DNS API to manage
+ DNS01 challenge records.
+ properties:
+ tokenSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - tokenSecretRef
+ type: object
+ rfc2136:
+ description: Use RFC2136 ("Dynamic Updates in the Domain
+ Name System") (https://datatracker.ietf.org/doc/rfc2136/)
+ to manage DNS01 challenge records.
+ properties:
+ nameserver:
+ description: The IP address or hostname of an authoritative
+ DNS server supporting RFC2136 in the form host:port.
+ If the host is an IPv6 address it must be enclosed
+ in square brackets (e.g [2001:db8::1]) ; port
+ is optional. This field is required.
+ type: string
+ tsigAlgorithm:
+ description: 'The TSIG Algorithm configured in the
+ DNS supporting RFC2136. Used only when ``tsigSecretSecretRef``
+ and ``tsigKeyName`` are defined. Supported values
+ are (case-insensitive): ``HMACMD5`` (default),
+ ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.'
+ type: string
+ tsigKeyName:
+ description: The TSIG Key name configured in the
+ DNS. If ``tsigSecretSecretRef`` is defined, this
+ field is required.
+ type: string
+ tsigSecretSecretRef:
+ description: The name of the secret containing the
+ TSIG value. If ``tsigKeyName`` is defined, this
+ field is required.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - nameserver
+ type: object
+ route53:
+ description: Use the AWS Route53 API to manage DNS01
+ challenge records.
+ properties:
+ accessKeyID:
+ description: 'The AccessKeyID is used for authentication.
+ Cannot be set when SecretAccessKeyID is set. If
+ neither the Access Key nor Key ID are set, we
+ fall-back to using env vars, shared credentials
+ file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
+ type: string
+ accessKeyIDSecretRef:
+ description: 'The SecretAccessKey is used for authentication.
+ If set, pull the AWS access key ID from a key
+ within a Kubernetes Secret. Cannot be set when
+ AccessKeyID is set. If neither the Access Key
+ nor Key ID are set, we fall-back to using env
+ vars, shared credentials file or AWS Instance
+ metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ hostedZoneID:
+ description: If set, the provider will manage only
+ this zone in Route53 and will not do an lookup
+ using the route53:ListHostedZonesByName api call.
+ type: string
+ region:
+ description: Always set the region when using AccessKeyID
+ and SecretAccessKey
+ type: string
+ role:
+ description: Role is a Role ARN which the Route53
+ provider will assume using either the explicit
+ credentials AccessKeyID/SecretAccessKey or the
+ inferred credentials from environment variables,
+ shared credentials file or AWS Instance metadata
+ type: string
+ secretAccessKeySecretRef:
+ description: 'The SecretAccessKey is used for authentication.
+ If neither the Access Key nor Key ID are set,
+ we fall-back to using env vars, shared credentials
+ file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - region
+ type: object
+ webhook:
+ description: Configure an external webhook based DNS01
+ challenge solver to manage DNS01 challenge records.
+ properties:
+ config:
+ description: Additional configuration that should
+ be passed to the webhook apiserver when challenges
+ are processed. This can contain arbitrary JSON
+ data. Secret values should not be specified in
+ this stanza. If secret values are needed (e.g.
+ credentials for a DNS service), you should use
+ a SecretKeySelector to reference a Secret resource.
+ For details on the schema of this field, consult
+ the webhook provider implementation's documentation.
+ x-kubernetes-preserve-unknown-fields: true
+ groupName:
+ description: The API group name that should be used
+ when POSTing ChallengePayload resources to the
+ webhook apiserver. This should be the same as
+ the GroupName specified in the webhook provider
+ implementation.
+ type: string
+ solverName:
+ description: The name of the solver to use, as defined
+ in the webhook provider implementation. This will
+ typically be the name of the provider, e.g. 'cloudflare'.
+ type: string
+ required:
+ - groupName
+ - solverName
+ type: object
+ type: object
+ http01:
+ description: Configures cert-manager to attempt to complete
+ authorizations by performing the HTTP01 challenge flow.
+ It is not possible to obtain certificates for wildcard
+ domain names (e.g. `*.example.com`) using the HTTP01 challenge
+ mechanism.
+ properties:
+ gatewayHTTPRoute:
+ description: The Gateway API is a sig-network community
+ API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/).
+ The Gateway solver will create HTTPRoutes with the
+ specified labels in the same namespace as the challenge.
+ This solver is experimental, and fields / behaviour
+ may change in the future.
+ properties:
+ labels:
+ additionalProperties:
+ type: string
+ description: Custom labels that will be applied
+ to HTTPRoutes created by cert-manager while solving
+ HTTP-01 challenges.
+ type: object
+ parentRefs:
+ description: 'When solving an HTTP-01 challenge,
+ cert-manager creates an HTTPRoute. cert-manager
+ needs to know which parentRefs should be used
+ when creating the HTTPRoute. Usually, the parentRef
+ references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways'
+ items:
+ description: "ParentReference identifies an API
+ object (usually a Gateway) that can be considered
+ a parent of this resource (usually a route).
+ The only kind of parent resource with \"Core\"
+ support is Gateway. This API may be extended
+ in the future to support additional kinds of
+ parent resources, such as HTTPRoute. \n The
+ API object must be valid in the cluster; the
+ Group and Kind must be registered in the cluster
+ for this reference to be valid."
+ properties:
+ group:
+ default: gateway.networking.k8s.io
+ description: "Group is the group of the referent.
+ When unspecified, \"gateway.networking.k8s.io\"
+ is inferred. To set the core API group (such
+ as for a \"Service\" kind referent), Group
+ must be explicitly set to \"\" (empty string).
+ \n Support: Core"
+ maxLength: 253
+ pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ kind:
+ default: Gateway
+ description: "Kind is kind of the referent.
+ \n Support: Core (Gateway) \n Support: Implementation-specific
+ (Other Resources)"
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+ type: string
+ name:
+ description: "Name is the name of the referent.
+ \n Support: Core"
+ maxLength: 253
+ minLength: 1
+ type: string
+ namespace:
+ description: "Namespace is the namespace of
+ the referent. When unspecified, this refers
+ to the local namespace of the Route. \n
+ Note that there are specific rules for ParentRefs
+ which cross namespace boundaries. Cross-namespace
+ references are only valid if they are explicitly
+ allowed by something in the namespace they
+ are referring to. For example: Gateway has
+ the AllowedRoutes field, and ReferenceGrant
+ provides a generic way to enable any other
+ kind of cross-namespace reference. \n Support:
+ Core"
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+ type: string
+ port:
+ description: "Port is the network port this
+ Route targets. It can be interpreted differently
+ based on the type of parent resource. \n
+ When the parent resource is a Gateway, this
+ targets all listeners listening on the specified
+ port that also support this kind of Route(and
+ select this Route). It's not recommended
+ to set `Port` unless the networking behaviors
+ specified in a Route must apply to a specific
+ port as opposed to a listener(s) whose port(s)
+ may be changed. When both Port and SectionName
+ are specified, the name and port of the
+ selected listener must match both specified
+ values. \n Implementations MAY choose to
+ support other parent resources. Implementations
+ supporting other types of parent resources
+ MUST clearly document how/if Port is interpreted.
+ \n For the purpose of status, an attachment
+ is considered successful as long as the
+ parent resource accepts it partially. For
+ example, Gateway listeners can restrict
+ which Routes can attach to them by Route
+ kind, namespace, or hostname. If 1 of 2
+ Gateway listeners accept attachment from
+ the referencing Route, the Route MUST be
+ considered successfully attached. If no
+ Gateway listeners accept attachment from
+ this Route, the Route MUST be considered
+ detached from the Gateway. \n Support: Extended
+ \n "
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ sectionName:
+ description: "SectionName is the name of a
+ section within the target resource. In the
+ following resources, SectionName is interpreted
+ as the following: \n * Gateway: Listener
+ Name. When both Port (experimental) and
+ SectionName are specified, the name and
+ port of the selected listener must match
+ both specified values. \n Implementations
+ MAY choose to support attaching Routes to
+ other resources. If that is the case, they
+ MUST clearly document how SectionName is
+ interpreted. \n When unspecified (empty
+ string), this will reference the entire
+ resource. For the purpose of status, an
+ attachment is considered successful if at
+ least one section in the parent resource
+ accepts it. For example, Gateway listeners
+ can restrict which Routes can attach to
+ them by Route kind, namespace, or hostname.
+ If 1 of 2 Gateway listeners accept attachment
+ from the referencing Route, the Route MUST
+ be considered successfully attached. If
+ no Gateway listeners accept attachment from
+ this Route, the Route MUST be considered
+ detached from the Gateway. \n Support: Core"
+ maxLength: 253
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ serviceType:
+ description: Optional service type for Kubernetes
+ solver service. Supported values are NodePort
+ or ClusterIP. If unset, defaults to NodePort.
+ type: string
+ type: object
+ ingress:
+ description: The ingress based HTTP01 challenge solver
+ will solve challenges by creating or modifying Ingress
+ resources in order to route requests for '/.well-known/acme-challenge/XYZ'
+ to 'challenge solver' pods that are provisioned by
+ cert-manager for each Challenge to be completed.
+ properties:
+ class:
+ description: This field configures the annotation
+ `kubernetes.io/ingress.class` when creating Ingress
+ resources to solve ACME challenges that use this
+ challenge solver. Only one of `class`, `name`
+ or `ingressClassName` may be specified.
+ type: string
+ ingressClassName:
+ description: This field configures the field `ingressClassName`
+ on the created Ingress resources used to solve
+ ACME challenges that use this challenge solver.
+ This is the recommended way of configuring the
+ ingress class. Only one of `class`, `name` or
+ `ingressClassName` may be specified.
+ type: string
+ ingressTemplate:
+ description: Optional ingress template used to configure
+ the ACME challenge solver ingress used for HTTP01
+ challenges.
+ properties:
+ metadata:
+ description: ObjectMeta overrides for the ingress
+ used to solve HTTP01 challenges. Only the
+ 'labels' and 'annotations' fields may be set.
+ If labels or annotations overlap with in-built
+ values, the values here will override the
+ in-built values.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations that should be
+ added to the created ACME HTTP01 solver
+ ingress.
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ description: Labels that should be added
+ to the created ACME HTTP01 solver ingress.
+ type: object
+ type: object
+ type: object
+ name:
+ description: The name of the ingress resource that
+ should have ACME challenge solving routes inserted
+ into it in order to solve HTTP01 challenges. This
+ is typically used in conjunction with ingress
+ controllers like ingress-gce, which maintains
+ a 1:1 mapping between external IPs and ingress
+ resources. Only one of `class`, `name` or `ingressClassName`
+ may be specified.
+ type: string
+ podTemplate:
+ description: Optional pod template used to configure
+ the ACME challenge solver pods used for HTTP01
+ challenges.
+ properties:
+ metadata:
+ description: ObjectMeta overrides for the pod
+ used to solve HTTP01 challenges. Only the
+ 'labels' and 'annotations' fields may be set.
+ If labels or annotations overlap with in-built
+ values, the values here will override the
+ in-built values.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations that should be
+ added to the create ACME HTTP01 solver
+ pods.
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ description: Labels that should be added
+ to the created ACME HTTP01 solver pods.
+ type: object
+ type: object
+ spec:
+ description: PodSpec defines overrides for the
+ HTTP01 challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec
+ to find out currently supported fields. All
+ other fields will be ignored.
+ properties:
+ affinity:
+ description: If specified, the pod's scheduling
+ constraints
+ properties:
+ nodeAffinity:
+ description: Describes node affinity
+ scheduling rules for the pod.
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will
+ prefer to schedule pods to nodes
+ that satisfy the affinity expressions
+ specified by this field, but it
+ may choose a node that violates
+ one or more of the expressions.
+ The node that is most preferred
+ is the one with the greatest sum
+ of weights, i.e. for each node
+ that meets all of the scheduling
+ requirements (resource request,
+ requiredDuringScheduling affinity
+ expressions, etc.), compute a
+ sum by iterating through the elements
+ of this field and adding "weight"
+ to the sum if the node matches
+ the corresponding matchExpressions;
+ the node(s) with the highest sum
+ are the most preferred.
+ items:
+ description: An empty preferred
+ scheduling term matches all
+ objects with implicit weight
+ 0 (i.e. it's a no-op). A null
+ preferred scheduling term matches
+ no objects (i.e. is also a no-op).
+ properties:
+ preference:
+ description: A node selector
+ term, associated with the
+ corresponding weight.
+ properties:
+ matchExpressions:
+ description: A list of
+ node selector requirements
+ by node's labels.
+ items:
+ description: A node
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: The
+ label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An
+ array of string
+ values. If the
+ operator is In
+ or NotIn, the
+ values array must
+ be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ If the operator
+ is Gt or Lt, the
+ values array must
+ have a single
+ element, which
+ will be interpreted
+ as an integer.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ description: A list of
+ node selector requirements
+ by node's fields.
+ items:
+ description: A node
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: The
+ label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An
+ array of string
+ values. If the
+ operator is In
+ or NotIn, the
+ values array must
+ be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ If the operator
+ is Gt or Lt, the
+ values array must
+ have a single
+ element, which
+ will be interpreted
+ as an integer.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ x-kubernetes-map-type: atomic
+ weight:
+ description: Weight associated
+ with matching the corresponding
+ nodeSelectorTerm, in the
+ range 1-100.
+ format: int32
+ type: integer
+ required:
+ - preference
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the affinity requirements
+ specified by this field are not
+ met at scheduling time, the pod
+ will not be scheduled onto the
+ node. If the affinity requirements
+ specified by this field cease
+ to be met at some point during
+ pod execution (e.g. due to an
+ update), the system may or may
+ not try to eventually evict the
+ pod from its node.
+ properties:
+ nodeSelectorTerms:
+ description: Required. A list
+ of node selector terms. The
+ terms are ORed.
+ items:
+ description: A null or empty
+ node selector term matches
+ no objects. The requirements
+ of them are ANDed. The TopologySelectorTerm
+ type implements a subset
+ of the NodeSelectorTerm.
+ properties:
+ matchExpressions:
+ description: A list of
+ node selector requirements
+ by node's labels.
+ items:
+ description: A node
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: The
+ label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An
+ array of string
+ values. If the
+ operator is In
+ or NotIn, the
+ values array must
+ be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ If the operator
+ is Gt or Lt, the
+ values array must
+ have a single
+ element, which
+ will be interpreted
+ as an integer.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ description: A list of
+ node selector requirements
+ by node's fields.
+ items:
+ description: A node
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: The
+ label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An
+ array of string
+ values. If the
+ operator is In
+ or NotIn, the
+ values array must
+ be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ If the operator
+ is Gt or Lt, the
+ values array must
+ have a single
+ element, which
+ will be interpreted
+ as an integer.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ required:
+ - nodeSelectorTerms
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ podAffinity:
+ description: Describes pod affinity
+ scheduling rules (e.g. co-locate this
+ pod in the same node, zone, etc. as
+ some other pod(s)).
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will
+ prefer to schedule pods to nodes
+ that satisfy the affinity expressions
+ specified by this field, but it
+ may choose a node that violates
+ one or more of the expressions.
+ The node that is most preferred
+ is the one with the greatest sum
+ of weights, i.e. for each node
+ that meets all of the scheduling
+ requirements (resource request,
+ requiredDuringScheduling affinity
+ expressions, etc.), compute a
+ sum by iterating through the elements
+ of this field and adding "weight"
+ to the sum if the node has pods
+ which matches the corresponding
+ podAffinityTerm; the node(s) with
+ the highest sum are the most preferred.
+ items:
+ description: The weights of all
+ of the matched WeightedPodAffinityTerm
+ fields are added per-node to
+ find the most preferred node(s)
+ properties:
+ podAffinityTerm:
+ description: Required. A pod
+ affinity term, associated
+ with the corresponding weight.
+ properties:
+ labelSelector:
+ description: A label query
+ over a set of resources,
+ in this case pods.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label
+ selector requirements.
+ The requirements
+ are ANDed.
+ items:
+ description: A label
+ selector requirement
+ is a selector
+ that contains
+ values, a key,
+ and an operator
+ that relates the
+ key and values.
+ properties:
+ key:
+ description: key
+ is the label
+ key that the
+ selector applies
+ to.
+ type: string
+ operator:
+ description: operator
+ represents
+ a key's relationship
+ to a set of
+ values. Valid
+ operators
+ are In, NotIn,
+ Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array
+ of string
+ values. If
+ the operator
+ is In or NotIn,
+ the values
+ array must
+ be non-empty.
+ If the operator
+ is Exists
+ or DoesNotExist,
+ the values
+ array must
+ be empty.
+ This array
+ is replaced
+ during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single
+ {key,value} in the
+ matchLabels map
+ is equivalent to
+ an element of matchExpressions,
+ whose key field
+ is "key", the operator
+ is "In", and the
+ values array contains
+ only "value". The
+ requirements are
+ ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ description: A label query
+ over the set of namespaces
+ that the term applies
+ to. The term is applied
+ to the union of the
+ namespaces selected
+ by this field and the
+ ones listed in the namespaces
+ field. null selector
+ and null or empty namespaces
+ list means "this pod's
+ namespace". An empty
+ selector ({}) matches
+ all namespaces.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label
+ selector requirements.
+ The requirements
+ are ANDed.
+ items:
+ description: A label
+ selector requirement
+ is a selector
+ that contains
+ values, a key,
+ and an operator
+ that relates the
+ key and values.
+ properties:
+ key:
+ description: key
+ is the label
+ key that the
+ selector applies
+ to.
+ type: string
+ operator:
+ description: operator
+ represents
+ a key's relationship
+ to a set of
+ values. Valid
+ operators
+ are In, NotIn,
+ Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array
+ of string
+ values. If
+ the operator
+ is In or NotIn,
+ the values
+ array must
+ be non-empty.
+ If the operator
+ is Exists
+ or DoesNotExist,
+ the values
+ array must
+ be empty.
+ This array
+ is replaced
+ during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single
+ {key,value} in the
+ matchLabels map
+ is equivalent to
+ an element of matchExpressions,
+ whose key field
+ is "key", the operator
+ is "In", and the
+ values array contains
+ only "value". The
+ requirements are
+ ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ description: namespaces
+ specifies a static list
+ of namespace names that
+ the term applies to.
+ The term is applied
+ to the union of the
+ namespaces listed in
+ this field and the ones
+ selected by namespaceSelector.
+ null or empty namespaces
+ list and null namespaceSelector
+ means "this pod's namespace".
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod
+ should be co-located
+ (affinity) or not co-located
+ (anti-affinity) with
+ the pods matching the
+ labelSelector in the
+ specified namespaces,
+ where co-located is
+ defined as running on
+ a node whose value of
+ the label with key topologyKey
+ matches that of any
+ node on which any of
+ the selected pods is
+ running. Empty topologyKey
+ is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ description: weight associated
+ with matching the corresponding
+ podAffinityTerm, in the
+ range 1-100.
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the affinity requirements
+ specified by this field are not
+ met at scheduling time, the pod
+ will not be scheduled onto the
+ node. If the affinity requirements
+ specified by this field cease
+ to be met at some point during
+ pod execution (e.g. due to a pod
+ label update), the system may
+ or may not try to eventually evict
+ the pod from its node. When there
+ are multiple elements, the lists
+ of nodes corresponding to each
+ podAffinityTerm are intersected,
+ i.e. all terms must be satisfied.
+ items:
+ description: Defines a set of
+ pods (namely those matching
+ the labelSelector relative to
+ the given namespace(s)) that
+ this pod should be co-located
+ (affinity) or not co-located
+ (anti-affinity) with, where
+ co-located is defined as running
+ on a node whose value of the
+ label with key
+ matches that of any node on
+ which a pod of the set of pods
+ is running
+ properties:
+ labelSelector:
+ description: A label query
+ over a set of resources,
+ in this case pods.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: key
+ is the label key
+ that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator
+ represents a key's
+ relationship to
+ a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists and DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array of
+ string values.
+ If the operator
+ is In or NotIn,
+ the values array
+ must be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single {key,value}
+ in the matchLabels map
+ is equivalent to an
+ element of matchExpressions,
+ whose key field is "key",
+ the operator is "In",
+ and the values array
+ contains only "value".
+ The requirements are
+ ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ description: A label query
+ over the set of namespaces
+ that the term applies to.
+ The term is applied to the
+ union of the namespaces
+ selected by this field and
+ the ones listed in the namespaces
+ field. null selector and
+ null or empty namespaces
+ list means "this pod's namespace".
+ An empty selector ({}) matches
+ all namespaces.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: key
+ is the label key
+ that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator
+ represents a key's
+ relationship to
+ a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists and DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array of
+ string values.
+ If the operator
+ is In or NotIn,
+ the values array
+ must be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single {key,value}
+ in the matchLabels map
+ is equivalent to an
+ element of matchExpressions,
+ whose key field is "key",
+ the operator is "In",
+ and the values array
+ contains only "value".
+ The requirements are
+ ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ description: namespaces specifies
+ a static list of namespace
+ names that the term applies
+ to. The term is applied
+ to the union of the namespaces
+ listed in this field and
+ the ones selected by namespaceSelector.
+ null or empty namespaces
+ list and null namespaceSelector
+ means "this pod's namespace".
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should
+ be co-located (affinity)
+ or not co-located (anti-affinity)
+ with the pods matching the
+ labelSelector in the specified
+ namespaces, where co-located
+ is defined as running on
+ a node whose value of the
+ label with key topologyKey
+ matches that of any node
+ on which any of the selected
+ pods is running. Empty topologyKey
+ is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ podAntiAffinity:
+ description: Describes pod anti-affinity
+ scheduling rules (e.g. avoid putting
+ this pod in the same node, zone, etc.
+ as some other pod(s)).
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will
+ prefer to schedule pods to nodes
+ that satisfy the anti-affinity
+ expressions specified by this
+ field, but it may choose a node
+ that violates one or more of the
+ expressions. The node that is
+ most preferred is the one with
+ the greatest sum of weights, i.e.
+ for each node that meets all of
+ the scheduling requirements (resource
+ request, requiredDuringScheduling
+ anti-affinity expressions, etc.),
+ compute a sum by iterating through
+ the elements of this field and
+ adding "weight" to the sum if
+ the node has pods which matches
+ the corresponding podAffinityTerm;
+ the node(s) with the highest sum
+ are the most preferred.
+ items:
+ description: The weights of all
+ of the matched WeightedPodAffinityTerm
+ fields are added per-node to
+ find the most preferred node(s)
+ properties:
+ podAffinityTerm:
+ description: Required. A pod
+ affinity term, associated
+ with the corresponding weight.
+ properties:
+ labelSelector:
+ description: A label query
+ over a set of resources,
+ in this case pods.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label
+ selector requirements.
+ The requirements
+ are ANDed.
+ items:
+ description: A label
+ selector requirement
+ is a selector
+ that contains
+ values, a key,
+ and an operator
+ that relates the
+ key and values.
+ properties:
+ key:
+ description: key
+ is the label
+ key that the
+ selector applies
+ to.
+ type: string
+ operator:
+ description: operator
+ represents
+ a key's relationship
+ to a set of
+ values. Valid
+ operators
+ are In, NotIn,
+ Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array
+ of string
+ values. If
+ the operator
+ is In or NotIn,
+ the values
+ array must
+ be non-empty.
+ If the operator
+ is Exists
+ or DoesNotExist,
+ the values
+ array must
+ be empty.
+ This array
+ is replaced
+ during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single
+ {key,value} in the
+ matchLabels map
+ is equivalent to
+ an element of matchExpressions,
+ whose key field
+ is "key", the operator
+ is "In", and the
+ values array contains
+ only "value". The
+ requirements are
+ ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ description: A label query
+ over the set of namespaces
+ that the term applies
+ to. The term is applied
+ to the union of the
+ namespaces selected
+ by this field and the
+ ones listed in the namespaces
+ field. null selector
+ and null or empty namespaces
+ list means "this pod's
+ namespace". An empty
+ selector ({}) matches
+ all namespaces.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label
+ selector requirements.
+ The requirements
+ are ANDed.
+ items:
+ description: A label
+ selector requirement
+ is a selector
+ that contains
+ values, a key,
+ and an operator
+ that relates the
+ key and values.
+ properties:
+ key:
+ description: key
+ is the label
+ key that the
+ selector applies
+ to.
+ type: string
+ operator:
+ description: operator
+ represents
+ a key's relationship
+ to a set of
+ values. Valid
+ operators
+ are In, NotIn,
+ Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array
+ of string
+ values. If
+ the operator
+ is In or NotIn,
+ the values
+ array must
+ be non-empty.
+ If the operator
+ is Exists
+ or DoesNotExist,
+ the values
+ array must
+ be empty.
+ This array
+ is replaced
+ during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single
+ {key,value} in the
+ matchLabels map
+ is equivalent to
+ an element of matchExpressions,
+ whose key field
+ is "key", the operator
+ is "In", and the
+ values array contains
+ only "value". The
+ requirements are
+ ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ description: namespaces
+ specifies a static list
+ of namespace names that
+ the term applies to.
+ The term is applied
+ to the union of the
+ namespaces listed in
+ this field and the ones
+ selected by namespaceSelector.
+ null or empty namespaces
+ list and null namespaceSelector
+ means "this pod's namespace".
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod
+ should be co-located
+ (affinity) or not co-located
+ (anti-affinity) with
+ the pods matching the
+ labelSelector in the
+ specified namespaces,
+ where co-located is
+ defined as running on
+ a node whose value of
+ the label with key topologyKey
+ matches that of any
+ node on which any of
+ the selected pods is
+ running. Empty topologyKey
+ is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ description: weight associated
+ with matching the corresponding
+ podAffinityTerm, in the
+ range 1-100.
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the anti-affinity
+ requirements specified by this
+ field are not met at scheduling
+ time, the pod will not be scheduled
+ onto the node. If the anti-affinity
+ requirements specified by this
+ field cease to be met at some
+ point during pod execution (e.g.
+ due to a pod label update), the
+ system may or may not try to eventually
+ evict the pod from its node. When
+ there are multiple elements, the
+ lists of nodes corresponding to
+ each podAffinityTerm are intersected,
+ i.e. all terms must be satisfied.
+ items:
+ description: Defines a set of
+ pods (namely those matching
+ the labelSelector relative to
+ the given namespace(s)) that
+ this pod should be co-located
+ (affinity) or not co-located
+ (anti-affinity) with, where
+ co-located is defined as running
+ on a node whose value of the
+ label with key
+ matches that of any node on
+ which a pod of the set of pods
+ is running
+ properties:
+ labelSelector:
+ description: A label query
+ over a set of resources,
+ in this case pods.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: key
+ is the label key
+ that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator
+ represents a key's
+ relationship to
+ a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists and DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array of
+ string values.
+ If the operator
+ is In or NotIn,
+ the values array
+ must be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single {key,value}
+ in the matchLabels map
+ is equivalent to an
+ element of matchExpressions,
+ whose key field is "key",
+ the operator is "In",
+ and the values array
+ contains only "value".
+ The requirements are
+ ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ description: A label query
+ over the set of namespaces
+ that the term applies to.
+ The term is applied to the
+ union of the namespaces
+ selected by this field and
+ the ones listed in the namespaces
+ field. null selector and
+ null or empty namespaces
+ list means "this pod's namespace".
+ An empty selector ({}) matches
+ all namespaces.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label selector
+ requirements. The requirements
+ are ANDed.
+ items:
+ description: A label
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: key
+ is the label key
+ that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator
+ represents a key's
+ relationship to
+ a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists and DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array of
+ string values.
+ If the operator
+ is In or NotIn,
+ the values array
+ must be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single {key,value}
+ in the matchLabels map
+ is equivalent to an
+ element of matchExpressions,
+ whose key field is "key",
+ the operator is "In",
+ and the values array
+ contains only "value".
+ The requirements are
+ ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ description: namespaces specifies
+ a static list of namespace
+ names that the term applies
+ to. The term is applied
+ to the union of the namespaces
+ listed in this field and
+ the ones selected by namespaceSelector.
+ null or empty namespaces
+ list and null namespaceSelector
+ means "this pod's namespace".
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod should
+ be co-located (affinity)
+ or not co-located (anti-affinity)
+ with the pods matching the
+ labelSelector in the specified
+ namespaces, where co-located
+ is defined as running on
+ a node whose value of the
+ label with key topologyKey
+ matches that of any node
+ on which any of the selected
+ pods is running. Empty topologyKey
+ is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ type: object
+ imagePullSecrets:
+ description: If specified, the pod's imagePullSecrets
+ items:
+ description: LocalObjectReference contains
+ enough information to let you locate
+ the referenced object inside the same
+ namespace.
+ properties:
+ name:
+ description: 'Name of the referent.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ nodeSelector:
+ additionalProperties:
+ type: string
+ description: 'NodeSelector is a selector
+ which must be true for the pod to fit
+ on a node. Selector which must match a
+ node''s labels for the pod to be scheduled
+ on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/'
+ type: object
+ priorityClassName:
+ description: If specified, the pod's priorityClassName.
+ type: string
+ serviceAccountName:
+ description: If specified, the pod's service
+ account
+ type: string
+ tolerations:
+ description: If specified, the pod's tolerations.
+ items:
+ description: The pod this Toleration is
+ attached to tolerates any taint that
+ matches the triple
+ using the matching operator .
+ properties:
+ effect:
+ description: Effect indicates the
+ taint effect to match. Empty means
+ match all taint effects. When specified,
+ allowed values are NoSchedule, PreferNoSchedule
+ and NoExecute.
+ type: string
+ key:
+ description: Key is the taint key
+ that the toleration applies to.
+ Empty means match all taint keys.
+ If the key is empty, operator must
+ be Exists; this combination means
+ to match all values and all keys.
+ type: string
+ operator:
+ description: Operator represents a
+ key's relationship to the value.
+ Valid operators are Exists and Equal.
+ Defaults to Equal. Exists is equivalent
+ to wildcard for value, so that a
+ pod can tolerate all taints of a
+ particular category.
+ type: string
+ tolerationSeconds:
+ description: TolerationSeconds represents
+ the period of time the toleration
+ (which must be of effect NoExecute,
+ otherwise this field is ignored)
+ tolerates the taint. By default,
+ it is not set, which means tolerate
+ the taint forever (do not evict).
+ Zero and negative values will be
+ treated as 0 (evict immediately)
+ by the system.
+ format: int64
+ type: integer
+ value:
+ description: Value is the taint value
+ the toleration matches to. If the
+ operator is Exists, the value should
+ be empty, otherwise just a regular
+ string.
+ type: string
+ type: object
+ type: array
+ type: object
+ type: object
+ serviceType:
+ description: Optional service type for Kubernetes
+ solver service. Supported values are NodePort
+ or ClusterIP. If unset, defaults to NodePort.
+ type: string
+ type: object
+ type: object
+ selector:
+ description: Selector selects a set of DNSNames on the Certificate
+ resource that should be solved using this challenge solver.
+ If not specified, the solver will be treated as the 'default'
+ solver with the lowest priority, i.e. if any other solver
+ has a more specific match, it will be used instead.
+ properties:
+ dnsNames:
+ description: List of DNSNames that this solver will
+ be used to solve. If specified and a match is found,
+ a dnsNames selector will take precedence over a dnsZones
+ selector. If multiple solvers match with the same
+ dnsNames value, the solver with the most matching
+ labels in matchLabels will be selected. If neither
+ has more matches, the solver defined earlier in the
+ list will be selected.
+ items:
+ type: string
+ type: array
+ dnsZones:
+ description: List of DNSZones that this solver will
+ be used to solve. The most specific DNS zone match
+ specified here will take precedence over other DNS
+ zone matches, so a solver specifying sys.example.com
+ will be selected over one specifying example.com for
+ the domain www.sys.example.com. If multiple solvers
+ match with the same dnsZones value, the solver with
+ the most matching labels in matchLabels will be selected.
+ If neither has more matches, the solver defined earlier
+ in the list will be selected.
+ items:
+ type: string
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: A label selector that is used to refine
+ the set of certificate's that this challenge solver
+ will apply to.
+ type: object
+ type: object
+ type: object
+ type: array
+ required:
+ - privateKeySecretRef
+ - server
+ type: object
+ ca:
+ description: CA configures this issuer to sign certificates using
+ a signing CA keypair stored in a Secret resource. This is used to
+ build internal PKIs that are managed by cert-manager.
+ properties:
+ crlDistributionPoints:
+ description: The CRL distribution points is an X.509 v3 certificate
+ extension which identifies the location of the CRL from which
+ the revocation of this certificate can be checked. If not set,
+ certificates will be issued without distribution points set.
+ items:
+ type: string
+ type: array
+ ocspServers:
+ description: The OCSP server list is an X.509 v3 extension that
+ defines a list of URLs of OCSP responders. The OCSP responders
+ can be queried for the revocation status of an issued certificate.
+ If not set, the certificate will be issued with no OCSP servers
+ set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org".
+ items:
+ type: string
+ type: array
+ secretName:
+ description: SecretName is the name of the secret used to sign
+ Certificates issued by this Issuer.
+ type: string
+ required:
+ - secretName
+ type: object
+ selfSigned:
+ description: SelfSigned configures this issuer to 'self sign' certificates
+ using the private key used to create the CertificateRequest object.
+ properties:
+ crlDistributionPoints:
+ description: The CRL distribution points is an X.509 v3 certificate
+ extension which identifies the location of the CRL from which
+ the revocation of this certificate can be checked. If not set
+ certificate will be issued without CDP. Values are strings.
+ items:
+ type: string
+ type: array
+ type: object
+ vault:
+ description: Vault configures this issuer to sign certificates using
+ a HashiCorp Vault PKI backend.
+ properties:
+ auth:
+ description: Auth configures how cert-manager authenticates with
+ the Vault server.
+ properties:
+ appRole:
+ description: AppRole authenticates with Vault using the App
+ Role auth mechanism, with the role and secret stored in
+ a Kubernetes Secret resource.
+ properties:
+ path:
+ description: 'Path where the App Role authentication backend
+ is mounted in Vault, e.g: "approle"'
+ type: string
+ roleId:
+ description: RoleID configured in the App Role authentication
+ backend when setting up the authentication backend in
+ Vault.
+ type: string
+ secretRef:
+ description: Reference to a key in a Secret that contains
+ the App Role secret used to authenticate with Vault.
+ The `key` field must be specified and denotes which
+ entry within the Secret resource is used as the app
+ role secret.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - path
+ - roleId
+ - secretRef
+ type: object
+ kubernetes:
+ description: Kubernetes authenticates with Vault by passing
+ the ServiceAccount token stored in the named Secret resource
+ to the Vault server.
+ properties:
+ mountPath:
+ description: The Vault mountPath here is the mount path
+ to use when authenticating with Vault. For example,
+ setting a value to `/v1/auth/foo`, will use the path
+ `/v1/auth/foo/login` to authenticate with Vault. If
+ unspecified, the default value "/v1/auth/kubernetes"
+ will be used.
+ type: string
+ role:
+ description: A required field containing the Vault Role
+ to assume. A Role binds a Kubernetes ServiceAccount
+ with a set of Vault policies.
+ type: string
+ secretRef:
+ description: The required Secret field containing a Kubernetes
+ ServiceAccount JWT used for authenticating with Vault.
+ Use of 'ambient credentials' is not supported.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this
+ field may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ serviceAccountRef:
+ description: A reference to a service account that will
+ be used to request a bound token (also known as "projected
+ token"). Compared to using "secretRef", using this field
+ means that you don't rely on statically bound tokens.
+ To use this field, you must configure an RBAC rule to
+ let cert-manager request a token.
+ properties:
+ name:
+ description: Name of the ServiceAccount used to request
+ a token.
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - role
+ type: object
+ tokenSecretRef:
+ description: TokenSecretRef authenticates with Vault by presenting
+ a token.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this field
+ may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred to.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ caBundle:
+ description: Base64-encoded bundle of PEM CAs which will be used
+ to validate the certificate chain presented by Vault. Only used
+ if using HTTPS to connect to Vault and ignored for HTTP connections.
+ Mutually exclusive with CABundleSecretRef. If neither CABundle
+ nor CABundleSecretRef are defined, the certificate bundle in
+ the cert-manager controller container is used to validate the
+ TLS connection.
+ format: byte
+ type: string
+ caBundleSecretRef:
+ description: Reference to a Secret containing a bundle of PEM-encoded
+ CAs to use when verifying the certificate chain presented by
+ Vault when using HTTPS. Mutually exclusive with CABundle. If
+ neither CABundle nor CABundleSecretRef are defined, the certificate
+ bundle in the cert-manager controller container is used to validate
+ the TLS connection. If no key for the Secret is specified, cert-manager
+ will default to 'ca.crt'.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this field may
+ be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred to. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ namespace:
+ description: 'Name of the vault namespace. Namespaces is a set
+ of features within Vault Enterprise that allows Vault environments
+ to support Secure Multi-tenancy. e.g: "ns1" More about namespaces
+ can be found here https://www.vaultproject.io/docs/enterprise/namespaces'
+ type: string
+ path:
+ description: 'Path is the mount path of the Vault PKI backend''s
+ `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".'
+ type: string
+ server:
+ description: 'Server is the connection address for the Vault server,
+ e.g: "https://vault.example.com:8200".'
+ type: string
+ required:
+ - auth
+ - path
+ - server
+ type: object
+ venafi:
+ description: Venafi configures this issuer to sign certificates using
+ a Venafi TPP or Venafi Cloud policy zone.
+ properties:
+ cloud:
+ description: Cloud specifies the Venafi cloud configuration settings.
+ Only one of TPP or Cloud may be specified.
+ properties:
+ apiTokenSecretRef:
+ description: APITokenSecretRef is a secret key selector for
+ the Venafi Cloud API token.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this field
+ may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred to.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ url:
+ description: URL is the base URL for Venafi Cloud. Defaults
+ to "https://api.venafi.cloud/v1".
+ type: string
+ required:
+ - apiTokenSecretRef
+ type: object
+ tpp:
+ description: TPP specifies Trust Protection Platform configuration
+ settings. Only one of TPP or Cloud may be specified.
+ properties:
+ caBundle:
+ description: Base64-encoded bundle of PEM CAs which will be
+ used to validate the certificate chain presented by the
+ TPP server. Only used if using HTTPS; ignored for HTTP.
+ If undefined, the certificate bundle in the cert-manager
+ controller container is used to validate the chain.
+ format: byte
+ type: string
+ credentialsRef:
+ description: CredentialsRef is a reference to a Secret containing
+ the username and password for the TPP server. The secret
+ must contain two keys, 'username' and 'password'.
+ properties:
+ name:
+ description: 'Name of the resource being referred to.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ url:
+ description: 'URL is the base URL for the vedsdk endpoint
+ of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".'
+ type: string
+ required:
+ - credentialsRef
+ - url
+ type: object
+ zone:
+ description: Zone is the Venafi Policy Zone to use for this issuer.
+ All requests made to the Venafi platform will be restricted
+ by the named zone policy. This field is required.
+ type: string
+ required:
+ - zone
+ type: object
+ type: object
+ status:
+ description: Status of the ClusterIssuer. This is set and managed automatically.
+ properties:
+ acme:
+ description: ACME specific status options. This field should only
+ be set if the Issuer is configured to use an ACME server to issue
+ certificates.
+ properties:
+ lastPrivateKeyHash:
+ description: LastPrivateKeyHash is a hash of the private key associated
+ with the latest registered ACME account, in order to track changes
+ made to registered account associated with the Issuer
+ type: string
+ lastRegisteredEmail:
+ description: LastRegisteredEmail is the email associated with
+ the latest registered ACME account, in order to track changes
+ made to registered account associated with the Issuer
+ type: string
+ uri:
+ description: URI is the unique account identifier, which can also
+ be used to retrieve account details from the CA
+ type: string
+ type: object
+ conditions:
+ description: List of status conditions to indicate the status of a
+ CertificateRequest. Known condition types are `Ready`.
+ items:
+ description: IssuerCondition contains condition information for
+ an Issuer.
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the timestamp corresponding
+ to the last status change of this condition.
+ format: date-time
+ type: string
+ message:
+ description: Message is a human readable description of the
+ details of the last transition, complementing reason.
+ type: string
+ observedGeneration:
+ description: If set, this represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.condition[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the Issuer.
+ format: int64
+ type: integer
+ reason:
+ description: Reason is a brief machine readable explanation
+ for the condition's last transition.
+ type: string
+ status:
+ description: Status of the condition, one of (`True`, `False`,
+ `Unknown`).
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: Type of the condition, known values are (`Ready`).
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.4.0
+ creationTimestamp: null
+ labels:
+ app: kserve
+ app.kubernetes.io/name: kserve
+ name: clusterservingruntimes.serving.kserve.io
+spec:
+ group: serving.kserve.io
+ names:
+ kind: ClusterServingRuntime
+ listKind: ClusterServingRuntimeList
+ plural: clusterservingruntimes
+ singular: clusterservingruntime
+ scope: Cluster
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .spec.disabled
+ name: Disabled
+ type: boolean
+ - jsonPath: .spec.supportedModelFormats[*].name
+ name: ModelType
+ type: string
+ - jsonPath: .spec.containers[*].name
+ name: Containers
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ affinity:
+ properties:
+ nodeAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ preference:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - preference
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ properties:
+ nodeSelectorTerms:
+ items:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ type: array
+ required:
+ - nodeSelectorTerms
+ type: object
+ type: object
+ podAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ podAntiAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ type: object
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ builtInAdapter:
+ properties:
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ memBufferBytes:
+ type: integer
+ modelLoadingTimeoutMillis:
+ type: integer
+ runtimeManagementPort:
+ type: integer
+ serverType:
+ type: string
+ type: object
+ containers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ disabled:
+ type: boolean
+ grpcDataEndpoint:
+ type: string
+ grpcEndpoint:
+ type: string
+ httpDataEndpoint:
+ type: string
+ imagePullSecrets:
+ items:
+ properties:
+ name:
+ type: string
+ type: object
+ type: array
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ multiModel:
+ type: boolean
+ nodeSelector:
+ additionalProperties:
+ type: string
+ type: object
+ protocolVersions:
+ items:
+ type: string
+ type: array
+ replicas:
+ type: integer
+ storageHelper:
+ properties:
+ disabled:
+ type: boolean
+ type: object
+ supportedModelFormats:
+ items:
+ properties:
+ autoSelect:
+ type: boolean
+ name:
+ type: string
+ version:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ tolerations:
+ items:
+ properties:
+ effect:
+ type: string
+ key:
+ type: string
+ operator:
+ type: string
+ tolerationSeconds:
+ format: int64
+ type: integer
+ value:
+ type: string
+ type: object
+ type: array
+ volumes:
+ items:
+ properties:
+ awsElasticBlockStore:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ properties:
+ cachingMode:
+ type: string
+ diskName:
+ type: string
+ diskURI:
+ type: string
+ fsType:
+ type: string
+ kind:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ properties:
+ readOnly:
+ type: boolean
+ secretName:
+ type: string
+ shareName:
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ properties:
+ monitors:
+ items:
+ type: string
+ type: array
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ secretFile:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ user:
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ csi:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ nodePublishSecretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ properties:
+ medium:
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ properties:
+ volumeClaimTemplate:
+ properties:
+ metadata:
+ type: object
+ spec:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ dataSource:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ dataSourceRef:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ storageClassName:
+ type: string
+ volumeMode:
+ type: string
+ volumeName:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ properties:
+ fsType:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ targetWWNs:
+ items:
+ type: string
+ type: array
+ wwids:
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ flocker:
+ properties:
+ datasetName:
+ type: string
+ datasetUUID:
+ type: string
+ type: object
+ gcePersistentDisk:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ pdName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ properties:
+ directory:
+ type: string
+ repository:
+ type: string
+ revision:
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ properties:
+ endpoints:
+ type: string
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ properties:
+ path:
+ type: string
+ type:
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ properties:
+ chapAuthDiscovery:
+ type: boolean
+ chapAuthSession:
+ type: boolean
+ fsType:
+ type: string
+ initiatorName:
+ type: string
+ iqn:
+ type: string
+ iscsiInterface:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ portals:
+ items:
+ type: string
+ type: array
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ targetPortal:
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ type: string
+ nfs:
+ properties:
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ server:
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ properties:
+ claimName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ properties:
+ fsType:
+ type: string
+ pdID:
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ sources:
+ items:
+ properties:
+ configMap:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ downwardAPI:
+ properties:
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ serviceAccountToken:
+ properties:
+ audience:
+ type: string
+ expirationSeconds:
+ format: int64
+ type: integer
+ path:
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ properties:
+ group:
+ type: string
+ readOnly:
+ type: boolean
+ registry:
+ type: string
+ tenant:
+ type: string
+ user:
+ type: string
+ volume:
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ properties:
+ fsType:
+ type: string
+ image:
+ type: string
+ keyring:
+ type: string
+ monitors:
+ items:
+ type: string
+ type: array
+ pool:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ user:
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ properties:
+ fsType:
+ type: string
+ gateway:
+ type: string
+ protectionDomain:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ sslEnabled:
+ type: boolean
+ storageMode:
+ type: string
+ storagePool:
+ type: string
+ system:
+ type: string
+ volumeName:
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ type: boolean
+ secretName:
+ type: string
+ type: object
+ storageos:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ volumeName:
+ type: string
+ volumeNamespace:
+ type: string
+ type: object
+ vsphereVolume:
+ properties:
+ fsType:
+ type: string
+ storagePolicyID:
+ type: string
+ storagePolicyName:
+ type: string
+ volumePath:
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - containers
+ type: object
+ status:
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ application-crd-id: kubeflow-pipelines
+ name: clusterworkflowtemplates.argoproj.io
+spec:
+ group: argoproj.io
+ names:
+ kind: ClusterWorkflowTemplate
+ listKind: ClusterWorkflowTemplateList
+ plural: clusterworkflowtemplates
+ shortNames:
+ - clusterwftmpl
+ - cwft
+ singular: clusterworkflowtemplate
+ scope: Cluster
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ api-approved.kubernetes.io: unapproved, request not yet submitted
+ labels:
+ application-crd-id: kubeflow-pipelines
+ kustomize.component: metacontroller
+ name: compositecontrollers.metacontroller.k8s.io
+spec:
+ group: metacontroller.k8s.io
+ names:
+ kind: CompositeController
+ listKind: CompositeControllerList
+ plural: compositecontrollers
+ shortNames:
+ - cc
+ - cctl
+ singular: compositecontroller
+ scope: Cluster
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ childResources:
+ items:
+ properties:
+ apiVersion:
+ type: string
+ resource:
+ type: string
+ updateStrategy:
+ properties:
+ method:
+ type: string
+ statusChecks:
+ properties:
+ conditions:
+ items:
+ properties:
+ reason:
+ type: string
+ status:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ type: array
+ type: object
+ type: object
+ required:
+ - apiVersion
+ - resource
+ type: object
+ type: array
+ generateSelector:
+ type: boolean
+ hooks:
+ properties:
+ customize:
+ properties:
+ webhook:
+ properties:
+ path:
+ type: string
+ service:
+ properties:
+ name:
+ type: string
+ namespace:
+ type: string
+ port:
+ format: int32
+ type: integer
+ protocol:
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ timeout:
+ type: string
+ url:
+ type: string
+ type: object
+ type: object
+ finalize:
+ properties:
+ webhook:
+ properties:
+ path:
+ type: string
+ service:
+ properties:
+ name:
+ type: string
+ namespace:
+ type: string
+ port:
+ format: int32
+ type: integer
+ protocol:
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ timeout:
+ type: string
+ url:
+ type: string
+ type: object
+ type: object
+ postUpdateChild:
+ properties:
+ webhook:
+ properties:
+ path:
+ type: string
+ service:
+ properties:
+ name:
+ type: string
+ namespace:
+ type: string
+ port:
+ format: int32
+ type: integer
+ protocol:
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ timeout:
+ type: string
+ url:
+ type: string
+ type: object
+ type: object
+ preUpdateChild:
+ properties:
+ webhook:
+ properties:
+ path:
+ type: string
+ service:
+ properties:
+ name:
+ type: string
+ namespace:
+ type: string
+ port:
+ format: int32
+ type: integer
+ protocol:
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ timeout:
+ type: string
+ url:
+ type: string
+ type: object
+ type: object
+ sync:
+ properties:
+ webhook:
+ properties:
+ path:
+ type: string
+ service:
+ properties:
+ name:
+ type: string
+ namespace:
+ type: string
+ port:
+ format: int32
+ type: integer
+ protocol:
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ timeout:
+ type: string
+ url:
+ type: string
+ type: object
+ type: object
+ type: object
+ parentResource:
+ properties:
+ apiVersion:
+ type: string
+ resource:
+ type: string
+ revisionHistory:
+ properties:
+ fieldPaths:
+ items:
+ type: string
+ type: array
+ type: object
+ required:
+ - apiVersion
+ - resource
+ type: object
+ resyncPeriodSeconds:
+ format: int32
+ type: integer
+ required:
+ - parentResource
+ type: object
+ status:
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app.kubernetes.io/name: knative-serving
+ app.kubernetes.io/version: 1.10.2
+ duck.knative.dev/podspecable: "true"
+ knative.dev/crd-install: "true"
+ name: configurations.serving.knative.dev
+spec:
+ group: serving.knative.dev
+ names:
+ categories:
+ - all
+ - knative
+ - serving
+ kind: Configuration
+ plural: configurations
+ shortNames:
+ - config
+ - cfg
+ singular: configuration
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.latestCreatedRevisionName
+ name: LatestCreated
+ type: string
+ - jsonPath: .status.latestReadyRevisionName
+ name: LatestReady
+ type: string
+ - jsonPath: .status.conditions[?(@.type=='Ready')].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=='Ready')].reason
+ name: Reason
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: 'Configuration represents the "floating HEAD" of a linear history
+ of Revisions. Users create new Revisions by updating the Configuration''s
+ spec. The "latest created" revision''s name is available under status, as
+ is the "latest ready" revision''s name. See also: https://github.com/knative/serving/blob/main/docs/spec/overview.md#configuration'
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ConfigurationSpec holds the desired state of the Configuration
+ (from the client).
+ properties:
+ template:
+ description: Template holds the latest specification for the Revision
+ to be stamped out.
+ properties:
+ metadata:
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ finalizers:
+ items:
+ type: string
+ type: array
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ name:
+ type: string
+ namespace:
+ type: string
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ spec:
+ description: RevisionSpec holds the desired state of the Revision
+ (from the client).
+ properties:
+ affinity:
+ description: This is accessible behind a feature flag - kubernetes.podspec-affinity
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ automountServiceAccountToken:
+ description: AutomountServiceAccountToken indicates whether
+ a service account token should be automatically mounted.
+ type: boolean
+ containerConcurrency:
+ description: ContainerConcurrency specifies the maximum allowed
+ in-flight (concurrent) requests per container of the Revision. Defaults
+ to `0` which means concurrency to the application is not
+ limited, and the system decides the target concurrency for
+ the autoscaler.
+ format: int64
+ type: integer
+ containers:
+ description: List of containers belonging to the pod. Containers
+ cannot currently be added or removed. There must be at least
+ one container in a Pod. Cannot be updated.
+ items:
+ description: A single application container that you want
+ to run within a pod.
+ properties:
+ args:
+ description: 'Arguments to the entrypoint. The container
+ image''s CMD is used if this is not provided. Variable
+ references $(VAR_NAME) are expanded using the container''s
+ environment. If a variable cannot be resolved, the
+ reference in the input string will be unchanged. Double
+ $$ are reduced to a single $, which allows for escaping
+ the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce
+ the string literal "$(VAR_NAME)". Escaped references
+ will never be expanded, regardless of whether the
+ variable exists or not. Cannot be updated. More info:
+ https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ command:
+ description: 'Entrypoint array. Not executed within
+ a shell. The container image''s ENTRYPOINT is used
+ if this is not provided. Variable references $(VAR_NAME)
+ are expanded using the container''s environment. If
+ a variable cannot be resolved, the reference in the
+ input string will be unchanged. Double $$ are reduced
+ to a single $, which allows for escaping the $(VAR_NAME)
+ syntax: i.e. "$$(VAR_NAME)" will produce the string
+ literal "$(VAR_NAME)". Escaped references will never
+ be expanded, regardless of whether the variable exists
+ or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell'
+ items:
+ type: string
+ type: array
+ env:
+ description: List of environment variables to set in
+ the container. Cannot be updated.
+ items:
+ description: EnvVar represents an environment variable
+ present in a Container.
+ properties:
+ name:
+ description: Name of the environment variable.
+ Must be a C_IDENTIFIER.
+ type: string
+ value:
+ description: 'Variable references $(VAR_NAME)
+ are expanded using the previously defined environment
+ variables in the container and any service environment
+ variables. If a variable cannot be resolved,
+ the reference in the input string will be unchanged.
+ Double $$ are reduced to a single $, which allows
+ for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)"
+ will produce the string literal "$(VAR_NAME)".
+ Escaped references will never be expanded, regardless
+ of whether the variable exists or not. Defaults
+ to "".'
+ type: string
+ valueFrom:
+ description: Source for the environment variable's
+ value. Cannot be used if value is not empty.
+ properties:
+ configMapKeyRef:
+ description: Selects a key of a ConfigMap.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ fieldRef:
+ description: This is accessible behind a feature
+ flag - kubernetes.podspec-fieldref
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-preserve-unknown-fields: true
+ resourceFieldRef:
+ description: This is accessible behind a feature
+ flag - kubernetes.podspec-fieldref
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-preserve-unknown-fields: true
+ secretKeyRef:
+ description: Selects a key of a secret in
+ the pod's namespace
+ properties:
+ key:
+ description: The key of the secret to
+ select from. Must be a valid secret
+ key.
+ type: string
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret
+ or its key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ description: List of sources to populate environment
+ variables in the container. The keys defined within
+ a source must be a C_IDENTIFIER. All invalid keys
+ will be reported as an event when the container is
+ starting. When a key exists in multiple sources, the
+ value associated with the last source will take precedence.
+ Values defined by an Env with a duplicate key will
+ take precedence. Cannot be updated.
+ items:
+ description: EnvFromSource represents the source of
+ a set of ConfigMaps
+ properties:
+ configMapRef:
+ description: The ConfigMap to select from
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap
+ must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ prefix:
+ description: An optional identifier to prepend
+ to each key in the ConfigMap. Must be a C_IDENTIFIER.
+ type: string
+ secretRef:
+ description: The Secret to select from
+ properties:
+ name:
+ description: 'Name of the referent. More info:
+ https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret must
+ be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ type: array
+ image:
+ description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images
+ This field is optional to allow higher level config
+ management to default or override container images
+ in workload controllers like Deployments and StatefulSets.'
+ type: string
+ imagePullPolicy:
+ description: 'Image pull policy. One of Always, Never,
+ IfNotPresent. Defaults to Always if :latest tag is
+ specified, or IfNotPresent otherwise. Cannot be updated.
+ More info: https://kubernetes.io/docs/concepts/containers/images#updating-images'
+ type: string
+ livenessProbe:
+ description: 'Periodic probe of container liveness.
+ Container will be restarted if the probe fails. Cannot
+ be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ name:
+ description: Name of the container specified as a DNS_LABEL.
+ Each container in a pod must have a unique name (DNS_LABEL).
+ Cannot be updated.
+ type: string
+ ports:
+ description: List of ports to expose from the container.
+ Not specifying a port here DOES NOT prevent that port
+ from being exposed. Any port which is listening on
+ the default "0.0.0.0" address inside a container will
+ be accessible from the network. Modifying this array
+ with strategic merge patch may corrupt the data. For
+ more information See https://github.com/kubernetes/kubernetes/issues/108255.
+ Cannot be updated.
+ items:
+ description: ContainerPort represents a network port
+ in a single container.
+ properties:
+ containerPort:
+ description: Number of port to expose on the pod's
+ IP address. This must be a valid port number,
+ 0 < x < 65536.
+ format: int32
+ type: integer
+ name:
+ description: If specified, this must be an IANA_SVC_NAME
+ and unique within the pod. Each named port in
+ a pod must have a unique name. Name for the
+ port that can be referred to by services.
+ type: string
+ protocol:
+ default: TCP
+ description: Protocol for port. Must be UDP, TCP,
+ or SCTP. Defaults to "TCP".
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ description: 'Periodic probe of container service readiness.
+ Container will be removed from service endpoints if
+ the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ properties:
+ exec:
+ description: Exec specifies the action to take.
+ properties:
+ command:
+ description: Command is the command line to
+ execute inside the container, the working
+ directory for the command is root ('/') in
+ the container's filesystem. The command is
+ simply exec'd, it is not run inside a shell,
+ so traditional shell instructions ('|', etc)
+ won't work. To use a shell, you need to explicitly
+ call out to that shell. Exit status of 0 is
+ treated as live/healthy and non-zero is unhealthy.
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ description: Minimum consecutive failures for the
+ probe to be considered failed after having succeeded.
+ Defaults to 3. Minimum value is 1.
+ format: int32
+ type: integer
+ httpGet:
+ description: HTTPGet specifies the http request
+ to perform.
+ properties:
+ host:
+ description: Host name to connect to, defaults
+ to the pod IP. You probably want to set "Host"
+ in httpHeaders instead.
+ type: string
+ httpHeaders:
+ description: Custom headers to set in the request.
+ HTTP allows repeated headers.
+ items:
+ description: HTTPHeader describes a custom
+ header to be used in HTTP probes
+ properties:
+ name:
+ description: The header field name
+ type: string
+ value:
+ description: The header field value
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ description: Path to access on the HTTP server.
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ scheme:
+ description: Scheme to use for connecting to
+ the host. Defaults to HTTP.
+ type: string
+ type: object
+ initialDelaySeconds:
+ description: 'Number of seconds after the container
+ has started before liveness probes are initiated.
+ More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ periodSeconds:
+ description: How often (in seconds) to perform the
+ probe.
+ format: int32
+ type: integer
+ successThreshold:
+ description: Minimum consecutive successes for the
+ probe to be considered successful after having
+ failed. Defaults to 1. Must be 1 for liveness
+ and startup. Minimum value is 1.
+ format: int32
+ type: integer
+ tcpSocket:
+ description: TCPSocket specifies an action involving
+ a TCP port.
+ properties:
+ host:
+ description: 'Optional: Host name to connect
+ to, defaults to the pod IP.'
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Number or name of the port to access
+ on the container. Number must be in the range
+ 1 to 65535. Name must be an IANA_SVC_NAME.
+ x-kubernetes-int-or-string: true
+ type: object
+ timeoutSeconds:
+ description: 'Number of seconds after which the
+ probe times out. Defaults to 1 second. Minimum
+ value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
+ format: int32
+ type: integer
+ type: object
+ resources:
+ description: 'Compute Resources required by this container.
+ Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Limits describes the maximum amount
+ of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ description: 'Requests describes the minimum amount
+ of compute resources required. If Requests is
+ omitted for a container, it defaults to Limits
+ if that is explicitly specified, otherwise to
+ an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+ type: object
+ type: object
+ securityContext:
+ description: 'SecurityContext defines the security options
+ the container should be run with. If set, the fields
+ of SecurityContext override the equivalent fields
+ of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/'
+ properties:
+ allowPrivilegeEscalation:
+ description: 'AllowPrivilegeEscalation controls
+ whether a process can gain more privileges than
+ its parent process. This bool directly controls
+ if the no_new_privs flag will be set on the container
+ process. AllowPrivilegeEscalation is true always
+ when the container is: 1) run as Privileged 2)
+ has CAP_SYS_ADMIN Note that this field cannot
+ be set when spec.os.name is windows.'
+ type: boolean
+ capabilities:
+ description: The capabilities to add/drop when running
+ containers. Defaults to the default set of capabilities
+ granted by the container runtime. Note that this
+ field cannot be set when spec.os.name is windows.
+ properties:
+ add:
+ description: This is accessible behind a feature
+ flag - kubernetes.containerspec-addcapabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ drop:
+ description: Removed capabilities
+ items:
+ description: Capability represent POSIX capabilities
+ type
+ type: string
+ type: array
+ type: object
+ readOnlyRootFilesystem:
+ description: Whether this container has a read-only
+ root filesystem. Default is false. Note that this
+ field cannot be set when spec.os.name is windows.
+ type: boolean
+ runAsGroup:
+ description: The GID to run the entrypoint of the
+ container process. Uses runtime default if unset.
+ May also be set in PodSecurityContext. If set
+ in both SecurityContext and PodSecurityContext,
+ the value specified in SecurityContext takes precedence.
+ Note that this field cannot be set when spec.os.name
+ is windows.
+ format: int64
+ type: integer
+ runAsNonRoot:
+ description: Indicates that the container must run
+ as a non-root user. If true, the Kubelet will
+ validate the image at runtime to ensure that it
+ does not run as UID 0 (root) and fail to start
+ the container if it does. If unset or false, no
+ such validation will be performed. May also be
+ set in PodSecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in
+ SecurityContext takes precedence.
+ type: boolean
+ runAsUser:
+ description: The UID to run the entrypoint of the
+ container process. Defaults to user specified
+ in image metadata if unspecified. May also be
+ set in PodSecurityContext. If set in both SecurityContext
+ and PodSecurityContext, the value specified in
+ SecurityContext takes precedence. Note that this
+ field cannot be set when spec.os.name is windows.
+ format: int64
+ type: integer
+ seccompProfile:
+ description: The seccomp options to use by this
+ container. If seccomp options are provided at
+ both the pod & container level, the container
+ options override the pod options. Note that this
+ field cannot be set when spec.os.name is windows.
+ properties:
+ localhostProfile:
+ description: localhostProfile indicates a profile
+ defined in a file on the node should be used.
+ The profile must be preconfigured on the node
+ to work. Must be a descending path, relative
+ to the kubelet's configured seccomp profile
+ location. Must only be set if type is "Localhost".
+ type: string
+ type:
+ description: "type indicates which kind of seccomp
+ profile will be applied. Valid options are:
+ \n Localhost - a profile defined in a file
+ on the node should be used. RuntimeDefault
+ - the container runtime default profile should
+ be used. Unconfined - no profile should be
+ applied."
+ type: string
+ required:
+ - type
+ type: object
+ type: object
+ terminationMessagePath:
+ description: 'Optional: Path at which the file to which
+ the container''s termination message will be written
+ is mounted into the container''s filesystem. Message
+ written is intended to be brief final status, such
+ as an assertion failure message. Will be truncated
+ by the node if greater than 4096 bytes. The total
+ message length across all containers will be limited
+ to 12kb. Defaults to /dev/termination-log. Cannot
+ be updated.'
+ type: string
+ terminationMessagePolicy:
+ description: Indicate how the termination message should
+ be populated. File will use the contents of terminationMessagePath
+ to populate the container status message on both success
+ and failure. FallbackToLogsOnError will use the last
+ chunk of container log output if the termination message
+ file is empty and the container exited with an error.
+ The log output is limited to 2048 bytes or 80 lines,
+ whichever is smaller. Defaults to File. Cannot be
+ updated.
+ type: string
+ volumeMounts:
+ description: Pod volumes to mount into the container's
+ filesystem. Cannot be updated.
+ items:
+ description: VolumeMount describes a mounting of a
+ Volume within a container.
+ properties:
+ mountPath:
+ description: Path within the container at which
+ the volume should be mounted. Must not contain
+ ':'.
+ type: string
+ name:
+ description: This must match the Name of a Volume.
+ type: string
+ readOnly:
+ description: Mounted read-only if true, read-write
+ otherwise (false or unspecified). Defaults to
+ false.
+ type: boolean
+ subPath:
+ description: Path within the volume from which
+ the container's volume should be mounted. Defaults
+ to "" (volume's root).
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ description: Container's working directory. If not specified,
+ the container runtime's default will be used, which
+ might be configured in the container image. Cannot
+ be updated.
+ type: string
+ type: object
+ type: array
+ dnsConfig:
+ description: This is accessible behind a feature flag - kubernetes.podspec-dnsconfig
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ dnsPolicy:
+ description: This is accessible behind a feature flag - kubernetes.podspec-dnspolicy
+ type: string
+ enableServiceLinks:
+ description: 'EnableServiceLinks indicates whether information
+ about services should be injected into pod''s environment
+ variables, matching the syntax of Docker links. Optional:
+ Knative defaults this to false.'
+ type: boolean
+ hostAliases:
+ description: This is accessible behind a feature flag - kubernetes.podspec-hostaliases
+ items:
+ description: This is accessible behind a feature flag -
+ kubernetes.podspec-hostaliases
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ idleTimeoutSeconds:
+ description: IdleTimeoutSeconds is the maximum duration in
+ seconds a request will be allowed to stay open while not
+ receiving any bytes from the user's application. If unspecified,
+ a system default will be provided.
+ format: int64
+ type: integer
+ imagePullSecrets:
+ description: 'ImagePullSecrets is an optional list of references
+ to secrets in the same namespace to use for pulling any
+ of the images used by this PodSpec. If specified, these
+ secrets will be passed to individual puller implementations
+ for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod'
+ items:
+ description: LocalObjectReference contains enough information
+ to let you locate the referenced object inside the same
+ namespace.
+ properties:
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ initContainers:
+ description: 'List of initialization containers belonging
+ to the pod. Init containers are executed in order prior
+ to containers being started. If any init container fails,
+ the pod is considered to have failed and is handled according
+ to its restartPolicy. The name for an init container or
+ normal container must be unique among all containers. Init
+ containers may not have Lifecycle actions, Readiness probes,
+ Liveness probes, or Startup probes. The resourceRequirements
+ of an init container are taken into account during scheduling
+ by finding the highest request/limit for each resource type,
+ and then using the max of of that value or the sum of the
+ normal containers. Limits are applied to init containers
+ in a similar fashion. Init containers cannot currently be
+ added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/'
+ items:
+ description: This is accessible behind a feature flag -
+ kubernetes.podspec-init-containers
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ nodeSelector:
+ description: This is accessible behind a feature flag - kubernetes.podspec-nodeselector
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-preserve-unknown-fields: true
+ priorityClassName:
+ description: This is accessible behind a feature flag - kubernetes.podspec-priorityclassname
+ type: string
+ x-kubernetes-preserve-unknown-fields: true
+ responseStartTimeoutSeconds:
+ description: ResponseStartTimeoutSeconds is the maximum duration
+ in seconds that the request routing layer will wait for
+ a request delivered to a container to begin sending any
+ network traffic.
+ format: int64
+ type: integer
+ runtimeClassName:
+ description: This is accessible behind a feature flag - kubernetes.podspec-runtimeclassname
+ type: string
+ x-kubernetes-preserve-unknown-fields: true
+ schedulerName:
+ description: This is accessible behind a feature flag - kubernetes.podspec-schedulername
+ type: string
+ x-kubernetes-preserve-unknown-fields: true
+ securityContext:
+ description: This is accessible behind a feature flag - kubernetes.podspec-securitycontext
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ serviceAccountName:
+ description: 'ServiceAccountName is the name of the ServiceAccount
+ to use to run this pod. More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/'
+ type: string
+ timeoutSeconds:
+ description: TimeoutSeconds is the maximum duration in seconds
+ that the request instance is allowed to respond to a request.
+ If unspecified, a system default will be provided.
+ format: int64
+ type: integer
+ tolerations:
+ description: This is accessible behind a feature flag - kubernetes.podspec-tolerations
+ items:
+ description: This is accessible behind a feature flag -
+ kubernetes.podspec-tolerations
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ topologySpreadConstraints:
+ description: This is accessible behind a feature flag - kubernetes.podspec-topologyspreadconstraints
+ items:
+ description: This is accessible behind a feature flag -
+ kubernetes.podspec-topologyspreadconstraints
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: array
+ volumes:
+ description: 'List of volumes that can be mounted by containers
+ belonging to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes'
+ items:
+ description: Volume represents a named volume in a pod that
+ may be accessed by any container in the pod.
+ properties:
+ configMap:
+ description: configMap represents a configMap that should
+ populate this volume
+ properties:
+ defaultMode:
+ description: 'defaultMode is optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
+ format: int32
+ type: integer
+ items:
+ description: items if unspecified, each key-value
+ pair in the Data field of the referenced ConfigMap
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
+ the listed keys will be projected into the specified
+ paths, and unlisted keys will not be present.
+ If a key is specified which is not present in
+ the ConfigMap, the volume setup will error unless
+ it is marked optional. Paths must be relative
+ and may not contain the '..' path or start with
+ '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML
+ accepts both octal and decimal values, JSON
+ requires decimal values for mode bits. If
+ not specified, the volume defaultMode will
+ be used. This might be in conflict with
+ other options that affect the file mode,
+ like fsGroup, and the result can be other
+ mode bits set.'
+ format: int32
+ type: integer
+ path:
+ description: path is the relative path of
+ the file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the string
+ '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: optional specify whether the ConfigMap
+ or its keys must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ emptyDir:
+ description: This is accessible behind a feature flag
+ - kubernetes.podspec-emptydir
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ name:
+ description: 'name of the volume. Must be a DNS_LABEL
+ and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ persistentVolumeClaim:
+ description: This is accessible behind a feature flag
+ - kubernetes.podspec-persistent-volume-claim
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ projected:
+ description: projected items for all in one resources
+ secrets, configmaps, and downward API
+ properties:
+ defaultMode:
+ description: defaultMode are the mode bits used
+ to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Directories within the path
+ are not affected by this setting. This might be
+ in conflict with other options that affect the
+ file mode, like fsGroup, and the result can be
+ other mode bits set.
+ format: int32
+ type: integer
+ sources:
+ description: sources is the list of volume projections
+ items:
+ description: Projection that may be projected
+ along with other supported volume types
+ properties:
+ configMap:
+ description: configMap information about the
+ configMap data to project
+ properties:
+ items:
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced ConfigMap will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will be
+ projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not present
+ in the ConfigMap, the volume setup will
+ error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a
+ path within a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777 or
+ a decimal value between 0 and
+ 511. YAML accepts both octal and
+ decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume defaultMode
+ will be used. This might be in
+ conflict with other options that
+ affect the file mode, like fsGroup,
+ and the result can be other mode
+ bits set.'
+ format: int32
+ type: integer
+ path:
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: optional specify whether
+ the ConfigMap or its keys must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ downwardAPI:
+ description: downwardAPI information about
+ the downwardAPI data to project
+ properties:
+ items:
+ description: Items is a list of DownwardAPIVolume
+ file
+ items:
+ description: DownwardAPIVolumeFile represents
+ information to create the file containing
+ the pod field
+ properties:
+ fieldRef:
+ description: 'Required: Selects
+ a field of the pod: only annotations,
+ labels, name and namespace are
+ supported.'
+ properties:
+ apiVersion:
+ description: Version of the
+ schema the FieldPath is written
+ in terms of, defaults to "v1".
+ type: string
+ fieldPath:
+ description: Path of the field
+ to select in the specified
+ API version.
+ type: string
+ required:
+ - fieldPath
+ type: object
+ x-kubernetes-map-type: atomic
+ mode:
+ description: 'Optional: mode bits
+ used to set permissions on this
+ file, must be an octal value between
+ 0000 and 0777 or a decimal value
+ between 0 and 511. YAML accepts
+ both octal and decimal values,
+ JSON requires decimal values for
+ mode bits. If not specified, the
+ volume defaultMode will be used.
+ This might be in conflict with
+ other options that affect the
+ file mode, like fsGroup, and the
+ result can be other mode bits
+ set.'
+ format: int32
+ type: integer
+ path:
+ description: 'Required: Path is the
+ relative path name of the file
+ to be created. Must not be absolute
+ or contain the ''..'' path. Must
+ be utf-8 encoded. The first item
+ of the relative path must not
+ start with ''..'''
+ type: string
+ resourceFieldRef:
+ description: 'Selects a resource
+ of the container: only resources
+ limits and requests (limits.cpu,
+ limits.memory, requests.cpu and
+ requests.memory) are currently
+ supported.'
+ properties:
+ containerName:
+ description: 'Container name:
+ required for volumes, optional
+ for env vars'
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the output
+ format of the exposed resources,
+ defaults to "1"
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ description: 'Required: resource
+ to select'
+ type: string
+ required:
+ - resource
+ type: object
+ x-kubernetes-map-type: atomic
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ description: secret information about the
+ secret data to project
+ properties:
+ items:
+ description: items if unspecified, each
+ key-value pair in the Data field of
+ the referenced Secret will be projected
+ into the volume as a file whose name
+ is the key and content is the value.
+ If specified, the listed keys will be
+ projected into the specified paths,
+ and unlisted keys will not be present.
+ If a key is specified which is not present
+ in the Secret, the volume setup will
+ error unless it is marked optional.
+ Paths must be relative and may not contain
+ the '..' path or start with '..'.
+ items:
+ description: Maps a string key to a
+ path within a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: 'mode is Optional:
+ mode bits used to set permissions
+ on this file. Must be an octal
+ value between 0000 and 0777 or
+ a decimal value between 0 and
+ 511. YAML accepts both octal and
+ decimal values, JSON requires
+ decimal values for mode bits.
+ If not specified, the volume defaultMode
+ will be used. This might be in
+ conflict with other options that
+ affect the file mode, like fsGroup,
+ and the result can be other mode
+ bits set.'
+ format: int32
+ type: integer
+ path:
+ description: path is the relative
+ path of the file to map the key
+ to. May not be an absolute path.
+ May not contain the path element
+ '..'. May not start with the string
+ '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ description: 'Name of the referent. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion,
+ kind, uid?'
+ type: string
+ optional:
+ description: optional field specify whether
+ the Secret or its key must be defined
+ type: boolean
+ type: object
+ x-kubernetes-map-type: atomic
+ serviceAccountToken:
+ description: serviceAccountToken is information
+ about the serviceAccountToken data to project
+ properties:
+ audience:
+ description: audience is the intended
+ audience of the token. A recipient of
+ a token must identify itself with an
+ identifier specified in the audience
+ of the token, and otherwise should reject
+ the token. The audience defaults to
+ the identifier of the apiserver.
+ type: string
+ expirationSeconds:
+ description: expirationSeconds is the
+ requested duration of validity of the
+ service account token. As the token
+ approaches expiration, the kubelet volume
+ plugin will proactively rotate the service
+ account token. The kubelet will start
+ trying to rotate the token if the token
+ is older than 80 percent of its time
+ to live or if the token is older than
+ 24 hours.Defaults to 1 hour and must
+ be at least 10 minutes.
+ format: int64
+ type: integer
+ path:
+ description: path is the path relative
+ to the mount point of the file to project
+ the token into.
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ secret:
+ description: 'secret represents a secret that should
+ populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ properties:
+ defaultMode:
+ description: 'defaultMode is Optional: mode bits
+ used to set permissions on created files by default.
+ Must be an octal value between 0000 and 0777 or
+ a decimal value between 0 and 511. YAML accepts
+ both octal and decimal values, JSON requires decimal
+ values for mode bits. Defaults to 0644. Directories
+ within the path are not affected by this setting.
+ This might be in conflict with other options that
+ affect the file mode, like fsGroup, and the result
+ can be other mode bits set.'
+ format: int32
+ type: integer
+ items:
+ description: items If unspecified, each key-value
+ pair in the Data field of the referenced Secret
+ will be projected into the volume as a file whose
+ name is the key and content is the value. If specified,
+ the listed keys will be projected into the specified
+ paths, and unlisted keys will not be present.
+ If a key is specified which is not present in
+ the Secret, the volume setup will error unless
+ it is marked optional. Paths must be relative
+ and may not contain the '..' path or start with
+ '..'.
+ items:
+ description: Maps a string key to a path within
+ a volume.
+ properties:
+ key:
+ description: key is the key to project.
+ type: string
+ mode:
+ description: 'mode is Optional: mode bits
+ used to set permissions on this file. Must
+ be an octal value between 0000 and 0777
+ or a decimal value between 0 and 511. YAML
+ accepts both octal and decimal values, JSON
+ requires decimal values for mode bits. If
+ not specified, the volume defaultMode will
+ be used. This might be in conflict with
+ other options that affect the file mode,
+ like fsGroup, and the result can be other
+ mode bits set.'
+ format: int32
+ type: integer
+ path:
+ description: path is the relative path of
+ the file to map the key to. May not be an
+ absolute path. May not contain the path
+ element '..'. May not start with the string
+ '..'.
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ description: optional field specify whether the
+ Secret or its keys must be defined
+ type: boolean
+ secretName:
+ description: 'secretName is the name of the secret
+ in the pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret'
+ type: string
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ required:
+ - containers
+ type: object
+ type: object
+ type: object
+ status:
+ description: ConfigurationStatus communicates the observed state of the
+ Configuration (from the controller).
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ description: 'Condition defines a readiness condition for a Knative
+ resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ latestCreatedRevisionName:
+ description: LatestCreatedRevisionName is the last revision that was
+ created from this Configuration. It might not be ready yet, for
+ that use LatestReadyRevisionName.
+ type: string
+ latestReadyRevisionName:
+ description: LatestReadyRevisionName holds the name of the latest
+ Revision stamped out from this Configuration that has had its "Ready"
+ condition become "True".
+ type: string
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app.kubernetes.io/component: knative-eventing
+ app.kubernetes.io/name: knative-eventing
+ app.kubernetes.io/version: 1.10.1
+ duck.knative.dev/source: "true"
+ eventing.knative.dev/source: "true"
+ knative.dev/crd-install: "true"
+ kustomize.component: knative
+ name: containersources.sources.knative.dev
+spec:
+ group: sources.knative.dev
+ names:
+ categories:
+ - all
+ - knative
+ - sources
+ kind: ContainerSource
+ plural: containersources
+ singular: containersource
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.sinkUri
+ name: Sink
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ - jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=='Ready')].reason
+ name: Reason
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: ContainerSource is an event source that starts a container image
+ which generates events under certain situations and sends messages to a
+ sink URI
+ properties:
+ spec:
+ properties:
+ ceOverrides:
+ description: CloudEventOverrides defines overrides to control the
+ output format and modifications of the event sent to the sink.
+ properties:
+ extensions:
+ description: Extensions specify what attribute are added or overridden
+ on the outbound event. Each `Extensions` key-value pair are
+ set on the event as an attribute extension independently.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ sink:
+ description: Sink is a reference to an object that will resolve to
+ a uri to use as the sink.
+ properties:
+ ref:
+ description: Ref points to an Addressable.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ This is optional field, it gets defaulted to the object
+ holding it if left out.'
+ type: string
+ type: object
+ uri:
+ description: URI can be an absolute URL(non-empty scheme and non-empty
+ host) pointing to the target or a relative URI. Relative URIs
+ will be resolved using the base URI retrieved from Ref.
+ type: string
+ type: object
+ template:
+ description: 'A template in the shape of `Deployment.spec.template`
+ to be used for this ContainerSource. More info: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/'
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ status:
+ properties:
+ annotations:
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ ceAttributes:
+ description: CloudEventAttributes are the specific attributes that
+ the Source uses as part of its CloudEvents.
+ items:
+ properties:
+ source:
+ description: Source is the CloudEvents source attribute.
+ type: string
+ type:
+ description: Type refers to the CloudEvent type attribute.
+ type: string
+ type: object
+ type: array
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - type
+ - status
+ type: object
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ sinkUri:
+ description: SinkURI is the current active sink URI that has been
+ configured for the Source.
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ api-approved.kubernetes.io: unapproved, request not yet submitted
+ labels:
+ application-crd-id: kubeflow-pipelines
+ kustomize.component: metacontroller
+ name: controllerrevisions.metacontroller.k8s.io
+spec:
+ group: metacontroller.k8s.io
+ names:
+ kind: ControllerRevision
+ listKind: ControllerRevisionList
+ plural: controllerrevisions
+ singular: controllerrevision
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ children:
+ items:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ names:
+ items:
+ type: string
+ type: array
+ required:
+ - apiGroup
+ - kind
+ - names
+ type: object
+ type: array
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ parentPatch:
+ type: object
+ required:
+ - metadata
+ - parentPatch
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ application-crd-id: kubeflow-pipelines
+ name: cronworkflows.argoproj.io
+spec:
+ group: argoproj.io
+ names:
+ kind: CronWorkflow
+ listKind: CronWorkflowList
+ plural: cronworkflows
+ shortNames:
+ - cwf
+ - cronwf
+ singular: cronworkflow
+ scope: Namespaced
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-preserve-unknown-fields: true
+ status:
+ type: object
+ x-kubernetes-map-type: atomic
+ x-kubernetes-preserve-unknown-fields: true
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ api-approved.kubernetes.io: unapproved, request not yet submitted
+ labels:
+ application-crd-id: kubeflow-pipelines
+ kustomize.component: metacontroller
+ name: decoratorcontrollers.metacontroller.k8s.io
+spec:
+ group: metacontroller.k8s.io
+ names:
+ kind: DecoratorController
+ listKind: DecoratorControllerList
+ plural: decoratorcontrollers
+ shortNames:
+ - dec
+ - decorators
+ singular: decoratorcontroller
+ scope: Cluster
+ versions:
+ - name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ attachments:
+ items:
+ properties:
+ apiVersion:
+ type: string
+ resource:
+ type: string
+ updateStrategy:
+ properties:
+ method:
+ type: string
+ type: object
+ required:
+ - apiVersion
+ - resource
+ type: object
+ type: array
+ hooks:
+ properties:
+ customize:
+ properties:
+ webhook:
+ properties:
+ path:
+ type: string
+ service:
+ properties:
+ name:
+ type: string
+ namespace:
+ type: string
+ port:
+ format: int32
+ type: integer
+ protocol:
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ timeout:
+ type: string
+ url:
+ type: string
+ type: object
+ type: object
+ finalize:
+ properties:
+ webhook:
+ properties:
+ path:
+ type: string
+ service:
+ properties:
+ name:
+ type: string
+ namespace:
+ type: string
+ port:
+ format: int32
+ type: integer
+ protocol:
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ timeout:
+ type: string
+ url:
+ type: string
+ type: object
+ type: object
+ sync:
+ properties:
+ webhook:
+ properties:
+ path:
+ type: string
+ service:
+ properties:
+ name:
+ type: string
+ namespace:
+ type: string
+ port:
+ format: int32
+ type: integer
+ protocol:
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ timeout:
+ type: string
+ url:
+ type: string
+ type: object
+ type: object
+ type: object
+ resources:
+ items:
+ properties:
+ annotationSelector:
+ properties:
+ matchAnnotations:
+ additionalProperties:
+ type: string
+ type: object
+ matchExpressions:
+ items:
+ description: A label selector requirement is a selector
+ that contains values, a key, and an operator that relates
+ the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn,
+ Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists or
+ DoesNotExist, the values array must be empty. This
+ array is replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ apiVersion:
+ type: string
+ labelSelector:
+ description: A label selector is a label query over a set of
+ resources. The result of matchLabels and matchExpressions
+ are ANDed. An empty label selector matches all objects. A
+ null label selector matches no objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector
+ requirements. The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector
+ that contains values, a key, and an operator that relates
+ the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector
+ applies to.
+ type: string
+ operator:
+ description: operator represents a key's relationship
+ to a set of values. Valid operators are In, NotIn,
+ Exists and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values.
+ If the operator is In or NotIn, the values array
+ must be non-empty. If the operator is Exists or
+ DoesNotExist, the values array must be empty. This
+ array is replaced during a strategic merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs.
+ A single {key,value} in the matchLabels map is equivalent
+ to an element of matchExpressions, whose key field is
+ "key", the operator is "In", and the values array contains
+ only "value". The requirements are ANDed.
+ type: object
+ type: object
+ resource:
+ type: string
+ required:
+ - apiVersion
+ - resource
+ type: object
+ type: array
+ resyncPeriodSeconds:
+ format: int32
+ type: integer
+ required:
+ - resources
+ type: object
+ status:
+ type: object
+ required:
+ - metadata
+ - spec
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ helm.sh/resource-policy: keep
+ labels:
+ app: istio-pilot
+ chart: istio
+ heritage: Tiller
+ release: istio
+ name: destinationrules.networking.istio.io
+spec:
+ group: networking.istio.io
+ names:
+ categories:
+ - istio-io
+ - networking-istio-io
+ kind: DestinationRule
+ listKind: DestinationRuleList
+ plural: destinationrules
+ shortNames:
+ - dr
+ singular: destinationrule
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - description: The name of a service from the service registry
+ jsonPath: .spec.host
+ name: Host
+ type: string
+ - description: 'CreationTimestamp is a timestamp representing the server time
+ when this object was created. It is not guaranteed to be set in happens-before
+ order across separate operations. Clients may not set this value. It is represented
+ in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for
+ lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata'
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1alpha3
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ description: 'Configuration affecting load balancing, outlier detection,
+ etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html'
+ properties:
+ exportTo:
+ description: A list of namespaces to which this destination rule is
+ exported.
+ items:
+ type: string
+ type: array
+ host:
+ description: The name of a service from the service registry.
+ type: string
+ subsets:
+ items:
+ properties:
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ name:
+ description: Name of the subset.
+ type: string
+ trafficPolicy:
+ description: Traffic policies that apply to this subset.
+ properties:
+ connectionPool:
+ properties:
+ http:
+ description: HTTP connection pool settings.
+ properties:
+ h2UpgradePolicy:
+ description: Specify if http1.1 connection should
+ be upgraded to http2 for the associated destination.
+ enum:
+ - DEFAULT
+ - DO_NOT_UPGRADE
+ - UPGRADE
+ type: string
+ http1MaxPendingRequests:
+ format: int32
+ type: integer
+ http2MaxRequests:
+ description: Maximum number of active requests to
+ a destination.
+ format: int32
+ type: integer
+ idleTimeout:
+ description: The idle timeout for upstream connection
+ pool connections.
+ type: string
+ maxRequestsPerConnection:
+ description: Maximum number of requests per connection
+ to a backend.
+ format: int32
+ type: integer
+ maxRetries:
+ format: int32
+ type: integer
+ useClientProtocol:
+ description: If set to true, client protocol will
+ be preserved while initiating connection to backend.
+ type: boolean
+ type: object
+ tcp:
+ description: Settings common to both HTTP and TCP upstream
+ connections.
+ properties:
+ connectTimeout:
+ description: TCP connection timeout.
+ type: string
+ maxConnectionDuration:
+ description: The maximum duration of a connection.
+ type: string
+ maxConnections:
+ description: Maximum number of HTTP1 /TCP connections
+ to a destination host.
+ format: int32
+ type: integer
+ tcpKeepalive:
+ description: If set then set SO_KEEPALIVE on the
+ socket to enable TCP Keepalives.
+ properties:
+ interval:
+ description: The time duration between keep-alive
+ probes.
+ type: string
+ probes:
+ type: integer
+ time:
+ type: string
+ type: object
+ type: object
+ type: object
+ loadBalancer:
+ description: Settings controlling the load balancer algorithms.
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ properties:
+ consistentHash:
+ properties:
+ httpCookie:
+ description: Hash based on HTTP cookie.
+ properties:
+ name:
+ description: Name of the cookie.
+ type: string
+ path:
+ description: Path to set for the cookie.
+ type: string
+ ttl:
+ description: Lifetime of the cookie.
+ type: string
+ type: object
+ httpHeaderName:
+ description: Hash based on a specific HTTP header.
+ type: string
+ httpQueryParameterName:
+ description: Hash based on a specific HTTP query
+ parameter.
+ type: string
+ maglev:
+ description: The Maglev load balancer implements
+ consistent hashing to backend hosts.
+ properties:
+ tableSize:
+ description: The table size for Maglev hashing.
+ type: integer
+ type: object
+ minimumRingSize:
+ description: Deprecated.
+ type: integer
+ ringHash:
+ description: The ring/modulo hash load balancer
+ implements consistent hashing to backend hosts.
+ properties:
+ minimumRingSize:
+ type: integer
+ type: object
+ useSourceIp:
+ description: Hash based on the source IP address.
+ type: boolean
+ type: object
+ localityLbSetting:
+ properties:
+ distribute:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating locality, '/' separated,
+ e.g.
+ type: string
+ to:
+ additionalProperties:
+ type: integer
+ description: Map of upstream localities to
+ traffic distribution weights.
+ type: object
+ type: object
+ type: array
+ enabled:
+ description: enable locality load balancing, this
+ is DestinationRule-level and will override mesh
+ wide settings in entirety.
+ nullable: true
+ type: boolean
+ failover:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating region.
+ type: string
+ to:
+ type: string
+ type: object
+ type: array
+ failoverPriority:
+ description: failoverPriority is an ordered list
+ of labels used to sort endpoints to do priority
+ based load balancing.
+ items:
+ type: string
+ type: array
+ type: object
+ simple:
+ enum:
+ - UNSPECIFIED
+ - LEAST_CONN
+ - RANDOM
+ - PASSTHROUGH
+ - ROUND_ROBIN
+ - LEAST_REQUEST
+ type: string
+ warmupDurationSecs:
+ description: Represents the warmup duration of Service.
+ type: string
+ type: object
+ outlierDetection:
+ properties:
+ baseEjectionTime:
+ description: Minimum ejection duration.
+ type: string
+ consecutive5xxErrors:
+ description: Number of 5xx errors before a host is ejected
+ from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveErrors:
+ format: int32
+ type: integer
+ consecutiveGatewayErrors:
+ description: Number of gateway errors before a host
+ is ejected from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveLocalOriginFailures:
+ nullable: true
+ type: integer
+ interval:
+ description: Time interval between ejection sweep analysis.
+ type: string
+ maxEjectionPercent:
+ format: int32
+ type: integer
+ minHealthPercent:
+ format: int32
+ type: integer
+ splitExternalLocalOriginErrors:
+ description: Determines whether to distinguish local
+ origin failures from external errors.
+ type: boolean
+ type: object
+ portLevelSettings:
+ description: Traffic policies specific to individual ports.
+ items:
+ properties:
+ connectionPool:
+ properties:
+ http:
+ description: HTTP connection pool settings.
+ properties:
+ h2UpgradePolicy:
+ description: Specify if http1.1 connection
+ should be upgraded to http2 for the associated
+ destination.
+ enum:
+ - DEFAULT
+ - DO_NOT_UPGRADE
+ - UPGRADE
+ type: string
+ http1MaxPendingRequests:
+ format: int32
+ type: integer
+ http2MaxRequests:
+ description: Maximum number of active requests
+ to a destination.
+ format: int32
+ type: integer
+ idleTimeout:
+ description: The idle timeout for upstream
+ connection pool connections.
+ type: string
+ maxRequestsPerConnection:
+ description: Maximum number of requests per
+ connection to a backend.
+ format: int32
+ type: integer
+ maxRetries:
+ format: int32
+ type: integer
+ useClientProtocol:
+ description: If set to true, client protocol
+ will be preserved while initiating connection
+ to backend.
+ type: boolean
+ type: object
+ tcp:
+ description: Settings common to both HTTP and
+ TCP upstream connections.
+ properties:
+ connectTimeout:
+ description: TCP connection timeout.
+ type: string
+ maxConnectionDuration:
+ description: The maximum duration of a connection.
+ type: string
+ maxConnections:
+ description: Maximum number of HTTP1 /TCP
+ connections to a destination host.
+ format: int32
+ type: integer
+ tcpKeepalive:
+ description: If set then set SO_KEEPALIVE
+ on the socket to enable TCP Keepalives.
+ properties:
+ interval:
+ description: The time duration between
+ keep-alive probes.
+ type: string
+ probes:
+ type: integer
+ time:
+ type: string
+ type: object
+ type: object
+ type: object
+ loadBalancer:
+ description: Settings controlling the load balancer
+ algorithms.
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ properties:
+ consistentHash:
+ properties:
+ httpCookie:
+ description: Hash based on HTTP cookie.
+ properties:
+ name:
+ description: Name of the cookie.
+ type: string
+ path:
+ description: Path to set for the cookie.
+ type: string
+ ttl:
+ description: Lifetime of the cookie.
+ type: string
+ type: object
+ httpHeaderName:
+ description: Hash based on a specific HTTP
+ header.
+ type: string
+ httpQueryParameterName:
+ description: Hash based on a specific HTTP
+ query parameter.
+ type: string
+ maglev:
+ description: The Maglev load balancer implements
+ consistent hashing to backend hosts.
+ properties:
+ tableSize:
+ description: The table size for Maglev
+ hashing.
+ type: integer
+ type: object
+ minimumRingSize:
+ description: Deprecated.
+ type: integer
+ ringHash:
+ description: The ring/modulo hash load balancer
+ implements consistent hashing to backend
+ hosts.
+ properties:
+ minimumRingSize:
+ type: integer
+ type: object
+ useSourceIp:
+ description: Hash based on the source IP address.
+ type: boolean
+ type: object
+ localityLbSetting:
+ properties:
+ distribute:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating locality, '/'
+ separated, e.g.
+ type: string
+ to:
+ additionalProperties:
+ type: integer
+ description: Map of upstream localities
+ to traffic distribution weights.
+ type: object
+ type: object
+ type: array
+ enabled:
+ description: enable locality load balancing,
+ this is DestinationRule-level and will override
+ mesh wide settings in entirety.
+ nullable: true
+ type: boolean
+ failover:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating region.
+ type: string
+ to:
+ type: string
+ type: object
+ type: array
+ failoverPriority:
+ description: failoverPriority is an ordered
+ list of labels used to sort endpoints to
+ do priority based load balancing.
+ items:
+ type: string
+ type: array
+ type: object
+ simple:
+ enum:
+ - UNSPECIFIED
+ - LEAST_CONN
+ - RANDOM
+ - PASSTHROUGH
+ - ROUND_ROBIN
+ - LEAST_REQUEST
+ type: string
+ warmupDurationSecs:
+ description: Represents the warmup duration of
+ Service.
+ type: string
+ type: object
+ outlierDetection:
+ properties:
+ baseEjectionTime:
+ description: Minimum ejection duration.
+ type: string
+ consecutive5xxErrors:
+ description: Number of 5xx errors before a host
+ is ejected from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveErrors:
+ format: int32
+ type: integer
+ consecutiveGatewayErrors:
+ description: Number of gateway errors before a
+ host is ejected from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveLocalOriginFailures:
+ nullable: true
+ type: integer
+ interval:
+ description: Time interval between ejection sweep
+ analysis.
+ type: string
+ maxEjectionPercent:
+ format: int32
+ type: integer
+ minHealthPercent:
+ format: int32
+ type: integer
+ splitExternalLocalOriginErrors:
+ description: Determines whether to distinguish
+ local origin failures from external errors.
+ type: boolean
+ type: object
+ port:
+ properties:
+ number:
+ type: integer
+ type: object
+ tls:
+ description: TLS related settings for connections
+ to the upstream service.
+ properties:
+ caCertificates:
+ type: string
+ clientCertificate:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ credentialName:
+ type: string
+ insecureSkipVerify:
+ nullable: true
+ type: boolean
+ mode:
+ enum:
+ - DISABLE
+ - SIMPLE
+ - MUTUAL
+ - ISTIO_MUTUAL
+ type: string
+ privateKey:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ sni:
+ description: SNI string to present to the server
+ during TLS handshake.
+ type: string
+ subjectAltNames:
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ type: array
+ tls:
+ description: TLS related settings for connections to the
+ upstream service.
+ properties:
+ caCertificates:
+ type: string
+ clientCertificate:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ credentialName:
+ type: string
+ insecureSkipVerify:
+ nullable: true
+ type: boolean
+ mode:
+ enum:
+ - DISABLE
+ - SIMPLE
+ - MUTUAL
+ - ISTIO_MUTUAL
+ type: string
+ privateKey:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ sni:
+ description: SNI string to present to the server during
+ TLS handshake.
+ type: string
+ subjectAltNames:
+ items:
+ type: string
+ type: array
+ type: object
+ tunnel:
+ properties:
+ protocol:
+ description: Specifies which protocol to use for tunneling
+ the downstream connection.
+ type: string
+ targetHost:
+ description: Specifies a host to which the downstream
+ connection is tunneled.
+ type: string
+ targetPort:
+ description: Specifies a port to which the downstream
+ connection is tunneled.
+ type: integer
+ type: object
+ type: object
+ type: object
+ type: array
+ trafficPolicy:
+ properties:
+ connectionPool:
+ properties:
+ http:
+ description: HTTP connection pool settings.
+ properties:
+ h2UpgradePolicy:
+ description: Specify if http1.1 connection should be upgraded
+ to http2 for the associated destination.
+ enum:
+ - DEFAULT
+ - DO_NOT_UPGRADE
+ - UPGRADE
+ type: string
+ http1MaxPendingRequests:
+ format: int32
+ type: integer
+ http2MaxRequests:
+ description: Maximum number of active requests to a destination.
+ format: int32
+ type: integer
+ idleTimeout:
+ description: The idle timeout for upstream connection
+ pool connections.
+ type: string
+ maxRequestsPerConnection:
+ description: Maximum number of requests per connection
+ to a backend.
+ format: int32
+ type: integer
+ maxRetries:
+ format: int32
+ type: integer
+ useClientProtocol:
+ description: If set to true, client protocol will be preserved
+ while initiating connection to backend.
+ type: boolean
+ type: object
+ tcp:
+ description: Settings common to both HTTP and TCP upstream
+ connections.
+ properties:
+ connectTimeout:
+ description: TCP connection timeout.
+ type: string
+ maxConnectionDuration:
+ description: The maximum duration of a connection.
+ type: string
+ maxConnections:
+ description: Maximum number of HTTP1 /TCP connections
+ to a destination host.
+ format: int32
+ type: integer
+ tcpKeepalive:
+ description: If set then set SO_KEEPALIVE on the socket
+ to enable TCP Keepalives.
+ properties:
+ interval:
+ description: The time duration between keep-alive
+ probes.
+ type: string
+ probes:
+ type: integer
+ time:
+ type: string
+ type: object
+ type: object
+ type: object
+ loadBalancer:
+ description: Settings controlling the load balancer algorithms.
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ properties:
+ consistentHash:
+ properties:
+ httpCookie:
+ description: Hash based on HTTP cookie.
+ properties:
+ name:
+ description: Name of the cookie.
+ type: string
+ path:
+ description: Path to set for the cookie.
+ type: string
+ ttl:
+ description: Lifetime of the cookie.
+ type: string
+ type: object
+ httpHeaderName:
+ description: Hash based on a specific HTTP header.
+ type: string
+ httpQueryParameterName:
+ description: Hash based on a specific HTTP query parameter.
+ type: string
+ maglev:
+ description: The Maglev load balancer implements consistent
+ hashing to backend hosts.
+ properties:
+ tableSize:
+ description: The table size for Maglev hashing.
+ type: integer
+ type: object
+ minimumRingSize:
+ description: Deprecated.
+ type: integer
+ ringHash:
+ description: The ring/modulo hash load balancer implements
+ consistent hashing to backend hosts.
+ properties:
+ minimumRingSize:
+ type: integer
+ type: object
+ useSourceIp:
+ description: Hash based on the source IP address.
+ type: boolean
+ type: object
+ localityLbSetting:
+ properties:
+ distribute:
+ description: 'Optional: only one of distribute, failover
+ or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating locality, '/' separated,
+ e.g.
+ type: string
+ to:
+ additionalProperties:
+ type: integer
+ description: Map of upstream localities to traffic
+ distribution weights.
+ type: object
+ type: object
+ type: array
+ enabled:
+ description: enable locality load balancing, this is DestinationRule-level
+ and will override mesh wide settings in entirety.
+ nullable: true
+ type: boolean
+ failover:
+ description: 'Optional: only one of distribute, failover
+ or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating region.
+ type: string
+ to:
+ type: string
+ type: object
+ type: array
+ failoverPriority:
+ description: failoverPriority is an ordered list of labels
+ used to sort endpoints to do priority based load balancing.
+ items:
+ type: string
+ type: array
+ type: object
+ simple:
+ enum:
+ - UNSPECIFIED
+ - LEAST_CONN
+ - RANDOM
+ - PASSTHROUGH
+ - ROUND_ROBIN
+ - LEAST_REQUEST
+ type: string
+ warmupDurationSecs:
+ description: Represents the warmup duration of Service.
+ type: string
+ type: object
+ outlierDetection:
+ properties:
+ baseEjectionTime:
+ description: Minimum ejection duration.
+ type: string
+ consecutive5xxErrors:
+ description: Number of 5xx errors before a host is ejected
+ from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveErrors:
+ format: int32
+ type: integer
+ consecutiveGatewayErrors:
+ description: Number of gateway errors before a host is ejected
+ from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveLocalOriginFailures:
+ nullable: true
+ type: integer
+ interval:
+ description: Time interval between ejection sweep analysis.
+ type: string
+ maxEjectionPercent:
+ format: int32
+ type: integer
+ minHealthPercent:
+ format: int32
+ type: integer
+ splitExternalLocalOriginErrors:
+ description: Determines whether to distinguish local origin
+ failures from external errors.
+ type: boolean
+ type: object
+ portLevelSettings:
+ description: Traffic policies specific to individual ports.
+ items:
+ properties:
+ connectionPool:
+ properties:
+ http:
+ description: HTTP connection pool settings.
+ properties:
+ h2UpgradePolicy:
+ description: Specify if http1.1 connection should
+ be upgraded to http2 for the associated destination.
+ enum:
+ - DEFAULT
+ - DO_NOT_UPGRADE
+ - UPGRADE
+ type: string
+ http1MaxPendingRequests:
+ format: int32
+ type: integer
+ http2MaxRequests:
+ description: Maximum number of active requests to
+ a destination.
+ format: int32
+ type: integer
+ idleTimeout:
+ description: The idle timeout for upstream connection
+ pool connections.
+ type: string
+ maxRequestsPerConnection:
+ description: Maximum number of requests per connection
+ to a backend.
+ format: int32
+ type: integer
+ maxRetries:
+ format: int32
+ type: integer
+ useClientProtocol:
+ description: If set to true, client protocol will
+ be preserved while initiating connection to backend.
+ type: boolean
+ type: object
+ tcp:
+ description: Settings common to both HTTP and TCP upstream
+ connections.
+ properties:
+ connectTimeout:
+ description: TCP connection timeout.
+ type: string
+ maxConnectionDuration:
+ description: The maximum duration of a connection.
+ type: string
+ maxConnections:
+ description: Maximum number of HTTP1 /TCP connections
+ to a destination host.
+ format: int32
+ type: integer
+ tcpKeepalive:
+ description: If set then set SO_KEEPALIVE on the
+ socket to enable TCP Keepalives.
+ properties:
+ interval:
+ description: The time duration between keep-alive
+ probes.
+ type: string
+ probes:
+ type: integer
+ time:
+ type: string
+ type: object
+ type: object
+ type: object
+ loadBalancer:
+ description: Settings controlling the load balancer algorithms.
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ properties:
+ consistentHash:
+ properties:
+ httpCookie:
+ description: Hash based on HTTP cookie.
+ properties:
+ name:
+ description: Name of the cookie.
+ type: string
+ path:
+ description: Path to set for the cookie.
+ type: string
+ ttl:
+ description: Lifetime of the cookie.
+ type: string
+ type: object
+ httpHeaderName:
+ description: Hash based on a specific HTTP header.
+ type: string
+ httpQueryParameterName:
+ description: Hash based on a specific HTTP query
+ parameter.
+ type: string
+ maglev:
+ description: The Maglev load balancer implements
+ consistent hashing to backend hosts.
+ properties:
+ tableSize:
+ description: The table size for Maglev hashing.
+ type: integer
+ type: object
+ minimumRingSize:
+ description: Deprecated.
+ type: integer
+ ringHash:
+ description: The ring/modulo hash load balancer
+ implements consistent hashing to backend hosts.
+ properties:
+ minimumRingSize:
+ type: integer
+ type: object
+ useSourceIp:
+ description: Hash based on the source IP address.
+ type: boolean
+ type: object
+ localityLbSetting:
+ properties:
+ distribute:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating locality, '/' separated,
+ e.g.
+ type: string
+ to:
+ additionalProperties:
+ type: integer
+ description: Map of upstream localities to
+ traffic distribution weights.
+ type: object
+ type: object
+ type: array
+ enabled:
+ description: enable locality load balancing, this
+ is DestinationRule-level and will override mesh
+ wide settings in entirety.
+ nullable: true
+ type: boolean
+ failover:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating region.
+ type: string
+ to:
+ type: string
+ type: object
+ type: array
+ failoverPriority:
+ description: failoverPriority is an ordered list
+ of labels used to sort endpoints to do priority
+ based load balancing.
+ items:
+ type: string
+ type: array
+ type: object
+ simple:
+ enum:
+ - UNSPECIFIED
+ - LEAST_CONN
+ - RANDOM
+ - PASSTHROUGH
+ - ROUND_ROBIN
+ - LEAST_REQUEST
+ type: string
+ warmupDurationSecs:
+ description: Represents the warmup duration of Service.
+ type: string
+ type: object
+ outlierDetection:
+ properties:
+ baseEjectionTime:
+ description: Minimum ejection duration.
+ type: string
+ consecutive5xxErrors:
+ description: Number of 5xx errors before a host is ejected
+ from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveErrors:
+ format: int32
+ type: integer
+ consecutiveGatewayErrors:
+ description: Number of gateway errors before a host
+ is ejected from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveLocalOriginFailures:
+ nullable: true
+ type: integer
+ interval:
+ description: Time interval between ejection sweep analysis.
+ type: string
+ maxEjectionPercent:
+ format: int32
+ type: integer
+ minHealthPercent:
+ format: int32
+ type: integer
+ splitExternalLocalOriginErrors:
+ description: Determines whether to distinguish local
+ origin failures from external errors.
+ type: boolean
+ type: object
+ port:
+ properties:
+ number:
+ type: integer
+ type: object
+ tls:
+ description: TLS related settings for connections to the
+ upstream service.
+ properties:
+ caCertificates:
+ type: string
+ clientCertificate:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ credentialName:
+ type: string
+ insecureSkipVerify:
+ nullable: true
+ type: boolean
+ mode:
+ enum:
+ - DISABLE
+ - SIMPLE
+ - MUTUAL
+ - ISTIO_MUTUAL
+ type: string
+ privateKey:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ sni:
+ description: SNI string to present to the server during
+ TLS handshake.
+ type: string
+ subjectAltNames:
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ type: array
+ tls:
+ description: TLS related settings for connections to the upstream
+ service.
+ properties:
+ caCertificates:
+ type: string
+ clientCertificate:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ credentialName:
+ type: string
+ insecureSkipVerify:
+ nullable: true
+ type: boolean
+ mode:
+ enum:
+ - DISABLE
+ - SIMPLE
+ - MUTUAL
+ - ISTIO_MUTUAL
+ type: string
+ privateKey:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ sni:
+ description: SNI string to present to the server during TLS
+ handshake.
+ type: string
+ subjectAltNames:
+ items:
+ type: string
+ type: array
+ type: object
+ tunnel:
+ properties:
+ protocol:
+ description: Specifies which protocol to use for tunneling
+ the downstream connection.
+ type: string
+ targetHost:
+ description: Specifies a host to which the downstream connection
+ is tunneled.
+ type: string
+ targetPort:
+ description: Specifies a port to which the downstream connection
+ is tunneled.
+ type: integer
+ type: object
+ type: object
+ workloadSelector:
+ properties:
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ type: object
+ status:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+ - additionalPrinterColumns:
+ - description: The name of a service from the service registry
+ jsonPath: .spec.host
+ name: Host
+ type: string
+ - description: 'CreationTimestamp is a timestamp representing the server time
+ when this object was created. It is not guaranteed to be set in happens-before
+ order across separate operations. Clients may not set this value. It is represented
+ in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for
+ lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata'
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ description: 'Configuration affecting load balancing, outlier detection,
+ etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html'
+ properties:
+ exportTo:
+ description: A list of namespaces to which this destination rule is
+ exported.
+ items:
+ type: string
+ type: array
+ host:
+ description: The name of a service from the service registry.
+ type: string
+ subsets:
+ items:
+ properties:
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ name:
+ description: Name of the subset.
+ type: string
+ trafficPolicy:
+ description: Traffic policies that apply to this subset.
+ properties:
+ connectionPool:
+ properties:
+ http:
+ description: HTTP connection pool settings.
+ properties:
+ h2UpgradePolicy:
+ description: Specify if http1.1 connection should
+ be upgraded to http2 for the associated destination.
+ enum:
+ - DEFAULT
+ - DO_NOT_UPGRADE
+ - UPGRADE
+ type: string
+ http1MaxPendingRequests:
+ format: int32
+ type: integer
+ http2MaxRequests:
+ description: Maximum number of active requests to
+ a destination.
+ format: int32
+ type: integer
+ idleTimeout:
+ description: The idle timeout for upstream connection
+ pool connections.
+ type: string
+ maxRequestsPerConnection:
+ description: Maximum number of requests per connection
+ to a backend.
+ format: int32
+ type: integer
+ maxRetries:
+ format: int32
+ type: integer
+ useClientProtocol:
+ description: If set to true, client protocol will
+ be preserved while initiating connection to backend.
+ type: boolean
+ type: object
+ tcp:
+ description: Settings common to both HTTP and TCP upstream
+ connections.
+ properties:
+ connectTimeout:
+ description: TCP connection timeout.
+ type: string
+ maxConnectionDuration:
+ description: The maximum duration of a connection.
+ type: string
+ maxConnections:
+ description: Maximum number of HTTP1 /TCP connections
+ to a destination host.
+ format: int32
+ type: integer
+ tcpKeepalive:
+ description: If set then set SO_KEEPALIVE on the
+ socket to enable TCP Keepalives.
+ properties:
+ interval:
+ description: The time duration between keep-alive
+ probes.
+ type: string
+ probes:
+ type: integer
+ time:
+ type: string
+ type: object
+ type: object
+ type: object
+ loadBalancer:
+ description: Settings controlling the load balancer algorithms.
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ properties:
+ consistentHash:
+ properties:
+ httpCookie:
+ description: Hash based on HTTP cookie.
+ properties:
+ name:
+ description: Name of the cookie.
+ type: string
+ path:
+ description: Path to set for the cookie.
+ type: string
+ ttl:
+ description: Lifetime of the cookie.
+ type: string
+ type: object
+ httpHeaderName:
+ description: Hash based on a specific HTTP header.
+ type: string
+ httpQueryParameterName:
+ description: Hash based on a specific HTTP query
+ parameter.
+ type: string
+ maglev:
+ description: The Maglev load balancer implements
+ consistent hashing to backend hosts.
+ properties:
+ tableSize:
+ description: The table size for Maglev hashing.
+ type: integer
+ type: object
+ minimumRingSize:
+ description: Deprecated.
+ type: integer
+ ringHash:
+ description: The ring/modulo hash load balancer
+ implements consistent hashing to backend hosts.
+ properties:
+ minimumRingSize:
+ type: integer
+ type: object
+ useSourceIp:
+ description: Hash based on the source IP address.
+ type: boolean
+ type: object
+ localityLbSetting:
+ properties:
+ distribute:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating locality, '/' separated,
+ e.g.
+ type: string
+ to:
+ additionalProperties:
+ type: integer
+ description: Map of upstream localities to
+ traffic distribution weights.
+ type: object
+ type: object
+ type: array
+ enabled:
+ description: enable locality load balancing, this
+ is DestinationRule-level and will override mesh
+ wide settings in entirety.
+ nullable: true
+ type: boolean
+ failover:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating region.
+ type: string
+ to:
+ type: string
+ type: object
+ type: array
+ failoverPriority:
+ description: failoverPriority is an ordered list
+ of labels used to sort endpoints to do priority
+ based load balancing.
+ items:
+ type: string
+ type: array
+ type: object
+ simple:
+ enum:
+ - UNSPECIFIED
+ - LEAST_CONN
+ - RANDOM
+ - PASSTHROUGH
+ - ROUND_ROBIN
+ - LEAST_REQUEST
+ type: string
+ warmupDurationSecs:
+ description: Represents the warmup duration of Service.
+ type: string
+ type: object
+ outlierDetection:
+ properties:
+ baseEjectionTime:
+ description: Minimum ejection duration.
+ type: string
+ consecutive5xxErrors:
+ description: Number of 5xx errors before a host is ejected
+ from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveErrors:
+ format: int32
+ type: integer
+ consecutiveGatewayErrors:
+ description: Number of gateway errors before a host
+ is ejected from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveLocalOriginFailures:
+ nullable: true
+ type: integer
+ interval:
+ description: Time interval between ejection sweep analysis.
+ type: string
+ maxEjectionPercent:
+ format: int32
+ type: integer
+ minHealthPercent:
+ format: int32
+ type: integer
+ splitExternalLocalOriginErrors:
+ description: Determines whether to distinguish local
+ origin failures from external errors.
+ type: boolean
+ type: object
+ portLevelSettings:
+ description: Traffic policies specific to individual ports.
+ items:
+ properties:
+ connectionPool:
+ properties:
+ http:
+ description: HTTP connection pool settings.
+ properties:
+ h2UpgradePolicy:
+ description: Specify if http1.1 connection
+ should be upgraded to http2 for the associated
+ destination.
+ enum:
+ - DEFAULT
+ - DO_NOT_UPGRADE
+ - UPGRADE
+ type: string
+ http1MaxPendingRequests:
+ format: int32
+ type: integer
+ http2MaxRequests:
+ description: Maximum number of active requests
+ to a destination.
+ format: int32
+ type: integer
+ idleTimeout:
+ description: The idle timeout for upstream
+ connection pool connections.
+ type: string
+ maxRequestsPerConnection:
+ description: Maximum number of requests per
+ connection to a backend.
+ format: int32
+ type: integer
+ maxRetries:
+ format: int32
+ type: integer
+ useClientProtocol:
+ description: If set to true, client protocol
+ will be preserved while initiating connection
+ to backend.
+ type: boolean
+ type: object
+ tcp:
+ description: Settings common to both HTTP and
+ TCP upstream connections.
+ properties:
+ connectTimeout:
+ description: TCP connection timeout.
+ type: string
+ maxConnectionDuration:
+ description: The maximum duration of a connection.
+ type: string
+ maxConnections:
+ description: Maximum number of HTTP1 /TCP
+ connections to a destination host.
+ format: int32
+ type: integer
+ tcpKeepalive:
+ description: If set then set SO_KEEPALIVE
+ on the socket to enable TCP Keepalives.
+ properties:
+ interval:
+ description: The time duration between
+ keep-alive probes.
+ type: string
+ probes:
+ type: integer
+ time:
+ type: string
+ type: object
+ type: object
+ type: object
+ loadBalancer:
+ description: Settings controlling the load balancer
+ algorithms.
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ properties:
+ consistentHash:
+ properties:
+ httpCookie:
+ description: Hash based on HTTP cookie.
+ properties:
+ name:
+ description: Name of the cookie.
+ type: string
+ path:
+ description: Path to set for the cookie.
+ type: string
+ ttl:
+ description: Lifetime of the cookie.
+ type: string
+ type: object
+ httpHeaderName:
+ description: Hash based on a specific HTTP
+ header.
+ type: string
+ httpQueryParameterName:
+ description: Hash based on a specific HTTP
+ query parameter.
+ type: string
+ maglev:
+ description: The Maglev load balancer implements
+ consistent hashing to backend hosts.
+ properties:
+ tableSize:
+ description: The table size for Maglev
+ hashing.
+ type: integer
+ type: object
+ minimumRingSize:
+ description: Deprecated.
+ type: integer
+ ringHash:
+ description: The ring/modulo hash load balancer
+ implements consistent hashing to backend
+ hosts.
+ properties:
+ minimumRingSize:
+ type: integer
+ type: object
+ useSourceIp:
+ description: Hash based on the source IP address.
+ type: boolean
+ type: object
+ localityLbSetting:
+ properties:
+ distribute:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating locality, '/'
+ separated, e.g.
+ type: string
+ to:
+ additionalProperties:
+ type: integer
+ description: Map of upstream localities
+ to traffic distribution weights.
+ type: object
+ type: object
+ type: array
+ enabled:
+ description: enable locality load balancing,
+ this is DestinationRule-level and will override
+ mesh wide settings in entirety.
+ nullable: true
+ type: boolean
+ failover:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating region.
+ type: string
+ to:
+ type: string
+ type: object
+ type: array
+ failoverPriority:
+ description: failoverPriority is an ordered
+ list of labels used to sort endpoints to
+ do priority based load balancing.
+ items:
+ type: string
+ type: array
+ type: object
+ simple:
+ enum:
+ - UNSPECIFIED
+ - LEAST_CONN
+ - RANDOM
+ - PASSTHROUGH
+ - ROUND_ROBIN
+ - LEAST_REQUEST
+ type: string
+ warmupDurationSecs:
+ description: Represents the warmup duration of
+ Service.
+ type: string
+ type: object
+ outlierDetection:
+ properties:
+ baseEjectionTime:
+ description: Minimum ejection duration.
+ type: string
+ consecutive5xxErrors:
+ description: Number of 5xx errors before a host
+ is ejected from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveErrors:
+ format: int32
+ type: integer
+ consecutiveGatewayErrors:
+ description: Number of gateway errors before a
+ host is ejected from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveLocalOriginFailures:
+ nullable: true
+ type: integer
+ interval:
+ description: Time interval between ejection sweep
+ analysis.
+ type: string
+ maxEjectionPercent:
+ format: int32
+ type: integer
+ minHealthPercent:
+ format: int32
+ type: integer
+ splitExternalLocalOriginErrors:
+ description: Determines whether to distinguish
+ local origin failures from external errors.
+ type: boolean
+ type: object
+ port:
+ properties:
+ number:
+ type: integer
+ type: object
+ tls:
+ description: TLS related settings for connections
+ to the upstream service.
+ properties:
+ caCertificates:
+ type: string
+ clientCertificate:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ credentialName:
+ type: string
+ insecureSkipVerify:
+ nullable: true
+ type: boolean
+ mode:
+ enum:
+ - DISABLE
+ - SIMPLE
+ - MUTUAL
+ - ISTIO_MUTUAL
+ type: string
+ privateKey:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ sni:
+ description: SNI string to present to the server
+ during TLS handshake.
+ type: string
+ subjectAltNames:
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ type: array
+ tls:
+ description: TLS related settings for connections to the
+ upstream service.
+ properties:
+ caCertificates:
+ type: string
+ clientCertificate:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ credentialName:
+ type: string
+ insecureSkipVerify:
+ nullable: true
+ type: boolean
+ mode:
+ enum:
+ - DISABLE
+ - SIMPLE
+ - MUTUAL
+ - ISTIO_MUTUAL
+ type: string
+ privateKey:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ sni:
+ description: SNI string to present to the server during
+ TLS handshake.
+ type: string
+ subjectAltNames:
+ items:
+ type: string
+ type: array
+ type: object
+ tunnel:
+ properties:
+ protocol:
+ description: Specifies which protocol to use for tunneling
+ the downstream connection.
+ type: string
+ targetHost:
+ description: Specifies a host to which the downstream
+ connection is tunneled.
+ type: string
+ targetPort:
+ description: Specifies a port to which the downstream
+ connection is tunneled.
+ type: integer
+ type: object
+ type: object
+ type: object
+ type: array
+ trafficPolicy:
+ properties:
+ connectionPool:
+ properties:
+ http:
+ description: HTTP connection pool settings.
+ properties:
+ h2UpgradePolicy:
+ description: Specify if http1.1 connection should be upgraded
+ to http2 for the associated destination.
+ enum:
+ - DEFAULT
+ - DO_NOT_UPGRADE
+ - UPGRADE
+ type: string
+ http1MaxPendingRequests:
+ format: int32
+ type: integer
+ http2MaxRequests:
+ description: Maximum number of active requests to a destination.
+ format: int32
+ type: integer
+ idleTimeout:
+ description: The idle timeout for upstream connection
+ pool connections.
+ type: string
+ maxRequestsPerConnection:
+ description: Maximum number of requests per connection
+ to a backend.
+ format: int32
+ type: integer
+ maxRetries:
+ format: int32
+ type: integer
+ useClientProtocol:
+ description: If set to true, client protocol will be preserved
+ while initiating connection to backend.
+ type: boolean
+ type: object
+ tcp:
+ description: Settings common to both HTTP and TCP upstream
+ connections.
+ properties:
+ connectTimeout:
+ description: TCP connection timeout.
+ type: string
+ maxConnectionDuration:
+ description: The maximum duration of a connection.
+ type: string
+ maxConnections:
+ description: Maximum number of HTTP1 /TCP connections
+ to a destination host.
+ format: int32
+ type: integer
+ tcpKeepalive:
+ description: If set then set SO_KEEPALIVE on the socket
+ to enable TCP Keepalives.
+ properties:
+ interval:
+ description: The time duration between keep-alive
+ probes.
+ type: string
+ probes:
+ type: integer
+ time:
+ type: string
+ type: object
+ type: object
+ type: object
+ loadBalancer:
+ description: Settings controlling the load balancer algorithms.
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ properties:
+ consistentHash:
+ properties:
+ httpCookie:
+ description: Hash based on HTTP cookie.
+ properties:
+ name:
+ description: Name of the cookie.
+ type: string
+ path:
+ description: Path to set for the cookie.
+ type: string
+ ttl:
+ description: Lifetime of the cookie.
+ type: string
+ type: object
+ httpHeaderName:
+ description: Hash based on a specific HTTP header.
+ type: string
+ httpQueryParameterName:
+ description: Hash based on a specific HTTP query parameter.
+ type: string
+ maglev:
+ description: The Maglev load balancer implements consistent
+ hashing to backend hosts.
+ properties:
+ tableSize:
+ description: The table size for Maglev hashing.
+ type: integer
+ type: object
+ minimumRingSize:
+ description: Deprecated.
+ type: integer
+ ringHash:
+ description: The ring/modulo hash load balancer implements
+ consistent hashing to backend hosts.
+ properties:
+ minimumRingSize:
+ type: integer
+ type: object
+ useSourceIp:
+ description: Hash based on the source IP address.
+ type: boolean
+ type: object
+ localityLbSetting:
+ properties:
+ distribute:
+ description: 'Optional: only one of distribute, failover
+ or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating locality, '/' separated,
+ e.g.
+ type: string
+ to:
+ additionalProperties:
+ type: integer
+ description: Map of upstream localities to traffic
+ distribution weights.
+ type: object
+ type: object
+ type: array
+ enabled:
+ description: enable locality load balancing, this is DestinationRule-level
+ and will override mesh wide settings in entirety.
+ nullable: true
+ type: boolean
+ failover:
+ description: 'Optional: only one of distribute, failover
+ or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating region.
+ type: string
+ to:
+ type: string
+ type: object
+ type: array
+ failoverPriority:
+ description: failoverPriority is an ordered list of labels
+ used to sort endpoints to do priority based load balancing.
+ items:
+ type: string
+ type: array
+ type: object
+ simple:
+ enum:
+ - UNSPECIFIED
+ - LEAST_CONN
+ - RANDOM
+ - PASSTHROUGH
+ - ROUND_ROBIN
+ - LEAST_REQUEST
+ type: string
+ warmupDurationSecs:
+ description: Represents the warmup duration of Service.
+ type: string
+ type: object
+ outlierDetection:
+ properties:
+ baseEjectionTime:
+ description: Minimum ejection duration.
+ type: string
+ consecutive5xxErrors:
+ description: Number of 5xx errors before a host is ejected
+ from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveErrors:
+ format: int32
+ type: integer
+ consecutiveGatewayErrors:
+ description: Number of gateway errors before a host is ejected
+ from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveLocalOriginFailures:
+ nullable: true
+ type: integer
+ interval:
+ description: Time interval between ejection sweep analysis.
+ type: string
+ maxEjectionPercent:
+ format: int32
+ type: integer
+ minHealthPercent:
+ format: int32
+ type: integer
+ splitExternalLocalOriginErrors:
+ description: Determines whether to distinguish local origin
+ failures from external errors.
+ type: boolean
+ type: object
+ portLevelSettings:
+ description: Traffic policies specific to individual ports.
+ items:
+ properties:
+ connectionPool:
+ properties:
+ http:
+ description: HTTP connection pool settings.
+ properties:
+ h2UpgradePolicy:
+ description: Specify if http1.1 connection should
+ be upgraded to http2 for the associated destination.
+ enum:
+ - DEFAULT
+ - DO_NOT_UPGRADE
+ - UPGRADE
+ type: string
+ http1MaxPendingRequests:
+ format: int32
+ type: integer
+ http2MaxRequests:
+ description: Maximum number of active requests to
+ a destination.
+ format: int32
+ type: integer
+ idleTimeout:
+ description: The idle timeout for upstream connection
+ pool connections.
+ type: string
+ maxRequestsPerConnection:
+ description: Maximum number of requests per connection
+ to a backend.
+ format: int32
+ type: integer
+ maxRetries:
+ format: int32
+ type: integer
+ useClientProtocol:
+ description: If set to true, client protocol will
+ be preserved while initiating connection to backend.
+ type: boolean
+ type: object
+ tcp:
+ description: Settings common to both HTTP and TCP upstream
+ connections.
+ properties:
+ connectTimeout:
+ description: TCP connection timeout.
+ type: string
+ maxConnectionDuration:
+ description: The maximum duration of a connection.
+ type: string
+ maxConnections:
+ description: Maximum number of HTTP1 /TCP connections
+ to a destination host.
+ format: int32
+ type: integer
+ tcpKeepalive:
+ description: If set then set SO_KEEPALIVE on the
+ socket to enable TCP Keepalives.
+ properties:
+ interval:
+ description: The time duration between keep-alive
+ probes.
+ type: string
+ probes:
+ type: integer
+ time:
+ type: string
+ type: object
+ type: object
+ type: object
+ loadBalancer:
+ description: Settings controlling the load balancer algorithms.
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ - required:
+ - simple
+ - properties:
+ consistentHash:
+ allOf:
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - required:
+ - httpHeaderName
+ - required:
+ - httpCookie
+ - required:
+ - useSourceIp
+ - required:
+ - httpQueryParameterName
+ - oneOf:
+ - not:
+ anyOf:
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ - required:
+ - ringHash
+ - required:
+ - maglev
+ properties:
+ minimumRingSize: {}
+ required:
+ - consistentHash
+ properties:
+ consistentHash:
+ properties:
+ httpCookie:
+ description: Hash based on HTTP cookie.
+ properties:
+ name:
+ description: Name of the cookie.
+ type: string
+ path:
+ description: Path to set for the cookie.
+ type: string
+ ttl:
+ description: Lifetime of the cookie.
+ type: string
+ type: object
+ httpHeaderName:
+ description: Hash based on a specific HTTP header.
+ type: string
+ httpQueryParameterName:
+ description: Hash based on a specific HTTP query
+ parameter.
+ type: string
+ maglev:
+ description: The Maglev load balancer implements
+ consistent hashing to backend hosts.
+ properties:
+ tableSize:
+ description: The table size for Maglev hashing.
+ type: integer
+ type: object
+ minimumRingSize:
+ description: Deprecated.
+ type: integer
+ ringHash:
+ description: The ring/modulo hash load balancer
+ implements consistent hashing to backend hosts.
+ properties:
+ minimumRingSize:
+ type: integer
+ type: object
+ useSourceIp:
+ description: Hash based on the source IP address.
+ type: boolean
+ type: object
+ localityLbSetting:
+ properties:
+ distribute:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating locality, '/' separated,
+ e.g.
+ type: string
+ to:
+ additionalProperties:
+ type: integer
+ description: Map of upstream localities to
+ traffic distribution weights.
+ type: object
+ type: object
+ type: array
+ enabled:
+ description: enable locality load balancing, this
+ is DestinationRule-level and will override mesh
+ wide settings in entirety.
+ nullable: true
+ type: boolean
+ failover:
+ description: 'Optional: only one of distribute,
+ failover or failoverPriority can be set.'
+ items:
+ properties:
+ from:
+ description: Originating region.
+ type: string
+ to:
+ type: string
+ type: object
+ type: array
+ failoverPriority:
+ description: failoverPriority is an ordered list
+ of labels used to sort endpoints to do priority
+ based load balancing.
+ items:
+ type: string
+ type: array
+ type: object
+ simple:
+ enum:
+ - UNSPECIFIED
+ - LEAST_CONN
+ - RANDOM
+ - PASSTHROUGH
+ - ROUND_ROBIN
+ - LEAST_REQUEST
+ type: string
+ warmupDurationSecs:
+ description: Represents the warmup duration of Service.
+ type: string
+ type: object
+ outlierDetection:
+ properties:
+ baseEjectionTime:
+ description: Minimum ejection duration.
+ type: string
+ consecutive5xxErrors:
+ description: Number of 5xx errors before a host is ejected
+ from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveErrors:
+ format: int32
+ type: integer
+ consecutiveGatewayErrors:
+ description: Number of gateway errors before a host
+ is ejected from the connection pool.
+ nullable: true
+ type: integer
+ consecutiveLocalOriginFailures:
+ nullable: true
+ type: integer
+ interval:
+ description: Time interval between ejection sweep analysis.
+ type: string
+ maxEjectionPercent:
+ format: int32
+ type: integer
+ minHealthPercent:
+ format: int32
+ type: integer
+ splitExternalLocalOriginErrors:
+ description: Determines whether to distinguish local
+ origin failures from external errors.
+ type: boolean
+ type: object
+ port:
+ properties:
+ number:
+ type: integer
+ type: object
+ tls:
+ description: TLS related settings for connections to the
+ upstream service.
+ properties:
+ caCertificates:
+ type: string
+ clientCertificate:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ credentialName:
+ type: string
+ insecureSkipVerify:
+ nullable: true
+ type: boolean
+ mode:
+ enum:
+ - DISABLE
+ - SIMPLE
+ - MUTUAL
+ - ISTIO_MUTUAL
+ type: string
+ privateKey:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ sni:
+ description: SNI string to present to the server during
+ TLS handshake.
+ type: string
+ subjectAltNames:
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ type: array
+ tls:
+ description: TLS related settings for connections to the upstream
+ service.
+ properties:
+ caCertificates:
+ type: string
+ clientCertificate:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ credentialName:
+ type: string
+ insecureSkipVerify:
+ nullable: true
+ type: boolean
+ mode:
+ enum:
+ - DISABLE
+ - SIMPLE
+ - MUTUAL
+ - ISTIO_MUTUAL
+ type: string
+ privateKey:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ sni:
+ description: SNI string to present to the server during TLS
+ handshake.
+ type: string
+ subjectAltNames:
+ items:
+ type: string
+ type: array
+ type: object
+ tunnel:
+ properties:
+ protocol:
+ description: Specifies which protocol to use for tunneling
+ the downstream connection.
+ type: string
+ targetHost:
+ description: Specifies a host to which the downstream connection
+ is tunneled.
+ type: string
+ targetPort:
+ description: Specifies a port to which the downstream connection
+ is tunneled.
+ type: integer
+ type: object
+ type: object
+ workloadSelector:
+ properties:
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ type: object
+ status:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ served: true
+ storage: false
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app.kubernetes.io/name: knative-serving
+ app.kubernetes.io/version: 1.10.2
+ knative.dev/crd-install: "true"
+ name: domainmappings.serving.knative.dev
+spec:
+ group: serving.knative.dev
+ names:
+ categories:
+ - all
+ - knative
+ - serving
+ kind: DomainMapping
+ plural: domainmappings
+ shortNames:
+ - dm
+ singular: domainmapping
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.url
+ name: URL
+ type: string
+ - jsonPath: .status.conditions[?(@.type=='Ready')].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=='Ready')].reason
+ name: Reason
+ type: string
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: DomainMapping is a mapping from a custom hostname to an Addressable.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: 'Spec is the desired state of the DomainMapping. More info:
+ https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+ properties:
+ ref:
+ description: "Ref specifies the target of the Domain Mapping. \n The
+ object identified by the Ref must be an Addressable with a URL of
+ the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster
+ domain, and `{name}` and `{namespace}` are the name and namespace
+ of a Kubernetes Service. \n This contract is satisfied by Knative
+ types such as Knative Services and Knative Routes, and by Kubernetes
+ Services."
+ properties:
+ address:
+ description: Address points to a specific Address Name.
+ type: string
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ group:
+ description: 'Group of the API, without the version of the group.
+ This can be used as an alternative to the APIVersion, and then
+ resolved using ResolveGroup. Note: This API is EXPERIMENTAL
+ and might break anytime. For more details: https://github.com/knative/eventing/issues/5086'
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ This is optional field, it gets defaulted to the object holding
+ it if left out.'
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ tls:
+ description: TLS allows the DomainMapping to terminate TLS traffic
+ with an existing secret.
+ properties:
+ secretName:
+ description: SecretName is the name of the existing secret used
+ to terminate TLS traffic.
+ type: string
+ required:
+ - secretName
+ type: object
+ required:
+ - ref
+ type: object
+ status:
+ description: 'Status is the current state of the DomainMapping. More info:
+ https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+ properties:
+ address:
+ description: Address holds the information needed for a DomainMapping
+ to be the target of an event.
+ properties:
+ CACerts:
+ description: CACerts is the Certification Authority (CA) certificates
+ in PEM format according to https://www.rfc-editor.org/rfc/rfc7468.
+ type: string
+ name:
+ description: Name is the name of the address.
+ type: string
+ url:
+ type: string
+ type: object
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ description: 'Condition defines a readiness condition for a Knative
+ resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ url:
+ description: URL is the URL of this DomainMapping.
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: false
+ subresources:
+ status: {}
+ - additionalPrinterColumns:
+ - jsonPath: .status.url
+ name: URL
+ type: string
+ - jsonPath: .status.conditions[?(@.type=='Ready')].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=='Ready')].reason
+ name: Reason
+ type: string
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: DomainMapping is a mapping from a custom hostname to an Addressable.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: 'Spec is the desired state of the DomainMapping. More info:
+ https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+ properties:
+ ref:
+ description: "Ref specifies the target of the Domain Mapping. \n The
+ object identified by the Ref must be an Addressable with a URL of
+ the form `{name}.{namespace}.{domain}` where `{domain}` is the cluster
+ domain, and `{name}` and `{namespace}` are the name and namespace
+ of a Kubernetes Service. \n This contract is satisfied by Knative
+ types such as Knative Services and Knative Routes, and by Kubernetes
+ Services."
+ properties:
+ address:
+ description: Address points to a specific Address Name.
+ type: string
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ group:
+ description: 'Group of the API, without the version of the group.
+ This can be used as an alternative to the APIVersion, and then
+ resolved using ResolveGroup. Note: This API is EXPERIMENTAL
+ and might break anytime. For more details: https://github.com/knative/eventing/issues/5086'
+ type: string
+ kind:
+ description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ namespace:
+ description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+ This is optional field, it gets defaulted to the object holding
+ it if left out.'
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ tls:
+ description: TLS allows the DomainMapping to terminate TLS traffic
+ with an existing secret.
+ properties:
+ secretName:
+ description: SecretName is the name of the existing secret used
+ to terminate TLS traffic.
+ type: string
+ required:
+ - secretName
+ type: object
+ required:
+ - ref
+ type: object
+ status:
+ description: 'Status is the current state of the DomainMapping. More info:
+ https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+ properties:
+ address:
+ description: Address holds the information needed for a DomainMapping
+ to be the target of an event.
+ properties:
+ CACerts:
+ description: CACerts is the Certification Authority (CA) certificates
+ in PEM format according to https://www.rfc-editor.org/rfc/rfc7468.
+ type: string
+ name:
+ description: Name is the name of the address.
+ type: string
+ url:
+ type: string
+ type: object
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ description: 'Condition defines a readiness condition for a Knative
+ resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ url:
+ description: URL is the URL of this DomainMapping.
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ helm.sh/resource-policy: keep
+ labels:
+ app: istio-pilot
+ chart: istio
+ heritage: Tiller
+ release: istio
+ name: envoyfilters.networking.istio.io
+spec:
+ group: networking.istio.io
+ names:
+ categories:
+ - istio-io
+ - networking-istio-io
+ kind: EnvoyFilter
+ listKind: EnvoyFilterList
+ plural: envoyfilters
+ singular: envoyfilter
+ scope: Namespaced
+ versions:
+ - name: v1alpha3
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ description: 'Customizing Envoy configuration generated by Istio. See
+ more details at: https://istio.io/docs/reference/config/networking/envoy-filter.html'
+ properties:
+ configPatches:
+ description: One or more patches with match conditions.
+ items:
+ properties:
+ applyTo:
+ enum:
+ - INVALID
+ - LISTENER
+ - FILTER_CHAIN
+ - NETWORK_FILTER
+ - HTTP_FILTER
+ - ROUTE_CONFIGURATION
+ - VIRTUAL_HOST
+ - HTTP_ROUTE
+ - CLUSTER
+ - EXTENSION_CONFIG
+ - BOOTSTRAP
+ - LISTENER_FILTER
+ type: string
+ match:
+ description: Match on listener/route configuration/cluster.
+ oneOf:
+ - not:
+ anyOf:
+ - required:
+ - listener
+ - required:
+ - routeConfiguration
+ - required:
+ - cluster
+ - required:
+ - listener
+ - required:
+ - routeConfiguration
+ - required:
+ - cluster
+ properties:
+ cluster:
+ description: Match on envoy cluster attributes.
+ properties:
+ name:
+ description: The exact name of the cluster to match.
+ type: string
+ portNumber:
+ description: The service port for which this cluster
+ was generated.
+ type: integer
+ service:
+ description: The fully qualified service name for this
+ cluster.
+ type: string
+ subset:
+ description: The subset associated with the service.
+ type: string
+ type: object
+ context:
+ description: The specific config generation context to match
+ on.
+ enum:
+ - ANY
+ - SIDECAR_INBOUND
+ - SIDECAR_OUTBOUND
+ - GATEWAY
+ type: string
+ listener:
+ description: Match on envoy listener attributes.
+ properties:
+ filterChain:
+ description: Match a specific filter chain in a listener.
+ properties:
+ applicationProtocols:
+ description: Applies only to sidecars.
+ type: string
+ destinationPort:
+ description: The destination_port value used by
+ a filter chain's match condition.
+ type: integer
+ filter:
+ description: The name of a specific filter to apply
+ the patch to.
+ properties:
+ name:
+ description: The filter name to match on.
+ type: string
+ subFilter:
+ properties:
+ name:
+ description: The filter name to match on.
+ type: string
+ type: object
+ type: object
+ name:
+ description: The name assigned to the filter chain.
+ type: string
+ sni:
+ description: The SNI value used by a filter chain's
+ match condition.
+ type: string
+ transportProtocol:
+ description: Applies only to `SIDECAR_INBOUND` context.
+ type: string
+ type: object
+ listenerFilter:
+ description: Match a specific listener filter.
+ type: string
+ name:
+ description: Match a specific listener by its name.
+ type: string
+ portName:
+ type: string
+ portNumber:
+ type: integer
+ type: object
+ proxy:
+ description: Match on properties associated with a proxy.
+ properties:
+ metadata:
+ additionalProperties:
+ type: string
+ type: object
+ proxyVersion:
+ type: string
+ type: object
+ routeConfiguration:
+ description: Match on envoy HTTP route configuration attributes.
+ properties:
+ gateway:
+ type: string
+ name:
+ description: Route configuration name to match on.
+ type: string
+ portName:
+ description: Applicable only for GATEWAY context.
+ type: string
+ portNumber:
+ type: integer
+ vhost:
+ properties:
+ name:
+ type: string
+ route:
+ description: Match a specific route within the virtual
+ host.
+ properties:
+ action:
+ description: Match a route with specific action
+ type.
+ enum:
+ - ANY
+ - ROUTE
+ - REDIRECT
+ - DIRECT_RESPONSE
+ type: string
+ name:
+ type: string
+ type: object
+ type: object
+ type: object
+ type: object
+ patch:
+ description: The patch to apply along with the operation.
+ properties:
+ filterClass:
+ description: Determines the filter insertion order.
+ enum:
+ - UNSPECIFIED
+ - AUTHN
+ - AUTHZ
+ - STATS
+ type: string
+ operation:
+ description: Determines how the patch should be applied.
+ enum:
+ - INVALID
+ - MERGE
+ - ADD
+ - REMOVE
+ - INSERT_BEFORE
+ - INSERT_AFTER
+ - INSERT_FIRST
+ - REPLACE
+ type: string
+ value:
+ description: The JSON config of the object being patched.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ type: object
+ type: array
+ priority:
+ description: Priority defines the order in which patch sets are applied
+ within a context.
+ format: int32
+ type: integer
+ workloadSelector:
+ properties:
+ labels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ type: object
+ status:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app.kubernetes.io/component: knative-eventing
+ app.kubernetes.io/name: knative-eventing
+ app.kubernetes.io/version: 1.10.1
+ knative.dev/crd-install: "true"
+ kustomize.component: knative
+ name: eventtypes.eventing.knative.dev
+spec:
+ group: eventing.knative.dev
+ names:
+ categories:
+ - all
+ - knative
+ - eventing
+ kind: EventType
+ plural: eventtypes
+ singular: eventtype
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .spec.type
+ name: Type
+ type: string
+ - jsonPath: .spec.source
+ name: Source
+ type: string
+ - jsonPath: .spec.schema
+ name: Schema
+ type: string
+ - jsonPath: .spec.broker
+ name: Broker
+ type: string
+ - jsonPath: .spec.description
+ name: Description
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].reason
+ name: Reason
+ type: string
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ description: EventType represents a type of event that can be consumed from
+ a Broker.
+ properties:
+ spec:
+ description: Spec defines the desired state of the EventType.
+ properties:
+ broker:
+ type: string
+ description:
+ description: Description is an optional field used to describe the
+ EventType, in any meaningful way.
+ type: string
+ schema:
+ description: Schema is a URI, it represents the CloudEvents schemaurl
+ extension attribute. It may be a JSON schema, a protobuf schema,
+ etc. It is optional.
+ type: string
+ schemaData:
+ description: SchemaData allows the CloudEvents schema to be stored
+ directly in the EventType. Content is dependent on the encoding.
+ Optional attribute. The contents are not validated or manipulated
+ by the system.
+ type: string
+ source:
+ description: Source is a URI, it represents the CloudEvents source.
+ type: string
+ type:
+ description: Type represents the CloudEvents type. It is authoritative.
+ type: string
+ type: object
+ status:
+ description: Status represents the current state of the EventType. This
+ data may be out of date.
+ properties:
+ annotations:
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - type
+ - status
+ type: object
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ name: experiments.kubeflow.org
+spec:
+ group: kubeflow.org
+ names:
+ categories:
+ - all
+ - kubeflow
+ - katib
+ kind: Experiment
+ plural: experiments
+ singular: experiment
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.conditions[-1:].type
+ name: Type
+ type: string
+ - jsonPath: .status.conditions[-1:].status
+ name: Status
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ helm.sh/resource-policy: keep
+ labels:
+ app: istio-pilot
+ chart: istio
+ heritage: Tiller
+ release: istio
+ name: gateways.networking.istio.io
+spec:
+ group: networking.istio.io
+ names:
+ categories:
+ - istio-io
+ - networking-istio-io
+ kind: Gateway
+ listKind: GatewayList
+ plural: gateways
+ shortNames:
+ - gw
+ singular: gateway
+ scope: Namespaced
+ versions:
+ - name: v1alpha3
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ description: 'Configuration affecting edge load balancer. See more details
+ at: https://istio.io/docs/reference/config/networking/gateway.html'
+ properties:
+ selector:
+ additionalProperties:
+ type: string
+ type: object
+ servers:
+ description: A list of server specifications.
+ items:
+ properties:
+ bind:
+ type: string
+ defaultEndpoint:
+ type: string
+ hosts:
+ description: One or more hosts exposed by this gateway.
+ items:
+ type: string
+ type: array
+ name:
+ description: An optional name of the server, when set must be
+ unique across all servers.
+ type: string
+ port:
+ properties:
+ name:
+ description: Label assigned to the port.
+ type: string
+ number:
+ description: A valid non-negative integer port number.
+ type: integer
+ protocol:
+ description: The protocol exposed on the port.
+ type: string
+ targetPort:
+ type: integer
+ type: object
+ tls:
+ description: Set of TLS related options that govern the server's
+ behavior.
+ properties:
+ caCertificates:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ cipherSuites:
+ description: 'Optional: If specified, only support the specified
+ cipher list.'
+ items:
+ type: string
+ type: array
+ credentialName:
+ type: string
+ httpsRedirect:
+ type: boolean
+ maxProtocolVersion:
+ description: 'Optional: Maximum TLS protocol version.'
+ enum:
+ - TLS_AUTO
+ - TLSV1_0
+ - TLSV1_1
+ - TLSV1_2
+ - TLSV1_3
+ type: string
+ minProtocolVersion:
+ description: 'Optional: Minimum TLS protocol version.'
+ enum:
+ - TLS_AUTO
+ - TLSV1_0
+ - TLSV1_1
+ - TLSV1_2
+ - TLSV1_3
+ type: string
+ mode:
+ enum:
+ - PASSTHROUGH
+ - SIMPLE
+ - MUTUAL
+ - AUTO_PASSTHROUGH
+ - ISTIO_MUTUAL
+ type: string
+ privateKey:
+ description: REQUIRED if mode is `SIMPLE` or `MUTUAL`.
+ type: string
+ serverCertificate:
+ description: REQUIRED if mode is `SIMPLE` or `MUTUAL`.
+ type: string
+ subjectAltNames:
+ items:
+ type: string
+ type: array
+ verifyCertificateHash:
+ items:
+ type: string
+ type: array
+ verifyCertificateSpki:
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ type: array
+ type: object
+ status:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+ - name: v1beta1
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ description: 'Configuration affecting edge load balancer. See more details
+ at: https://istio.io/docs/reference/config/networking/gateway.html'
+ properties:
+ selector:
+ additionalProperties:
+ type: string
+ type: object
+ servers:
+ description: A list of server specifications.
+ items:
+ properties:
+ bind:
+ type: string
+ defaultEndpoint:
+ type: string
+ hosts:
+ description: One or more hosts exposed by this gateway.
+ items:
+ type: string
+ type: array
+ name:
+ description: An optional name of the server, when set must be
+ unique across all servers.
+ type: string
+ port:
+ properties:
+ name:
+ description: Label assigned to the port.
+ type: string
+ number:
+ description: A valid non-negative integer port number.
+ type: integer
+ protocol:
+ description: The protocol exposed on the port.
+ type: string
+ targetPort:
+ type: integer
+ type: object
+ tls:
+ description: Set of TLS related options that govern the server's
+ behavior.
+ properties:
+ caCertificates:
+ description: REQUIRED if mode is `MUTUAL`.
+ type: string
+ cipherSuites:
+ description: 'Optional: If specified, only support the specified
+ cipher list.'
+ items:
+ type: string
+ type: array
+ credentialName:
+ type: string
+ httpsRedirect:
+ type: boolean
+ maxProtocolVersion:
+ description: 'Optional: Maximum TLS protocol version.'
+ enum:
+ - TLS_AUTO
+ - TLSV1_0
+ - TLSV1_1
+ - TLSV1_2
+ - TLSV1_3
+ type: string
+ minProtocolVersion:
+ description: 'Optional: Minimum TLS protocol version.'
+ enum:
+ - TLS_AUTO
+ - TLSV1_0
+ - TLSV1_1
+ - TLSV1_2
+ - TLSV1_3
+ type: string
+ mode:
+ enum:
+ - PASSTHROUGH
+ - SIMPLE
+ - MUTUAL
+ - AUTO_PASSTHROUGH
+ - ISTIO_MUTUAL
+ type: string
+ privateKey:
+ description: REQUIRED if mode is `SIMPLE` or `MUTUAL`.
+ type: string
+ serverCertificate:
+ description: REQUIRED if mode is `SIMPLE` or `MUTUAL`.
+ type: string
+ subjectAltNames:
+ items:
+ type: string
+ type: array
+ verifyCertificateHash:
+ items:
+ type: string
+ type: array
+ verifyCertificateSpki:
+ items:
+ type: string
+ type: array
+ type: object
+ type: object
+ type: array
+ type: object
+ status:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ served: true
+ storage: false
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app.kubernetes.io/name: knative-serving
+ app.kubernetes.io/version: 1.10.2
+ knative.dev/crd-install: "true"
+ name: images.caching.internal.knative.dev
+spec:
+ group: caching.internal.knative.dev
+ names:
+ categories:
+ - knative-internal
+ - caching
+ kind: Image
+ plural: images
+ singular: image
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .spec.image
+ name: Image
+ type: string
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: Image is a Knative abstraction that encapsulates the interface
+ by which Knative components express a desire to have a particular image
+ cached.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: Spec holds the desired state of the Image (from the client).
+ properties:
+ image:
+ description: Image is the name of the container image url to cache
+ across the cluster.
+ type: string
+ imagePullSecrets:
+ description: ImagePullSecrets contains the names of the Kubernetes
+ Secrets containing login information used by the Pods which will
+ run this container.
+ items:
+ description: LocalObjectReference contains enough information to
+ let you locate the referenced object inside the same namespace.
+ properties:
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ serviceAccountName:
+ description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount
+ as which the Pods will run this container. This is potentially
+ used to authenticate the image pull if the service account has attached
+ pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account'
+ type: string
+ required:
+ - image
+ type: object
+ status:
+ description: Status communicates the observed state of the Image (from
+ the controller).
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ description: 'Condition defines a readiness condition for a Knative
+ resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.4.0
+ creationTimestamp: null
+ labels:
+ app: kserve
+ app.kubernetes.io/name: kserve
+ name: inferencegraphs.serving.kserve.io
+spec:
+ group: serving.kserve.io
+ names:
+ kind: InferenceGraph
+ listKind: InferenceGraphList
+ plural: inferencegraphs
+ shortNames:
+ - ig
+ singular: inferencegraph
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.url
+ name: URL
+ type: string
+ - jsonPath: .status.conditions[?(@.type=='Ready')].status
+ name: Ready
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ nodes:
+ additionalProperties:
+ properties:
+ routerType:
+ enum:
+ - Sequence
+ - Splitter
+ - Ensemble
+ - Switch
+ type: string
+ steps:
+ items:
+ properties:
+ condition:
+ type: string
+ data:
+ type: string
+ name:
+ type: string
+ nodeName:
+ type: string
+ serviceName:
+ type: string
+ serviceUrl:
+ type: string
+ weight:
+ format: int64
+ type: integer
+ type: object
+ type: array
+ required:
+ - routerType
+ type: object
+ type: object
+ required:
+ - nodes
+ type: object
+ status:
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ conditions:
+ items:
+ properties:
+ lastTransitionTime:
+ type: string
+ message:
+ type: string
+ reason:
+ type: string
+ severity:
+ type: string
+ status:
+ type: string
+ type:
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ observedGeneration:
+ format: int64
+ type: integer
+ url:
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ cert-manager.io/inject-ca-from: kubeflow/serving-cert
+ controller-gen.kubebuilder.io/version: v0.4.0
+ labels:
+ app: kserve
+ app.kubernetes.io/name: kserve
+ name: inferenceservices.serving.kserve.io
+spec:
+ conversion:
+ strategy: Webhook
+ webhook:
+ clientConfig:
+ caBundle: Cg==
+ service:
+ name: kserve-webhook-server-service
+ namespace: kubeflow
+ path: /convert
+ conversionReviewVersions:
+ - v1beta1
+ group: serving.kserve.io
+ names:
+ kind: InferenceService
+ listKind: InferenceServiceList
+ plural: inferenceservices
+ shortNames:
+ - isvc
+ singular: inferenceservice
+ preserveUnknownFields: false
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.url
+ name: URL
+ type: string
+ - jsonPath: .status.conditions[?(@.type=='Ready')].status
+ name: Ready
+ type: string
+ - jsonPath: .status.components.predictor.traffic[?(@.tag=='prev')].percent
+ name: Prev
+ type: integer
+ - jsonPath: .status.components.predictor.traffic[?(@.latestRevision==true)].percent
+ name: Latest
+ type: integer
+ - jsonPath: .status.components.predictor.traffic[?(@.tag=='prev')].revisionName
+ name: PrevRolledoutRevision
+ type: string
+ - jsonPath: .status.components.predictor.traffic[?(@.latestRevision==true)].revisionName
+ name: LatestReadyRevision
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1beta1
+ schema:
+ openAPIV3Schema:
+ properties:
+ apiVersion:
+ type: string
+ kind:
+ type: string
+ metadata:
+ type: object
+ spec:
+ properties:
+ explainer:
+ properties:
+ activeDeadlineSeconds:
+ format: int64
+ type: integer
+ affinity:
+ properties:
+ nodeAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ preference:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - preference
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ properties:
+ nodeSelectorTerms:
+ items:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ type: array
+ required:
+ - nodeSelectorTerms
+ type: object
+ type: object
+ podAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ podAntiAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ type: object
+ aix:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ config:
+ additionalProperties:
+ type: string
+ type: object
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ type:
+ type: string
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ alibi:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ config:
+ additionalProperties:
+ type: string
+ type: object
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ type:
+ type: string
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ art:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ config:
+ additionalProperties:
+ type: string
+ type: object
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ type:
+ type: string
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ automountServiceAccountToken:
+ type: boolean
+ batcher:
+ properties:
+ maxBatchSize:
+ type: integer
+ maxLatency:
+ type: integer
+ timeout:
+ type: integer
+ type: object
+ canaryTrafficPercent:
+ format: int64
+ type: integer
+ containerConcurrency:
+ format: int64
+ type: integer
+ containers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ dnsConfig:
+ properties:
+ nameservers:
+ items:
+ type: string
+ type: array
+ options:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ type: object
+ type: array
+ searches:
+ items:
+ type: string
+ type: array
+ type: object
+ dnsPolicy:
+ type: string
+ enableServiceLinks:
+ type: boolean
+ hostAliases:
+ items:
+ properties:
+ hostnames:
+ items:
+ type: string
+ type: array
+ ip:
+ type: string
+ type: object
+ type: array
+ hostIPC:
+ type: boolean
+ hostNetwork:
+ type: boolean
+ hostPID:
+ type: boolean
+ hostname:
+ type: string
+ imagePullSecrets:
+ items:
+ properties:
+ name:
+ type: string
+ type: object
+ type: array
+ initContainers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ logger:
+ properties:
+ mode:
+ enum:
+ - all
+ - request
+ - response
+ type: string
+ url:
+ type: string
+ type: object
+ maxReplicas:
+ type: integer
+ minReplicas:
+ type: integer
+ nodeName:
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ os:
+ properties:
+ name:
+ type: string
+ type: object
+ overhead:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ preemptionPolicy:
+ type: string
+ priority:
+ format: int32
+ type: integer
+ priorityClassName:
+ type: string
+ readinessGates:
+ items:
+ properties:
+ conditionType:
+ type: string
+ required:
+ - conditionType
+ type: object
+ type: array
+ restartPolicy:
+ type: string
+ runtimeClassName:
+ type: string
+ scaleMetric:
+ enum:
+ - cpu
+ - memory
+ - concurrency
+ - rps
+ type: string
+ scaleTarget:
+ type: integer
+ schedulerName:
+ type: string
+ securityContext:
+ properties:
+ fsGroup:
+ format: int64
+ type: integer
+ fsGroupChangePolicy:
+ type: string
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ supplementalGroups:
+ items:
+ format: int64
+ type: integer
+ type: array
+ sysctls:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ serviceAccount:
+ type: string
+ serviceAccountName:
+ type: string
+ setHostnameAsFQDN:
+ type: boolean
+ shareProcessNamespace:
+ type: boolean
+ subdomain:
+ type: string
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeout:
+ format: int64
+ type: integer
+ tolerations:
+ items:
+ properties:
+ effect:
+ type: string
+ key:
+ type: string
+ operator:
+ type: string
+ tolerationSeconds:
+ format: int64
+ type: integer
+ value:
+ type: string
+ type: object
+ type: array
+ topologySpreadConstraints:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ maxSkew:
+ format: int32
+ type: integer
+ topologyKey:
+ type: string
+ whenUnsatisfiable:
+ type: string
+ required:
+ - maxSkew
+ - topologyKey
+ - whenUnsatisfiable
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - topologyKey
+ - whenUnsatisfiable
+ x-kubernetes-list-type: map
+ volumes:
+ items:
+ properties:
+ awsElasticBlockStore:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ properties:
+ cachingMode:
+ type: string
+ diskName:
+ type: string
+ diskURI:
+ type: string
+ fsType:
+ type: string
+ kind:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ properties:
+ readOnly:
+ type: boolean
+ secretName:
+ type: string
+ shareName:
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ properties:
+ monitors:
+ items:
+ type: string
+ type: array
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ secretFile:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ user:
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ csi:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ nodePublishSecretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ properties:
+ medium:
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ properties:
+ volumeClaimTemplate:
+ properties:
+ metadata:
+ type: object
+ spec:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ dataSource:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ dataSourceRef:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ storageClassName:
+ type: string
+ volumeMode:
+ type: string
+ volumeName:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ properties:
+ fsType:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ targetWWNs:
+ items:
+ type: string
+ type: array
+ wwids:
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ flocker:
+ properties:
+ datasetName:
+ type: string
+ datasetUUID:
+ type: string
+ type: object
+ gcePersistentDisk:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ pdName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ properties:
+ directory:
+ type: string
+ repository:
+ type: string
+ revision:
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ properties:
+ endpoints:
+ type: string
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ properties:
+ path:
+ type: string
+ type:
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ properties:
+ chapAuthDiscovery:
+ type: boolean
+ chapAuthSession:
+ type: boolean
+ fsType:
+ type: string
+ initiatorName:
+ type: string
+ iqn:
+ type: string
+ iscsiInterface:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ portals:
+ items:
+ type: string
+ type: array
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ targetPortal:
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ type: string
+ nfs:
+ properties:
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ server:
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ properties:
+ claimName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ properties:
+ fsType:
+ type: string
+ pdID:
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ sources:
+ items:
+ properties:
+ configMap:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ downwardAPI:
+ properties:
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ serviceAccountToken:
+ properties:
+ audience:
+ type: string
+ expirationSeconds:
+ format: int64
+ type: integer
+ path:
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ properties:
+ group:
+ type: string
+ readOnly:
+ type: boolean
+ registry:
+ type: string
+ tenant:
+ type: string
+ user:
+ type: string
+ volume:
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ properties:
+ fsType:
+ type: string
+ image:
+ type: string
+ keyring:
+ type: string
+ monitors:
+ items:
+ type: string
+ type: array
+ pool:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ user:
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ properties:
+ fsType:
+ type: string
+ gateway:
+ type: string
+ protectionDomain:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ sslEnabled:
+ type: boolean
+ storageMode:
+ type: string
+ storagePool:
+ type: string
+ system:
+ type: string
+ volumeName:
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ type: boolean
+ secretName:
+ type: string
+ type: object
+ storageos:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ volumeName:
+ type: string
+ volumeNamespace:
+ type: string
+ type: object
+ vsphereVolume:
+ properties:
+ fsType:
+ type: string
+ storagePolicyID:
+ type: string
+ storagePolicyName:
+ type: string
+ volumePath:
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ predictor:
+ properties:
+ activeDeadlineSeconds:
+ format: int64
+ type: integer
+ affinity:
+ properties:
+ nodeAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ preference:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - preference
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ properties:
+ nodeSelectorTerms:
+ items:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ type: array
+ required:
+ - nodeSelectorTerms
+ type: object
+ type: object
+ podAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ podAntiAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ type: object
+ automountServiceAccountToken:
+ type: boolean
+ batcher:
+ properties:
+ maxBatchSize:
+ type: integer
+ maxLatency:
+ type: integer
+ timeout:
+ type: integer
+ type: object
+ canaryTrafficPercent:
+ format: int64
+ type: integer
+ containerConcurrency:
+ format: int64
+ type: integer
+ containers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ dnsConfig:
+ properties:
+ nameservers:
+ items:
+ type: string
+ type: array
+ options:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ type: object
+ type: array
+ searches:
+ items:
+ type: string
+ type: array
+ type: object
+ dnsPolicy:
+ type: string
+ enableServiceLinks:
+ type: boolean
+ hostAliases:
+ items:
+ properties:
+ hostnames:
+ items:
+ type: string
+ type: array
+ ip:
+ type: string
+ type: object
+ type: array
+ hostIPC:
+ type: boolean
+ hostNetwork:
+ type: boolean
+ hostPID:
+ type: boolean
+ hostname:
+ type: string
+ imagePullSecrets:
+ items:
+ properties:
+ name:
+ type: string
+ type: object
+ type: array
+ initContainers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ lightgbm:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ protocolVersion:
+ type: string
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ logger:
+ properties:
+ mode:
+ enum:
+ - all
+ - request
+ - response
+ type: string
+ url:
+ type: string
+ type: object
+ maxReplicas:
+ type: integer
+ minReplicas:
+ type: integer
+ model:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ modelFormat:
+ properties:
+ name:
+ type: string
+ version:
+ type: string
+ required:
+ - name
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ protocolVersion:
+ type: string
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtime:
+ type: string
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ nodeName:
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ onnx:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ protocolVersion:
+ type: string
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ os:
+ properties:
+ name:
+ type: string
+ type: object
+ overhead:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ paddle:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ protocolVersion:
+ type: string
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ pmml:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ protocolVersion:
+ type: string
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ preemptionPolicy:
+ type: string
+ priority:
+ format: int32
+ type: integer
+ priorityClassName:
+ type: string
+ pytorch:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ protocolVersion:
+ type: string
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ readinessGates:
+ items:
+ properties:
+ conditionType:
+ type: string
+ required:
+ - conditionType
+ type: object
+ type: array
+ restartPolicy:
+ type: string
+ runtimeClassName:
+ type: string
+ scaleMetric:
+ enum:
+ - cpu
+ - memory
+ - concurrency
+ - rps
+ type: string
+ scaleTarget:
+ type: integer
+ schedulerName:
+ type: string
+ securityContext:
+ properties:
+ fsGroup:
+ format: int64
+ type: integer
+ fsGroupChangePolicy:
+ type: string
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ supplementalGroups:
+ items:
+ format: int64
+ type: integer
+ type: array
+ sysctls:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ serviceAccount:
+ type: string
+ serviceAccountName:
+ type: string
+ setHostnameAsFQDN:
+ type: boolean
+ shareProcessNamespace:
+ type: boolean
+ sklearn:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ protocolVersion:
+ type: string
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ subdomain:
+ type: string
+ tensorflow:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ protocolVersion:
+ type: string
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeout:
+ format: int64
+ type: integer
+ tolerations:
+ items:
+ properties:
+ effect:
+ type: string
+ key:
+ type: string
+ operator:
+ type: string
+ tolerationSeconds:
+ format: int64
+ type: integer
+ value:
+ type: string
+ type: object
+ type: array
+ topologySpreadConstraints:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ maxSkew:
+ format: int32
+ type: integer
+ topologyKey:
+ type: string
+ whenUnsatisfiable:
+ type: string
+ required:
+ - maxSkew
+ - topologyKey
+ - whenUnsatisfiable
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - topologyKey
+ - whenUnsatisfiable
+ x-kubernetes-list-type: map
+ triton:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ protocolVersion:
+ type: string
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ volumes:
+ items:
+ properties:
+ awsElasticBlockStore:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ properties:
+ cachingMode:
+ type: string
+ diskName:
+ type: string
+ diskURI:
+ type: string
+ fsType:
+ type: string
+ kind:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ properties:
+ readOnly:
+ type: boolean
+ secretName:
+ type: string
+ shareName:
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ properties:
+ monitors:
+ items:
+ type: string
+ type: array
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ secretFile:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ user:
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ csi:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ nodePublishSecretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ properties:
+ medium:
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ properties:
+ volumeClaimTemplate:
+ properties:
+ metadata:
+ type: object
+ spec:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ dataSource:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ dataSourceRef:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ storageClassName:
+ type: string
+ volumeMode:
+ type: string
+ volumeName:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ properties:
+ fsType:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ targetWWNs:
+ items:
+ type: string
+ type: array
+ wwids:
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ flocker:
+ properties:
+ datasetName:
+ type: string
+ datasetUUID:
+ type: string
+ type: object
+ gcePersistentDisk:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ pdName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ properties:
+ directory:
+ type: string
+ repository:
+ type: string
+ revision:
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ properties:
+ endpoints:
+ type: string
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ properties:
+ path:
+ type: string
+ type:
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ properties:
+ chapAuthDiscovery:
+ type: boolean
+ chapAuthSession:
+ type: boolean
+ fsType:
+ type: string
+ initiatorName:
+ type: string
+ iqn:
+ type: string
+ iscsiInterface:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ portals:
+ items:
+ type: string
+ type: array
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ targetPortal:
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ type: string
+ nfs:
+ properties:
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ server:
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ properties:
+ claimName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ properties:
+ fsType:
+ type: string
+ pdID:
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ sources:
+ items:
+ properties:
+ configMap:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ downwardAPI:
+ properties:
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ serviceAccountToken:
+ properties:
+ audience:
+ type: string
+ expirationSeconds:
+ format: int64
+ type: integer
+ path:
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ properties:
+ group:
+ type: string
+ readOnly:
+ type: boolean
+ registry:
+ type: string
+ tenant:
+ type: string
+ user:
+ type: string
+ volume:
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ properties:
+ fsType:
+ type: string
+ image:
+ type: string
+ keyring:
+ type: string
+ monitors:
+ items:
+ type: string
+ type: array
+ pool:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ user:
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ properties:
+ fsType:
+ type: string
+ gateway:
+ type: string
+ protectionDomain:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ sslEnabled:
+ type: boolean
+ storageMode:
+ type: string
+ storagePool:
+ type: string
+ system:
+ type: string
+ volumeName:
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ type: boolean
+ secretName:
+ type: string
+ type: object
+ storageos:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ volumeName:
+ type: string
+ volumeNamespace:
+ type: string
+ type: object
+ vsphereVolume:
+ properties:
+ fsType:
+ type: string
+ storagePolicyID:
+ type: string
+ storagePolicyName:
+ type: string
+ volumePath:
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ xgboost:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ protocolVersion:
+ type: string
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ runtimeVersion:
+ type: string
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ storage:
+ properties:
+ key:
+ type: string
+ parameters:
+ additionalProperties:
+ type: string
+ type: object
+ path:
+ type: string
+ schemaPath:
+ type: string
+ type: object
+ storageUri:
+ type: string
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ type: object
+ type: object
+ transformer:
+ properties:
+ activeDeadlineSeconds:
+ format: int64
+ type: integer
+ affinity:
+ properties:
+ nodeAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ preference:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - preference
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ properties:
+ nodeSelectorTerms:
+ items:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ type: array
+ required:
+ - nodeSelectorTerms
+ type: object
+ type: object
+ podAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ podAntiAffinity:
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ podAffinityTerm:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaceSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ namespaces:
+ items:
+ type: string
+ type: array
+ topologyKey:
+ type: string
+ required:
+ - topologyKey
+ type: object
+ type: array
+ type: object
+ type: object
+ automountServiceAccountToken:
+ type: boolean
+ batcher:
+ properties:
+ maxBatchSize:
+ type: integer
+ maxLatency:
+ type: integer
+ timeout:
+ type: integer
+ type: object
+ canaryTrafficPercent:
+ format: int64
+ type: integer
+ containerConcurrency:
+ format: int64
+ type: integer
+ containers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ dnsConfig:
+ properties:
+ nameservers:
+ items:
+ type: string
+ type: array
+ options:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ type: object
+ type: array
+ searches:
+ items:
+ type: string
+ type: array
+ type: object
+ dnsPolicy:
+ type: string
+ enableServiceLinks:
+ type: boolean
+ hostAliases:
+ items:
+ properties:
+ hostnames:
+ items:
+ type: string
+ type: array
+ ip:
+ type: string
+ type: object
+ type: array
+ hostIPC:
+ type: boolean
+ hostNetwork:
+ type: boolean
+ hostPID:
+ type: boolean
+ hostname:
+ type: string
+ imagePullSecrets:
+ items:
+ properties:
+ name:
+ type: string
+ type: object
+ type: array
+ initContainers:
+ items:
+ properties:
+ args:
+ items:
+ type: string
+ type: array
+ command:
+ items:
+ type: string
+ type: array
+ env:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ valueFrom:
+ properties:
+ configMapKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ secretKeyRef:
+ properties:
+ key:
+ type: string
+ name:
+ type: string
+ optional:
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ envFrom:
+ items:
+ properties:
+ configMapRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ prefix:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ type: object
+ type: array
+ image:
+ type: string
+ imagePullPolicy:
+ type: string
+ lifecycle:
+ properties:
+ postStart:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ preStop:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ type: object
+ type: object
+ livenessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ name:
+ type: string
+ ports:
+ items:
+ properties:
+ containerPort:
+ format: int32
+ type: integer
+ hostIP:
+ type: string
+ hostPort:
+ format: int32
+ type: integer
+ name:
+ type: string
+ protocol:
+ default: TCP
+ type: string
+ required:
+ - containerPort
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - containerPort
+ - protocol
+ x-kubernetes-list-type: map
+ readinessProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ securityContext:
+ properties:
+ allowPrivilegeEscalation:
+ type: boolean
+ capabilities:
+ properties:
+ add:
+ items:
+ type: string
+ type: array
+ drop:
+ items:
+ type: string
+ type: array
+ type: object
+ privileged:
+ type: boolean
+ procMount:
+ type: string
+ readOnlyRootFilesystem:
+ type: boolean
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ startupProbe:
+ properties:
+ exec:
+ properties:
+ command:
+ items:
+ type: string
+ type: array
+ type: object
+ failureThreshold:
+ format: int32
+ type: integer
+ grpc:
+ properties:
+ port:
+ format: int32
+ type: integer
+ service:
+ type: string
+ required:
+ - port
+ type: object
+ httpGet:
+ properties:
+ host:
+ type: string
+ httpHeaders:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ path:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ scheme:
+ type: string
+ required:
+ - port
+ type: object
+ initialDelaySeconds:
+ format: int32
+ type: integer
+ periodSeconds:
+ format: int32
+ type: integer
+ successThreshold:
+ format: int32
+ type: integer
+ tcpSocket:
+ properties:
+ host:
+ type: string
+ port:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ required:
+ - port
+ type: object
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeoutSeconds:
+ format: int32
+ type: integer
+ type: object
+ stdin:
+ type: boolean
+ stdinOnce:
+ type: boolean
+ terminationMessagePath:
+ type: string
+ terminationMessagePolicy:
+ type: string
+ tty:
+ type: boolean
+ volumeDevices:
+ items:
+ properties:
+ devicePath:
+ type: string
+ name:
+ type: string
+ required:
+ - devicePath
+ - name
+ type: object
+ type: array
+ volumeMounts:
+ items:
+ properties:
+ mountPath:
+ type: string
+ mountPropagation:
+ type: string
+ name:
+ type: string
+ readOnly:
+ type: boolean
+ subPath:
+ type: string
+ subPathExpr:
+ type: string
+ required:
+ - mountPath
+ - name
+ type: object
+ type: array
+ workingDir:
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ logger:
+ properties:
+ mode:
+ enum:
+ - all
+ - request
+ - response
+ type: string
+ url:
+ type: string
+ type: object
+ maxReplicas:
+ type: integer
+ minReplicas:
+ type: integer
+ nodeName:
+ type: string
+ nodeSelector:
+ additionalProperties:
+ type: string
+ type: object
+ x-kubernetes-map-type: atomic
+ os:
+ properties:
+ name:
+ type: string
+ type: object
+ overhead:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ preemptionPolicy:
+ type: string
+ priority:
+ format: int32
+ type: integer
+ priorityClassName:
+ type: string
+ readinessGates:
+ items:
+ properties:
+ conditionType:
+ type: string
+ required:
+ - conditionType
+ type: object
+ type: array
+ restartPolicy:
+ type: string
+ runtimeClassName:
+ type: string
+ scaleMetric:
+ enum:
+ - cpu
+ - memory
+ - concurrency
+ - rps
+ type: string
+ scaleTarget:
+ type: integer
+ schedulerName:
+ type: string
+ securityContext:
+ properties:
+ fsGroup:
+ format: int64
+ type: integer
+ fsGroupChangePolicy:
+ type: string
+ runAsGroup:
+ format: int64
+ type: integer
+ runAsNonRoot:
+ type: boolean
+ runAsUser:
+ format: int64
+ type: integer
+ seLinuxOptions:
+ properties:
+ level:
+ type: string
+ role:
+ type: string
+ type:
+ type: string
+ user:
+ type: string
+ type: object
+ seccompProfile:
+ properties:
+ localhostProfile:
+ type: string
+ type:
+ type: string
+ required:
+ - type
+ type: object
+ supplementalGroups:
+ items:
+ format: int64
+ type: integer
+ type: array
+ sysctls:
+ items:
+ properties:
+ name:
+ type: string
+ value:
+ type: string
+ required:
+ - name
+ - value
+ type: object
+ type: array
+ windowsOptions:
+ properties:
+ gmsaCredentialSpec:
+ type: string
+ gmsaCredentialSpecName:
+ type: string
+ hostProcess:
+ type: boolean
+ runAsUserName:
+ type: string
+ type: object
+ type: object
+ serviceAccount:
+ type: string
+ serviceAccountName:
+ type: string
+ setHostnameAsFQDN:
+ type: boolean
+ shareProcessNamespace:
+ type: boolean
+ subdomain:
+ type: string
+ terminationGracePeriodSeconds:
+ format: int64
+ type: integer
+ timeout:
+ format: int64
+ type: integer
+ tolerations:
+ items:
+ properties:
+ effect:
+ type: string
+ key:
+ type: string
+ operator:
+ type: string
+ tolerationSeconds:
+ format: int64
+ type: integer
+ value:
+ type: string
+ type: object
+ type: array
+ topologySpreadConstraints:
+ items:
+ properties:
+ labelSelector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ maxSkew:
+ format: int32
+ type: integer
+ topologyKey:
+ type: string
+ whenUnsatisfiable:
+ type: string
+ required:
+ - maxSkew
+ - topologyKey
+ - whenUnsatisfiable
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - topologyKey
+ - whenUnsatisfiable
+ x-kubernetes-list-type: map
+ volumes:
+ items:
+ properties:
+ awsElasticBlockStore:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ azureDisk:
+ properties:
+ cachingMode:
+ type: string
+ diskName:
+ type: string
+ diskURI:
+ type: string
+ fsType:
+ type: string
+ kind:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - diskName
+ - diskURI
+ type: object
+ azureFile:
+ properties:
+ readOnly:
+ type: boolean
+ secretName:
+ type: string
+ shareName:
+ type: string
+ required:
+ - secretName
+ - shareName
+ type: object
+ cephfs:
+ properties:
+ monitors:
+ items:
+ type: string
+ type: array
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ secretFile:
+ type: string
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ user:
+ type: string
+ required:
+ - monitors
+ type: object
+ cinder:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ configMap:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ csi:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ nodePublishSecretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ volumeAttributes:
+ additionalProperties:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ downwardAPI:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ emptyDir:
+ properties:
+ medium:
+ type: string
+ sizeLimit:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ ephemeral:
+ properties:
+ volumeClaimTemplate:
+ properties:
+ metadata:
+ type: object
+ spec:
+ properties:
+ accessModes:
+ items:
+ type: string
+ type: array
+ dataSource:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ dataSourceRef:
+ properties:
+ apiGroup:
+ type: string
+ kind:
+ type: string
+ name:
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ resources:
+ properties:
+ limits:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ requests:
+ additionalProperties:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ type: object
+ type: object
+ selector:
+ properties:
+ matchExpressions:
+ items:
+ properties:
+ key:
+ type: string
+ operator:
+ type: string
+ values:
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ type: object
+ type: object
+ storageClassName:
+ type: string
+ volumeMode:
+ type: string
+ volumeName:
+ type: string
+ type: object
+ required:
+ - spec
+ type: object
+ type: object
+ fc:
+ properties:
+ fsType:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ readOnly:
+ type: boolean
+ targetWWNs:
+ items:
+ type: string
+ type: array
+ wwids:
+ items:
+ type: string
+ type: array
+ type: object
+ flexVolume:
+ properties:
+ driver:
+ type: string
+ fsType:
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ type: object
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ required:
+ - driver
+ type: object
+ flocker:
+ properties:
+ datasetName:
+ type: string
+ datasetUUID:
+ type: string
+ type: object
+ gcePersistentDisk:
+ properties:
+ fsType:
+ type: string
+ partition:
+ format: int32
+ type: integer
+ pdName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - pdName
+ type: object
+ gitRepo:
+ properties:
+ directory:
+ type: string
+ repository:
+ type: string
+ revision:
+ type: string
+ required:
+ - repository
+ type: object
+ glusterfs:
+ properties:
+ endpoints:
+ type: string
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - endpoints
+ - path
+ type: object
+ hostPath:
+ properties:
+ path:
+ type: string
+ type:
+ type: string
+ required:
+ - path
+ type: object
+ iscsi:
+ properties:
+ chapAuthDiscovery:
+ type: boolean
+ chapAuthSession:
+ type: boolean
+ fsType:
+ type: string
+ initiatorName:
+ type: string
+ iqn:
+ type: string
+ iscsiInterface:
+ type: string
+ lun:
+ format: int32
+ type: integer
+ portals:
+ items:
+ type: string
+ type: array
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ targetPortal:
+ type: string
+ required:
+ - iqn
+ - lun
+ - targetPortal
+ type: object
+ name:
+ type: string
+ nfs:
+ properties:
+ path:
+ type: string
+ readOnly:
+ type: boolean
+ server:
+ type: string
+ required:
+ - path
+ - server
+ type: object
+ persistentVolumeClaim:
+ properties:
+ claimName:
+ type: string
+ readOnly:
+ type: boolean
+ required:
+ - claimName
+ type: object
+ photonPersistentDisk:
+ properties:
+ fsType:
+ type: string
+ pdID:
+ type: string
+ required:
+ - pdID
+ type: object
+ portworxVolume:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ volumeID:
+ type: string
+ required:
+ - volumeID
+ type: object
+ projected:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ sources:
+ items:
+ properties:
+ configMap:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ downwardAPI:
+ properties:
+ items:
+ items:
+ properties:
+ fieldRef:
+ properties:
+ apiVersion:
+ type: string
+ fieldPath:
+ type: string
+ required:
+ - fieldPath
+ type: object
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ resourceFieldRef:
+ properties:
+ containerName:
+ type: string
+ divisor:
+ anyOf:
+ - type: integer
+ - type: string
+ pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+ x-kubernetes-int-or-string: true
+ resource:
+ type: string
+ required:
+ - resource
+ type: object
+ required:
+ - path
+ type: object
+ type: array
+ type: object
+ secret:
+ properties:
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ name:
+ type: string
+ optional:
+ type: boolean
+ type: object
+ serviceAccountToken:
+ properties:
+ audience:
+ type: string
+ expirationSeconds:
+ format: int64
+ type: integer
+ path:
+ type: string
+ required:
+ - path
+ type: object
+ type: object
+ type: array
+ type: object
+ quobyte:
+ properties:
+ group:
+ type: string
+ readOnly:
+ type: boolean
+ registry:
+ type: string
+ tenant:
+ type: string
+ user:
+ type: string
+ volume:
+ type: string
+ required:
+ - registry
+ - volume
+ type: object
+ rbd:
+ properties:
+ fsType:
+ type: string
+ image:
+ type: string
+ keyring:
+ type: string
+ monitors:
+ items:
+ type: string
+ type: array
+ pool:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ user:
+ type: string
+ required:
+ - image
+ - monitors
+ type: object
+ scaleIO:
+ properties:
+ fsType:
+ type: string
+ gateway:
+ type: string
+ protectionDomain:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ sslEnabled:
+ type: boolean
+ storageMode:
+ type: string
+ storagePool:
+ type: string
+ system:
+ type: string
+ volumeName:
+ type: string
+ required:
+ - gateway
+ - secretRef
+ - system
+ type: object
+ secret:
+ properties:
+ defaultMode:
+ format: int32
+ type: integer
+ items:
+ items:
+ properties:
+ key:
+ type: string
+ mode:
+ format: int32
+ type: integer
+ path:
+ type: string
+ required:
+ - key
+ - path
+ type: object
+ type: array
+ optional:
+ type: boolean
+ secretName:
+ type: string
+ type: object
+ storageos:
+ properties:
+ fsType:
+ type: string
+ readOnly:
+ type: boolean
+ secretRef:
+ properties:
+ name:
+ type: string
+ type: object
+ volumeName:
+ type: string
+ volumeNamespace:
+ type: string
+ type: object
+ vsphereVolume:
+ properties:
+ fsType:
+ type: string
+ storagePolicyID:
+ type: string
+ storagePolicyName:
+ type: string
+ volumePath:
+ type: string
+ required:
+ - volumePath
+ type: object
+ required:
+ - name
+ type: object
+ type: array
+ type: object
+ required:
+ - predictor
+ type: object
+ status:
+ properties:
+ address:
+ properties:
+ url:
+ type: string
+ type: object
+ annotations:
+ additionalProperties:
+ type: string
+ type: object
+ components:
+ additionalProperties:
+ properties:
+ address:
+ properties:
+ url:
+ type: string
+ type: object
+ grpcUrl:
+ type: string
+ latestCreatedRevision:
+ type: string
+ latestReadyRevision:
+ type: string
+ latestRolledoutRevision:
+ type: string
+ previousRolledoutRevision:
+ type: string
+ restUrl:
+ type: string
+ traffic:
+ items:
+ properties:
+ configurationName:
+ type: string
+ latestRevision:
+ type: boolean
+ percent:
+ format: int64
+ type: integer
+ revisionName:
+ type: string
+ tag:
+ type: string
+ url:
+ type: string
+ type: object
+ type: array
+ url:
+ type: string
+ type: object
+ type: object
+ conditions:
+ items:
+ properties:
+ lastTransitionTime:
+ type: string
+ message:
+ type: string
+ reason:
+ type: string
+ severity:
+ type: string
+ status:
+ type: string
+ type:
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ modelStatus:
+ properties:
+ copies:
+ properties:
+ failedCopies:
+ default: 0
+ type: integer
+ totalCopies:
+ type: integer
+ required:
+ - failedCopies
+ type: object
+ lastFailureInfo:
+ properties:
+ exitCode:
+ format: int32
+ type: integer
+ location:
+ type: string
+ message:
+ type: string
+ modelRevisionName:
+ type: string
+ reason:
+ enum:
+ - ModelLoadFailed
+ - RuntimeUnhealthy
+ - RuntimeDisabled
+ - NoSupportingRuntime
+ - RuntimeNotRecognized
+ - InvalidPredictorSpec
+ type: string
+ time:
+ format: date-time
+ type: string
+ type: object
+ states:
+ properties:
+ activeModelState:
+ default: Pending
+ enum:
+ - ""
+ - Pending
+ - Standby
+ - Loading
+ - Loaded
+ - FailedToLoad
+ type: string
+ targetModelState:
+ default: ""
+ enum:
+ - ""
+ - Pending
+ - Standby
+ - Loading
+ - Loaded
+ - FailedToLoad
+ type: string
+ required:
+ - activeModelState
+ type: object
+ transitionStatus:
+ default: UpToDate
+ enum:
+ - ""
+ - UpToDate
+ - InProgress
+ - BlockedByFailedLoad
+ - InvalidSpec
+ type: string
+ required:
+ - transitionStatus
+ type: object
+ observedGeneration:
+ format: int64
+ type: integer
+ url:
+ type: string
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+status:
+ acceptedNames:
+ kind: ""
+ plural: ""
+ conditions: []
+ storedVersions: []
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app.kubernetes.io/component: networking
+ app.kubernetes.io/name: knative-serving
+ app.kubernetes.io/version: 1.10.2
+ knative.dev/crd-install: "true"
+ name: ingresses.networking.internal.knative.dev
+spec:
+ group: networking.internal.knative.dev
+ names:
+ categories:
+ - knative-internal
+ - networking
+ kind: Ingress
+ plural: ingresses
+ shortNames:
+ - kingress
+ - king
+ singular: ingress
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.conditions[?(@.type=='Ready')].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=='Ready')].reason
+ name: Reason
+ type: string
+ name: v1alpha1
+ schema:
+ openAPIV3Schema:
+ description: "Ingress is a collection of rules that allow inbound connections
+ to reach the endpoints defined by a backend. An Ingress can be configured
+ to give services externally-reachable URLs, load balance traffic, offer
+ name based virtual hosting, etc. \n This is heavily based on K8s Ingress
+ https://godoc.org/k8s.io/api/networking/v1beta1#Ingress which some highlighted
+ modifications."
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: 'Spec is the desired state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+ properties:
+ httpOption:
+ description: 'HTTPOption is the option of HTTP. It has the following
+ two values: `HTTPOptionEnabled`, `HTTPOptionRedirected`'
+ type: string
+ rules:
+ description: A list of host rules used to configure the Ingress.
+ items:
+ description: IngressRule represents the rules mapping the paths
+ under a specified host to the related backend services. Incoming
+ requests are first evaluated for a host match, then routed to
+ the backend associated with the matching IngressRuleValue.
+ properties:
+ hosts:
+ description: 'Host is the fully qualified domain name of a network
+ host, as defined by RFC 3986. Note the following deviations
+ from the "host" part of the URI as defined in the RFC: 1.
+ IPs are not allowed. Currently a rule value can only apply
+ to the IP in the Spec of the parent . 2. The `:` delimiter
+ is not respected because ports are not allowed. Currently
+ the port of an Ingress is implicitly :80 for http and :443
+ for https. Both these may change in the future. If the host
+ is unspecified, the Ingress routes all traffic based on the
+ specified IngressRuleValue. If multiple matching Hosts were
+ provided, the first rule will take precedent.'
+ items:
+ type: string
+ type: array
+ http:
+ description: HTTP represents a rule to apply against incoming
+ requests. If the rule is satisfied, the request is routed
+ to the specified backend.
+ properties:
+ paths:
+ description: "A collection of paths that map requests to
+ backends. \n If they are multiple matching paths, the
+ first match takes precedence."
+ items:
+ description: HTTPIngressPath associates a path regex with
+ a backend. Incoming URLs matching the path are forwarded
+ to the backend.
+ properties:
+ appendHeaders:
+ additionalProperties:
+ type: string
+ description: "AppendHeaders allow specifying additional
+ HTTP headers to add before forwarding a request
+ to the destination service. \n NOTE: This differs
+ from K8s Ingress which doesn't allow header appending."
+ type: object
+ headers:
+ additionalProperties:
+ description: HeaderMatch represents a matching value
+ of Headers in HTTPIngressPath. Currently, only
+ the exact matching is supported.
+ properties:
+ exact:
+ type: string
+ required:
+ - exact
+ type: object
+ description: Headers defines header matching rules
+ which is a map from a header name to HeaderMatch
+ which specify a matching condition. When a request
+ matched with all the header matching rules, the
+ request is routed by the corresponding ingress rule.
+ If it is empty, the headers are not used for matching
+ type: object
+ path:
+ description: Path represents a literal prefix to which
+ this rule should apply. Currently it can contain
+ characters disallowed from the conventional "path"
+ part of a URL as defined by RFC 3986. Paths must
+ begin with a '/'. If unspecified, the path defaults
+ to a catch all sending traffic to the backend.
+ type: string
+ rewriteHost:
+ description: "RewriteHost rewrites the incoming request's
+ host header. \n This field is currently experimental
+ and not supported by all Ingress implementations."
+ type: string
+ splits:
+ description: Splits defines the referenced service
+ endpoints to which the traffic will be forwarded
+ to.
+ items:
+ description: IngressBackendSplit describes all endpoints
+ for a given service and port.
+ properties:
+ appendHeaders:
+ additionalProperties:
+ type: string
+ description: "AppendHeaders allow specifying
+ additional HTTP headers to add before forwarding
+ a request to the destination service. \n NOTE:
+ This differs from K8s Ingress which doesn't
+ allow header appending."
+ type: object
+ percent:
+ description: "Specifies the split percentage,
+ a number between 0 and 100. If only one split
+ is specified, we default to 100. \n NOTE:
+ This differs from K8s Ingress to allow percentage
+ split."
+ type: integer
+ serviceName:
+ description: Specifies the name of the referenced
+ service.
+ type: string
+ serviceNamespace:
+ description: "Specifies the namespace of the
+ referenced service. \n NOTE: This differs
+ from K8s Ingress to allow routing to different
+ namespaces."
+ type: string
+ servicePort:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Specifies the port of the referenced
+ service.
+ x-kubernetes-int-or-string: true
+ required:
+ - serviceName
+ - serviceNamespace
+ - servicePort
+ type: object
+ type: array
+ required:
+ - splits
+ type: object
+ type: array
+ required:
+ - paths
+ type: object
+ visibility:
+ description: Visibility signifies whether this rule should `ClusterLocal`.
+ If it's not specified then it defaults to `ExternalIP`.
+ type: string
+ type: object
+ type: array
+ tls:
+ description: 'TLS configuration. Currently Ingress only supports a
+ single TLS port: 443. If multiple members of this list specify different
+ hosts, they will be multiplexed on the same port according to the
+ hostname specified through the SNI TLS extension, if the ingress
+ controller fulfilling the ingress supports SNI.'
+ items:
+ description: IngressTLS describes the transport layer security associated
+ with an Ingress.
+ properties:
+ hosts:
+ description: Hosts is a list of hosts included in the TLS certificate.
+ The values in this list must match the name/s used in the
+ tlsSecret. Defaults to the wildcard host setting for the loadbalancer
+ controller fulfilling this Ingress, if left unspecified.
+ items:
+ type: string
+ type: array
+ secretName:
+ description: SecretName is the name of the secret used to terminate
+ SSL traffic.
+ type: string
+ secretNamespace:
+ description: SecretNamespace is the namespace of the secret
+ used to terminate SSL traffic. If not set the namespace should
+ be assumed to be the same as the Ingress. If set the secret
+ should have the same namespace as the Ingress otherwise the
+ behaviour is undefined and not supported.
+ type: string
+ type: object
+ type: array
+ type: object
+ status:
+ description: 'Status is the current state of the Ingress. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations is additional Status fields for the Resource
+ to save some additional State as well as convey more information
+ to the user. This is roughly akin to Annotations on any k8s resource,
+ just the reconciler conveying richer information outwards.
+ type: object
+ conditions:
+ description: Conditions the latest available observations of a resource's
+ current state.
+ items:
+ description: 'Condition defines a readiness condition for a Knative
+ resource. See: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#typical-status-properties'
+ properties:
+ lastTransitionTime:
+ description: LastTransitionTime is the last time the condition
+ transitioned from one status to another. We use VolatileTime
+ in place of metav1.Time to exclude this from creating equality.Semantic
+ differences (all other things held constant).
+ type: string
+ message:
+ description: A human readable message indicating details about
+ the transition.
+ type: string
+ reason:
+ description: The reason for the condition's last transition.
+ type: string
+ severity:
+ description: Severity with which to treat failures of this type
+ of condition. When this is not specified, it defaults to Error.
+ type: string
+ status:
+ description: Status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: Type of condition.
+ type: string
+ required:
+ - status
+ - type
+ type: object
+ type: array
+ observedGeneration:
+ description: ObservedGeneration is the 'Generation' of the Service
+ that was last processed by the controller.
+ format: int64
+ type: integer
+ privateLoadBalancer:
+ description: PrivateLoadBalancer contains the current status of the
+ load-balancer.
+ properties:
+ ingress:
+ description: Ingress is a list containing ingress points for the
+ load-balancer. Traffic intended for the service should be sent
+ to these ingress points.
+ items:
+ description: 'LoadBalancerIngressStatus represents the status
+ of a load-balancer ingress point: traffic intended for the
+ service should be sent to an ingress point.'
+ properties:
+ domain:
+ description: Domain is set for load-balancer ingress points
+ that are DNS based (typically AWS load-balancers)
+ type: string
+ domainInternal:
+ description: "DomainInternal is set if there is a cluster-local
+ DNS name to access the Ingress. \n NOTE: This differs
+ from K8s Ingress, since we also desire to have a cluster-local
+ DNS name to allow routing in case of not having a mesh."
+ type: string
+ ip:
+ description: IP is set for load-balancer ingress points
+ that are IP based (typically GCE or OpenStack load-balancers)
+ type: string
+ meshOnly:
+ description: MeshOnly is set if the Ingress is only load-balanced
+ through a Service mesh.
+ type: boolean
+ type: object
+ type: array
+ type: object
+ publicLoadBalancer:
+ description: PublicLoadBalancer contains the current status of the
+ load-balancer.
+ properties:
+ ingress:
+ description: Ingress is a list containing ingress points for the
+ load-balancer. Traffic intended for the service should be sent
+ to these ingress points.
+ items:
+ description: 'LoadBalancerIngressStatus represents the status
+ of a load-balancer ingress point: traffic intended for the
+ service should be sent to an ingress point.'
+ properties:
+ domain:
+ description: Domain is set for load-balancer ingress points
+ that are DNS based (typically AWS load-balancers)
+ type: string
+ domainInternal:
+ description: "DomainInternal is set if there is a cluster-local
+ DNS name to access the Ingress. \n NOTE: This differs
+ from K8s Ingress, since we also desire to have a cluster-local
+ DNS name to allow routing in case of not having a mesh."
+ type: string
+ ip:
+ description: IP is set for load-balancer ingress points
+ that are IP based (typically GCE or OpenStack load-balancers)
+ type: string
+ meshOnly:
+ description: MeshOnly is set if the Ingress is only load-balanced
+ through a Service mesh.
+ type: boolean
+ type: object
+ type: array
+ type: object
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ app: cert-manager
+ app.kubernetes.io/instance: cert-manager
+ app.kubernetes.io/name: cert-manager
+ app.kubernetes.io/version: v1.12.2
+ name: issuers.cert-manager.io
+spec:
+ group: cert-manager.io
+ names:
+ categories:
+ - cert-manager
+ kind: Issuer
+ listKind: IssuerList
+ plural: issuers
+ singular: issuer
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.conditions[?(@.type=="Ready")].status
+ name: Ready
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Ready")].message
+ name: Status
+ priority: 1
+ type: string
+ - description: CreationTimestamp is a timestamp representing the server time when
+ this object was created. It is not guaranteed to be set in happens-before
+ order across separate operations. Clients may not set this value. It is represented
+ in RFC3339 form and is in UTC.
+ jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: An Issuer represents a certificate issuing authority which can
+ be referenced as part of `issuerRef` fields. It is scoped to a single namespace
+ and can therefore only be referenced by resources within the same namespace.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: Desired state of the Issuer resource.
+ properties:
+ acme:
+ description: ACME configures this issuer to communicate with a RFC8555
+ (ACME) server to obtain signed x509 certificates.
+ properties:
+ caBundle:
+ description: Base64-encoded bundle of PEM CAs which can be used
+ to validate the certificate chain presented by the ACME server.
+ Mutually exclusive with SkipTLSVerify; prefer using CABundle
+ to prevent various kinds of security vulnerabilities. If CABundle
+ and SkipTLSVerify are unset, the system certificate bundle inside
+ the container is used to validate the TLS connection.
+ format: byte
+ type: string
+ disableAccountKeyGeneration:
+ description: Enables or disables generating a new ACME account
+ key. If true, the Issuer resource will *not* request a new account
+ but will expect the account key to be supplied via an existing
+ secret. If false, the cert-manager system will generate a new
+ ACME account key for the Issuer. Defaults to false.
+ type: boolean
+ email:
+ description: Email is the email address to be associated with
+ the ACME account. This field is optional, but it is strongly
+ recommended to be set. It will be used to contact you in case
+ of issues with your account or certificates, including expiry
+ notification emails. This field may be updated after the account
+ is initially registered.
+ type: string
+ enableDurationFeature:
+ description: Enables requesting a Not After date on certificates
+ that matches the duration of the certificate. This is not supported
+ by all ACME servers like Let's Encrypt. If set to true when
+ the ACME server does not support it it will create an error
+ on the Order. Defaults to false.
+ type: boolean
+ externalAccountBinding:
+ description: ExternalAccountBinding is a reference to a CA external
+ account of the ACME server. If set, upon registration cert-manager
+ will attempt to associate the given external account credentials
+ with the registered ACME account.
+ properties:
+ keyAlgorithm:
+ description: 'Deprecated: keyAlgorithm field exists for historical
+ compatibility reasons and should not be used. The algorithm
+ is now hardcoded to HS256 in golang/x/crypto/acme.'
+ enum:
+ - HS256
+ - HS384
+ - HS512
+ type: string
+ keyID:
+ description: keyID is the ID of the CA key that the External
+ Account is bound to.
+ type: string
+ keySecretRef:
+ description: keySecretRef is a Secret Key Selector referencing
+ a data item in a Kubernetes Secret which holds the symmetric
+ MAC key of the External Account Binding. The `key` is the
+ index string that is paired with the key data in the Secret
+ and should not be confused with the key data itself, or
+ indeed with the External Account Binding keyID above. The
+ secret key stored in the Secret **must** be un-padded, base64
+ URL encoded data.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this field
+ may be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred to.
+ More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - keyID
+ - keySecretRef
+ type: object
+ preferredChain:
+ description: 'PreferredChain is the chain to use if the ACME server
+ outputs multiple. PreferredChain is no guarantee that this one
+ gets delivered by the ACME endpoint. For example, for Let''s
+ Encrypt''s DST crosssign you would use: "DST Root CA X3" or
+ "ISRG Root X1" for the newer Let''s Encrypt root CA. This value
+ picks the first certificate bundle in the ACME alternative chains
+ that has a certificate with this value as its issuer''s CN'
+ maxLength: 64
+ type: string
+ privateKeySecretRef:
+ description: PrivateKey is the name of a Kubernetes Secret resource
+ that will be used to store the automatically generated ACME
+ account private key. Optionally, a `key` may be specified to
+ select a specific entry within the named Secret resource. If
+ `key` is not specified, a default of `tls.key` will be used.
+ properties:
+ key:
+ description: The key of the entry in the Secret resource's
+ `data` field to be used. Some instances of this field may
+ be defaulted, in others it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred to. More
+ info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ server:
+ description: 'Server is the URL used to access the ACME server''s
+ ''directory'' endpoint. For example, for Let''s Encrypt''s staging
+ endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory".
+ Only ACME v2 endpoints (i.e. RFC 8555) are supported.'
+ type: string
+ skipTLSVerify:
+ description: 'INSECURE: Enables or disables validation of the
+ ACME server TLS certificate. If true, requests to the ACME server
+ will not have the TLS certificate chain validated. Mutually
+ exclusive with CABundle; prefer using CABundle to prevent various
+ kinds of security vulnerabilities. Only enable this option in
+ development environments. If CABundle and SkipTLSVerify are
+ unset, the system certificate bundle inside the container is
+ used to validate the TLS connection. Defaults to false.'
+ type: boolean
+ solvers:
+ description: 'Solvers is a list of challenge solvers that will
+ be used to solve ACME challenges for the matching domains. Solver
+ configurations must be provided in order to obtain certificates
+ from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/'
+ items:
+ description: An ACMEChallengeSolver describes how to solve ACME
+ challenges for the issuer it is part of. A selector may be
+ provided to use different solving strategies for different
+ DNS names. Only one of HTTP01 or DNS01 must be provided.
+ properties:
+ dns01:
+ description: Configures cert-manager to attempt to complete
+ authorizations by performing the DNS01 challenge flow.
+ properties:
+ acmeDNS:
+ description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns)
+ API to manage DNS01 challenge records.
+ properties:
+ accountSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ host:
+ type: string
+ required:
+ - accountSecretRef
+ - host
+ type: object
+ akamai:
+ description: Use the Akamai DNS zone management API
+ to manage DNS01 challenge records.
+ properties:
+ accessTokenSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ clientSecretSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ clientTokenSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ serviceConsumerDomain:
+ type: string
+ required:
+ - accessTokenSecretRef
+ - clientSecretSecretRef
+ - clientTokenSecretRef
+ - serviceConsumerDomain
+ type: object
+ azureDNS:
+ description: Use the Microsoft Azure DNS API to manage
+ DNS01 challenge records.
+ properties:
+ clientID:
+ description: if both this and ClientSecret are left
+ unset MSI will be used
+ type: string
+ clientSecretSecretRef:
+ description: if both this and ClientID are left
+ unset MSI will be used
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ environment:
+ description: name of the Azure environment (default
+ AzurePublicCloud)
+ enum:
+ - AzurePublicCloud
+ - AzureChinaCloud
+ - AzureGermanCloud
+ - AzureUSGovernmentCloud
+ type: string
+ hostedZoneName:
+ description: name of the DNS zone that should be
+ used
+ type: string
+ managedIdentity:
+ description: managed identity configuration, can
+ not be used at the same time as clientID, clientSecretSecretRef
+ or tenantID
+ properties:
+ clientID:
+ description: client ID of the managed identity,
+ can not be used at the same time as resourceID
+ type: string
+ resourceID:
+ description: resource ID of the managed identity,
+ can not be used at the same time as clientID
+ type: string
+ type: object
+ resourceGroupName:
+ description: resource group the DNS zone is located
+ in
+ type: string
+ subscriptionID:
+ description: ID of the Azure subscription
+ type: string
+ tenantID:
+ description: when specifying ClientID and ClientSecret
+ then this field is also needed
+ type: string
+ required:
+ - resourceGroupName
+ - subscriptionID
+ type: object
+ cloudDNS:
+ description: Use the Google Cloud DNS API to manage
+ DNS01 challenge records.
+ properties:
+ hostedZoneName:
+ description: HostedZoneName is an optional field
+ that tells cert-manager in which Cloud DNS zone
+ the challenge record has to be created. If left
+ empty cert-manager will automatically choose a
+ zone.
+ type: string
+ project:
+ type: string
+ serviceAccountSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - project
+ type: object
+ cloudflare:
+ description: Use the Cloudflare API to manage DNS01
+ challenge records.
+ properties:
+ apiKeySecretRef:
+ description: 'API key to use to authenticate with
+ Cloudflare. Note: using an API token to authenticate
+ is now the recommended method as it allows greater
+ control of permissions.'
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ apiTokenSecretRef:
+ description: API token used to authenticate with
+ Cloudflare.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ email:
+ description: Email of the account, only required
+ when using API key based authentication.
+ type: string
+ type: object
+ cnameStrategy:
+ description: CNAMEStrategy configures how the DNS01
+ provider should handle CNAME records when found in
+ DNS zones.
+ enum:
+ - None
+ - Follow
+ type: string
+ digitalocean:
+ description: Use the DigitalOcean DNS API to manage
+ DNS01 challenge records.
+ properties:
+ tokenSecretRef:
+ description: A reference to a specific 'key' within
+ a Secret resource. In some instances, `key` is
+ a required field.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - tokenSecretRef
+ type: object
+ rfc2136:
+ description: Use RFC2136 ("Dynamic Updates in the Domain
+ Name System") (https://datatracker.ietf.org/doc/rfc2136/)
+ to manage DNS01 challenge records.
+ properties:
+ nameserver:
+ description: The IP address or hostname of an authoritative
+ DNS server supporting RFC2136 in the form host:port.
+ If the host is an IPv6 address it must be enclosed
+ in square brackets (e.g [2001:db8::1]) ; port
+ is optional. This field is required.
+ type: string
+ tsigAlgorithm:
+ description: 'The TSIG Algorithm configured in the
+ DNS supporting RFC2136. Used only when ``tsigSecretSecretRef``
+ and ``tsigKeyName`` are defined. Supported values
+ are (case-insensitive): ``HMACMD5`` (default),
+ ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.'
+ type: string
+ tsigKeyName:
+ description: The TSIG Key name configured in the
+ DNS. If ``tsigSecretSecretRef`` is defined, this
+ field is required.
+ type: string
+ tsigSecretSecretRef:
+ description: The name of the secret containing the
+ TSIG value. If ``tsigKeyName`` is defined, this
+ field is required.
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - nameserver
+ type: object
+ route53:
+ description: Use the AWS Route53 API to manage DNS01
+ challenge records.
+ properties:
+ accessKeyID:
+ description: 'The AccessKeyID is used for authentication.
+ Cannot be set when SecretAccessKeyID is set. If
+ neither the Access Key nor Key ID are set, we
+ fall-back to using env vars, shared credentials
+ file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
+ type: string
+ accessKeyIDSecretRef:
+ description: 'The SecretAccessKey is used for authentication.
+ If set, pull the AWS access key ID from a key
+ within a Kubernetes Secret. Cannot be set when
+ AccessKeyID is set. If neither the Access Key
+ nor Key ID are set, we fall-back to using env
+ vars, shared credentials file or AWS Instance
+ metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ hostedZoneID:
+ description: If set, the provider will manage only
+ this zone in Route53 and will not do an lookup
+ using the route53:ListHostedZonesByName api call.
+ type: string
+ region:
+ description: Always set the region when using AccessKeyID
+ and SecretAccessKey
+ type: string
+ role:
+ description: Role is a Role ARN which the Route53
+ provider will assume using either the explicit
+ credentials AccessKeyID/SecretAccessKey or the
+ inferred credentials from environment variables,
+ shared credentials file or AWS Instance metadata
+ type: string
+ secretAccessKeySecretRef:
+ description: 'The SecretAccessKey is used for authentication.
+ If neither the Access Key nor Key ID are set,
+ we fall-back to using env vars, shared credentials
+ file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials'
+ properties:
+ key:
+ description: The key of the entry in the Secret
+ resource's `data` field to be used. Some instances
+ of this field may be defaulted, in others
+ it may be required.
+ type: string
+ name:
+ description: 'Name of the resource being referred
+ to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - region
+ type: object
+ webhook:
+ description: Configure an external webhook based DNS01
+ challenge solver to manage DNS01 challenge records.
+ properties:
+ config:
+ description: Additional configuration that should
+ be passed to the webhook apiserver when challenges
+ are processed. This can contain arbitrary JSON
+ data. Secret values should not be specified in
+ this stanza. If secret values are needed (e.g.
+ credentials for a DNS service), you should use
+ a SecretKeySelector to reference a Secret resource.
+ For details on the schema of this field, consult
+ the webhook provider implementation's documentation.
+ x-kubernetes-preserve-unknown-fields: true
+ groupName:
+ description: The API group name that should be used
+ when POSTing ChallengePayload resources to the
+ webhook apiserver. This should be the same as
+ the GroupName specified in the webhook provider
+ implementation.
+ type: string
+ solverName:
+ description: The name of the solver to use, as defined
+ in the webhook provider implementation. This will
+ typically be the name of the provider, e.g. 'cloudflare'.
+ type: string
+ required:
+ - groupName
+ - solverName
+ type: object
+ type: object
+ http01:
+ description: Configures cert-manager to attempt to complete
+ authorizations by performing the HTTP01 challenge flow.
+ It is not possible to obtain certificates for wildcard
+ domain names (e.g. `*.example.com`) using the HTTP01 challenge
+ mechanism.
+ properties:
+ gatewayHTTPRoute:
+ description: The Gateway API is a sig-network community
+ API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/).
+ The Gateway solver will create HTTPRoutes with the
+ specified labels in the same namespace as the challenge.
+ This solver is experimental, and fields / behaviour
+ may change in the future.
+ properties:
+ labels:
+ additionalProperties:
+ type: string
+ description: Custom labels that will be applied
+ to HTTPRoutes created by cert-manager while solving
+ HTTP-01 challenges.
+ type: object
+ parentRefs:
+ description: 'When solving an HTTP-01 challenge,
+ cert-manager creates an HTTPRoute. cert-manager
+ needs to know which parentRefs should be used
+ when creating the HTTPRoute. Usually, the parentRef
+ references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways'
+ items:
+ description: "ParentReference identifies an API
+ object (usually a Gateway) that can be considered
+ a parent of this resource (usually a route).
+ The only kind of parent resource with \"Core\"
+ support is Gateway. This API may be extended
+ in the future to support additional kinds of
+ parent resources, such as HTTPRoute. \n The
+ API object must be valid in the cluster; the
+ Group and Kind must be registered in the cluster
+ for this reference to be valid."
+ properties:
+ group:
+ default: gateway.networking.k8s.io
+ description: "Group is the group of the referent.
+ When unspecified, \"gateway.networking.k8s.io\"
+ is inferred. To set the core API group (such
+ as for a \"Service\" kind referent), Group
+ must be explicitly set to \"\" (empty string).
+ \n Support: Core"
+ maxLength: 253
+ pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ kind:
+ default: Gateway
+ description: "Kind is kind of the referent.
+ \n Support: Core (Gateway) \n Support: Implementation-specific
+ (Other Resources)"
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
+ type: string
+ name:
+ description: "Name is the name of the referent.
+ \n Support: Core"
+ maxLength: 253
+ minLength: 1
+ type: string
+ namespace:
+ description: "Namespace is the namespace of
+ the referent. When unspecified, this refers
+ to the local namespace of the Route. \n
+ Note that there are specific rules for ParentRefs
+ which cross namespace boundaries. Cross-namespace
+ references are only valid if they are explicitly
+ allowed by something in the namespace they
+ are referring to. For example: Gateway has
+ the AllowedRoutes field, and ReferenceGrant
+ provides a generic way to enable any other
+ kind of cross-namespace reference. \n Support:
+ Core"
+ maxLength: 63
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
+ type: string
+ port:
+ description: "Port is the network port this
+ Route targets. It can be interpreted differently
+ based on the type of parent resource. \n
+ When the parent resource is a Gateway, this
+ targets all listeners listening on the specified
+ port that also support this kind of Route(and
+ select this Route). It's not recommended
+ to set `Port` unless the networking behaviors
+ specified in a Route must apply to a specific
+ port as opposed to a listener(s) whose port(s)
+ may be changed. When both Port and SectionName
+ are specified, the name and port of the
+ selected listener must match both specified
+ values. \n Implementations MAY choose to
+ support other parent resources. Implementations
+ supporting other types of parent resources
+ MUST clearly document how/if Port is interpreted.
+ \n For the purpose of status, an attachment
+ is considered successful as long as the
+ parent resource accepts it partially. For
+ example, Gateway listeners can restrict
+ which Routes can attach to them by Route
+ kind, namespace, or hostname. If 1 of 2
+ Gateway listeners accept attachment from
+ the referencing Route, the Route MUST be
+ considered successfully attached. If no
+ Gateway listeners accept attachment from
+ this Route, the Route MUST be considered
+ detached from the Gateway. \n Support: Extended
+ \n "
+ format: int32
+ maximum: 65535
+ minimum: 1
+ type: integer
+ sectionName:
+ description: "SectionName is the name of a
+ section within the target resource. In the
+ following resources, SectionName is interpreted
+ as the following: \n * Gateway: Listener
+ Name. When both Port (experimental) and
+ SectionName are specified, the name and
+ port of the selected listener must match
+ both specified values. \n Implementations
+ MAY choose to support attaching Routes to
+ other resources. If that is the case, they
+ MUST clearly document how SectionName is
+ interpreted. \n When unspecified (empty
+ string), this will reference the entire
+ resource. For the purpose of status, an
+ attachment is considered successful if at
+ least one section in the parent resource
+ accepts it. For example, Gateway listeners
+ can restrict which Routes can attach to
+ them by Route kind, namespace, or hostname.
+ If 1 of 2 Gateway listeners accept attachment
+ from the referencing Route, the Route MUST
+ be considered successfully attached. If
+ no Gateway listeners accept attachment from
+ this Route, the Route MUST be considered
+ detached from the Gateway. \n Support: Core"
+ maxLength: 253
+ minLength: 1
+ pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+ type: string
+ required:
+ - name
+ type: object
+ type: array
+ serviceType:
+ description: Optional service type for Kubernetes
+ solver service. Supported values are NodePort
+ or ClusterIP. If unset, defaults to NodePort.
+ type: string
+ type: object
+ ingress:
+ description: The ingress based HTTP01 challenge solver
+ will solve challenges by creating or modifying Ingress
+ resources in order to route requests for '/.well-known/acme-challenge/XYZ'
+ to 'challenge solver' pods that are provisioned by
+ cert-manager for each Challenge to be completed.
+ properties:
+ class:
+ description: This field configures the annotation
+ `kubernetes.io/ingress.class` when creating Ingress
+ resources to solve ACME challenges that use this
+ challenge solver. Only one of `class`, `name`
+ or `ingressClassName` may be specified.
+ type: string
+ ingressClassName:
+ description: This field configures the field `ingressClassName`
+ on the created Ingress resources used to solve
+ ACME challenges that use this challenge solver.
+ This is the recommended way of configuring the
+ ingress class. Only one of `class`, `name` or
+ `ingressClassName` may be specified.
+ type: string
+ ingressTemplate:
+ description: Optional ingress template used to configure
+ the ACME challenge solver ingress used for HTTP01
+ challenges.
+ properties:
+ metadata:
+ description: ObjectMeta overrides for the ingress
+ used to solve HTTP01 challenges. Only the
+ 'labels' and 'annotations' fields may be set.
+ If labels or annotations overlap with in-built
+ values, the values here will override the
+ in-built values.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations that should be
+ added to the created ACME HTTP01 solver
+ ingress.
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ description: Labels that should be added
+ to the created ACME HTTP01 solver ingress.
+ type: object
+ type: object
+ type: object
+ name:
+ description: The name of the ingress resource that
+ should have ACME challenge solving routes inserted
+ into it in order to solve HTTP01 challenges. This
+ is typically used in conjunction with ingress
+ controllers like ingress-gce, which maintains
+ a 1:1 mapping between external IPs and ingress
+ resources. Only one of `class`, `name` or `ingressClassName`
+ may be specified.
+ type: string
+ podTemplate:
+ description: Optional pod template used to configure
+ the ACME challenge solver pods used for HTTP01
+ challenges.
+ properties:
+ metadata:
+ description: ObjectMeta overrides for the pod
+ used to solve HTTP01 challenges. Only the
+ 'labels' and 'annotations' fields may be set.
+ If labels or annotations overlap with in-built
+ values, the values here will override the
+ in-built values.
+ properties:
+ annotations:
+ additionalProperties:
+ type: string
+ description: Annotations that should be
+ added to the create ACME HTTP01 solver
+ pods.
+ type: object
+ labels:
+ additionalProperties:
+ type: string
+ description: Labels that should be added
+ to the created ACME HTTP01 solver pods.
+ type: object
+ type: object
+ spec:
+ description: PodSpec defines overrides for the
+ HTTP01 challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec
+ to find out currently supported fields. All
+ other fields will be ignored.
+ properties:
+ affinity:
+ description: If specified, the pod's scheduling
+ constraints
+ properties:
+ nodeAffinity:
+ description: Describes node affinity
+ scheduling rules for the pod.
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will
+ prefer to schedule pods to nodes
+ that satisfy the affinity expressions
+ specified by this field, but it
+ may choose a node that violates
+ one or more of the expressions.
+ The node that is most preferred
+ is the one with the greatest sum
+ of weights, i.e. for each node
+ that meets all of the scheduling
+ requirements (resource request,
+ requiredDuringScheduling affinity
+ expressions, etc.), compute a
+ sum by iterating through the elements
+ of this field and adding "weight"
+ to the sum if the node matches
+ the corresponding matchExpressions;
+ the node(s) with the highest sum
+ are the most preferred.
+ items:
+ description: An empty preferred
+ scheduling term matches all
+ objects with implicit weight
+ 0 (i.e. it's a no-op). A null
+ preferred scheduling term matches
+ no objects (i.e. is also a no-op).
+ properties:
+ preference:
+ description: A node selector
+ term, associated with the
+ corresponding weight.
+ properties:
+ matchExpressions:
+ description: A list of
+ node selector requirements
+ by node's labels.
+ items:
+ description: A node
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: The
+ label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An
+ array of string
+ values. If the
+ operator is In
+ or NotIn, the
+ values array must
+ be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ If the operator
+ is Gt or Lt, the
+ values array must
+ have a single
+ element, which
+ will be interpreted
+ as an integer.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ description: A list of
+ node selector requirements
+ by node's fields.
+ items:
+ description: A node
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: The
+ label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An
+ array of string
+ values. If the
+ operator is In
+ or NotIn, the
+ values array must
+ be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ If the operator
+ is Gt or Lt, the
+ values array must
+ have a single
+ element, which
+ will be interpreted
+ as an integer.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ x-kubernetes-map-type: atomic
+ weight:
+ description: Weight associated
+ with matching the corresponding
+ nodeSelectorTerm, in the
+ range 1-100.
+ format: int32
+ type: integer
+ required:
+ - preference
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the affinity requirements
+ specified by this field are not
+ met at scheduling time, the pod
+ will not be scheduled onto the
+ node. If the affinity requirements
+ specified by this field cease
+ to be met at some point during
+ pod execution (e.g. due to an
+ update), the system may or may
+ not try to eventually evict the
+ pod from its node.
+ properties:
+ nodeSelectorTerms:
+ description: Required. A list
+ of node selector terms. The
+ terms are ORed.
+ items:
+ description: A null or empty
+ node selector term matches
+ no objects. The requirements
+ of them are ANDed. The TopologySelectorTerm
+ type implements a subset
+ of the NodeSelectorTerm.
+ properties:
+ matchExpressions:
+ description: A list of
+ node selector requirements
+ by node's labels.
+ items:
+ description: A node
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: The
+ label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An
+ array of string
+ values. If the
+ operator is In
+ or NotIn, the
+ values array must
+ be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ If the operator
+ is Gt or Lt, the
+ values array must
+ have a single
+ element, which
+ will be interpreted
+ as an integer.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchFields:
+ description: A list of
+ node selector requirements
+ by node's fields.
+ items:
+ description: A node
+ selector requirement
+ is a selector that
+ contains values, a
+ key, and an operator
+ that relates the key
+ and values.
+ properties:
+ key:
+ description: The
+ label key that
+ the selector applies
+ to.
+ type: string
+ operator:
+ description: Represents
+ a key's relationship
+ to a set of values.
+ Valid operators
+ are In, NotIn,
+ Exists, DoesNotExist.
+ Gt, and Lt.
+ type: string
+ values:
+ description: An
+ array of string
+ values. If the
+ operator is In
+ or NotIn, the
+ values array must
+ be non-empty.
+ If the operator
+ is Exists or DoesNotExist,
+ the values array
+ must be empty.
+ If the operator
+ is Gt or Lt, the
+ values array must
+ have a single
+ element, which
+ will be interpreted
+ as an integer.
+ This array is
+ replaced during
+ a strategic merge
+ patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ type: object
+ x-kubernetes-map-type: atomic
+ type: array
+ required:
+ - nodeSelectorTerms
+ type: object
+ x-kubernetes-map-type: atomic
+ type: object
+ podAffinity:
+ description: Describes pod affinity
+ scheduling rules (e.g. co-locate this
+ pod in the same node, zone, etc. as
+ some other pod(s)).
+ properties:
+ preferredDuringSchedulingIgnoredDuringExecution:
+ description: The scheduler will
+ prefer to schedule pods to nodes
+ that satisfy the affinity expressions
+ specified by this field, but it
+ may choose a node that violates
+ one or more of the expressions.
+ The node that is most preferred
+ is the one with the greatest sum
+ of weights, i.e. for each node
+ that meets all of the scheduling
+ requirements (resource request,
+ requiredDuringScheduling affinity
+ expressions, etc.), compute a
+ sum by iterating through the elements
+ of this field and adding "weight"
+ to the sum if the node has pods
+ which matches the corresponding
+ podAffinityTerm; the node(s) with
+ the highest sum are the most preferred.
+ items:
+ description: The weights of all
+ of the matched WeightedPodAffinityTerm
+ fields are added per-node to
+ find the most preferred node(s)
+ properties:
+ podAffinityTerm:
+ description: Required. A pod
+ affinity term, associated
+ with the corresponding weight.
+ properties:
+ labelSelector:
+ description: A label query
+ over a set of resources,
+ in this case pods.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label
+ selector requirements.
+ The requirements
+ are ANDed.
+ items:
+ description: A label
+ selector requirement
+ is a selector
+ that contains
+ values, a key,
+ and an operator
+ that relates the
+ key and values.
+ properties:
+ key:
+ description: key
+ is the label
+ key that the
+ selector applies
+ to.
+ type: string
+ operator:
+ description: operator
+ represents
+ a key's relationship
+ to a set of
+ values. Valid
+ operators
+ are In, NotIn,
+ Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array
+ of string
+ values. If
+ the operator
+ is In or NotIn,
+ the values
+ array must
+ be non-empty.
+ If the operator
+ is Exists
+ or DoesNotExist,
+ the values
+ array must
+ be empty.
+ This array
+ is replaced
+ during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single
+ {key,value} in the
+ matchLabels map
+ is equivalent to
+ an element of matchExpressions,
+ whose key field
+ is "key", the operator
+ is "In", and the
+ values array contains
+ only "value". The
+ requirements are
+ ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaceSelector:
+ description: A label query
+ over the set of namespaces
+ that the term applies
+ to. The term is applied
+ to the union of the
+ namespaces selected
+ by this field and the
+ ones listed in the namespaces
+ field. null selector
+ and null or empty namespaces
+ list means "this pod's
+ namespace". An empty
+ selector ({}) matches
+ all namespaces.
+ properties:
+ matchExpressions:
+ description: matchExpressions
+ is a list of label
+ selector requirements.
+ The requirements
+ are ANDed.
+ items:
+ description: A label
+ selector requirement
+ is a selector
+ that contains
+ values, a key,
+ and an operator
+ that relates the
+ key and values.
+ properties:
+ key:
+ description: key
+ is the label
+ key that the
+ selector applies
+ to.
+ type: string
+ operator:
+ description: operator
+ represents
+ a key's relationship
+ to a set of
+ values. Valid
+ operators
+ are In, NotIn,
+ Exists and
+ DoesNotExist.
+ type: string
+ values:
+ description: values
+ is an array
+ of string
+ values. If
+ the operator
+ is In or NotIn,
+ the values
+ array must
+ be non-empty.
+ If the operator
+ is Exists
+ or DoesNotExist,
+ the values
+ array must
+ be empty.
+ This array
+ is replaced
+ during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels
+ is a map of {key,value}
+ pairs. A single
+ {key,value} in the
+ matchLabels map
+ is equivalent to
+ an element of matchExpressions,
+ whose key field
+ is "key", the operator
+ is "In", and the
+ values array contains
+ only "value". The
+ requirements are
+ ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ namespaces:
+ description: namespaces
+ specifies a static list
+ of namespace names that
+ the term applies to.
+ The term is applied
+ to the union of the
+ namespaces listed in
+ this field and the ones
+ selected by namespaceSelector.
+ null or empty namespaces
+ list and null namespaceSelector
+ means "this pod's namespace".
+ items:
+ type: string
+ type: array
+ topologyKey:
+ description: This pod
+ should be co-located
+ (affinity) or not co-located
+ (anti-affinity) with
+ the pods matching the
+ labelSelector in the
+ specified namespaces,
+ where co-located is
+ defined as running on
+ a node whose value of
+ the label with key topologyKey
+ matches that of any
+ node on which any of
+ the selected pods is
+ running. Empty topologyKey
+ is not allowed.
+ type: string
+ required:
+ - topologyKey
+ type: object
+ weight:
+ description: weight associated
+ with matching the corresponding
+ podAffinityTerm, in the
+ range 1-100.
+ format: int32
+ type: integer
+ required:
+ - podAffinityTerm
+ - weight
+ type: object
+ type: array
+ requiredDuringSchedulingIgnoredDuringExecution:
+ description: If the affinity requirements
+ specified by this field are not
+ met at scheduling time, the pod
+ will not be scheduled onto the
+ node. If the affinity requirements
+ specified by this field cease
+ to be met at some point during
+ pod execution (e.g. due to a pod
+ label update), the system may
+ or may not try to eventually evict
+ the pod from its node. When there
+ are multiple elements, the lists
+ of nodes corresponding to each
+ podAffinityTerm are intersected,
+ i.e. all terms must be satisfied.
+ items:
+ description: Defines a set of
+ pods (namely those matching
+ the labelSelector relative to
+ the given namespace(s)) that
+ this pod should be co-located
+ (affinity) or not co-located
+ (anti-affinity) with, where
+ co-located is defined as running
+ on a node whose value of the
+ label with key